Import of old SSLeay release: SSLeay 0.8.1b

532 files changed, 105473 insertions, 0 deletions

diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl
new file mode 100644
index 0000000000..9cb45e4b51
--- /dev/null
+++ b/crypto/Makefile.ssl
@@ -0,0 +1,156 @@
+#
+# SSLeay/crypto/Makefile
+#
+
+DIR=		crypto
+TOP=		..
+CC=		cc
+INCLUDE=	-I. -I../include
+INCLUDES=	-I.. -I../../include
+CFLAG=		-g
+INSTALLTOP=	/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPEND=     makedepend -f Makefile.ssl
+MAKEFILE=       Makefile.ssl
+RM=             /bin/rm -f
+AR=		ar r
+
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" "
+
+LIBS=
+
+SDIRS=	md sha mdc2 \
+	des rc4 rc2 idea bf \
+	bn rsa dsa dh \
+	buffer bio stack lhash rand err objects \
+	evp pem x509 \
+	asn1 conf txt_db pkcs7
+
+GENERAL=Makefile README
+
+LIB= $(TOP)/libcrypto.a
+LIBSRC=	cryptlib.c mem.c cversion.c
+LIBOBJ= cryptlib.o mem.o cversion.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= crypto.h cryptall.h
+HEADER=	cryptlib.h date.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: date.h lib subdirs
+
+date.h: ../Makefile.ssl ../VERSION
+	echo "#define DATE	\"`date`\"" >date.h
+
+subdirs:
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making all in $$i..."; \
+	$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+	done;
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making 'files' in $$i..."; \
+	$(MAKE) files ); \
+	done;
+
+links:
+	/bin/rm -f Makefile 
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../include $(EXHEADER) ;
+	$(TOP)/util/mklink.sh ../test $(TEST) ;
+	$(TOP)/util/mklink.sh ../apps $(APPS) ;
+	$(TOP)/util/point.sh Makefile.ssl Makefile;
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making links in $$i..."; \
+	$(MAKE) links ); \
+	done;
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+libs:
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making libs in $$i..."; \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
+	done;
+
+tests:
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making tests in $$i..."; \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \
+	done;
+
+install:
+	@for i in $(EXHEADER) ;\
+	do \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making install in $$i..."; \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
+	done;
+
+lint:
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making lint in $$i..."; \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
+	done;
+
+depend:
+	$(MAKEDEPEND) $(INCLUDE) $(PROGS) $(LIBSRC)
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making depend in $$i..."; \
+	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' MAKEDEPEND='${MAKEDEPEND}' depend ); \
+	done;
+
+clean:
+	/bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making clean in $$i..."; \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
+	done;
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making dclean in $$i..."; \
+	$(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
+	done;
+
+errors:
+	perl ./err/err_code.pl */*.c ../ssl/*.c ../rsaref/*.c
+	@for i in $(SDIRS) ;\
+	do \
+	(cd $$i; echo "making errors in $$i..."; \
+	$(MAKE) errors ); \
+	done;
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
new file mode 100644
index 0000000000..a39e009d27
--- /dev/null
+++ b/crypto/asn1/Makefile.ssl
@@ -0,0 +1,118 @@
+#
+# SSLeay/crypto/asn1/Makefile
+#
+
+DIR=	asn1
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=asn1
+ERRC=asn1_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \
+	a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+	a_sign.c a_digest.c a_verify.c \
+	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
+	x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \
+	d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \
+	d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \
+	d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+	t_req.c t_x509.c t_pkey.c \
+	p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c \
+	p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \
+	f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \
+	a_hdr.c x_pkey.c a_bool.c x_exten.c \
+	asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c
+LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \
+	a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+	a_sign.o a_digest.o a_verify.o \
+	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
+	x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \
+	d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \
+	d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \
+	d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+	t_req.o t_x509.o t_pkey.o \
+	p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o \
+	p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \
+	f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \
+	a_hdr.o x_pkey.o a_bool.o x_exten.o \
+	asn1_par.o asn1_lib.o $(ERRC).o a_meth.o a_bytes.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  asn1.h asn1_mac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:	test.c
+	cc -g -I../../include -c test.c
+	cc -g -I../../include -o test test.o -L../.. -lcrypto
+
+pk:	pk.c
+	cc -g -I../../include -c pk.c
+	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
new file mode 100644
index 0000000000..eb99ebca2f
--- /dev/null
+++ b/crypto/asn1/a_bitstr.c
@@ -0,0 +1,158 @@
+/* crypto/asn1/a_bitstr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
+ * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
+ */
+
+int i2d_ASN1_BIT_STRING(a,pp)
+ASN1_BIT_STRING *a;
+unsigned char **pp;
+	{
+	int ret,j,r,bits;
+	unsigned char *p,*d;
+
+	if (a == NULL) return(0);
+
+	/* our bit strings are always a multiple of 8 :-) */
+	bits=0;
+	ret=1+a->length;
+	r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
+	if (pp == NULL) return(r);
+	p= *pp;
+
+	ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
+	if (bits == 0)
+		j=0;
+	else	j=8-bits;
+	*(p++)=(unsigned char)j;
+	d=a->data;
+	memcpy(p,d,a->length);
+	p+=a->length;
+	if (a->length > 0) p[-1]&=(0xff<<j);
+	*pp=p;
+	return(r);
+	}
+
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
+ASN1_BIT_STRING **a;
+unsigned char **pp;
+long length;
+	{
+	ASN1_BIT_STRING *ret=NULL;
+	unsigned char *p,*s;
+	long len;
+	int inf,tag,xclass;
+	int i;
+
+	if ((a == NULL) || ((*a) == NULL))
+		{
+		if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
+		}
+	else
+		ret=(*a);
+
+	p= *pp;
+	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+	if (inf & 0x80)
+		{
+		i=ASN1_R_BAD_OBJECT_HEADER;
+		goto err;
+		}
+
+	if (tag != V_ASN1_BIT_STRING)
+		{
+		i=ASN1_R_EXPECTING_A_BIT_STRING;
+		goto err;
+		}
+	if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
+
+	i= *(p++);
+	if (len-- > 1) /* using one because of the bits left byte */
+		{
+		s=(unsigned char *)Malloc((int)len);
+		if (s == NULL)
+			{
+			i=ERR_R_MALLOC_FAILURE;
+			goto err;
+			}
+		memcpy(s,p,(int)len);
+		s[len-1]&=(0xff<<i);
+		p+=len;
+		}
+	else
+		s=NULL;
+
+	ret->length=(int)len;
+	if (ret->data != NULL) Free((char *)ret->data);
+	ret->data=s;
+	ret->type=V_ASN1_BIT_STRING;
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+		ASN1_BIT_STRING_free(ret);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c
new file mode 100644
index 0000000000..83607b58ef
--- /dev/null
+++ b/crypto/asn1/a_bool.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/a_bool.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_EXPECTING_A_BOOLEAN);
+ * ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ */
+
+int i2d_ASN1_BOOLEAN(a,pp)
+int a;
+unsigned char **pp;
+	{
+	int r;
+	unsigned char *p;
+
+	r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
+	if (pp == NULL) return(r);
+	p= *pp;
+
+	ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
+	*(p++)= (unsigned char)a;
+	*pp=p;
+	return(r);
+	}
+
+int d2i_ASN1_BOOLEAN(a, pp, length)
+int *a;
+unsigned char **pp;
+long length;
+	{
+	int ret= -1;
+	unsigned char *p;
+	long len;
+	int inf,tag,xclass;
+	int i=0;
+
+	p= *pp;
+	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+	if (inf & 0x80)
+		{
+		i=ASN1_R_BAD_OBJECT_HEADER;
+		goto err;
+		}
+
+	if (tag != V_ASN1_BOOLEAN)
+		{
+		i=ASN1_R_EXPECTING_A_BOOLEAN;
+		goto err;
+		}
+
+	if (len != 1)
+		{
+		i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
+		goto err;
+		}
+	ret= (int)*(p++);
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
+	return(ret);
+	}
diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c
new file mode 100644
index 0000000000..0c9132498c
--- /dev/null
+++ b/crypto/asn1/a_bytes.c
@@ -0,0 +1,337 @@
+/* crypto/asn1/a_bytes.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
+ * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
+ */
+
+static unsigned long tag2bit[32]={
+0,	0,	0,	0,	/* tags  0 -  3 */
+B_ASN1_OCTET_STRING,	0,	0,		B_ASN1_UNKNOWN,/* tags  4- 7 */
+B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags  8-11 */
+B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags 12-15 */
+0,	0,	B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
+B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
+0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
+B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,
+	};
+
+#ifndef NOPROTO
+static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c);
+#else
+static int asn1_collate_primative();
+#endif
+
+/* type is a 'bitmap' of acceptable string types to be accepted.
+ */
+ASN1_STRING *d2i_ASN1_type_bytes(a, pp, length, type)
+ASN1_STRING **a;
+unsigned char **pp;
+long length;
+int type;
+	{
+	ASN1_STRING *ret=NULL;
+	unsigned char *p,*s;
+	long len;
+	int inf,tag,xclass;
+	int i=0;
+
+	if ((a == NULL) || ((*a) == NULL))
+		{
+		if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+		}
+	else
+		ret=(*a);
+
+	p= *pp;
+	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+	if (inf & 0x80) goto err;
+
+	if (tag >= 32)
+		{
+		i=ASN1_R_TAG_VALUE_TOO_HIGH;;
+		goto err;
+		}
+	if (!(tag2bit[tag] & type))
+		{
+		i=ASN1_R_WRONG_TYPE;
+		goto err;
+		}
+	if (len != 0)
+		{
+		s=(unsigned char *)Malloc((int)len+1);
+		if (s == NULL)
+			{
+			i=ERR_R_MALLOC_FAILURE;
+			goto err;
+			}
+		memcpy(s,p,(int)len);
+		s[len]='\0';
+		p+=len;
+		}
+	else
+		s=NULL;
+
+	if (ret->data != NULL) Free((char *)ret->data);
+	ret->length=(int)len;
+	ret->data=s;
+	ret->type=tag;
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+		ASN1_STRING_free(ret);
+	return(NULL);
+	}
+
+int i2d_ASN1_bytes(a, pp, tag, xclass)
+ASN1_STRING *a;
+unsigned char **pp;
+int tag;
+int xclass;
+	{
+	int ret,r,constructed;
+	unsigned char *p;
+
+	if (a == NULL)  return(0);
+	ret=a->length;
+	r=ASN1_object_size(0,ret,tag);
+	if (pp == NULL) return(r);
+	p= *pp;
+
+	if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
+		constructed=1;
+	else
+		constructed=0;
+	ASN1_put_object(&p,constructed,ret,tag,xclass);
+	memcpy(p,a->data,a->length);
+	p+=a->length;
+	*pp= p;
+	return(r);
+	}
+
+ASN1_STRING *d2i_ASN1_bytes(a, pp, length, Ptag, Pclass)
+ASN1_STRING **a;
+unsigned char **pp;
+long length;
+int Ptag;
+int Pclass;
+	{
+	ASN1_STRING *ret=NULL;
+	unsigned char *p,*s;
+	long len;
+	int inf,tag,xclass;
+	int i=0;
+
+	if ((a == NULL) || ((*a) == NULL))
+		{
+		if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+		}
+	else
+		ret=(*a);
+
+	p= *pp;
+	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+	if (inf & 0x80)
+		{
+		i=ASN1_R_BAD_OBJECT_HEADER;
+		goto err;
+		}
+
+	if (tag != Ptag)
+		{
+		i=ASN1_R_WRONG_TAG;
+		goto err;
+		}
+
+	if (inf & V_ASN1_CONSTRUCTED)
+		{
+		ASN1_CTX c;
+
+		c.pp=pp;
+		c.p=p;
+		c.inf=inf;
+		c.slen=len;
+		c.tag=Ptag;
+		c.xclass=Pclass;
+		c.max=(length == 0)?0:(p+length);
+		if (!asn1_collate_primative(ret,&c)) 
+			goto err; 
+		else
+			{
+			p=c.p;
+			}
+		}
+	else
+		{
+		if (len != 0)
+			{
+			if (ret->length < len)
+				{
+				if (ret->data != NULL) Free((char *)ret->data);
+				s=(unsigned char *)Malloc((int)len);
+				if (s == NULL)
+					{
+					i=ERR_R_MALLOC_FAILURE;
+					goto err;
+					}
+				}
+			else
+				s=ret->data;
+			memcpy(s,p,(int)len);
+			p+=len;
+			}
+		else
+			{
+			s=NULL;
+			if (ret->data != NULL) Free((char *)ret->data);
+			}
+
+		ret->length=(int)len;
+		ret->data=s;
+		ret->type=Ptag;
+		}
+
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+		ASN1_STRING_free(ret);
+	ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
+	return(NULL);
+	}
+
+
+/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapes
+ * them into the one struture that is then returned */
+/* There have been a few bug fixes for this function from
+ * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
+static int asn1_collate_primative(a,c)
+ASN1_STRING *a;
+ASN1_CTX *c;
+	{
+	ASN1_STRING *os=NULL;
+	BUF_MEM b;
+	int num;
+
+	b.length=0;
+	b.max=0;
+	b.data=NULL;
+
+	if (a == NULL)
+		{
+		c->error=ERR_R_PASSED_NULL_PARAMETER;
+		goto err;
+		}
+
+	num=0;
+	for (;;)
+		{
+		if (c->inf & 1)
+			{
+			c->eos=ASN1_check_infinite_end(&c->p,
+				(long)(c->max-c->p));
+			if (c->eos) break;
+			}
+		else
+			{
+			if (c->slen <= 0) break;
+			}
+
+		c->q=c->p;
+		if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
+			== NULL)
+			{
+			c->error=ERR_R_ASN1_LIB;
+			goto err;
+			}
+
+		if (!BUF_MEM_grow(&b,num+os->length))
+			{
+			c->error=ERR_R_BUF_LIB;
+			goto err;
+			}
+		memcpy(&(b.data[num]),os->data,os->length);
+		if (!(c->inf & 1))
+			c->slen-=(c->p-c->q);
+		num+=os->length;
+		}
+
+	if (!asn1_Finish(c)) goto err;
+
+	a->length=num;
+	if (a->data != NULL) Free(a->data);
+	a->data=(unsigned char *)b.data;
+	if (os != NULL) ASN1_STRING_free(os);
+	return(1);
+err:
+	ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,c->error);
+	if (os != NULL) ASN1_STRING_free(os);
+	if (b.data != NULL) Free(b.data);
+	return(0);
+	}
+
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
new file mode 100644
index 0000000000..5c9c9cf09b
--- /dev/null
+++ b/crypto/asn1/a_d2i_fp.c
@@ -0,0 +1,200 @@
+/* crypto/asn1/a_d2i_fp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1_mac.h"
+
+#define HEADER_SIZE   8
+
+#ifndef WIN16
+char *ASN1_d2i_fp(xnew,d2i,in,x)
+char *(*xnew)();
+char *(*d2i)();
+FILE *in;
+unsigned char **x;
+        {
+        BIO *b;
+        char *ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
+                return(NULL);
+		}
+        BIO_set_fp(b,in,BIO_NOCLOSE);
+        ret=ASN1_d2i_bio(xnew,d2i,b,x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+char *ASN1_d2i_bio(xnew,d2i,in,x)
+char *(*xnew)();
+char *(*d2i)();
+BIO *in;
+unsigned char **x;
+	{
+	BUF_MEM *b;
+	unsigned char *p;
+	int i;
+	char *ret=NULL;
+	ASN1_CTX c;
+	int want=HEADER_SIZE;
+	int eos=0;
+	int off=0;
+	int len=0;
+
+	b=BUF_MEM_new();
+	if (b == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+
+	for (;;)
+		{
+		if (want >= (len-off))
+			{
+			want-=(len-off);
+
+			if (!BUF_MEM_grow(b,len+want))
+				{
+				ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			i=BIO_read(in,&(b->data[len]),want);
+			if ((i < 0) && ((len-off) == 0))
+				{
+				ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+				goto err;
+				}
+			if (i > 0)
+				len+=i;
+			}
+		/* else data already loaded */
+
+		p=(unsigned char *)&(b->data[off]);
+		c.p=p;
+		c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
+			len-off);
+		if (c.inf & 0x80)
+			{
+			unsigned long e;
+
+			e=ERR_GET_REASON(ERR_peek_error());
+			if (e != ASN1_R_TOO_LONG)
+				goto err;
+			else
+				ERR_get_error(); /* clear error */
+			}
+		i=c.p-p;/* header length */
+		off+=i;	/* end of data */
+
+		if (c.inf & 1)
+			{
+			/* no data body so go round again */
+			eos++;
+			want=HEADER_SIZE;
+			}
+		else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
+			{
+			/* eos value, so go back and read another header */
+			eos--;
+			if (eos <= 0)
+				break;
+			else
+				want=HEADER_SIZE;
+			}
+		else 
+			{
+			/* suck in c.slen bytes of data */
+			want=(int)c.slen;
+			if (want > (len-off))
+				{
+				want-=(len-off);
+				if (!BUF_MEM_grow(b,len+want))
+					{
+					ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+					goto err;
+					}
+				i=BIO_read(in,&(b->data[len]),want);
+				if (i <= 0)
+					{
+					ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+					goto err;
+					}
+				len+=i;
+				}
+			off+=(int)c.slen;
+			if (eos <= 0)
+				{
+				break;
+				}
+			else
+				want=HEADER_SIZE;
+			}
+		}
+
+	p=(unsigned char *)b->data;
+	ret=d2i(x,&p,off);
+err:
+	if (b != NULL) BUF_MEM_free(b);
+	return(ret);
+	}
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
new file mode 100644
index 0000000000..8f395d958a
--- /dev/null
+++ b/crypto/asn1/a_digest.c
@@ -0,0 +1,91 @@
+/* crypto/asn1/a_digest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "evp.h"
+#include "x509.h"
+#include "buffer.h"
+
+int ASN1_digest(i2d,type,data,md,len)
+int (*i2d)();
+EVP_MD *type;
+char *data;
+unsigned char *md;
+unsigned int *len;
+	{
+	EVP_MD_CTX ctx;
+	int i;
+	unsigned char *str,*p;
+
+	i=i2d(data,NULL);
+	if ((str=(unsigned char *)Malloc(i)) == NULL) return(0);
+	p=str;
+	i2d(data,&p);
+
+	EVP_DigestInit(&ctx,type);
+	EVP_DigestUpdate(&ctx,str,i);
+	EVP_DigestFinal(&ctx,md,len);
+	Free(str);
+	return(1);
+	}
+
diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c
new file mode 100644
index 0000000000..51ed105ff2
--- /dev/null
+++ b/crypto/asn1/a_dup.c
@@ -0,0 +1,86 @@
+/* crypto/asn1/a_dup.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+#define READ_CHUNK   2048
+
+char *ASN1_dup(i2d,d2i,x)
+int (*i2d)();
+char *(*d2i)();
+char *x;
+	{
+	unsigned char *b,*p;
+	long i;
+	char *ret;
+
+	if (x == NULL) return(NULL);
+
+	i=(long)i2d(x,NULL);
+	b=(unsigned char *)Malloc((unsigned int)i+10);
+	if (b == NULL)
+		{ ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
+	p= b;
+	i=i2d(x,&p);
+	p= b;
+	ret=d2i(NULL,&p,i);
+	Free((char *)b);
+	return(ret);
+	}
diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c
new file mode 100644
index 0000000000..b7de335fc1
--- /dev/null
+++ b/crypto/asn1/a_hdr.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/a_hdr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "asn1.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+int i2d_ASN1_HEADER(a,pp)
+ASN1_HEADER *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->header,	i2d_ASN1_OCTET_STRING);
+	M_ASN1_I2D_len(a->data,		a->meth->i2d);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->header,	i2d_ASN1_OCTET_STRING);
+	M_ASN1_I2D_put(a->data,		a->meth->i2d);
+
+	M_ASN1_I2D_finish();
+	}
+
+ASN1_HEADER *d2i_ASN1_HEADER(a,pp,length)
+ASN1_HEADER **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
+
+	M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+        M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING);
+	if (ret->meth != NULL)
+		{
+		M_ASN1_D2I_get(ret->data,ret->meth->d2i);
+		}
+	else
+		{
+		if (a != NULL) (*a)=ret;
+		return(ret);
+		}
+        M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER);
+	}
+
+ASN1_HEADER *ASN1_HEADER_new()
+	{
+	ASN1_HEADER *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,ASN1_HEADER);
+	M_ASN1_New(ret->header,ASN1_OCTET_STRING_new);
+	ret->meth=NULL;
+	ret->data=NULL;
+	return(ret);
+        M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW);
+	}
+
+void ASN1_HEADER_free(a)
+ASN1_HEADER *a;
+	{
+	if (a == NULL) return;
+	ASN1_OCTET_STRING_free(a->header);
+	if (a->meth != NULL)
+		a->meth->destroy(a->data);
+	Free((char *)a);
+	}
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
new file mode 100644
index 0000000000..eab127e6e0
--- /dev/null
+++ b/crypto/asn1/a_i2d_fp.c
@@ -0,0 +1,119 @@
+/* crypto/asn1/a_i2d_fp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1_mac.h"
+
+#ifndef WIN16
+int ASN1_i2d_fp(i2d,out,x)
+int (*i2d)();
+FILE *out;
+unsigned char *x;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,out,BIO_NOCLOSE);
+        ret=ASN1_i2d_bio(i2d,b,x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int ASN1_i2d_bio(i2d,out,x)
+int (*i2d)();
+BIO *out;
+unsigned char *x;
+	{
+	char *b;
+	unsigned char *p;
+	int i,j=0,n,ret=1;
+
+	n=i2d(x,NULL);
+	b=(char *)Malloc(n);
+	if (b == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+
+	p=(unsigned char *)b;
+	i2d(x,&p);
+	
+	for (;;)
+		{
+		i=BIO_write(out,&(b[j]),n);
+		if (i == n) break;
+		if (i <= 0)
+			{
+			ret=0;
+			break;
+			}
+		j+=i;
+		n-=i;
+		}
+	Free((char *)b);
+	return(ret);
+	}
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
new file mode 100644
index 0000000000..ce0921d59a
--- /dev/null
+++ b/crypto/asn1/a_int.c
@@ -0,0 +1,304 @@
+/* crypto/asn1/a_int.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER);
+ */
+
+int i2d_ASN1_INTEGER(a,pp)
+ASN1_INTEGER *a;
+unsigned char **pp;
+	{
+	int pad=0,ret,r,i,t;
+	unsigned char *p,*pt,*n,pb=0;
+
+	if ((a == NULL) || (a->data == NULL)) return(0);
+	t=a->type;
+	if (a->length == 0)
+		ret=1;
+	else
+		{
+		ret=a->length;
+		i=a->data[0];
+		if ((t == V_ASN1_INTEGER) && (i > 127))
+			{
+			pad=1;
+			pb=0;
+			}
+		else if ((t == V_ASN1_NEG_INTEGER) && (i>128))
+			{
+			pad=1;
+			pb=0xFF;
+			}
+		ret+=pad;
+		}
+	r=ASN1_object_size(0,ret,V_ASN1_INTEGER);
+	if (pp == NULL) return(r);
+	p= *pp;
+
+	ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
+	if (pad) *(p++)=pb;
+	if (a->length == 0)
+		*(p++)=0;
+	else if (t == V_ASN1_INTEGER)
+		{
+		memcpy(p,a->data,(unsigned int)a->length);
+		p+=a->length;
+		}
+	else
+		{
+		n=a->data;
+		pt=p;
+		for (i=a->length; i>0; i--)
+			*(p++)= (*(n++)^0xFF)+1;
+		if (!pad) *pt|=0x80;
+		}
+
+	*pp=p;
+	return(r);
+	}
+
+ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length)
+ASN1_INTEGER **a;
+unsigned char **pp;
+long length;
+	{
+	ASN1_INTEGER *ret=NULL;
+	unsigned char *p,*to,*s;
+	long len;
+	int inf,tag,xclass;
+	int i;
+
+	if ((a == NULL) || ((*a) == NULL))
+		{
+		if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL);
+		ret->type=V_ASN1_INTEGER;
+		}
+	else
+		ret=(*a);
+
+	p= *pp;
+	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+	if (inf & 0x80)
+		{
+		i=ASN1_R_BAD_OBJECT_HEADER;
+		goto err;
+		}
+
+	if (tag != V_ASN1_INTEGER)
+		{
+		i=ASN1_R_EXPECTING_AN_INTEGER;
+		goto err;
+		}
+
+	/* We must Malloc stuff, even for 0 bytes otherwise it
+	 * signifies a missing NULL parameter. */
+	s=(unsigned char *)Malloc((int)len+1);
+	if (s == NULL)
+		{
+		i=ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+	to=s;
+	if (*p & 0x80) /* a negative number */
+		{
+		ret->type=V_ASN1_NEG_INTEGER;
+		if (*p == 0xff)
+			{
+			p++;
+			len--;
+			}
+		for (i=(int)len; i>0; i--)
+			*(to++)= (*(p++)^0xFF)+1;
+		}
+	else
+		{
+		ret->type=V_ASN1_INTEGER;
+		if ((*p == 0) && (len != 1))
+			{
+			p++;
+			len--;
+			}
+		memcpy(s,p,(int)len);
+		p+=len;
+		}
+
+	if (ret->data != NULL) Free((char *)ret->data);
+	ret->data=s;
+	ret->length=(int)len;
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+		ASN1_INTEGER_free(ret);
+	return(NULL);
+	}
+
+int ASN1_INTEGER_set(a,v)
+ASN1_INTEGER *a;
+long v;
+	{
+	int i,j,k;
+	unsigned char buf[sizeof(long)+1];
+	long d;
+
+	a->type=V_ASN1_INTEGER;
+	if (a->length < (sizeof(long)+1))
+		{
+		if (a->data != NULL)
+			Free((char *)a->data);
+		if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)
+			memset((char *)a->data,0,sizeof(long)+1);
+		}
+	if (a->data == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	d=v;
+	if (d < 0)
+		{
+		d= -d;
+		a->type=V_ASN1_NEG_INTEGER;
+		}
+
+	for (i=0; i<sizeof(long); i++)
+		{
+		if (d == 0) break;
+		buf[i]=(int)d&0xff;
+		d>>=8;
+		}
+	j=0;
+	if (v < 0) a->data[j++]=0;
+	for (k=i-1; k >=0; k--)
+		a->data[j++]=buf[k];
+	a->length=j;
+	return(1);
+	}
+
+long ASN1_INTEGER_get(a)
+ASN1_INTEGER *a;
+	{
+	int neg=0,i;
+	long r=0;
+
+	if (a == NULL) return(0L);
+	i=a->type;
+	if (i == V_ASN1_NEG_INTEGER)
+		neg=1;
+	else if (i != V_ASN1_INTEGER)
+		return(0);
+	
+	if (a->length > sizeof(long))
+		{
+		return(0xFFFFFFFFL);
+		}
+	if (a->data == NULL)
+		return(0);
+
+	for (i=0; i<a->length; i++)
+		{
+		r<<=8;
+		r|=(unsigned char)a->data[i];
+		}
+	if (neg) r= -r;
+	return(r);
+	}
+
+ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai)
+BIGNUM *bn;
+ASN1_INTEGER *ai;
+	{
+	ASN1_INTEGER *ret;
+	int len,j;
+
+	if (ai == NULL)
+		ret=ASN1_INTEGER_new();
+	else
+		ret=ai;
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);
+		goto err;
+		}
+	ret->type=V_ASN1_INTEGER;
+	j=BN_num_bits(bn);
+	len=((j == 0)?0:((j/8)+1));
+	ret->data=(unsigned char *)Malloc(len+4);
+	ret->length=BN_bn2bin(bn,ret->data);
+	return(ret);
+err:
+	if (ret != ai) ASN1_INTEGER_free(ret);
+	return(NULL);
+	}
+
+BIGNUM *ASN1_INTEGER_to_BN(ai,bn)
+ASN1_INTEGER *ai;
+BIGNUM *bn;
+	{
+	BIGNUM *ret;
+
+	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
+		ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
+	return(ret);
+	}
diff --git a/crypto/asn1/a_meth.c b/crypto/asn1/a_meth.c
new file mode 100644
index 0000000000..0beb958aa6
--- /dev/null
+++ b/crypto/asn1/a_meth.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/a_meth.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+static  ASN1_METHOD ia5string_meth={
+	(int (*)())	i2d_ASN1_IA5STRING,
+	(char *(*)())	d2i_ASN1_IA5STRING,
+	(char *(*)())	ASN1_STRING_new,
+	(void (*)())	ASN1_STRING_free};
+
+static  ASN1_METHOD bit_string_meth={
+	(int (*)())	i2d_ASN1_BIT_STRING,
+	(char *(*)())	d2i_ASN1_BIT_STRING,
+	(char *(*)())	ASN1_STRING_new,
+	(void (*)())	ASN1_STRING_free};
+
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth()
+	{
+	return(&ia5string_meth);
+	}
+
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth()
+	{
+	return(&bit_string_meth);
+	}
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
new file mode 100644
index 0000000000..897915cf49
--- /dev/null
+++ b/crypto/asn1/a_object.c
@@ -0,0 +1,369 @@
+/* crypto/asn1/a_object.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1.h"
+#include "objects.h"
+
+/* ASN1err(ASN1_F_ASN1_OBJECT_NEW,ASN1_R_EXPECTING_AN_OBJECT); 
+ * ASN1err(ASN1_F_D2I_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER); 
+ * ASN1err(ASN1_F_I2A_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
+ */
+
+int i2d_ASN1_OBJECT(a, pp)
+ASN1_OBJECT *a;
+unsigned char **pp;
+	{
+	unsigned char *p;
+
+	if ((a == NULL) || (a->data == NULL)) return(0);
+
+	if (pp == NULL)
+		return(ASN1_object_size(0,a->length,V_ASN1_OBJECT));
+
+	p= *pp;
+	ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
+	memcpy(p,a->data,a->length);
+	p+=a->length;
+
+	*pp=p;
+	return(a->length);
+	}
+
+int a2d_ASN1_OBJECT(out,olen,buf,num)
+unsigned char *out;
+int olen;
+char *buf;
+int num;
+	{
+	int i,first,len=0,c;
+	char tmp[24],*p;
+	unsigned long l;
+
+	if (num == 0)
+		return(0);
+	else if (num == -1)
+		num=strlen(buf);
+
+	p=buf;
+	c= *(p++);
+	num--;
+	if ((c >= '0') && (c <= '2'))
+		{
+		first=(c-'0')*40;
+		}
+	else
+		{
+		ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
+		goto err;
+		}
+
+	if (num <= 0)
+		{
+		ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
+		goto err;
+		}
+	c= *(p++);
+	num--;
+	for (;;)
+		{
+		if (num <= 0) break;
+		if ((c != '.') && (c != ' '))
+			{
+			ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
+			goto err;
+			}
+		l=0;
+		for (;;)
+			{
+			if (num <= 0) break;
+			num--;
+			c= *(p++);
+			if ((c == ' ') || (c == '.'))
+				break;
+			if ((c < '0') || (c > '9'))
+				{
+				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
+				goto err;
+				}
+			l=l*10L+(long)(c-'0');
+			}
+		if (len == 0)
+			{
+			if ((first < 2) && (l >= 40))
+				{
+				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
+				goto err;
+				}
+			l+=(long)first;
+			}
+		i=0;
+		for (;;)
+			{
+			tmp[i++]=(unsigned char)l&0x7f;
+			l>>=7L;
+			if (l == 0L) break;
+			}
+		if (out != NULL)
+			{
+			if (len+i > olen)
+				{
+				ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
+				goto err;
+				}
+			while (--i > 0)
+				out[len++]=tmp[i]|0x80;
+			out[len++]=tmp[0];
+			}
+		else
+			len+=i;
+		}
+	return(len);
+err:
+	return(0);
+	}
+
+int i2a_ASN1_OBJECT(bp,a)
+BIO *bp;
+ASN1_OBJECT *a;
+	{
+	int j,i,idx=0,n=0,len,nid,reason=ERR_R_BUF_LIB;
+	unsigned long l;
+	unsigned char *p;
+	char buf[20];
+	char *s;
+
+	if ((a == NULL) || (a->data == NULL))
+		{
+		return(BIO_write(bp,"NULL",4));
+		}
+
+	nid=OBJ_obj2nid(a);
+	if (nid == NID_undef)
+		{
+		len=a->length;
+		p=a->data;
+
+		idx=0;
+		l=0;
+		while (idx < a->length)
+			{
+			l|=(p[idx]&0x7f);
+			if (!(p[idx] & 0x80)) break;
+			l<<=7L;
+			idx++;
+			}
+		idx++;
+		i=(int)(l/40);
+		if (i > 2) i=2;
+		l-=(long)(i*40);
+
+		sprintf(buf,"%d.%ld",i,l);
+		i=strlen(buf);
+		if (BIO_write(bp,buf,i) != i)
+				goto err;
+		n+=i;
+
+		l=0;
+		for (; idx<len; idx++)
+			{
+			l|=p[idx]&0x7f;
+			if (!(p[idx] & 0x80))
+				{
+				sprintf(buf,".%ld",l);
+				i=strlen(buf);
+				if (BIO_write(bp,buf,i) != i) goto err;
+				n+=i;
+				l=0;
+				}
+			l<<=7L;
+			}
+		}
+	else
+		{
+		s=(char *)OBJ_nid2ln(nid);
+		if (s == NULL)
+			s=(char *)OBJ_nid2sn(nid);
+		j=strlen(s);
+		if (BIO_write(bp,s,j) != j) goto err;
+		n=j;
+		}
+	return(n);
+err:
+	ASN1err(ASN1_F_I2A_ASN1_OBJECT,reason);
+	return(-1);
+	}
+
+ASN1_OBJECT *d2i_ASN1_OBJECT(a, pp, length)
+ASN1_OBJECT **a;
+unsigned char **pp;
+long length; 
+	{
+	ASN1_OBJECT *ret=NULL;
+	unsigned char *p;
+	long len;
+	int tag,xclass;
+	int inf,i;
+
+	/* only the ASN1_OBJECTs from the 'table' will have values
+	 * for ->sn or ->ln */
+	if ((a == NULL) || ((*a) == NULL) ||
+		!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+		{
+		if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
+		}
+	else	ret=(*a);
+
+	p= *pp;
+
+	inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+	if (inf & 0x80)
+		{
+		i=ASN1_R_BAD_OBJECT_HEADER;
+		goto err;
+		}
+
+	if (tag != V_ASN1_OBJECT)
+		{
+		i=ASN1_R_EXPECTING_AN_OBJECT;
+		goto err;
+		}
+	if ((ret->data == NULL) || (ret->length < len))
+		{
+		if (ret->data != NULL) Free((char *)ret->data);
+		ret->data=(unsigned char *)Malloc((int)len);
+		ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+		if (ret->data == NULL)
+			{ i=ERR_R_MALLOC_FAILURE; goto err; }
+		}
+	memcpy(ret->data,p,(int)len);
+	ret->length=(int)len;
+	ret->sn=NULL;
+	ret->ln=NULL;
+	/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
+	p+=len;
+
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+		ASN1_OBJECT_free(ret);
+	return(NULL);
+	}
+
+ASN1_OBJECT *ASN1_OBJECT_new()
+	{
+	ASN1_OBJECT *ret;
+
+	ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT));
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->length=0;
+	ret->data=NULL;
+	ret->nid=0;
+	ret->sn=NULL;
+	ret->ln=NULL;
+	ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
+	return(ret);
+	}
+
+void ASN1_OBJECT_free(a)
+ASN1_OBJECT *a;
+	{
+	if (a == NULL) return;
+	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
+		{
+		if (a->sn != NULL) Free(a->sn);
+		if (a->ln != NULL) Free(a->ln);
+		a->sn=a->ln=NULL;
+		}
+	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
+		{
+		if (a->data != NULL) Free(a->data);
+		a->data=NULL;
+		a->length=0;
+		}
+	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
+		Free((char *)a);
+	}
+
+ASN1_OBJECT *ASN1_OBJECT_create(nid,data,len,sn,ln)
+int nid;
+unsigned char *data;
+int len;
+char *sn,*ln;
+	{
+	ASN1_OBJECT o;
+
+	o.sn=sn;
+	o.ln=ln;
+	o.data=data;
+	o.nid=nid;
+	o.length=len;
+	o.flags=ASN1_OBJECT_FLAG_DYNAMIC|
+		ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+	return(OBJ_dup(&o));
+	}
+
diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
new file mode 100644
index 0000000000..e4ef15a995
--- /dev/null
+++ b/crypto/asn1/a_octet.c
@@ -0,0 +1,90 @@
+/* crypto/asn1/a_octet.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_EXPECTING_AN_OCTET_STRING);
+ */
+
+int i2d_ASN1_OCTET_STRING(a, pp)
+ASN1_OCTET_STRING *a;
+unsigned char **pp;
+	{
+	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+		V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL));
+	}
+
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(a, pp, length)
+ASN1_OCTET_STRING **a;
+unsigned char **pp;
+long length;
+	{
+	ASN1_OCTET_STRING *ret=NULL;
+
+	ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
+		pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK);
+		return(NULL);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
new file mode 100644
index 0000000000..a1bbc35ca1
--- /dev/null
+++ b/crypto/asn1/a_print.c
@@ -0,0 +1,161 @@
+/* crypto/asn1/a_print.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_WRONG_PRINTABLE_TYPE);
+ * ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_TAG_VALUE_TOO_HIGH);
+ */
+
+int i2d_ASN1_IA5STRING(a,pp)
+ASN1_IA5STRING *a;
+unsigned char **pp;
+	{ return(M_i2d_ASN1_IA5STRING(a,pp)); }
+
+ASN1_IA5STRING *d2i_ASN1_IA5STRING(a,pp,l)
+ASN1_IA5STRING **a;
+unsigned char **pp;
+long l;
+	{ return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
+
+ASN1_T61STRING *d2i_ASN1_T61STRING(a,pp,l)
+ASN1_T61STRING **a;
+unsigned char **pp;
+long l;
+	{ return(M_d2i_ASN1_T61STRING(a,pp,l)); }
+
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(a,pp,l)
+ASN1_PRINTABLESTRING **a;
+unsigned char **pp;
+long l;
+	{ return(M_d2i_ASN1_PRINTABLESTRING(a,pp,l)); }
+
+int i2d_ASN1_PRINTABLE(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+	{ return(M_i2d_ASN1_PRINTABLE(a,pp)); }
+
+ASN1_STRING *d2i_ASN1_PRINTABLE(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+	{ return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
+
+int ASN1_PRINTABLE_type(s,len)
+unsigned char *s;
+int len;
+	{
+	int c;
+	int ia5=0;
+	int t61=0;
+
+	if (len <= 0) len= -1;
+	if (s == NULL) return(V_ASN1_PRINTABLESTRING);
+
+	while ((*s) && (len-- != 0))
+		{
+		c= *(s++);
+		if (!(	((c >= 'a') && (c <= 'z')) ||
+			((c >= 'A') && (c <= 'Z')) ||
+			(c == ' ') ||
+			((c >= '0') && (c <= '9')) ||
+			(c == ' ') || (c == '\'') ||
+			(c == '(') || (c == ')') ||
+			(c == '+') || (c == ',') ||
+			(c == '-') || (c == '.') ||
+			(c == '/') || (c == ':') ||
+			(c == '=') || (c == '?')))
+			ia5=1;
+		if (c&0x80)
+			t61=1;
+		}
+	if (t61) return(V_ASN1_T61STRING);
+	if (ia5) return(V_ASN1_IA5STRING);
+	return(V_ASN1_PRINTABLESTRING);
+	}
+
+int ASN1_UNIVERSALSTRING_to_string(s)
+ASN1_UNIVERSALSTRING *s;
+	{
+	int i;
+	unsigned char *p;
+
+	if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
+	if ((s->length%4) != 0) return(0);
+	p=s->data;
+	for (i=0; i<s->length; i+=4)
+		{
+		if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
+			break;
+		else
+			p+=4;
+		}
+	if (i < s->length) return(0);
+	p=s->data;
+	for (i=3; i<s->length; i+=4)
+		{
+		*(p++)=s->data[i];
+		}
+	*(p)='\0';
+	s->length/=4;
+	s->type=ASN1_PRINTABLE_type(s->data,s->length);
+	return(1);
+	}
+
diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c
new file mode 100644
index 0000000000..5752fbb5fd
--- /dev/null
+++ b/crypto/asn1/a_set.c
@@ -0,0 +1,149 @@
+/* crypto/asn1/a_set.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ERR_R_MALLOC_FAILURE);
+ */
+
+int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class)
+STACK *a;
+unsigned char **pp;
+int (*func)();
+int ex_tag;
+int ex_class;
+	{
+	int ret=0,r;
+	int i;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+	for (i=sk_num(a)-1; i>=0; i--)
+		ret+=func(sk_value(a,i),NULL);
+	r=ASN1_object_size(1,ret,ex_tag);
+	if (pp == NULL) return(r);
+
+	p= *pp;
+	ASN1_put_object(&p,1,ret,ex_tag,ex_class);
+	for (i=0; i<sk_num(a); i++)
+		func(sk_value(a,i),&p);
+
+	*pp=p;
+	return(r);
+	}
+
+STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class)
+STACK **a;
+unsigned char **pp;
+long length;
+char *(*func)();
+int ex_tag;
+int ex_class;
+	{
+	ASN1_CTX c;
+	STACK *ret=NULL;
+
+	if ((a == NULL) || ((*a) == NULL))
+		{ if ((ret=sk_new(NULL)) == NULL) goto err; }
+	else
+		ret=(*a);
+
+	c.p= *pp;
+	c.max=(length == 0)?0:(c.p+length);
+
+	c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
+	if (c.inf & 0x80) goto err;
+	if (ex_class != c.xclass)
+		{
+		ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
+		goto err;
+		}
+	if (ex_tag != c.tag)
+		{
+		ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
+		goto err;
+		}
+	if ((c.slen+c.p) > c.max)
+		{
+		ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
+		goto err;
+		}
+	/* check for infinite constructed - it can be as long
+	 * as the amount of data passed to us */
+	if (c.inf == (V_ASN1_CONSTRUCTED+1))
+		c.slen=length+ *pp-c.p;
+	c.max=c.p+c.slen;
+
+	while (c.p < c.max)
+		{
+		char *s;
+
+		if (M_ASN1_D2I_end_sequence()) break;
+		if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err;
+		if (!sk_push(ret,s)) goto err;
+		}
+	if (a != NULL) (*a)=ret;
+	*pp=c.p;
+	return(ret);
+err:
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
new file mode 100644
index 0000000000..2925ce3ad3
--- /dev/null
+++ b/crypto/asn1/a_sign.c
@@ -0,0 +1,147 @@
+/* crypto/asn1/a_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+int ASN1_sign(i2d,algor1,algor2,signature,data,pkey,type)
+int (*i2d)();
+X509_ALGOR *algor1;
+X509_ALGOR *algor2;
+ASN1_BIT_STRING *signature;
+char *data;
+EVP_PKEY *pkey;
+EVP_MD *type;
+	{
+	EVP_MD_CTX ctx;
+	unsigned char *p,*buf_in=NULL,*buf_out=NULL;
+	int i,inl=0,outl=0,outll=0;
+	X509_ALGOR *a;
+
+	for (i=0; i<2; i++)
+		{
+		if (i == 0)
+			a=algor1;
+		else
+			a=algor2;
+		if (a == NULL) continue;
+		if (	(a->parameter == NULL) || 
+			(a->parameter->type != V_ASN1_NULL))
+			{
+			ASN1_TYPE_free(a->parameter);
+			if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
+			a->parameter->type=V_ASN1_NULL;
+			}
+		ASN1_OBJECT_free(a->algorithm);
+		a->algorithm=OBJ_nid2obj(type->pkey_type);
+		if (a->algorithm == NULL)
+			{
+			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
+			goto err;
+			}
+		if (a->algorithm->length == 0)
+			{
+			ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+			goto err;
+			}
+		}
+	inl=i2d(data,NULL);
+	buf_in=(unsigned char *)Malloc((unsigned int)inl);
+	outll=outl=EVP_PKEY_size(pkey);
+	buf_out=(unsigned char *)Malloc((unsigned int)outl);
+	if ((buf_in == NULL) || (buf_out == NULL))
+		{
+		outl=0;
+		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p=buf_in;
+
+	i2d(data,&p);
+	EVP_SignInit(&ctx,type);
+	EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
+	if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+			(unsigned int *)&outl,pkey))
+		{
+		outl=0;
+		ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
+		goto err;
+		}
+	if (signature->data != NULL) Free((char *)signature->data);
+	signature->data=buf_out;
+	buf_out=NULL;
+	signature->length=outl;
+
+err:
+	memset(&ctx,0,sizeof(ctx));
+	if (buf_in != NULL)
+		{ memset((char *)buf_in,0,(unsigned int)inl); Free((char *)buf_in); }
+	if (buf_out != NULL)
+		{ memset((char *)buf_out,0,outll); Free((char *)buf_out); }
+	return(outl);
+	}
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
new file mode 100644
index 0000000000..abaf70dcb8
--- /dev/null
+++ b/crypto/asn1/a_type.c
@@ -0,0 +1,317 @@
+/* crypto/asn1/a_type.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
+ * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
+ */
+
+#ifndef NOPROTO
+static void ASN1_TYPE_component_free(ASN1_TYPE *a);
+#else
+static void ASN1_TYPE_component_free();
+#endif
+
+int i2d_ASN1_TYPE(a,pp)
+ASN1_TYPE *a;
+unsigned char **pp;
+	{
+	int r=0;
+
+	if (a == NULL) return(0);
+
+	switch (a->type)
+		{
+	case V_ASN1_NULL:
+		if (pp != NULL)
+			ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
+		r=2;
+		break;
+	case V_ASN1_INTEGER:
+	case V_ASN1_NEG_INTEGER:
+		r=i2d_ASN1_INTEGER(a->value.integer,pp);
+		break;
+	case V_ASN1_BIT_STRING:
+		r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
+		break;
+	case V_ASN1_OCTET_STRING:
+		r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
+		break;
+	case V_ASN1_OBJECT:
+		r=i2d_ASN1_OBJECT(a->value.object,pp);
+		break;
+	case V_ASN1_PRINTABLESTRING:
+		r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
+		break;
+	case V_ASN1_T61STRING:
+		r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
+		break;
+	case V_ASN1_IA5STRING:
+		r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
+		break;
+	case V_ASN1_GENERALSTRING:
+		r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
+		break;
+	case V_ASN1_UNIVERSALSTRING:
+		r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
+		break;
+	case V_ASN1_UTCTIME:
+		r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
+		break;
+	case V_ASN1_SET:
+	case V_ASN1_SEQUENCE:
+		if (a->value.set == NULL)
+			r=0;
+		else
+			{
+			r=a->value.set->length;
+			if (pp != NULL)
+				{
+				memcpy(*pp,a->value.set->data,r);
+				*pp+=r;
+				}
+			}
+		break;
+		}
+	return(r);
+	}
+
+ASN1_TYPE *d2i_ASN1_TYPE(a,pp,length)
+ASN1_TYPE **a;
+unsigned char **pp;
+long length;
+	{
+	ASN1_TYPE *ret=NULL;
+	unsigned char *q,*p,*max;
+	int inf,tag,xclass;
+	long len;
+
+	if ((a == NULL) || ((*a) == NULL))
+		{
+		if ((ret=ASN1_TYPE_new()) == NULL) goto err;
+		}
+	else
+		ret=(*a);
+
+	p= *pp;
+	q=p;
+	max=(p+length);
+
+	inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
+	if (inf & 0x80) goto err;
+	
+	ASN1_TYPE_component_free(ret);
+
+	switch (tag)
+		{
+	case V_ASN1_NULL:
+		p=q;
+		ret->value.ptr=NULL;
+		break;
+	case V_ASN1_INTEGER:
+		if ((ret->value.integer=
+			d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_BIT_STRING:
+		if ((ret->value.bit_string=
+			d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_OCTET_STRING:
+		if ((ret->value.octet_string=
+			d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_OBJECT:
+		if ((ret->value.object=
+			d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_PRINTABLESTRING:
+		if ((ret->value.printablestring=
+			d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_T61STRING:
+		if ((ret->value.t61string=
+			M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_IA5STRING:
+		if ((ret->value.ia5string=
+			M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_GENERALSTRING:
+		if ((ret->value.generalstring=
+			M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_UNIVERSALSTRING:
+		if ((ret->value.universalstring=
+			M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_UTCTIME:
+		if ((ret->value.utctime=
+			d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
+			goto err;
+		break;
+	case V_ASN1_SET:
+	case V_ASN1_SEQUENCE:
+		/* Sets and sequences are left complete */
+		if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
+		ret->value.set->type=tag;
+		len+=(q-p);
+		if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
+		p+=len;
+		break;
+	default:
+		ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
+		goto err;
+		}
+
+	ret->type=tag;
+	if (a != NULL) (*a)=ret;
+	*pp=p;
+	return(ret);
+err:
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
+	return(NULL);
+	}
+
+ASN1_TYPE *ASN1_TYPE_new()
+	{
+	ASN1_TYPE *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,ASN1_TYPE);
+	ret->type= -1;
+	ret->value.ptr=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
+	}
+
+void ASN1_TYPE_free(a)
+ASN1_TYPE *a;
+	{
+	if (a == NULL) return;
+	ASN1_TYPE_component_free(a);
+	Free((char *)(char *)a);
+	}
+
+int ASN1_TYPE_get(a)
+ASN1_TYPE *a;
+	{
+	if (a->value.ptr != NULL)
+		return(a->type);
+	else
+		return(0);
+	}
+
+void ASN1_TYPE_set(a,type,value)
+ASN1_TYPE *a;
+int type;
+char *value;
+	{
+	if (a->value.ptr != NULL)
+		ASN1_TYPE_component_free(a);
+	a->type=type;
+	a->value.ptr=value;
+	}
+
+static void ASN1_TYPE_component_free(a)
+ASN1_TYPE *a;
+	{
+	if (a == NULL) return;
+
+	if (a->value.ptr != NULL)
+		{
+		switch (a->type)
+			{
+		case V_ASN1_OBJECT:
+			ASN1_OBJECT_free(a->value.object);
+			break;
+		case V_ASN1_INTEGER:
+		case V_ASN1_NEG_INTEGER:
+		case V_ASN1_BIT_STRING:
+		case V_ASN1_OCTET_STRING:
+		case V_ASN1_PRINTABLESTRING:
+		case V_ASN1_T61STRING:
+		case V_ASN1_IA5STRING:
+		case V_ASN1_UNIVERSALSTRING:
+		case V_ASN1_GENERALSTRING:
+		case V_ASN1_UTCTIME:
+		case V_ASN1_SET:
+		case V_ASN1_SEQUENCE:
+			ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
+			break;
+		default:
+			/* MEMORY LEAK */
+			break;
+			}
+		a->type=0;
+		a->value.ptr=NULL;
+		}
+	}
+
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
new file mode 100644
index 0000000000..cc3c692fc9
--- /dev/null
+++ b/crypto/asn1/a_utctm.c
@@ -0,0 +1,190 @@
+/* crypto/asn1/a_utctm.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_UTCTIME_NEW,ASN1_R_UTCTIME_TOO_LONG);
+ * ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_EXPECTING_A_UTCTIME);
+ */
+
+int i2d_ASN1_UTCTIME(a,pp)
+ASN1_UTCTIME *a;
+unsigned char **pp;
+	{
+	return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+		V_ASN1_UTCTIME,V_ASN1_UNIVERSAL));
+	}
+
+
+ASN1_UTCTIME *d2i_ASN1_UTCTIME(a, pp, length)
+ASN1_UTCTIME **a;
+unsigned char **pp;
+long length;
+	{
+	ASN1_UTCTIME *ret=NULL;
+
+	ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
+		V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK);
+		return(NULL);
+		}
+	if (!ASN1_UTCTIME_check(ret))
+		{
+		ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
+		goto err;
+		}
+
+	return(ret);
+err:
+	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+		ASN1_UTCTIME_free(ret);
+	return(NULL);
+	}
+
+int ASN1_UTCTIME_check(d)
+ASN1_UTCTIME *d;
+	{
+	static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
+	static int max[8]={99,12,31,23,59,59,12,59};
+	char *a;
+	int n,i,l,o;
+
+	if (d->type != V_ASN1_UTCTIME) return(0);
+	l=d->length;
+	a=(char *)d->data;
+	o=0;
+
+	if (l < 11) goto err;
+	for (i=0; i<6; i++)
+		{
+		if ((i == 5) && ((a[o] == 'Z') ||
+			(a[o] == '+') || (a[o] == '-')))
+			{ i++; break; }
+		if ((a[o] < '0') || (a[o] > '9')) goto err;
+		n= a[o]-'0';
+		if (++o > l) goto err;
+
+		if ((a[o] < '0') || (a[o] > '9')) goto err;
+		n=(n*10)+ a[o]-'0';
+		if (++o > l) goto err;
+
+		if ((n < min[i]) || (n > max[i])) goto err;
+		}
+	if (a[o] == 'Z')
+		o++;
+	else if ((a[o] == '+') || (a[o] == '-'))
+		{
+		o++;
+		if (o+4 > l) goto err;
+		for (i=6; i<8; i++)
+			{
+			if ((a[o] < '0') || (a[o] > '9')) goto err;
+			n= a[o]-'0';
+			o++;
+			if ((a[o] < '0') || (a[o] > '9')) goto err;
+			n=(n*10)+ a[o]-'0';
+			if ((n < min[i]) || (n > max[i])) goto err;
+			o++;
+			}
+		}
+	return(o == l);
+err:
+	return(0);
+	}
+
+ASN1_UTCTIME *ASN1_UTCTIME_set(s, t)
+ASN1_UTCTIME *s;
+time_t t;
+	{
+	char *p;
+	struct tm *ts;
+#if defined(THREADS)
+	struct tm data;
+#endif
+
+	if (s == NULL)
+		s=ASN1_UTCTIME_new();
+	if (s == NULL)
+		return(NULL);
+
+#if defined(THREADS)
+	ts=(struct tm *)gmtime_r(&t,&data);
+#else
+	ts=(struct tm *)gmtime(&t);
+#endif
+	p=(char *)s->data;
+	if ((p == NULL) || (s->length < 14))
+		{
+		p=Malloc(20);
+		if (p == NULL) return(NULL);
+		if (s->data != NULL)
+			Free(s->data);
+		s->data=(unsigned char *)p;
+		}
+
+	sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
+		ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+	s->length=strlen(p);
+	s->type=V_ASN1_UTCTIME;
+	return(s);
+	}
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
new file mode 100644
index 0000000000..567552f782
--- /dev/null
+++ b/crypto/asn1/a_verify.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/a_verify.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "bn.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "evp.h"
+#include "pem.h"
+
+int ASN1_verify(i2d,a,signature,data,pkey)
+int (*i2d)();
+X509_ALGOR *a;
+ASN1_BIT_STRING *signature;
+char *data;
+EVP_PKEY *pkey;
+	{
+	EVP_MD_CTX ctx;
+	EVP_MD *type;
+	unsigned char *p,*buf_in=NULL;
+	int ret= -1,i,inl;
+
+	i=OBJ_obj2nid(a->algorithm);
+	type=EVP_get_digestbyname(OBJ_nid2sn(i));
+	if (type == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+		goto err;
+		}
+	
+	inl=i2d(data,NULL);
+	buf_in=(unsigned char *)Malloc((unsigned int)inl);
+	if (buf_in == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p=buf_in;
+
+	i2d(data,&p);
+	EVP_VerifyInit(&ctx,type);
+	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+
+	memset(buf_in,0,(unsigned int)inl);
+	Free((char *)buf_in);
+
+	if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
+			(unsigned int)signature->length,pkey) <= 0)
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
+		goto err;
+		}
+	/* we don't need to zero the 'ctx' because we just checked
+	 * public information */
+	/* memset(&ctx,0,sizeof(ctx)); */
+	ret=1;
+err:
+	return(ret);
+	}
diff --git a/crypto/asn1/asn1.err b/crypto/asn1/asn1.err
new file mode 100644
index 0000000000..cbf27ab5fd
--- /dev/null
+++ b/crypto/asn1/asn1.err
@@ -0,0 +1,178 @@
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+#define ASN1_F_A2D_ASN1_OBJECT				 100
+#define ASN1_F_A2I_ASN1_INTEGER				 101
+#define ASN1_F_A2I_ASN1_STRING				 102
+#define ASN1_F_ASN1_COLLATE_PRIMATIVE			 103
+#define ASN1_F_ASN1_D2I_BIO				 104
+#define ASN1_F_ASN1_D2I_FP				 105
+#define ASN1_F_ASN1_DUP					 106
+#define ASN1_F_ASN1_GET_OBJECT				 107
+#define ASN1_F_ASN1_HEADER_NEW				 108
+#define ASN1_F_ASN1_I2D_BIO				 109
+#define ASN1_F_ASN1_I2D_FP				 110
+#define ASN1_F_ASN1_INTEGER_SET				 111
+#define ASN1_F_ASN1_INTEGER_TO_BN			 112
+#define ASN1_F_ASN1_OBJECT_NEW				 113
+#define ASN1_F_ASN1_SIGN				 114
+#define ASN1_F_ASN1_STRING_NEW				 115
+#define ASN1_F_ASN1_STRING_TYPE_NEW			 116
+#define ASN1_F_ASN1_TYPE_NEW				 117
+#define ASN1_F_ASN1_UTCTIME_NEW				 118
+#define ASN1_F_ASN1_VERIFY				 119
+#define ASN1_F_BN_TO_ASN1_INTEGER			 120
+#define ASN1_F_D2I_ASN1_BIT_STRING			 121
+#define ASN1_F_D2I_ASN1_BOOLEAN				 122
+#define ASN1_F_D2I_ASN1_BYTES				 123
+#define ASN1_F_D2I_ASN1_HEADER				 124
+#define ASN1_F_D2I_ASN1_INTEGER				 125
+#define ASN1_F_D2I_ASN1_OBJECT				 126
+#define ASN1_F_D2I_ASN1_OCTET_STRING			 127
+#define ASN1_F_D2I_ASN1_PRINT_TYPE			 128
+#define ASN1_F_D2I_ASN1_SET				 129
+#define ASN1_F_D2I_ASN1_TYPE				 130
+#define ASN1_F_D2I_ASN1_TYPE_BYTES			 131
+#define ASN1_F_D2I_ASN1_UTCTIME				 132
+#define ASN1_F_D2I_DHPARAMS				 133
+#define ASN1_F_D2I_DSAPARAMS				 134
+#define ASN1_F_D2I_DSAPRIVATEKEY			 135
+#define ASN1_F_D2I_DSAPUBLICKEY				 136
+#define ASN1_F_D2I_NETSCAPE_PKEY			 137
+#define ASN1_F_D2I_NETSCAPE_RSA				 138
+#define ASN1_F_D2I_NETSCAPE_RSA_2			 139
+#define ASN1_F_D2I_NETSCAPE_SPKAC			 140
+#define ASN1_F_D2I_NETSCAPE_SPKI			 141
+#define ASN1_F_D2I_PKCS7				 142
+#define ASN1_F_D2I_PKCS7_DIGEST				 143
+#define ASN1_F_D2I_PKCS7_ENCRYPT			 144
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT			 145
+#define ASN1_F_D2I_PKCS7_ENVELOPE			 146
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL		 147
+#define ASN1_F_D2I_PKCS7_RECIP_INFO			 148
+#define ASN1_F_D2I_PKCS7_SIGNED				 149
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO			 150
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE			 151
+#define ASN1_F_D2I_PRIVATEKEY				 152
+#define ASN1_F_D2I_PUBLICKEY				 153
+#define ASN1_F_D2I_RSAPRIVATEKEY			 154
+#define ASN1_F_D2I_RSAPUBLICKEY				 155
+#define ASN1_F_D2I_X509					 156
+#define ASN1_F_D2I_X509_ALGOR				 157
+#define ASN1_F_D2I_X509_ATTRIBUTE			 158
+#define ASN1_F_D2I_X509_CINF				 159
+#define ASN1_F_D2I_X509_CRL				 160
+#define ASN1_F_D2I_X509_CRL_INFO			 161
+#define ASN1_F_D2I_X509_EXTENSION			 162
+#define ASN1_F_D2I_X509_KEY				 163
+#define ASN1_F_D2I_X509_NAME				 164
+#define ASN1_F_D2I_X509_NAME_ENTRY			 165
+#define ASN1_F_D2I_X509_PKEY				 166
+#define ASN1_F_D2I_X509_PUBKEY				 167
+#define ASN1_F_D2I_X509_REQ				 168
+#define ASN1_F_D2I_X509_REQ_INFO			 169
+#define ASN1_F_D2I_X509_REVOKED				 170
+#define ASN1_F_D2I_X509_SIG				 171
+#define ASN1_F_D2I_X509_VAL				 172
+#define ASN1_F_I2A_ASN1_OBJECT				 173
+#define ASN1_F_I2D_ASN1_HEADER				 174
+#define ASN1_F_I2D_DHPARAMS				 175
+#define ASN1_F_I2D_DSAPARAMS				 176
+#define ASN1_F_I2D_DSAPRIVATEKEY			 177
+#define ASN1_F_I2D_DSAPUBLICKEY				 178
+#define ASN1_F_I2D_NETSCAPE_RSA				 179
+#define ASN1_F_I2D_PKCS7				 180
+#define ASN1_F_I2D_PRIVATEKEY				 181
+#define ASN1_F_I2D_PUBLICKEY				 182
+#define ASN1_F_I2D_RSAPRIVATEKEY			 183
+#define ASN1_F_I2D_RSAPUBLICKEY				 184
+#define ASN1_F_I2D_X509_ATTRIBUTE			 185
+#define ASN1_F_NETSCAPE_PKEY_NEW			 186
+#define ASN1_F_NETSCAPE_SPKAC_NEW			 187
+#define ASN1_F_NETSCAPE_SPKI_NEW			 188
+#define ASN1_F_PKCS7_DIGEST_NEW				 189
+#define ASN1_F_PKCS7_ENCRYPT_NEW			 190
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW			 191
+#define ASN1_F_PKCS7_ENVELOPE_NEW			 192
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW		 193
+#define ASN1_F_PKCS7_NEW				 194
+#define ASN1_F_PKCS7_RECIP_INFO_NEW			 195
+#define ASN1_F_PKCS7_SIGNED_NEW				 196
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW			 197
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW			 198
+#define ASN1_F_X509_ALGOR_NEW				 199
+#define ASN1_F_X509_ATTRIBUTE_NEW			 200
+#define ASN1_F_X509_CINF_NEW				 201
+#define ASN1_F_X509_CRL_INFO_NEW			 202
+#define ASN1_F_X509_CRL_NEW				 203
+#define ASN1_F_X509_DHPARAMS_NEW			 204
+#define ASN1_F_X509_EXTENSION_NEW			 205
+#define ASN1_F_X509_INFO_NEW				 206
+#define ASN1_F_X509_KEY_NEW				 207
+#define ASN1_F_X509_NAME_ENTRY_NEW			 208
+#define ASN1_F_X509_NAME_NEW				 209
+#define ASN1_F_X509_NEW					 210
+#define ASN1_F_X509_PKEY_NEW				 211
+#define ASN1_F_X509_PUBKEY_NEW				 212
+#define ASN1_F_X509_REQ_INFO_NEW			 213
+#define ASN1_F_X509_REQ_NEW				 214
+#define ASN1_F_X509_REVOKED_NEW				 215
+#define ASN1_F_X509_SIG_NEW				 216
+#define ASN1_F_X509_VAL_FREE				 217
+#define ASN1_F_X509_VAL_NEW				 218
+
+/* Reason codes. */
+#define ASN1_R_BAD_CLASS				 100
+#define ASN1_R_BAD_GET_OBJECT				 101
+#define ASN1_R_BAD_OBJECT_HEADER			 102
+#define ASN1_R_BAD_PASSWORD_READ			 103
+#define ASN1_R_BAD_PKCS7_CONTENT			 104
+#define ASN1_R_BAD_PKCS7_TYPE				 105
+#define ASN1_R_BAD_TAG					 106
+#define ASN1_R_BAD_TYPE					 107
+#define ASN1_R_BN_LIB					 108
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 109
+#define ASN1_R_BUFFER_TOO_SMALL				 110
+#define ASN1_R_DECODING_ERROR				 111
+#define ASN1_R_ERROR_STACK				 112
+#define ASN1_R_EXPECTING_AN_INTEGER			 113
+#define ASN1_R_EXPECTING_AN_OBJECT			 114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING		 115
+#define ASN1_R_EXPECTING_A_BIT_STRING			 116
+#define ASN1_R_EXPECTING_A_BOOLEAN			 117
+#define ASN1_R_EXPECTING_A_SEQUENCE			 118
+#define ASN1_R_EXPECTING_A_UTCTIME			 119
+#define ASN1_R_FIRST_NUM_TOO_LARGE			 120
+#define ASN1_R_HEADER_TOO_LONG				 121
+#define ASN1_R_INVALID_DIGIT				 122
+#define ASN1_R_INVALID_SEPARATOR			 123
+#define ASN1_R_INVALID_TIME_FORMAT			 124
+#define ASN1_R_IV_TOO_LARGE				 125
+#define ASN1_R_LENGTH_ERROR				 126
+#define ASN1_R_LENGTH_MISMATCH				 127
+#define ASN1_R_MISSING_EOS				 128
+#define ASN1_R_MISSING_SECOND_NUMBER			 129
+#define ASN1_R_NON_HEX_CHARACTERS			 130
+#define ASN1_R_NOT_ENOUGH_DATA				 131
+#define ASN1_R_ODD_NUMBER_OF_CHARS			 132
+#define ASN1_R_PARSING					 133
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 134
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 135
+#define ASN1_R_SHORT_LINE				 136
+#define ASN1_R_STRING_TOO_SHORT				 137
+#define ASN1_R_TAG_VALUE_TOO_HIGH			 138
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 139
+#define ASN1_R_TOO_LONG					 140
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 142
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE			 143
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 144
+#define ASN1_R_UNKNOWN_OBJECT_TYPE			 145
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 146
+#define ASN1_R_UNSUPPORTED_CIPHER			 147
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 148
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 149
+#define ASN1_R_UTCTIME_TOO_LONG				 150
+#define ASN1_R_WRONG_PRINTABLE_TYPE			 151
+#define ASN1_R_WRONG_TAG				 152
+#define ASN1_R_WRONG_TYPE				 153
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
new file mode 100644
index 0000000000..cdc342946d
--- /dev/null
+++ b/crypto/asn1/asn1.h
@@ -0,0 +1,786 @@
+/* crypto/asn1/asn1.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_H
+#define HEADER_ASN1_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <time.h>
+#include "bn.h"
+#include "stack.h"
+
+#define V_ASN1_UNIVERSAL		0x00
+#define	V_ASN1_APPLICATION		0x40
+#define V_ASN1_CONTEXT_SPECIFIC		0x80
+#define V_ASN1_PRIVATE			0xc0
+
+#define V_ASN1_CONSTRUCTED		0x20
+#define V_ASN1_PRIMATIVE_TAG		0x1f
+
+#define V_ASN1_APP_CHOOSE		-2	/* let the recipent choose */
+
+#define V_ASN1_UNDEF			-1
+#define V_ASN1_EOC			0
+#define V_ASN1_BOOLEAN			1	/**/
+#define V_ASN1_INTEGER			2
+#define V_ASN1_NEG_INTEGER		(2+0x100)
+#define V_ASN1_BIT_STRING		3
+#define V_ASN1_OCTET_STRING		4
+#define V_ASN1_NULL			5
+#define V_ASN1_OBJECT			6
+#define V_ASN1_REAL			9
+#define V_ASN1_ENUMERATED		10	/* microsoft weirdness */
+#define V_ASN1_SEQUENCE			16
+#define V_ASN1_SET			17
+#define V_ASN1_NUMERICSTRING		18	/**/
+#define V_ASN1_PRINTABLESTRING		19
+#define V_ASN1_T61STRING		20
+#define V_ASN1_TELETEXSTRING		20	/* alias */
+#define V_ASN1_VIDEOTEXSTRING		21	/**/
+#define V_ASN1_IA5STRING		22
+#define V_ASN1_UTCTIME			23
+#define V_ASN1_GENERALIZEDTIME		24	/**/
+#define V_ASN1_GRAPHICSTRING		25	/**/
+#define V_ASN1_ISO64STRING		26	/**/
+#define V_ASN1_VISIBLESTRING		26	/* alias */
+#define V_ASN1_GENERALSTRING		27	/**/
+#define V_ASN1_UNIVERSALSTRING		28	/**/
+
+/* For use with d2i_ASN1_type_bytes() */
+#define B_ASN1_NUMERICSTRING	0x0001
+#define B_ASN1_PRINTABLESTRING	0x0002
+#define B_ASN1_T61STRING	0x0004
+#define B_ASN1_VIDEOTEXSTRING	0x0008
+#define B_ASN1_IA5STRING	0x0010
+#define B_ASN1_GRAPHICSTRING	0x0020
+#define B_ASN1_ISO64STRING	0x0040
+#define B_ASN1_GENERALSTRING	0x0080
+#define B_ASN1_UNIVERSALSTRING	0x0100
+#define B_ASN1_OCTET_STRING	0x0200
+#define B_ASN1_UNKNOWN		0x1000
+
+#ifndef DEBUG
+
+#define ASN1_INTEGER		ASN1_STRING
+#define ASN1_BIT_STRING		ASN1_STRING
+#define ASN1_OCTET_STRING	ASN1_STRING
+#define ASN1_PRINTABLESTRING	ASN1_STRING
+#define ASN1_T61STRING		ASN1_STRING
+#define ASN1_IA5STRING		ASN1_STRING
+#define ASN1_UTCTIME		ASN1_STRING
+#define ASN1_GENERALSTRING	ASN1_STRING
+#define ASN1_UNIVERSALSTRING	ASN1_STRING
+
+#else
+
+typedef struct asn1_integer_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_INTEGER;
+
+typedef struct asn1_bit_string_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_BIT_STRING;
+
+typedef struct asn1_octet_string_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_OCTET_STRING;
+
+typedef struct asn1_printablestring_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_PRINTABLESTRING;
+
+typedef struct asn1_t61string_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_T61STRING;
+
+typedef struct asn1_ia5string_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_IA5STRING;
+
+typedef struct asn1_generalstring_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_GENERALSTRING;
+
+typedef struct asn1_universalstring_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_UNIVERSALSTRING;
+
+typedef struct asn1_utctime_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_UTCTIME;
+
+#endif
+
+typedef struct asn1_ctx_st
+	{
+	unsigned char *p;/* work char pointer */
+	int eos;	/* end of sequence read for indefinite encoding */
+	int error;	/* error code to use when returning an error */
+	int inf;	/* constructed if 0x20, indefinite is 0x21 */
+	int tag;	/* tag from last 'get object' */
+	int xclass;	/* class from last 'get object' */
+	long slen;	/* length of last 'get object' */
+	unsigned char *max; /* largest value of p alowed */
+	unsigned char *q;/* temporary variable */
+	unsigned char **pp;/* variable */
+	} ASN1_CTX;
+
+/* These are used internally in the ASN1_OBJECT to keep track of
+ * whether the names and data need to be free()ed */
+#define ASN1_OBJECT_FLAG_DYNAMIC	 0x01	/* internal use */
+#define ASN1_OBJECT_FLAG_CRITICAL	 0x02	/* critical x509v3 object id */
+#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04	/* internal use */
+#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 	 0x08	/* internal use */
+typedef struct asn1_object_st
+	{
+	char *sn,*ln;
+	int nid;
+	int length;
+	unsigned char *data;
+	int flags;	/* Should we free this one */
+	} ASN1_OBJECT;
+
+/* This is the base type that holds just about everything :-) */
+typedef struct asn1_string_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_STRING;
+
+typedef struct asn1_type_st
+	{
+	int type;
+	union	{
+		char *ptr;
+		ASN1_STRING *		asn1_string;
+		ASN1_OBJECT *		object;
+		ASN1_INTEGER *		integer;
+		ASN1_BIT_STRING *	bit_string;
+		ASN1_OCTET_STRING *	octet_string;
+		ASN1_PRINTABLESTRING *	printablestring;
+		ASN1_T61STRING *	t61string;
+		ASN1_IA5STRING *	ia5string;
+		ASN1_GENERALSTRING *	generalstring;
+		ASN1_UNIVERSALSTRING *	universalstring;
+		ASN1_UTCTIME *		utctime;
+		/* set and sequence are left complete and still
+		 * contain the set or sequence bytes */
+		ASN1_STRING *		set;
+		ASN1_STRING *		sequence;
+		} value;
+	} ASN1_TYPE;
+
+typedef struct asn1_method_st
+	{
+	int (*i2d)();
+	char *(*d2i)();
+	char *(*create)();
+	void (*destroy)();
+	} ASN1_METHOD;
+
+/* This is used when parsing some Netscape objects */
+typedef struct asn1_header_st
+	{
+	ASN1_OCTET_STRING *header;
+	char *data;
+	ASN1_METHOD *meth;
+	} ASN1_HEADER;
+
+#define ASN1_STRING_type(x)	((x)->type)
+#define ASN1_STRING_data(x)	((x)->data)
+
+/* Macros for string operations */
+#define ASN1_BIT_STRING_new()	(ASN1_BIT_STRING *)\
+		ASN1_STRING_type_new(V_ASN1_BIT_STRING)
+#define ASN1_BIT_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
+		ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
+		(ASN1_STRING *)a,(ASN1_STRING *)b)
+#define ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+/* i2d_ASN1_BIT_STRING() is a function */
+/* d2i_ASN1_BIT_STRING() is a function */
+
+#define ASN1_INTEGER_new()	(ASN1_INTEGER *)\
+		ASN1_STRING_type_new(V_ASN1_INTEGER)
+#define ASN1_INTEGER_free(a)		ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_INTEGER_cmp(a,b)	ASN1_STRING_cmp(\
+		(ASN1_STRING *)a,(ASN1_STRING *)b)
+/* ASN1_INTEGER_set() is a function, also see BN_to_ASN1_INTEGER() */
+/* ASN1_INTEGER_get() is a function, also see ASN1_INTEGER_to_BN() */
+/* i2d_ASN1_INTEGER() is a function */
+/* d2i_ASN1_INTEGER() is a function */
+
+#define ASN1_OCTET_STRING_new()	(ASN1_OCTET_STRING *)\
+		ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
+#define ASN1_OCTET_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
+		ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
+		(ASN1_STRING *)a,(ASN1_STRING *)b)
+#define ASN1_OCTET_STRING_set(a,b,c)	ASN1_STRING_set((ASN1_STRING *)a,b,c)
+#define ASN1_OCTET_STRING_print(a,b)	ASN1_STRING_print(a,(ASN1_STRING *)b)
+#define M_i2d_ASN1_OCTET_STRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
+		V_ASN1_OCTET_STRING)
+/* d2i_ASN1_OCTET_STRING() is a function */
+
+#define ASN1_PRINTABLE_new()	ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define ASN1_PRINTABLE_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+		pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+			B_ASN1_PRINTABLESTRING| \
+			B_ASN1_T61STRING| \
+			B_ASN1_IA5STRING| \
+			B_ASN1_UNIVERSALSTRING|\
+			B_ASN1_UNKNOWN)
+
+#define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING_STRING *)\
+		ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+#define ASN1_PRINTABLESTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
+		V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
+		(ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
+		((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
+
+#define ASN1_T61STRING_new()	(ASN1_T61STRING_STRING *)\
+		ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define ASN1_T61STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_T61STRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
+		V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_T61STRING(a,pp,l) \
+		(ASN1_T61STRING *)d2i_ASN1_type_bytes\
+		((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
+
+#define ASN1_IA5STRING_new()	(ASN1_IA5STRING *)\
+		ASN1_STRING_type_new(V_ASN1_IA5STRING)
+#define ASN1_IA5STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_IA5STRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
+			V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_IA5STRING(a,pp,l) \
+		(ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
+			B_ASN1_IA5STRING)
+
+#define ASN1_UTCTIME_new()	(ASN1_UTCTIME *)\
+		ASN1_STRING_type_new(V_ASN1_UTCTIME)
+#define ASN1_UTCTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+/* i2d_ASN1_UTCTIME() is a function */
+/* d2i_ASN1_UTCTIME() is a function */
+/* ASN1_UTCTIME_set() is a function */
+/* ASN1_UTCTIME_check() is a function */
+/* ASN1_UTCTIME_set() is a function */
+
+#define ASN1_GENERALSTRING_new()	(ASN1_GENERALSTRING *)\
+		ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
+#define ASN1_GENERALSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_GENERALSTRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
+			V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
+		(ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
+		((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
+
+#define ASN1_UNIVERSALSTRING_new()	(ASN1_UNIVERSALSTRING *)\
+		ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
+#define ASN1_UNIVERSALSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
+		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
+			V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
+		(ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
+		((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
+
+#ifndef NOPROTO
+ASN1_TYPE *	ASN1_TYPE_new(void );
+void		ASN1_TYPE_free(ASN1_TYPE *a);
+int		i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
+ASN1_TYPE *	d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
+int ASN1_TYPE_get(ASN1_TYPE *a);
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, char *value);
+
+ASN1_OBJECT *	ASN1_OBJECT_new(void );
+void		ASN1_OBJECT_free(ASN1_OBJECT *a);
+int		i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
+ASN1_OBJECT *	d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
+			long length);
+
+ASN1_STRING *	ASN1_STRING_new(void );
+void		ASN1_STRING_free(ASN1_STRING *a);
+ASN1_STRING *	ASN1_STRING_dup(ASN1_STRING *a);
+ASN1_STRING *	ASN1_STRING_type_new(int type );
+int 		ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+int 		ASN1_STRING_set(ASN1_STRING *str,unsigned char *data, int len);
+
+int		i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
+			long length);
+
+int		i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
+int 		d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
+
+int		i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
+			long length);
+
+int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
+
+int		i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
+			unsigned char **pp,long length);
+
+int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
+	unsigned char **pp, long l);
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
+	unsigned char **pp, long l);
+
+ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
+	unsigned char **pp, long l);
+int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
+ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
+	unsigned char **pp, long l);
+
+int		i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
+ASN1_UTCTIME *	d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
+			long length);
+
+int		i2d_ASN1_SET(STACK *a, unsigned char **pp,
+			int (*func)(), int ex_tag, int ex_class);
+STACK *		d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
+			char *(*func)(), int ex_tag, int ex_class);
+
+#ifdef HEADER_BIO_H
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
+int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
+#endif
+
+int a2d_ASN1_OBJECT(unsigned char *out,int olen, char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
+	char *sn, char *ln);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+
+/* General */
+/* given a string, return the correct type, max is the maximum length */
+int ASN1_PRINTABLE_type(unsigned char *s, int max);
+
+int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
+ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
+	long length, int Ptag, int Pclass);
+/* type is one or more of the B_ASN1_ values. */
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
+		long length,int type);
+
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
+	int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p,long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+	int tag, int xclass);
+int ASN1_object_size(int constructed, int length, int tag);
+
+/* Used to implement other functions */
+char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
+
+#ifndef WIN16
+char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
+int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
+#endif
+
+#ifdef HEADER_BIO_H
+char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
+int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
+int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
+int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
+int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
+#endif
+
+/* Used to load and write netscape format cert/key */
+int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
+ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length);
+ASN1_HEADER *ASN1_HEADER_new(void );
+void ASN1_HEADER_free(ASN1_HEADER *a);
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+
+void ERR_load_ASN1_strings(void);
+
+/* Not used that much at this point, except for the first two */
+ASN1_METHOD *X509_asn1_meth(void);
+ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
+
+#else
+
+ASN1_TYPE *	ASN1_TYPE_new();
+void		ASN1_TYPE_free();
+int		i2d_ASN1_TYPE();
+ASN1_TYPE *	d2i_ASN1_TYPE();
+int ASN1_TYPE_get();
+void ASN1_TYPE_set();
+
+ASN1_OBJECT *	ASN1_OBJECT_new();
+void		ASN1_OBJECT_free();
+int		i2d_ASN1_OBJECT();
+ASN1_OBJECT *	d2i_ASN1_OBJECT();
+ASN1_STRING *	ASN1_STRING_new();
+void		ASN1_STRING_free();
+ASN1_STRING *	ASN1_STRING_dup();
+ASN1_STRING *	ASN1_STRING_type_new();
+int 		ASN1_STRING_cmp();
+int 		ASN1_STRING_set();
+int		i2d_ASN1_BIT_STRING();
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING();
+int		i2d_ASN1_BOOLEAN();
+int 		d2i_ASN1_BOOLEAN();
+int		i2d_ASN1_INTEGER();
+ASN1_INTEGER *d2i_ASN1_INTEGER();
+int ASN1_UTCTIME_check();
+ASN1_UTCTIME *ASN1_UTCTIME_set();
+int		i2d_ASN1_OCTET_STRING();
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING();
+int i2d_ASN1_PRINTABLE();
+ASN1_STRING *d2i_ASN1_PRINTABLE();
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING();
+ASN1_T61STRING *d2i_ASN1_T61STRING();
+int i2d_ASN1_IA5STRING();
+ASN1_IA5STRING *d2i_ASN1_IA5STRING();
+int		i2d_ASN1_UTCTIME();
+ASN1_UTCTIME *	d2i_ASN1_UTCTIME();
+int		i2d_ASN1_SET();
+STACK *		d2i_ASN1_SET();
+int a2d_ASN1_OBJECT();
+ASN1_OBJECT *ASN1_OBJECT_create();
+int ASN1_INTEGER_set();
+long ASN1_INTEGER_get();
+ASN1_INTEGER *BN_to_ASN1_INTEGER();
+BIGNUM *ASN1_INTEGER_to_BN();
+int ASN1_PRINTABLE_type();
+int i2d_ASN1_bytes();
+ASN1_STRING *d2i_ASN1_bytes();
+ASN1_STRING *d2i_ASN1_type_bytes();
+int asn1_Finish();
+int ASN1_get_object();
+int ASN1_check_infinite_end();
+void ASN1_put_object();
+int ASN1_object_size();
+char *ASN1_dup();
+#ifndef WIN16
+char *ASN1_d2i_fp();
+int ASN1_i2d_fp();
+#endif
+
+char *ASN1_d2i_bio();
+int ASN1_i2d_bio();
+int ASN1_UTCTIME_print();
+int ASN1_STRING_print();
+int ASN1_parse();
+int i2a_ASN1_INTEGER();
+int a2i_ASN1_INTEGER();
+int i2a_ASN1_OBJECT();
+int a2i_ASN1_STRING();
+int i2a_ASN1_STRING();
+
+int i2d_ASN1_HEADER();
+ASN1_HEADER *d2i_ASN1_HEADER();
+ASN1_HEADER *ASN1_HEADER_new();
+void ASN1_HEADER_free();
+void ERR_load_ASN1_strings();
+ASN1_METHOD *X509_asn1_meth();
+ASN1_METHOD *RSAPrivateKey_asn1_meth();
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth();
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth();
+
+int ASN1_UNIVERSALSTRING_to_string();
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+#define ASN1_F_A2D_ASN1_OBJECT				 100
+#define ASN1_F_A2I_ASN1_INTEGER				 101
+#define ASN1_F_A2I_ASN1_STRING				 102
+#define ASN1_F_ASN1_COLLATE_PRIMATIVE			 103
+#define ASN1_F_ASN1_D2I_BIO				 104
+#define ASN1_F_ASN1_D2I_FP				 105
+#define ASN1_F_ASN1_DUP					 106
+#define ASN1_F_ASN1_GET_OBJECT				 107
+#define ASN1_F_ASN1_HEADER_NEW				 108
+#define ASN1_F_ASN1_I2D_BIO				 109
+#define ASN1_F_ASN1_I2D_FP				 110
+#define ASN1_F_ASN1_INTEGER_SET				 111
+#define ASN1_F_ASN1_INTEGER_TO_BN			 112
+#define ASN1_F_ASN1_OBJECT_NEW				 113
+#define ASN1_F_ASN1_SIGN				 114
+#define ASN1_F_ASN1_STRING_NEW				 115
+#define ASN1_F_ASN1_STRING_TYPE_NEW			 116
+#define ASN1_F_ASN1_TYPE_NEW				 117
+#define ASN1_F_ASN1_UTCTIME_NEW				 118
+#define ASN1_F_ASN1_VERIFY				 119
+#define ASN1_F_BN_TO_ASN1_INTEGER			 120
+#define ASN1_F_D2I_ASN1_BIT_STRING			 121
+#define ASN1_F_D2I_ASN1_BOOLEAN				 122
+#define ASN1_F_D2I_ASN1_BYTES				 123
+#define ASN1_F_D2I_ASN1_HEADER				 124
+#define ASN1_F_D2I_ASN1_INTEGER				 125
+#define ASN1_F_D2I_ASN1_OBJECT				 126
+#define ASN1_F_D2I_ASN1_OCTET_STRING			 127
+#define ASN1_F_D2I_ASN1_PRINT_TYPE			 128
+#define ASN1_F_D2I_ASN1_SET				 129
+#define ASN1_F_D2I_ASN1_TYPE				 130
+#define ASN1_F_D2I_ASN1_TYPE_BYTES			 131
+#define ASN1_F_D2I_ASN1_UTCTIME				 132
+#define ASN1_F_D2I_DHPARAMS				 133
+#define ASN1_F_D2I_DSAPARAMS				 134
+#define ASN1_F_D2I_DSAPRIVATEKEY			 135
+#define ASN1_F_D2I_DSAPUBLICKEY				 136
+#define ASN1_F_D2I_NETSCAPE_PKEY			 137
+#define ASN1_F_D2I_NETSCAPE_RSA				 138
+#define ASN1_F_D2I_NETSCAPE_RSA_2			 139
+#define ASN1_F_D2I_NETSCAPE_SPKAC			 140
+#define ASN1_F_D2I_NETSCAPE_SPKI			 141
+#define ASN1_F_D2I_PKCS7				 142
+#define ASN1_F_D2I_PKCS7_DIGEST				 143
+#define ASN1_F_D2I_PKCS7_ENCRYPT			 144
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT			 145
+#define ASN1_F_D2I_PKCS7_ENVELOPE			 146
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL		 147
+#define ASN1_F_D2I_PKCS7_RECIP_INFO			 148
+#define ASN1_F_D2I_PKCS7_SIGNED				 149
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO			 150
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE			 151
+#define ASN1_F_D2I_PRIVATEKEY				 152
+#define ASN1_F_D2I_PUBLICKEY				 153
+#define ASN1_F_D2I_RSAPRIVATEKEY			 154
+#define ASN1_F_D2I_RSAPUBLICKEY				 155
+#define ASN1_F_D2I_X509					 156
+#define ASN1_F_D2I_X509_ALGOR				 157
+#define ASN1_F_D2I_X509_ATTRIBUTE			 158
+#define ASN1_F_D2I_X509_CINF				 159
+#define ASN1_F_D2I_X509_CRL				 160
+#define ASN1_F_D2I_X509_CRL_INFO			 161
+#define ASN1_F_D2I_X509_EXTENSION			 162
+#define ASN1_F_D2I_X509_KEY				 163
+#define ASN1_F_D2I_X509_NAME				 164
+#define ASN1_F_D2I_X509_NAME_ENTRY			 165
+#define ASN1_F_D2I_X509_PKEY				 166
+#define ASN1_F_D2I_X509_PUBKEY				 167
+#define ASN1_F_D2I_X509_REQ				 168
+#define ASN1_F_D2I_X509_REQ_INFO			 169
+#define ASN1_F_D2I_X509_REVOKED				 170
+#define ASN1_F_D2I_X509_SIG				 171
+#define ASN1_F_D2I_X509_VAL				 172
+#define ASN1_F_I2A_ASN1_OBJECT				 173
+#define ASN1_F_I2D_ASN1_HEADER				 174
+#define ASN1_F_I2D_DHPARAMS				 175
+#define ASN1_F_I2D_DSAPARAMS				 176
+#define ASN1_F_I2D_DSAPRIVATEKEY			 177
+#define ASN1_F_I2D_DSAPUBLICKEY				 178
+#define ASN1_F_I2D_NETSCAPE_RSA				 179
+#define ASN1_F_I2D_PKCS7				 180
+#define ASN1_F_I2D_PRIVATEKEY				 181
+#define ASN1_F_I2D_PUBLICKEY				 182
+#define ASN1_F_I2D_RSAPRIVATEKEY			 183
+#define ASN1_F_I2D_RSAPUBLICKEY				 184
+#define ASN1_F_I2D_X509_ATTRIBUTE			 185
+#define ASN1_F_NETSCAPE_PKEY_NEW			 186
+#define ASN1_F_NETSCAPE_SPKAC_NEW			 187
+#define ASN1_F_NETSCAPE_SPKI_NEW			 188
+#define ASN1_F_PKCS7_DIGEST_NEW				 189
+#define ASN1_F_PKCS7_ENCRYPT_NEW			 190
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW			 191
+#define ASN1_F_PKCS7_ENVELOPE_NEW			 192
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW		 193
+#define ASN1_F_PKCS7_NEW				 194
+#define ASN1_F_PKCS7_RECIP_INFO_NEW			 195
+#define ASN1_F_PKCS7_SIGNED_NEW				 196
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW			 197
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW			 198
+#define ASN1_F_X509_ALGOR_NEW				 199
+#define ASN1_F_X509_ATTRIBUTE_NEW			 200
+#define ASN1_F_X509_CINF_NEW				 201
+#define ASN1_F_X509_CRL_INFO_NEW			 202
+#define ASN1_F_X509_CRL_NEW				 203
+#define ASN1_F_X509_DHPARAMS_NEW			 204
+#define ASN1_F_X509_EXTENSION_NEW			 205
+#define ASN1_F_X509_INFO_NEW				 206
+#define ASN1_F_X509_KEY_NEW				 207
+#define ASN1_F_X509_NAME_ENTRY_NEW			 208
+#define ASN1_F_X509_NAME_NEW				 209
+#define ASN1_F_X509_NEW					 210
+#define ASN1_F_X509_PKEY_NEW				 211
+#define ASN1_F_X509_PUBKEY_NEW				 212
+#define ASN1_F_X509_REQ_INFO_NEW			 213
+#define ASN1_F_X509_REQ_NEW				 214
+#define ASN1_F_X509_REVOKED_NEW				 215
+#define ASN1_F_X509_SIG_NEW				 216
+#define ASN1_F_X509_VAL_FREE				 217
+#define ASN1_F_X509_VAL_NEW				 218
+
+/* Reason codes. */
+#define ASN1_R_BAD_CLASS				 100
+#define ASN1_R_BAD_GET_OBJECT				 101
+#define ASN1_R_BAD_OBJECT_HEADER			 102
+#define ASN1_R_BAD_PASSWORD_READ			 103
+#define ASN1_R_BAD_PKCS7_CONTENT			 104
+#define ASN1_R_BAD_PKCS7_TYPE				 105
+#define ASN1_R_BAD_TAG					 106
+#define ASN1_R_BAD_TYPE					 107
+#define ASN1_R_BN_LIB					 108
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 109
+#define ASN1_R_BUFFER_TOO_SMALL				 110
+#define ASN1_R_DECODING_ERROR				 111
+#define ASN1_R_ERROR_STACK				 112
+#define ASN1_R_EXPECTING_AN_INTEGER			 113
+#define ASN1_R_EXPECTING_AN_OBJECT			 114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING		 115
+#define ASN1_R_EXPECTING_A_BIT_STRING			 116
+#define ASN1_R_EXPECTING_A_BOOLEAN			 117
+#define ASN1_R_EXPECTING_A_SEQUENCE			 118
+#define ASN1_R_EXPECTING_A_UTCTIME			 119
+#define ASN1_R_FIRST_NUM_TOO_LARGE			 120
+#define ASN1_R_HEADER_TOO_LONG				 121
+#define ASN1_R_INVALID_DIGIT				 122
+#define ASN1_R_INVALID_SEPARATOR			 123
+#define ASN1_R_INVALID_TIME_FORMAT			 124
+#define ASN1_R_IV_TOO_LARGE				 125
+#define ASN1_R_LENGTH_ERROR				 126
+#define ASN1_R_LENGTH_MISMATCH				 127
+#define ASN1_R_MISSING_EOS				 128
+#define ASN1_R_MISSING_SECOND_NUMBER			 129
+#define ASN1_R_NON_HEX_CHARACTERS			 130
+#define ASN1_R_NOT_ENOUGH_DATA				 131
+#define ASN1_R_ODD_NUMBER_OF_CHARS			 132
+#define ASN1_R_PARSING					 133
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 134
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 135
+#define ASN1_R_SHORT_LINE				 136
+#define ASN1_R_STRING_TOO_SHORT				 137
+#define ASN1_R_TAG_VALUE_TOO_HIGH			 138
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 139
+#define ASN1_R_TOO_LONG					 140
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 142
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE			 143
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 144
+#define ASN1_R_UNKNOWN_OBJECT_TYPE			 145
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 146
+#define ASN1_R_UNSUPPORTED_CIPHER			 147
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 148
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 149
+#define ASN1_R_UTCTIME_TOO_LONG				 150
+#define ASN1_R_WRONG_PRINTABLE_TYPE			 151
+#define ASN1_R_WRONG_TAG				 152
+#define ASN1_R_WRONG_TYPE				 153
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
new file mode 100644
index 0000000000..5e6a41b952
--- /dev/null
+++ b/crypto/asn1/asn1_err.c
@@ -0,0 +1,256 @@
+/* lib/asn1/asn1_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "asn1.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA ASN1_str_functs[]=
+	{
+{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0),	"a2d_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0),	"a2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0),	"a2i_ASN1_STRING"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMATIVE,0),	"ASN1_COLLATE_PRIMATIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0),	"ASN1_d2i_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0),	"ASN1_d2i_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_DUP,0),	"ASN1_dup"},
+{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0),	"ASN1_get_object"},
+{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0),	"ASN1_HEADER_new"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0),	"ASN1_i2d_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0),	"ASN1_i2d_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0),	"ASN1_INTEGER_set"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0),	"ASN1_INTEGER_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0),	"ASN1_OBJECT_new"},
+{ERR_PACK(0,ASN1_F_ASN1_SIGN,0),	"ASN1_SIGN"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0),	"ASN1_STRING_new"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),	"ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0),	"ASN1_TYPE_new"},
+{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0),	"ASN1_UTCTIME_NEW"},
+{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),	"ASN1_VERIFY"},
+{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),	"BN_to_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),	"d2i_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0),	"d2i_ASN1_BOOLEAN"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),	"d2i_ASN1_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0),	"d2i_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0),	"d2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0),	"d2i_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0),	"d2i_ASN1_OCTET_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0),	"D2I_ASN1_PRINT_TYPE"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0),	"d2i_ASN1_SET"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0),	"d2i_ASN1_TYPE"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0),	"d2i_ASN1_type_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0),	"d2i_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0),	"D2I_DHPARAMS"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0),	"D2I_DSAPARAMS"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0),	"D2I_DSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0),	"D2I_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0),	"D2I_NETSCAPE_PKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0),	"D2I_NETSCAPE_RSA"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0),	"D2I_NETSCAPE_RSA_2"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0),	"D2I_NETSCAPE_SPKAC"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0),	"D2I_NETSCAPE_SPKI"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7,0),	"D2I_PKCS7"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0),	"D2I_PKCS7_DIGEST"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0),	"D2I_PKCS7_ENCRYPT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0),	"D2I_PKCS7_ENC_CONTENT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0),	"D2I_PKCS7_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0),	"D2I_PKCS7_ISSUER_AND_SERIAL"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0),	"D2I_PKCS7_RECIP_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0),	"D2I_PKCS7_SIGNED"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0),	"D2I_PKCS7_SIGNER_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0),	"D2I_PKCS7_SIGN_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0),	"D2I_PRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0),	"D2I_PUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0),	"D2I_RSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0),	"D2I_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509,0),	"D2I_X509"},
+{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0),	"D2I_X509_ALGOR"},
+{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0),	"D2I_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0),	"D2I_X509_CINF"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0),	"D2I_X509_CRL"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0),	"D2I_X509_CRL_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0),	"D2I_X509_EXTENSION"},
+{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0),	"D2I_X509_KEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0),	"D2I_X509_NAME"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0),	"D2I_X509_NAME_ENTRY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),	"D2I_X509_PKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0),	"D2I_X509_PUBKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0),	"D2I_X509_REQ"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0),	"D2I_X509_REQ_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0),	"D2I_X509_REVOKED"},
+{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0),	"D2I_X509_SIG"},
+{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0),	"D2I_X509_VAL"},
+{ERR_PACK(0,ASN1_F_I2A_ASN1_OBJECT,0),	"i2a_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0),	"i2d_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0),	"I2D_DHPARAMS"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0),	"I2D_DSAPARAMS"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0),	"I2D_DSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0),	"I2D_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0),	"I2D_NETSCAPE_RSA"},
+{ERR_PACK(0,ASN1_F_I2D_PKCS7,0),	"I2D_PKCS7"},
+{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),	"I2D_PRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0),	"I2D_PUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0),	"I2D_RSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0),	"I2D_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0),	"I2D_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0),	"NETSCAPE_PKEY_NEW"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0),	"NETSCAPE_SPKAC_NEW"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0),	"NETSCAPE_SPKI_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0),	"PKCS7_DIGEST_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0),	"PKCS7_ENCRYPT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0),	"PKCS7_ENC_CONTENT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0),	"PKCS7_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0),	"PKCS7_ISSUER_AND_SERIAL_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_NEW,0),	"PKCS7_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0),	"PKCS7_RECIP_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0),	"PKCS7_SIGNED_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0),	"PKCS7_SIGNER_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0),	"PKCS7_SIGN_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0),	"X509_ALGOR_NEW"},
+{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0),	"X509_ATTRIBUTE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0),	"X509_CINF_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0),	"X509_CRL_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0),	"X509_CRL_NEW"},
+{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0),	"X509_DHPARAMS_NEW"},
+{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0),	"X509_EXTENSION_NEW"},
+{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0),	"X509_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0),	"X509_KEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0),	"X509_NAME_ENTRY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0),	"X509_NAME_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NEW,0),	"X509_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0),	"X509_PKEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0),	"X509_PUBKEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0),	"X509_REQ_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0),	"X509_REQ_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0),	"X509_REVOKED_NEW"},
+{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0),	"X509_SIG_NEW"},
+{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0),	"X509_VAL_FREE"},
+{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0),	"X509_VAL_NEW"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA ASN1_str_reasons[]=
+	{
+{ASN1_R_BAD_CLASS                        ,"bad class"},
+{ASN1_R_BAD_GET_OBJECT                   ,"bad get object"},
+{ASN1_R_BAD_OBJECT_HEADER                ,"bad object header"},
+{ASN1_R_BAD_PASSWORD_READ                ,"bad password read"},
+{ASN1_R_BAD_PKCS7_CONTENT                ,"bad pkcs7 content"},
+{ASN1_R_BAD_PKCS7_TYPE                   ,"bad pkcs7 type"},
+{ASN1_R_BAD_TAG                          ,"bad tag"},
+{ASN1_R_BAD_TYPE                         ,"bad type"},
+{ASN1_R_BN_LIB                           ,"bn lib"},
+{ASN1_R_BOOLEAN_IS_WRONG_LENGTH          ,"boolean is wrong length"},
+{ASN1_R_BUFFER_TOO_SMALL                 ,"buffer too small"},
+{ASN1_R_DECODING_ERROR                   ,"decoding error"},
+{ASN1_R_ERROR_STACK                      ,"error stack"},
+{ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
+{ASN1_R_EXPECTING_AN_OBJECT              ,"expecting an object"},
+{ASN1_R_EXPECTING_AN_OCTET_STRING        ,"expecting an octet string"},
+{ASN1_R_EXPECTING_A_BIT_STRING           ,"expecting a bit string"},
+{ASN1_R_EXPECTING_A_BOOLEAN              ,"expecting a boolean"},
+{ASN1_R_EXPECTING_A_SEQUENCE             ,"expecting a sequence"},
+{ASN1_R_EXPECTING_A_UTCTIME              ,"expecting a utctime"},
+{ASN1_R_FIRST_NUM_TOO_LARGE              ,"first num too large"},
+{ASN1_R_HEADER_TOO_LONG                  ,"header too long"},
+{ASN1_R_INVALID_DIGIT                    ,"invalid digit"},
+{ASN1_R_INVALID_SEPARATOR                ,"invalid separator"},
+{ASN1_R_INVALID_TIME_FORMAT              ,"invalid time format"},
+{ASN1_R_IV_TOO_LARGE                     ,"iv too large"},
+{ASN1_R_LENGTH_ERROR                     ,"length error"},
+{ASN1_R_LENGTH_MISMATCH                  ,"length mismatch"},
+{ASN1_R_MISSING_EOS                      ,"missing eos"},
+{ASN1_R_MISSING_SECOND_NUMBER            ,"missing second number"},
+{ASN1_R_NON_HEX_CHARACTERS               ,"non hex characters"},
+{ASN1_R_NOT_ENOUGH_DATA                  ,"not enough data"},
+{ASN1_R_ODD_NUMBER_OF_CHARS              ,"odd number of chars"},
+{ASN1_R_PARSING                          ,"parsing"},
+{ASN1_R_PRIVATE_KEY_HEADER_MISSING       ,"private key header missing"},
+{ASN1_R_SECOND_NUMBER_TOO_LARGE          ,"second number too large"},
+{ASN1_R_SHORT_LINE                       ,"short line"},
+{ASN1_R_STRING_TOO_SHORT                 ,"string too short"},
+{ASN1_R_TAG_VALUE_TOO_HIGH               ,"tag value too high"},
+{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{ASN1_R_TOO_LONG                         ,"too long"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_KEY         ,"unable to decode rsa key"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
+{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE           ,"unknown attribute type"},
+{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
+{ASN1_R_UNKNOWN_OBJECT_TYPE              ,"unknown object type"},
+{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE          ,"unknown public key type"},
+{ASN1_R_UNSUPPORTED_CIPHER               ,"unsupported cipher"},
+{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
+{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE      ,"unsupported public key type"},
+{ASN1_R_UTCTIME_TOO_LONG                 ,"utctime too long"},
+{ASN1_R_WRONG_PRINTABLE_TYPE             ,"wrong printable type"},
+{ASN1_R_WRONG_TAG                        ,"wrong tag"},
+{ASN1_R_WRONG_TYPE                       ,"wrong type"},
+{0,NULL},
+	};
+
+void ERR_load_ASN1_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
+		ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
+		}
+	}
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
new file mode 100644
index 0000000000..bdd706bcf1
--- /dev/null
+++ b/crypto/asn1/asn1_lib.c
@@ -0,0 +1,433 @@
+/* crypto/asn1/asn1_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+#ifndef NOPROTO
+static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
+static void asn1_put_length(unsigned char **pp, int length);
+#else
+static int asn1_get_length();
+static void asn1_put_length();
+#endif
+
+char *ASN1_version="ASN1 part of SSLeay 0.8.1b 29-Jun-1998";
+
+int ASN1_check_infinite_end(p,len)
+unsigned char **p;
+long len;
+	{
+	/* If there is 0 or 1 byte left, the length check should pick
+	 * things up */
+	if (len <= 0)
+		return(1);
+	else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
+		{
+		(*p)+=2;
+		return(1);
+		}
+	return(0);
+	}
+
+
+int ASN1_get_object(pp, plength, ptag, pclass, omax)
+unsigned char **pp;
+long *plength;
+int *ptag;
+int *pclass;
+long omax;
+	{
+	int i,ret;
+	long l;
+	unsigned char *p= *pp;
+	int tag,xclass,inf;
+	long max=omax;
+
+	if (!max) goto err;
+	ret=(*p&V_ASN1_CONSTRUCTED);
+	xclass=(*p&V_ASN1_PRIVATE);
+	i= *p&V_ASN1_PRIMATIVE_TAG;
+	if (i == V_ASN1_PRIMATIVE_TAG)
+		{		/* high-tag */
+		p++;
+		if (--max == 0) goto err;
+		l=0;
+		while (*p&0x80)
+			{
+			l<<=7L;
+			l|= *(p++)&0x7f;
+			if (--max == 0) goto err;
+			}
+		l<<=7L;
+		l|= *(p++)&0x7f;
+		tag=(int)l;
+		}
+	else
+		{ 
+		tag=i;
+		p++;
+		if (--max == 0) goto err;
+		}
+	*ptag=tag;
+	*pclass=xclass;
+	if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
+
+#ifdef undef
+	fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d  (%d > %d)\n", 
+		p,*plength,omax,*pp,(p+ *plength),omax+ *pp);
+#endif
+
+	if ((p+ *plength) > (omax+ *pp))
+		{
+		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
+		/* Set this so that even if things are not long enough
+		 * the values are set correctly */
+		ret|=0x80;
+		}
+	*pp=p;
+	return(ret+inf);
+err:
+	ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
+	return(0x80);
+	}
+
+static int asn1_get_length(pp,inf,rl,max)
+unsigned char **pp;
+int *inf;
+long *rl;
+int max;
+	{
+	unsigned char *p= *pp;
+	long ret=0;
+	int i;
+
+	if (max-- < 1) return(0);
+	if (*p == 0x80)
+		{
+		*inf=1;
+		ret=0;
+		p++;
+		}
+	else
+		{
+		*inf=0;
+		i= *p&0x7f;
+		if (*(p++) & 0x80)
+			{
+			if (max-- == 0) return(0);
+			while (i-- > 0)
+				{
+				ret<<=8L;
+				ret|= *(p++);
+				if (max-- == 0) return(0);
+				}
+			}
+		else
+			ret=i;
+		}
+	*pp=p;
+	*rl=ret;
+	return(1);
+	}
+
+/* class 0 is constructed
+ * constructed == 2 for indefinitle length constructed */
+void ASN1_put_object(pp,constructed,length,tag,xclass)
+unsigned char **pp;
+int constructed;
+int length;
+int tag;
+int xclass;
+	{
+	unsigned char *p= *pp;
+	int i;
+
+	i=(constructed)?V_ASN1_CONSTRUCTED:0;
+	i|=(xclass&V_ASN1_PRIVATE);
+	if (tag < 31)
+		*(p++)=i|(tag&V_ASN1_PRIMATIVE_TAG);
+	else
+		{
+		*(p++)=i|V_ASN1_PRIMATIVE_TAG;
+		while (tag > 0x7f)
+			{
+			*(p++)=(tag&0x7f)|0x80;
+			tag>>=7;
+			}
+		*(p++)=(tag&0x7f);
+		}
+	if ((constructed == 2) && (length == 0))
+		*(p++)=0x80; /* der_put_length would output 0 instead */
+	else
+		asn1_put_length(&p,length);
+	*pp=p;
+	}
+
+static void asn1_put_length(pp, length)
+unsigned char **pp;
+int length;
+	{
+	unsigned char *p= *pp;
+	int i,l;
+	if (length <= 127)
+		*(p++)=(unsigned char)length;
+	else
+		{
+		l=length;
+		for (i=0; l > 0; i++)
+			l>>=8;
+		*(p++)=i|0x80;
+		l=i;
+		while (i-- > 0)
+			{
+			p[i]=length&0xff;
+			length>>=8;
+			}
+		p+=l;
+		}
+	*pp=p;
+	}
+
+int ASN1_object_size(constructed, length, tag)
+int constructed;
+int length;
+int tag;
+	{
+	int ret;
+
+	ret=length;
+	ret++;
+	if (tag >= 31)
+		{
+		while (tag > 0)
+			{
+			tag>>=7;
+			ret++;
+			}
+		}
+	if ((length == 0) && (constructed == 2))
+		ret+=2;
+	ret++;
+	if (length > 127)
+		{
+		while (length > 0)
+			{
+			length>>=8;
+			ret++;
+			}
+		}
+	return(ret);
+	}
+
+int asn1_Finish(c)
+ASN1_CTX *c;
+	{
+	if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
+		{
+		if (!ASN1_check_infinite_end(&c->p,c->slen))
+			{
+			c->error=ASN1_R_MISSING_EOS;
+			return(0);
+			}
+		}
+	if (	((c->slen != 0) && !(c->inf & 1)) ||
+		((c->slen < 0) && (c->inf & 1)))
+		{
+		c->error=ASN1_R_LENGTH_MISMATCH;
+		return(0);
+		}
+	return(1);
+	}
+
+int asn1_GetSequence(c,length)
+ASN1_CTX *c;
+long *length;
+	{
+	unsigned char *q;
+
+	q=c->p;
+	c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
+		*length);
+	if (c->inf & 0x80)
+		{
+		c->error=ASN1_R_BAD_GET_OBJECT;
+		return(0);
+		}
+	if (c->tag != V_ASN1_SEQUENCE)
+		{
+		c->error=ASN1_R_EXPECTING_A_SEQUENCE;
+		return(0);
+		}
+	(*length)-=(c->p-q);
+	if (c->max && (*length < 0))
+		{
+		c->error=ASN1_R_LENGTH_MISMATCH;
+		return(0);
+		}
+	if (c->inf == (1|V_ASN1_CONSTRUCTED))
+		c->slen= *length+ *(c->pp)-c->p;
+	c->eos=0;
+	return(1);
+	}
+
+ASN1_STRING *ASN1_STRING_dup(str)
+ASN1_STRING *str;
+	{
+	ASN1_STRING *ret;
+
+	if (str == NULL) return(NULL);
+	if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
+		return(NULL);
+	if (!ASN1_STRING_set(ret,str->data,str->length))
+		{
+		ASN1_STRING_free(ret);
+		return(NULL);
+		}
+	return(ret);
+	}
+
+int ASN1_STRING_set(str,data,len)
+ASN1_STRING *str;
+unsigned char *data;
+int len;
+	{
+	char *c;
+
+	if (len < 0)
+		{
+		if (data == NULL)
+			return(0);
+		else
+			len=strlen((char *)data);
+		}
+	if ((str->length < len) || (str->data == NULL))
+		{
+		c=(char *)str->data;
+		if (c == NULL)
+			str->data=(unsigned char *)Malloc(len+1);
+		else
+			str->data=(unsigned char *)Realloc(c,len+1);
+
+		if (str->data == NULL)
+			{
+			str->data=(unsigned char *)c;
+			return(0);
+			}
+		}
+	str->length=len;
+	if (data != NULL)
+		{
+		memcpy(str->data,data,len);
+		/* an alowance for strings :-) */
+		str->data[len]='\0';
+		}
+	return(1);
+	}
+
+ASN1_STRING *ASN1_STRING_new()
+	{
+	return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
+	}
+
+
+ASN1_STRING *ASN1_STRING_type_new(type)
+int type;
+	{
+	ASN1_STRING *ret;
+
+	ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING));
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->length=0;
+	ret->type=type;
+	ret->data=NULL;
+	return(ret);
+	}
+
+void ASN1_STRING_free(a)
+ASN1_STRING *a;
+	{
+	if (a == NULL) return;
+	if (a->data != NULL) Free((char *)a->data);
+	Free((char *)a);
+	}
+
+int ASN1_STRING_cmp(a,b)
+ASN1_STRING *a,*b;
+	{
+	int i;
+
+	i=(a->length-b->length);
+	if (i == 0)
+		{
+		i=memcmp(a->data,b->data,a->length);
+		if (i == 0)
+			return(a->type-b->type);
+		else
+			return(i);
+		}
+	else
+		return(i);
+	}
+
diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h
new file mode 100644
index 0000000000..e4ce0aaa7c
--- /dev/null
+++ b/crypto/asn1/asn1_mac.h
@@ -0,0 +1,318 @@
+/* crypto/asn1/asn1_mac.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_MAC_H
+#define HEADER_ASN1_MAC_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "asn1.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+#define M_ASN1_D2I_vars(a,type,func) \
+	ASN1_CTX c; \
+	type ret=NULL; \
+	\
+	c.pp=pp; \
+	c.error=ASN1_R_ERROR_STACK; \
+	if ((a == NULL) || ((*a) == NULL)) \
+		{ if ((ret=(type)func()) == NULL) goto err; } \
+	else	ret=(*a);
+
+#define M_ASN1_D2I_Init() \
+	c.p= *pp; \
+	c.max=(length == 0)?0:(c.p+length);
+
+#define M_ASN1_D2I_Finish_2(a) \
+	if (!asn1_Finish(&c)) goto err; \
+	*pp=c.p; \
+	if (a != NULL) (*a)=ret; \
+	return(ret);
+
+#define M_ASN1_D2I_Finish(a,func,e) \
+	M_ASN1_D2I_Finish_2(a); \
+err:\
+	ASN1err((e),c.error); \
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+	return(NULL)
+
+#define M_ASN1_D2I_start_sequence() \
+	if (!asn1_GetSequence(&c,&length)) goto err;
+
+#define M_ASN1_D2I_end_sequence() \
+	(((c.inf&1) == 0)?(c.slen <= 0): \
+		(c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
+
+#define M_ASN1_D2I_get(b,func) \
+	c.q=c.p; \
+	if (func(&(b),&c.p,c.slen) == NULL) goto err; \
+	c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_opt(b,func,type) \
+	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+		== (V_ASN1_UNIVERSAL|(type)))) \
+		{ \
+		M_ASN1_D2I_get(b,func); \
+		}
+
+#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
+	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
+		(V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
+		{ \
+		unsigned char tmp; \
+		tmp=M_ASN1_next; \
+		M_ASN1_next=(tmp& ~V_ASN1_PRIMATIVE_TAG)|type; \
+		M_ASN1_D2I_get(b,func); \
+		M_ASN1_next_prev=tmp; \
+		}
+
+#define M_ASN1_D2I_get_set(r,func) \
+		M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \
+	if ((c.slen != 0) && \
+		(M_ASN1_next == \
+		(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+		{ \
+		M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \
+		}
+
+#define M_ASN1_D2I_get_seq(r,func) \
+		M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_seq_opt(r,func) \
+	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+		V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+		{ M_ASN1_D2I_get_seq(r,func); }
+
+#define M_ASN1_D2I_get_IMP_set(r,func,x) \
+		M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_D2I_get_imp_set(r,func,a,b) \
+	c.q=c.p; \
+	if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \
+		goto err; \
+	c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
+	c.q=c.p; \
+	if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
+		goto err; \
+	c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
+	if ((c.slen != 0L) && (M_ASN1_next == \
+		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+		{ \
+		int Tinf,Ttag,Tclass; \
+		long Tlen; \
+		\
+		c.q=c.p; \
+		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+		if (Tinf & 0x80) \
+			{ c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+		if (func(&(r),&c.p,Tlen) == NULL) \
+			goto err; \
+		c.slen-=(c.p-c.q); \
+		}
+
+#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \
+	if ((c.slen != 0) && (M_ASN1_next == \
+		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+		{ \
+		int Tinf,Ttag,Tclass; \
+		long Tlen; \
+		\
+		c.q=c.p; \
+		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+		if (Tinf & 0x80) \
+			{ c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+		if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+			b,V_ASN1_UNIVERSAL) == NULL) \
+			goto err; \
+		c.slen-=(c.p-c.q); \
+		}
+
+/* New macros */
+#define M_ASN1_New_Malloc(ret,type) \
+	if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2;
+
+#define M_ASN1_New(arg,func) \
+	if (((arg)=func()) == NULL) return(NULL)
+
+#define M_ASN1_New_Error(a) \
+/*	err:	ASN1err((a),ASN1_R_ERROR_STACK); \
+		return(NULL);*/ \
+	err2:	ASN1err((a),ERR_R_MALLOC_FAILURE); \
+		return(NULL)
+
+
+#define M_ASN1_next		(*c.p)
+#define M_ASN1_next_prev	(*c.q)
+
+/*************************************************/
+
+#define M_ASN1_I2D_vars(a)	int r=0,ret=0; \
+				unsigned char *p; \
+				if (a == NULL) return(0)
+
+/* Length Macros */
+#define M_ASN1_I2D_len(a,f)	ret+=f(a,NULL)
+#define M_ASN1_I2D_len_IMP_opt(a,f)	if (a != NULL) M_ASN1_I2D_len(a,f)
+
+#define M_ASN1_I2D_len_SET(a,f) \
+		ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_I2D_len_SEQ(a,f) \
+		ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_I2D_len_SEQ_opt(a,f) \
+		if ((a != NULL) && (sk_num(a) != 0)) \
+			M_ASN1_I2D_len_SEQ(a,f);
+
+#define M_ASN1_I2D_len_IMP_set(a,f,x) \
+		ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_I2D_len_IMP_set_opt(a,f,x) \
+		if ((a != NULL) && (sk_num(a) != 0)) \
+			ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
+		if (a != NULL)\
+			{ \
+			v=f(a,NULL); \
+			ret+=ASN1_object_size(1,v,mtag); \
+			}
+
+#define M_ASN1_I2D_len_EXP_set_opt(a,f,mtag,tag,v) \
+		if ((a != NULL) && (sk_num(a) != 0))\
+			{ \
+			v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL); \
+			ret+=ASN1_object_size(1,v,mtag); \
+			}
+
+/* Put Macros */
+#define M_ASN1_I2D_put(a,f)	f(a,&p)
+
+#define M_ASN1_I2D_put_IMP_opt(a,f,t)	\
+		if (a != NULL) \
+			{ \
+			unsigned char *q=p; \
+			f(a,&p); \
+			*q=(V_ASN1_CONTEXT_SPECIFIC|t); \
+			}
+
+#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
+			V_ASN1_UNIVERSAL)
+#define M_ASN1_I2D_put_IMP_set(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+			V_ASN1_CONTEXT_SPECIFIC)
+
+#define M_ASN1_I2D_put_SEQ(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
+			V_ASN1_UNIVERSAL)
+
+#define M_ASN1_I2D_put_SEQ_opt(a,f) \
+		if ((a != NULL) && (sk_num(a) != 0)) \
+			M_ASN1_I2D_put_SEQ(a,f);
+
+#define M_ASN1_I2D_put_IMP_set_opt(a,f,x) \
+		if ((a != NULL) && (sk_num(a) != 0)) \
+			{ i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC); }
+
+#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
+		if (a != NULL) \
+			{ \
+			ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
+			f(a,&p); \
+			}
+
+#define M_ASN1_I2D_put_EXP_set_opt(a,f,mtag,tag,v) \
+		if ((a != NULL) && (sk_num(a) != 0)) \
+			{ \
+			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+			i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL); \
+			}
+
+#define M_ASN1_I2D_seq_total() \
+		r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
+		if (pp == NULL) return(r); \
+		p= *pp; \
+		ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
+		*(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
+		*(p++)=0x80
+
+#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
+
+#define M_ASN1_I2D_finish()	*pp=p; \
+				return(r);
+
+#ifndef NOPROTO
+int asn1_GetSequence(ASN1_CTX *c, long *length);
+#else 
+int asn1_GetSequence();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
new file mode 100644
index 0000000000..c6cbe1dfa5
--- /dev/null
+++ b/crypto/asn1/asn1_par.c
@@ -0,0 +1,387 @@
+/* crypto/asn1/asn1_par.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifndef NOPROTO
+static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
+	int indent);
+static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
+	int offset, int depth, int indent);
+#else
+static int asn1_print_info();
+static int asn1_parse2();
+#endif
+
+static int asn1_print_info(bp, tag, xclass, constructed,indent)
+BIO *bp;
+int tag;
+int xclass;
+int constructed;
+int indent;
+	{
+	static char *fmt="%-18s";
+	static char *fmt2="%2d %-15s";
+	char *p,str[128],*p2=NULL;
+
+	if (constructed & V_ASN1_CONSTRUCTED)
+		p="cons: ";
+	else
+		p="prim: ";
+	if (BIO_write(bp,p,6) < 6) goto err;
+	if (indent)
+		{
+		if (indent > 128) indent=128;
+		memset(str,' ',indent);
+		if (BIO_write(bp,str,indent) < indent) goto err;
+		}
+
+	p=str;
+	if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
+		sprintf(str,"priv [ %d ] ",tag);
+	else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
+		sprintf(str,"cont [ %d ]",tag);
+	else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
+		sprintf(str,"appl [ %d ]",tag);
+	else if ((tag == V_ASN1_EOC) /* && (xclass == V_ASN1_UNIVERSAL) */)
+		p="EOC";
+	else if (tag == V_ASN1_BOOLEAN)
+		p="BOOLEAN";
+	else if (tag == V_ASN1_INTEGER)
+		p="INTEGER";
+	else if (tag == V_ASN1_BIT_STRING)
+		p="BIT STRING";
+	else if (tag == V_ASN1_OCTET_STRING)
+		p="OCTET STRING";
+	else if (tag == V_ASN1_NULL)
+		p="NULL";
+	else if (tag == V_ASN1_OBJECT)
+		p="OBJECT";
+	else if (tag == V_ASN1_SEQUENCE)
+		p="SEQUENCE";
+	else if (tag == V_ASN1_SET)
+		p="SET";
+	else if (tag == V_ASN1_PRINTABLESTRING)
+		p="PRINTABLESTRING";
+	else if (tag == V_ASN1_T61STRING)
+		p="T61STRING";
+	else if (tag == V_ASN1_IA5STRING)
+		p="IA5STRING";
+	else if (tag == V_ASN1_UTCTIME)
+		p="UTCTIME";
+
+	/* extras */
+	else if (tag == V_ASN1_NUMERICSTRING)
+		p="NUMERICSTRING";
+	else if (tag == V_ASN1_VIDEOTEXSTRING)
+		p="VIDEOTEXSTRING";
+	else if (tag == V_ASN1_GENERALIZEDTIME)
+		p="GENERALIZEDTIME";
+	else if (tag == V_ASN1_GRAPHICSTRING)
+		p="GRAPHICSTRING";
+	else if (tag == V_ASN1_ISO64STRING)
+		p="ISO64STRING";
+	else if (tag == V_ASN1_GENERALSTRING)
+		p="GENERALSTRING";
+	else if (tag == V_ASN1_UNIVERSALSTRING)
+		p="UNIVERSALSTRING";
+
+	else
+		p2="(unknown)";
+		
+	if (p2 != NULL)
+		{
+		if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
+		}
+	else
+		{
+		if (BIO_printf(bp,fmt,p) <= 0) goto err;
+		}
+	return(1);
+err:
+	return(0);
+	}
+
+int ASN1_parse(bp, pp, len, indent)
+BIO *bp;
+unsigned char *pp;
+long len;
+int indent;
+	{
+	return(asn1_parse2(bp,&pp,len,0,0,indent));
+	}
+
+static int asn1_parse2(bp, pp, length, offset, depth, indent)
+BIO *bp;
+unsigned char **pp;
+long length;
+int offset;
+int depth;
+int indent;
+	{
+	unsigned char *p,*ep,*tot,*op,*opp;
+	long len;
+	int tag,xclass,ret=0;
+	int nl,hl,j,r;
+	ASN1_OBJECT *o=NULL;
+	ASN1_OCTET_STRING *os=NULL;
+
+	p= *pp;
+	tot=p+length;
+	op=p-1;
+	while ((p < tot) && (op < p))
+		{
+		op=p;
+		j=ASN1_get_object(&p,&len,&tag,&xclass,length);
+#ifdef LINT
+		j=j;
+#endif
+		if (j & 0x80)
+			{
+			if (BIO_write(bp,"Error in encoding\n",18) <= 0)
+				goto end;
+			ret=0;
+			goto end;
+			}
+		hl=(p-op);
+		length-=hl;
+		/* if j == 0x21 it is a constructed indefinite length object */
+		if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
+			<= 0) goto end;
+
+		if (j != (V_ASN1_CONSTRUCTED | 1))
+			{
+			if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
+				depth,(long)hl,len) <= 0)
+				goto end;
+			}
+		else
+			{
+			if (BIO_printf(bp,"d=%-2d hl=%ld l=inf  ",
+				depth,(long)hl) <= 0)
+				goto end;
+			}
+		if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
+			goto end;
+		if (j & V_ASN1_CONSTRUCTED)
+			{
+			ep=p+len;
+			if (BIO_write(bp,"\n",1) <= 0) goto end;
+			if (len > length)
+				{
+				BIO_printf(bp,
+					"length is greater than %ld\n",length);
+				ret=0;
+				goto end;
+				}
+			if ((j == 0x21) && (len == 0))
+				{
+				for (;;)
+					{
+					r=asn1_parse2(bp,&p,(long)(tot-p),
+						offset+(p - *pp),depth+1,
+						indent);
+					if (r == 0) { ret=0; goto end; }
+					if ((r == 2) || (p >= tot)) break;
+					}
+				}
+			else
+				while (p < ep)
+					{
+					r=asn1_parse2(bp,&p,(long)len,
+						offset+(p - *pp),depth+1,
+						indent);
+					if (r == 0) { ret=0; goto end; }
+					}
+			}
+		else if (xclass != 0)
+			{
+			p+=len;
+			if (BIO_write(bp,"\n",1) <= 0) goto end;
+			}
+		else
+			{
+			nl=0;
+			if (	(tag == V_ASN1_PRINTABLESTRING) ||
+				(tag == V_ASN1_T61STRING) ||
+				(tag == V_ASN1_IA5STRING) ||
+				(tag == V_ASN1_UTCTIME))
+				{
+				if (BIO_write(bp,":",1) <= 0) goto end;
+				if ((len > 0) &&
+					BIO_write(bp,(char *)p,(int)len)
+					!= (int)len)
+					goto end;
+				}
+			else if (tag == V_ASN1_OBJECT)
+				{
+				opp=op;
+				if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL)
+					{
+					if (BIO_write(bp,":",1) <= 0) goto end;
+					i2a_ASN1_OBJECT(bp,o);
+					}
+				else
+					{
+					if (BIO_write(bp,":BAD OBJECT",11) <= 0)
+						goto end;
+					}
+				}
+			else if (tag == V_ASN1_BOOLEAN)
+				{
+				int ii;
+
+				opp=op;
+				ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
+				if (ii < 0)
+					{
+					if (BIO_write(bp,"Bad boolean\n",12))
+						goto end;
+					}
+				BIO_printf(bp,":%d",ii);
+				}
+			else if (tag == V_ASN1_OCTET_STRING)
+				{
+				int i,printable=1;
+
+				opp=op;
+				os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
+				if (os != NULL)
+					{
+					opp=os->data;
+					for (i=0; i<os->length; i++)
+						{
+						if ((	(opp[i] < ' ') &&
+							(opp[i] != '\n') &&
+							(opp[i] != '\r') &&
+							(opp[i] != '\t')) ||
+							(opp[i] > '~'))
+							{
+							printable=0;
+							break;
+							}
+						}
+					if (printable && (os->length > 0))
+						{
+						if (BIO_write(bp,":",1) <= 0)
+							goto end;
+						if (BIO_write(bp,(char *)opp,
+							os->length) <= 0)
+							goto end;
+						}
+					ASN1_OCTET_STRING_free(os);
+					os=NULL;
+					}
+				}
+			else if (tag == V_ASN1_INTEGER)
+				{
+				ASN1_INTEGER *bs;
+				int i;
+
+				opp=op;
+				bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
+				if (bs != NULL)
+					{
+					if (BIO_write(bp,":",1) <= 0) goto end;
+					if (bs->type == V_ASN1_NEG_INTEGER)
+						if (BIO_write(bp,"-",1) <= 0)
+							goto end;
+					for (i=0; i<bs->length; i++)
+						{
+						if (BIO_printf(bp,"%02X",
+							bs->data[i]) <= 0)
+							goto end;
+						}
+					if (bs->length == 0)
+						{
+						if (BIO_write(bp,"00",2) <= 0)
+							goto end;
+						}
+					}
+				else
+					{
+					if (BIO_write(bp,"BAD INTEGER",11) <= 0)
+						goto end;
+					}
+				ASN1_INTEGER_free(bs);
+				}
+
+			if (!nl) 
+				{
+				if (BIO_write(bp,"\n",1) <= 0) goto end;
+				}
+			p+=len;
+			if ((tag == V_ASN1_EOC) && (xclass == 0))
+				{
+				ret=2; /* End of sequence */
+				goto end;
+				}
+			}
+		length-=len;
+		}
+	ret=1;
+end:
+	if (o != NULL) ASN1_OBJECT_free(o);
+	if (os != NULL) ASN1_OCTET_STRING_free(os);
+	*pp=p;
+	return(ret);
+	}
diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c
new file mode 100644
index 0000000000..6ae3e0efa3
--- /dev/null
+++ b/crypto/asn1/d2i_dhp.c
@@ -0,0 +1,108 @@
+/* crypto/asn1/d2i_dhp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DHPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+DH *d2i_DHparams(a,pp,length)
+DH **a;
+unsigned char **pp;
+long length;
+	{
+	int i=ASN1_R_ERROR_STACK;
+	ASN1_INTEGER *bs=NULL;
+	long v=0;
+	M_ASN1_D2I_vars(a,DH *,DH_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
+
+	if (!M_ASN1_D2I_end_sequence())
+		{
+		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+		for (i=0; i<bs->length; i++)
+			v=(v<<8)|(bs->data[i]);
+		ret->length=(int)v;
+		}
+
+	ASN1_BIT_STRING_free(bs);
+
+	M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	ASN1err(ASN1_F_D2I_DHPARAMS,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DH_free(ret);
+	if (bs != NULL) ASN1_BIT_STRING_free(bs);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c
new file mode 100644
index 0000000000..d0732af23a
--- /dev/null
+++ b/crypto/asn1/d2i_dsap.c
@@ -0,0 +1,101 @@
+/* crypto/asn1/d2i_dsap.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DSAPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+DSA *d2i_DSAparams(a,pp,length)
+DSA **a;
+unsigned char **pp;
+long length;
+	{
+	int i=ASN1_R_ERROR_STACK;
+	ASN1_INTEGER *bs=NULL;
+	M_ASN1_D2I_vars(a,DSA *,DSA_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
+
+	ASN1_BIT_STRING_free(bs);
+
+	M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	ASN1err(ASN1_F_D2I_DSAPARAMS,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
+	if (bs != NULL) ASN1_BIT_STRING_free(bs);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
new file mode 100644
index 0000000000..0b60aee4c0
--- /dev/null
+++ b/crypto/asn1/d2i_pr.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/d2i_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+EVP_PKEY *d2i_PrivateKey(type,a,pp,length)
+int type;
+EVP_PKEY **a;
+unsigned char **pp;
+long length;
+	{
+	EVP_PKEY *ret;
+
+	if ((a == NULL) || (*a == NULL))
+		{
+		if ((ret=EVP_PKEY_new()) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
+			return(NULL);
+			}
+		}
+	else	ret= *a;
+
+	ret->save_type=type;
+	ret->type=EVP_PKEY_type(type);
+	switch (ret->type)
+		{
+#ifndef NO_RSA
+	case EVP_PKEY_RSA:
+		if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		break;
+#endif
+#ifndef NO_DSA
+	case EVP_PKEY_DSA:
+		if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		break;
+#endif
+	default:
+		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+		goto err;
+		break;
+		}
+	if (a != NULL) (*a)=ret;
+	return(ret);
+err:
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
new file mode 100644
index 0000000000..142742e844
--- /dev/null
+++ b/crypto/asn1/d2i_pu.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/d2i_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+EVP_PKEY *d2i_PublicKey(type,a,pp,length)
+int type;
+EVP_PKEY **a;
+unsigned char **pp;
+long length;
+	{
+	EVP_PKEY *ret;
+
+	if ((a == NULL) || (*a == NULL))
+		{
+		if ((ret=EVP_PKEY_new()) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
+			return(NULL);
+			}
+		}
+	else	ret= *a;
+
+	ret->save_type=type;
+	ret->type=EVP_PKEY_type(type);
+	switch (ret->type)
+		{
+#ifndef NO_RSA
+	case EVP_PKEY_RSA:
+		if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		break;
+#endif
+#ifndef NO_DSA
+	case EVP_PKEY_DSA:
+		if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		break;
+#endif
+	default:
+		ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+		goto err;
+		break;
+		}
+	if (a != NULL) (*a)=ret;
+	return(ret);
+err:
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c
new file mode 100644
index 0000000000..af95f30a56
--- /dev/null
+++ b/crypto/asn1/d2i_r_pr.c
@@ -0,0 +1,129 @@
+/* crypto/asn1/d2i_r_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_PARSING);
+ */
+
+static ASN1_METHOD method={
+        (int (*)())  i2d_RSAPrivateKey,
+        (char *(*)())d2i_RSAPrivateKey,
+        (char *(*)())RSA_new,
+        (void (*)()) RSA_free};
+
+ASN1_METHOD *RSAPrivateKey_asn1_meth()
+	{
+	return(&method);
+	}
+
+RSA *d2i_RSAPrivateKey(a,pp,length)
+RSA **a;
+unsigned char **pp;
+long length;
+	{
+	int i=ASN1_R_PARSING;
+	ASN1_INTEGER *bs=NULL;
+	M_ASN1_D2I_vars(a,RSA *,RSA_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if (bs->length == 0)
+		ret->version=0;
+	else	ret->version=bs->data[0];
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->d=BN_bin2bn(bs->data,bs->length,ret->d)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->dmp1=BN_bin2bn(bs->data,bs->length,ret->dmp1)) == NULL)
+		goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->dmq1=BN_bin2bn(bs->data,bs->length,ret->dmq1)) == NULL)
+		goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->iqmp=BN_bin2bn(bs->data,bs->length,ret->iqmp)) == NULL)
+		goto err_bn;
+
+	ASN1_INTEGER_free(bs);
+
+	M_ASN1_D2I_Finish_2(a);
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
+	if (bs != NULL) ASN1_INTEGER_free(bs);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c
new file mode 100644
index 0000000000..0febef6b36
--- /dev/null
+++ b/crypto/asn1/d2i_r_pu.c
@@ -0,0 +1,100 @@
+/* crypto/asn1/d2i_r_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+RSA *d2i_RSAPublicKey(a,pp,length)
+RSA **a;
+unsigned char **pp;
+long length;
+	{
+	int i=ASN1_R_PARSING;
+	ASN1_INTEGER *bs=NULL;
+	M_ASN1_D2I_vars(a,RSA *,RSA_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
+
+	ASN1_INTEGER_free(bs);
+	bs=NULL;
+
+	M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	ASN1err(ASN1_F_D2I_RSAPUBLICKEY,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
+	if (bs != NULL) ASN1_INTEGER_free(bs);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c
new file mode 100644
index 0000000000..987db4e3c2
--- /dev/null
+++ b/crypto/asn1/d2i_s_pr.c
@@ -0,0 +1,113 @@
+/* crypto/asn1/d2i_s_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_PARSING);
+ */
+
+DSA *d2i_DSAPrivateKey(a,pp,length)
+DSA **a;
+unsigned char **pp;
+long length;
+	{
+	int i=ASN1_R_PARSING;
+	ASN1_INTEGER *bs=NULL;
+	M_ASN1_D2I_vars(a,DSA *,DSA_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if (bs->length == 0)
+		ret->version=0;
+	else	ret->version=bs->data[0];
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
+		== NULL) goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->priv_key=BN_bin2bn(bs->data,bs->length,ret->priv_key))
+		== NULL) goto err_bn;
+
+	ASN1_INTEGER_free(bs);
+
+	M_ASN1_D2I_Finish_2(a);
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
+	if (bs != NULL) ASN1_INTEGER_free(bs);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c
new file mode 100644
index 0000000000..dfffa82030
--- /dev/null
+++ b/crypto/asn1/d2i_s_pu.c
@@ -0,0 +1,124 @@
+/* crypto/asn1/d2i_s_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+DSA *d2i_DSAPublicKey(a,pp,length)
+DSA **a;
+unsigned char **pp;
+long length;
+	{
+	int i=ASN1_R_PARSING;
+	ASN1_INTEGER *bs=NULL;
+	M_ASN1_D2I_vars(a,DSA *,DSA_new);
+
+	M_ASN1_D2I_Init();
+	if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED))
+		== (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER))))
+		{
+		c.slen=length;
+		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+		if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
+                        == NULL)
+                        goto err_bn;
+		ret->write_params=0;
+		}
+	else
+		{
+		M_ASN1_D2I_start_sequence();
+		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+		if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
+			== NULL)
+			goto err_bn;
+		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+		if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL)
+			goto err_bn;
+		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+		if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL)
+			goto err_bn;
+		M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+		if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL)
+			goto err_bn;
+
+		ret->write_params=1;
+		}
+
+	ASN1_INTEGER_free(bs);
+	bs=NULL;
+	M_ASN1_D2I_Finish_2(a);
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
+	if (bs != NULL) ASN1_INTEGER_free(bs);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
new file mode 100644
index 0000000000..f786b12d68
--- /dev/null
+++ b/crypto/asn1/f_int.c
@@ -0,0 +1,211 @@
+/* crypto/asn1/f_int.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+int i2a_ASN1_INTEGER(bp, a)
+BIO *bp;
+ASN1_INTEGER *a;
+	{
+	int i,n=0;
+	static char *h="0123456789ABCDEF";
+	char buf[2];
+
+	if (a == NULL) return(0);
+
+	if (a->length == 0)
+		{
+		if (BIO_write(bp,"00",2) != 2) goto err;
+		n=2;
+		}
+	else
+		{
+		for (i=0; i<a->length; i++)
+			{
+			if ((i != 0) && (i%35 == 0))
+				{
+				if (BIO_write(bp,"\\\n",2) != 2) goto err;
+				n+=2;
+				}
+			buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
+			buf[1]=h[((unsigned char)a->data[i]   )&0x0f];
+			if (BIO_write(bp,buf,2) != 2) goto err;
+			n+=2;
+			}
+		}
+	return(n);
+err:
+	return(-1);
+	}
+
+int a2i_ASN1_INTEGER(bp,bs,buf,size)
+BIO *bp;
+ASN1_INTEGER *bs;
+char *buf;
+int size;
+	{
+	int ret=0;
+	int i,j,k,m,n,again,bufsize;
+	unsigned char *s=NULL,*sp;
+	unsigned char *bufp;
+	int num=0,slen=0,first=1;
+
+	bs->type=V_ASN1_INTEGER;
+
+	bufsize=BIO_gets(bp,buf,size);
+	for (;;)
+		{
+		if (bufsize < 1) goto err_sl;
+		i=bufsize;
+		if (buf[i-1] == '\n') buf[--i]='\0';
+		if (i == 0) goto err_sl;
+		if (buf[i-1] == '\r') buf[--i]='\0';
+		if (i == 0) goto err_sl;
+		again=(buf[i-1] == '\\');
+
+		for (j=0; j<i; j++)
+			{
+			if (!(	((buf[j] >= '0') && (buf[j] <= '9')) ||
+				((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+				((buf[j] >= 'A') && (buf[j] <= 'F'))))
+				{
+				i=j;
+				break;
+				}
+			}
+		buf[i]='\0';
+		/* We have now cleared all the crap off the end of the
+		 * line */
+		if (i < 2) goto err_sl;
+
+		bufp=(unsigned char *)buf;
+		if (first)
+			{
+			first=0;
+			if ((bufp[0] == '0') && (buf[1] == '0'))
+				{
+				bufp+=2;
+				i-=2;
+				}
+			}
+		k=0;
+		i-=again;
+		if (i%2 != 0)
+			{
+			ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
+			goto err;
+			}
+		i/=2;
+		if (num+i > slen)
+			{
+			if (s == NULL)
+				sp=(unsigned char *)Malloc(
+					(unsigned int)num+i*2);
+			else
+				sp=(unsigned char *)Realloc(s,
+					(unsigned int)num+i*2);
+			if (sp == NULL)
+				{
+				ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
+				if (s != NULL) Free((char *)s);
+				goto err;
+				}
+			s=sp;
+			slen=num+i*2;
+			}
+		for (j=0; j<i; j++,k+=2)
+			{
+			for (n=0; n<2; n++)
+				{
+				m=bufp[k+n];
+				if ((m >= '0') && (m <= '9'))
+					m-='0';
+				else if ((m >= 'a') && (m <= 'f'))
+					m=m-'a'+10;
+				else if ((m >= 'A') && (m <= 'F'))
+					m=m-'A'+10;
+				else
+					{
+					ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
+					goto err;
+					}
+				s[num+j]<<=4;
+				s[num+j]|=m;
+				}
+			}
+		num+=i;
+		if (again)
+			bufsize=BIO_gets(bp,buf,size);
+		else
+			break;
+		}
+	bs->length=num;
+	bs->data=s;
+	ret=1;
+err:
+	if (0)
+		{
+err_sl:
+		ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c
new file mode 100644
index 0000000000..68001c3245
--- /dev/null
+++ b/crypto/asn1/f_string.c
@@ -0,0 +1,210 @@
+/* crypto/asn1/f_string.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+int i2a_ASN1_STRING(bp, a, type)
+BIO *bp;
+ASN1_STRING *a;
+int type;
+	{
+	int i,n=0;
+	static char *h="0123456789ABCDEF";
+	char buf[2];
+
+	if (a == NULL) return(0);
+
+	if (a->length == 0)
+		{
+		if (BIO_write(bp,"0",1) != 1) goto err;
+		n=1;
+		}
+	else
+		{
+		for (i=0; i<a->length; i++)
+			{
+			if ((i != 0) && (i%35 == 0))
+				{
+				if (BIO_write(bp,"\\\n",2) != 2) goto err;
+				n+=2;
+				}
+			buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
+			buf[1]=h[((unsigned char)a->data[i]   )&0x0f];
+			if (BIO_write(bp,buf,2) != 2) goto err;
+			n+=2;
+			}
+		}
+	return(n);
+err:
+	return(-1);
+	}
+
+int a2i_ASN1_STRING(bp,bs,buf,size)
+BIO *bp;
+ASN1_STRING *bs;
+char *buf;
+int size;
+	{
+	int ret=0;
+	int i,j,k,m,n,again,bufsize;
+	unsigned char *s=NULL,*sp;
+	unsigned char *bufp;
+	int num=0,slen=0,first=1;
+
+	bufsize=BIO_gets(bp,buf,size);
+	for (;;)
+		{
+		if (bufsize < 1)
+			{
+			if (first)
+				break;
+			else
+				goto err_sl;
+			}
+		first=0;
+
+		i=bufsize;
+		if (buf[i-1] == '\n') buf[--i]='\0';
+		if (i == 0) goto err_sl;
+		if (buf[i-1] == '\r') buf[--i]='\0';
+		if (i == 0) goto err_sl;
+		again=(buf[i-1] == '\\');
+
+		for (j=i-1; j>0; j--)
+			{
+			if (!(	((buf[j] >= '0') && (buf[j] <= '9')) ||
+				((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+				((buf[j] >= 'A') && (buf[j] <= 'F'))))
+				{
+				i=j;
+				break;
+				}
+			}
+		buf[i]='\0';
+		/* We have now cleared all the crap off the end of the
+		 * line */
+		if (i < 2) goto err_sl;
+
+		bufp=(unsigned char *)buf;
+
+		k=0;
+		i-=again;
+		if (i%2 != 0)
+			{
+			ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
+			goto err;
+			}
+		i/=2;
+		if (num+i > slen)
+			{
+			if (s == NULL)
+				sp=(unsigned char *)Malloc(
+					(unsigned int)num+i*2);
+			else
+				sp=(unsigned char *)Realloc(s,
+					(unsigned int)num+i*2);
+			if (sp == NULL)
+				{
+				ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
+				if (s != NULL) Free((char *)s);
+				goto err;
+				}
+			s=sp;
+			slen=num+i*2;
+			}
+		for (j=0; j<i; j++,k+=2)
+			{
+			for (n=0; n<2; n++)
+				{
+				m=bufp[k+n];
+				if ((m >= '0') && (m <= '9'))
+					m-='0';
+				else if ((m >= 'a') && (m <= 'f'))
+					m=m-'a'+10;
+				else if ((m >= 'A') && (m <= 'F'))
+					m=m-'A'+10;
+				else
+					{
+					ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
+					goto err;
+					}
+				s[num+j]<<=4;
+				s[num+j]|=m;
+				}
+			}
+		num+=i;
+		if (again)
+			bufsize=BIO_gets(bp,buf,size);
+		else
+			break;
+		}
+	bs->length=num;
+	bs->data=s;
+	ret=1;
+err:
+	if (0)
+		{
+err_sl:
+		ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c
new file mode 100644
index 0000000000..087b6b8f6c
--- /dev/null
+++ b/crypto/asn1/i2d_dhp.c
@@ -0,0 +1,128 @@
+/* crypto/asn1/i2d_dhp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "asn1_mac.h"
+#include "dh.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_DHPARAMS_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_DHparams(a,pp)
+DH *a;
+unsigned char **pp;
+	{
+	BIGNUM *num[3];
+	ASN1_INTEGER bs;
+	unsigned int j,i,tot=0,len,max=0;
+	int t,ret= -1;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+	num[0]=a->p;
+	num[1]=a->g;
+	if (a->length != 0)
+		{
+		if ((num[2]=BN_new()) == NULL) goto err;
+		if (!BN_set_word(num[2],a->length)) goto err;
+		}
+	else	
+		num[2]=NULL;
+
+	for (i=0; i<3; i++)
+		{
+		if (num[i] == NULL) continue;
+		j=BN_num_bits(num[i]);
+		len=((j == 0)?0:((j/8)+1));
+		if (len > max) max=len;
+		len=ASN1_object_size(0,len,
+			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+		tot+=len;
+		}
+
+	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+	if (pp == NULL) return(t);
+
+	p= *pp;
+	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	bs.type=V_ASN1_INTEGER;
+	bs.data=(unsigned char *)Malloc(max+4);
+	if (bs.data == NULL)
+		{
+		ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	for (i=0; i<3; i++)
+		{
+		if (num[i] == NULL) continue;
+		bs.length=BN_bn2bin(num[i],bs.data);
+		i2d_ASN1_INTEGER(&bs,&p);
+		}
+	Free((char *)bs.data);
+	ret=t;
+err:
+	if (num[2] != NULL) BN_free(num[2]);
+	*pp=p;
+	return(ret);
+	}
diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c
new file mode 100644
index 0000000000..e051c99886
--- /dev/null
+++ b/crypto/asn1/i2d_dsap.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/i2d_dsap.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "asn1_mac.h"
+#include "dsa.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_DSAparams(a,pp)
+DSA *a;
+unsigned char **pp;
+	{
+	BIGNUM *num[3];
+	ASN1_INTEGER bs;
+	unsigned int j,i,tot=0,len,max=0;
+	int t,ret= -1;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+	num[0]=a->p;
+	num[1]=a->q;
+	num[2]=a->g;
+
+	for (i=0; i<3; i++)
+		{
+		if (num[i] == NULL) continue;
+		j=BN_num_bits(num[i]);
+		len=((j == 0)?0:((j/8)+1));
+		if (len > max) max=len;
+		len=ASN1_object_size(0,len,
+			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+		tot+=len;
+		}
+
+	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+	if (pp == NULL) return(t);
+
+	p= *pp;
+	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	bs.type=V_ASN1_INTEGER;
+	bs.data=(unsigned char *)Malloc(max+4);
+	if (bs.data == NULL)
+		{
+		ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	for (i=0; i<3; i++)
+		{
+		if (num[i] == NULL) continue;
+		bs.length=BN_bn2bin(num[i],bs.data);
+		i2d_ASN1_INTEGER(&bs,&p);
+		}
+	Free((char *)bs.data);
+	ret=t;
+err:
+	*pp=p;
+	return(ret);
+	}
+
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
new file mode 100644
index 0000000000..361beb9fdd
--- /dev/null
+++ b/crypto/asn1/i2d_pr.c
@@ -0,0 +1,86 @@
+/* crypto/asn1/i2d_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+
+int i2d_PrivateKey(a,pp)
+EVP_PKEY *a;
+unsigned char **pp;
+	{
+#ifndef NO_RSA
+	if (a->type == EVP_PKEY_RSA)
+		{
+		return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
+		}
+	else
+#endif
+#ifndef NO_DSA
+	if (a->type == EVP_PKEY_DSA)
+		{
+		return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
+		}
+#endif
+
+	ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+	return(-1);
+	}
+
diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
new file mode 100644
index 0000000000..2694cd4423
--- /dev/null
+++ b/crypto/asn1/i2d_pu.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/i2d_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+
+int i2d_PublicKey(a,pp)
+EVP_PKEY *a;
+unsigned char **pp;
+	{
+	switch (a->type)
+		{
+#ifndef NO_RSA
+	case EVP_PKEY_RSA:
+		return(i2d_RSAPublicKey(a->pkey.rsa,pp));
+#endif
+#ifndef NO_DSA
+	case EVP_PKEY_DSA:
+		return(i2d_DSAPublicKey(a->pkey.dsa,pp));
+#endif
+	default:
+		ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+		return(-1);
+		}
+	}
+
diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c
new file mode 100644
index 0000000000..fa9389760a
--- /dev/null
+++ b/crypto/asn1/i2d_r_pr.c
@@ -0,0 +1,132 @@
+/* crypto/asn1/i2d_r_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_RSAPrivateKey(a,pp)
+RSA *a;
+unsigned char **pp;
+	{
+	BIGNUM *num[9];
+	unsigned char data[1];
+	ASN1_INTEGER bs;
+	unsigned int j,i,tot,t,len,max=0;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+
+	num[1]=a->n;
+	num[2]=a->e;
+	num[3]=a->d;
+	num[4]=a->p;
+	num[5]=a->q;
+	num[6]=a->dmp1;
+	num[7]=a->dmq1;
+	num[8]=a->iqmp;
+
+	bs.length=1;
+	bs.data=data;
+	bs.type=V_ASN1_INTEGER;
+	data[0]=a->version&0x7f;
+
+	tot=i2d_ASN1_INTEGER(&(bs),NULL);
+	for (i=1; i<9; i++)
+		{
+		j=BN_num_bits(num[i]);
+		len=((j == 0)?0:((j/8)+1));
+		if (len > max) max=len;
+		len=ASN1_object_size(0,len,
+			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+		tot+=len;
+		}
+
+	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+	if (pp == NULL) return(t);
+
+	p= *pp;
+	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	i2d_ASN1_INTEGER(&bs,&p);
+
+	bs.data=(unsigned char *)Malloc(max+4);
+	if (bs.data == NULL)
+		{
+		ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+		return(-1);
+		}
+
+	for (i=1; i<9; i++)
+		{
+		bs.length=BN_bn2bin(num[i],bs.data);
+		i2d_ASN1_INTEGER(&bs,&p);
+		}
+	Free((char *)bs.data);
+	*pp=p;
+	return(t);
+	}
+
diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c
new file mode 100644
index 0000000000..31dc8363ba
--- /dev/null
+++ b/crypto/asn1/i2d_r_pu.c
@@ -0,0 +1,118 @@
+/* crypto/asn1/i2d_r_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_RSAPublicKey(a,pp)
+RSA *a;
+unsigned char **pp;
+	{
+	BIGNUM *num[2];
+	ASN1_INTEGER bs;
+	unsigned int j,i,tot=0,len,max=0,t;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+
+	num[0]=a->n;
+	num[1]=a->e;
+
+	for (i=0; i<2; i++)
+		{
+		j=BN_num_bits(num[i]);
+		len=((j == 0)?0:((j/8)+1));
+		if (len > max) max=len;
+		len=ASN1_object_size(0,len,
+			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+		tot+=len;
+		}
+
+	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+	if (pp == NULL) return(t);
+
+	p= *pp;
+	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	bs.type=V_ASN1_INTEGER;
+	bs.data=(unsigned char *)Malloc(max+4);
+	if (bs.data == NULL)
+		{
+		ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
+		return(-1);
+		}
+
+	for (i=0; i<2; i++)
+		{
+		bs.length=BN_bn2bin(num[i],bs.data);
+		i2d_ASN1_INTEGER(&bs,&p);
+		}
+	Free((char *)bs.data);
+	*pp=p;
+	return(t);
+	}
+
diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c
new file mode 100644
index 0000000000..0c0a5c6f57
--- /dev/null
+++ b/crypto/asn1/i2d_s_pr.c
@@ -0,0 +1,128 @@
+/* crypto/asn1/i2d_s_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_DSAPrivateKey(a,pp)
+DSA *a;
+unsigned char **pp;
+	{
+	BIGNUM *num[6];
+	unsigned char data[1];
+	ASN1_INTEGER bs;
+	unsigned int j,i,tot,t,len,max=0;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+
+	num[1]=a->p;
+	num[2]=a->q;
+	num[3]=a->g;
+	num[4]=a->pub_key;
+	num[5]=a->priv_key;
+
+	bs.length=1;
+	bs.data=data;
+	bs.type=V_ASN1_INTEGER;
+	data[0]=a->version&0x7f;
+
+	tot=i2d_ASN1_INTEGER(&(bs),NULL);
+	for (i=1; i<6; i++)
+		{
+		j=BN_num_bits(num[i]);
+		len=((j == 0)?0:((j/8)+1));
+		if (len > max) max=len;
+		len=ASN1_object_size(0,len,
+			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+		tot+=len;
+		}
+
+	t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+	if (pp == NULL) return(t);
+
+	p= *pp;
+	ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	i2d_ASN1_INTEGER(&bs,&p);
+
+	bs.data=(unsigned char *)Malloc(max+4);
+	if (bs.data == NULL)
+		{
+		ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+		return(-1);
+		}
+
+	for (i=1; i<6; i++)
+		{
+		bs.length=BN_bn2bin(num[i],bs.data);
+		i2d_ASN1_INTEGER(&bs,&p);
+		}
+	Free((char *)bs.data);
+	*pp=p;
+	return(t);
+	}
+
diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c
new file mode 100644
index 0000000000..cfb7c11f8b
--- /dev/null
+++ b/crypto/asn1/i2d_s_pu.c
@@ -0,0 +1,133 @@
+/* crypto/asn1/i2d_s_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_DSAPublicKey(a,pp)
+DSA *a;
+unsigned char **pp;
+	{
+	BIGNUM *num[4];
+	ASN1_INTEGER bs;
+	unsigned int j,i,tot=0,len,max=0,t=0,all,n=1;
+	unsigned char *p;
+
+	if (a == NULL) return(0);
+
+	all=a->write_params;
+
+	num[0]=a->pub_key;
+	if (all)
+		{
+		num[1]=a->p;
+		num[2]=a->q;
+		num[3]=a->g;
+		n=4;
+		}
+
+	for (i=0; i<n; i++)
+		{
+		j=BN_num_bits(num[i]);
+		len=((j == 0)?0:((j/8)+1));
+		if (len > max) max=len;
+		len=ASN1_object_size(0,len,
+			(num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+		tot+=len;
+		}
+
+	if (all)
+		{
+		t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+		if (pp == NULL) return(t);
+		}
+	else
+		{
+		if (pp == NULL) return(tot);
+		}
+
+	p= *pp;
+	if (all)
+		ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	bs.type=V_ASN1_INTEGER;
+	bs.data=(unsigned char *)Malloc(max+4);
+	if (bs.data == NULL)
+		{
+		ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
+		return(-1);
+		}
+
+	for (i=0; i<n; i++)
+		{
+		bs.length=BN_bn2bin(num[i],bs.data);
+		i2d_ASN1_INTEGER(&bs,&p);
+		}
+	Free((char *)bs.data);
+	*pp=p;
+	return(t);
+	}
+
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
new file mode 100644
index 0000000000..6353d18c53
--- /dev/null
+++ b/crypto/asn1/n_pkey.c
@@ -0,0 +1,364 @@
+/* crypto/asn1/n_pkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+#include "evp.h"
+#include "x509.h"
+
+
+#ifndef NO_RC4
+
+typedef struct netscape_pkey_st
+	{
+	ASN1_INTEGER *version;
+	X509_ALGOR *algor;
+	ASN1_OCTET_STRING *private_key;
+	} NETSCAPE_PKEY;
+
+/*
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR);
+ * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
+ */
+#ifndef NOPROTO
+static RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
+	int (*cb)());
+static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
+static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
+#else
+static RSA *d2i_Netscape_RSA_2();
+static int i2d_NETSCAPE_PKEY();
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY();
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new();
+static void NETSCAPE_PKEY_free();
+#endif
+
+int i2d_Netscape_RSA(a,pp,cb)
+RSA *a;
+unsigned char **pp;
+int (*cb)();
+	{
+	int i,j,l[6];
+	NETSCAPE_PKEY *pkey;
+	unsigned char buf[256],*zz;
+	unsigned char key[EVP_MAX_KEY_LENGTH];
+	EVP_CIPHER_CTX ctx;
+	X509_ALGOR *alg=NULL;
+	ASN1_OCTET_STRING os,os2;
+	M_ASN1_I2D_vars(a);
+
+	if (a == NULL) return(0);
+
+#ifdef WIN32
+	r=r; /* shut the damn compiler up :-) */
+#endif
+
+	os.data=os2.data=NULL;
+	if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
+	if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
+
+	if (pkey->algor->algorithm != NULL)
+		ASN1_OBJECT_free(pkey->algor->algorithm);
+	pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
+	if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
+	pkey->algor->parameter->type=V_ASN1_NULL;
+
+	l[0]=i2d_RSAPrivateKey(a,NULL);
+	pkey->private_key->length=l[0];
+
+	os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
+	l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
+
+	if ((alg=X509_ALGOR_new()) == NULL) goto err;
+	if (alg->algorithm != NULL)
+		ASN1_OBJECT_free(alg->algorithm);
+	alg->algorithm=OBJ_nid2obj(NID_rc4);
+	if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
+	alg->parameter->type=V_ASN1_NULL;
+
+	l[2]=i2d_X509_ALGOR(alg,NULL);
+	l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
+
+	os.data=(unsigned char *)"private-key";
+	os.length=11;
+	l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
+
+	l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
+
+	if (pp == NULL)
+		{
+		if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+		if (alg != NULL) X509_ALGOR_free(alg);
+		return(l[5]);
+		}
+
+	if (pkey->private_key->data != NULL)
+		Free((char *)pkey->private_key->data);
+	if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL)
+		{
+		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	zz=pkey->private_key->data;
+	i2d_RSAPrivateKey(a,&zz);
+
+	if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL)
+		{
+		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	zz=os2.data;
+	i2d_NETSCAPE_PKEY(pkey,&zz);
+		
+	if (cb == NULL)
+		cb=EVP_read_pw_string;
+	i=cb(buf,256,"Enter Private Key password:",1);
+	if (i != 0)
+		{
+		ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
+		goto err;
+		}
+	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
+		strlen((char *)buf),1,key,NULL);
+	memset(buf,0,256);
+	EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
+	EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
+	EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
+	EVP_CIPHER_CTX_cleanup(&ctx);
+
+	p= *pp;
+	ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+	i2d_ASN1_OCTET_STRING(&os,&p);
+	ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+	i2d_X509_ALGOR(alg,&p);
+	i2d_ASN1_OCTET_STRING(&os2,&p);
+	ret=l[5];
+err:
+	if (os2.data != NULL) Free((char *)os2.data);
+	if (alg != NULL) X509_ALGOR_free(alg);
+	if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+	r=r;
+	return(ret);
+	}
+
+RSA *d2i_Netscape_RSA(a,pp,length,cb)
+RSA **a;
+unsigned char **pp;
+long length;
+int (*cb)();
+	{
+	RSA *ret=NULL;
+	ASN1_OCTET_STRING *os=NULL;
+	ASN1_CTX c;
+
+	c.pp=pp;
+	c.error=ASN1_R_DECODING_ERROR;
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
+	if ((os->length != 11) || (strncmp("private-key",
+		(char *)os->data,os->length) != 0))
+		{
+		ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
+		ASN1_BIT_STRING_free(os);
+		goto err;
+		}
+	ASN1_BIT_STRING_free(os);
+	c.q=c.p;
+	if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err;
+	c.slen-=(c.p-c.q);
+
+	M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
+	}
+
+static RSA *d2i_Netscape_RSA_2(a,pp,length,cb)
+RSA **a;
+unsigned char **pp;
+long length;
+int (*cb)();
+	{
+	NETSCAPE_PKEY *pkey=NULL;
+	RSA *ret=NULL;
+	int i,j;
+	unsigned char buf[256],*zz;
+	unsigned char key[EVP_MAX_KEY_LENGTH];
+	EVP_CIPHER_CTX ctx;
+	X509_ALGOR *alg=NULL;
+	ASN1_OCTET_STRING *os=NULL;
+	ASN1_CTX c;
+
+	c.error=ASN1_R_ERROR_STACK;
+	c.pp=pp;
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
+	if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
+		{
+		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+		goto err;
+		}
+	M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
+	if (cb == NULL)
+		cb=EVP_read_pw_string;
+	i=cb(buf,256,"Enter Private Key password:",0);
+	if (i != 0)
+		{
+		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
+		goto err;
+		}
+
+	EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
+		strlen((char *)buf),1,key,NULL);
+	memset(buf,0,256);
+	EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
+	EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
+	EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	os->length=i+j;
+
+	zz=os->data;
+
+	if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
+		{
+		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
+		goto err;
+		}
+		
+	zz=pkey->private_key->data;
+	if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
+		{
+		ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
+		goto err;
+		}
+	if (!asn1_Finish(&c)) goto err;
+	*pp=c.p;
+err:
+	if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+	if (os != NULL) ASN1_BIT_STRING_free(os);
+	if (alg != NULL) X509_ALGOR_free(alg);
+	return(ret);
+	}
+
+static int i2d_NETSCAPE_PKEY(a,pp)
+NETSCAPE_PKEY *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+
+	M_ASN1_I2D_len(a->version,	i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->private_key,	i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,	i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->private_key,	i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length)
+NETSCAPE_PKEY **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
+	M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
+	}
+
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new()
+	{
+	NETSCAPE_PKEY *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->algor,X509_ALGOR_new);
+	M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
+	}
+
+static void NETSCAPE_PKEY_free(a)
+NETSCAPE_PKEY *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	X509_ALGOR_free(a->algor);
+	ASN1_OCTET_STRING_free(a->private_key);
+	Free((char *)a);
+	}
+
+#endif /* NO_RC4 */
+
diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c
new file mode 100644
index 0000000000..206c2a6bb3
--- /dev/null
+++ b/crypto/asn1/p7_dgst.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/p7_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_DIGEST_NEW,ASN1_R_MISSING_EOS);
+ * ASN1err(ASN1_F_D2I_PKCS7_DIGEST,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_DIGEST(a,pp)
+PKCS7_DIGEST *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->md,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->contents,i2d_PKCS7);
+	M_ASN1_I2D_len(a->digest,i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->md,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->contents,i2d_PKCS7);
+	M_ASN1_I2D_put(a->digest,i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_DIGEST *d2i_PKCS7_DIGEST(a,pp,length)
+PKCS7_DIGEST **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_DIGEST *,PKCS7_DIGEST_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->md,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
+	M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
+
+	M_ASN1_D2I_Finish(a,PKCS7_DIGEST_free,ASN1_F_D2I_PKCS7_DIGEST);
+	}
+
+PKCS7_DIGEST *PKCS7_DIGEST_new()
+	{
+	PKCS7_DIGEST *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_DIGEST);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->md,X509_ALGOR_new);
+	M_ASN1_New(ret->contents,PKCS7_new);
+	M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_DIGEST_NEW);
+	}
+
+void PKCS7_DIGEST_free(a)
+PKCS7_DIGEST *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	X509_ALGOR_free(a->md);
+	PKCS7_free(a->contents);
+	ASN1_OCTET_STRING_free(a->digest);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c
new file mode 100644
index 0000000000..ce4bedb113
--- /dev/null
+++ b/crypto/asn1/p7_enc.c
@@ -0,0 +1,120 @@
+/* crypto/asn1/p7_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ENCRYPT_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ENCRYPT,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ENCRYPT(a,pp)
+PKCS7_ENCRYPT *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(a,pp,length)
+PKCS7_ENCRYPT **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_ENCRYPT *,PKCS7_ENCRYPT_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
+
+	M_ASN1_D2I_Finish(a,PKCS7_ENCRYPT_free,ASN1_F_D2I_PKCS7_ENCRYPT);
+	}
+
+PKCS7_ENCRYPT *PKCS7_ENCRYPT_new()
+	{
+	PKCS7_ENCRYPT *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_ENCRYPT_NEW);
+	}
+
+void PKCS7_ENCRYPT_free(a)
+PKCS7_ENCRYPT *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	PKCS7_ENC_CONTENT_free(a->enc_data);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c
new file mode 100644
index 0000000000..b27d443533
--- /dev/null
+++ b/crypto/asn1/p7_enc_c.c
@@ -0,0 +1,127 @@
+/* crypto/asn1/p7_enc_c.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ENC_CONTENT_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ENC_CONTENT,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ENC_CONTENT(a,pp)
+PKCS7_ENC_CONTENT *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->content_type,i2d_ASN1_OBJECT);
+	M_ASN1_I2D_len(a->algorithm,i2d_X509_ALGOR);
+	M_ASN1_I2D_len_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->content_type,i2d_ASN1_OBJECT);
+	M_ASN1_I2D_put(a->algorithm,i2d_X509_ALGOR);
+	M_ASN1_I2D_put_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING,0);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(a,pp,length)
+PKCS7_ENC_CONTENT **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_ENC_CONTENT *,PKCS7_ENC_CONTENT_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->content_type,d2i_ASN1_OBJECT);
+	M_ASN1_D2I_get(ret->algorithm,d2i_X509_ALGOR);
+	M_ASN1_D2I_get_IMP_opt(ret->enc_data,d2i_ASN1_OCTET_STRING,0,
+		V_ASN1_OCTET_STRING);
+
+	M_ASN1_D2I_Finish(a,PKCS7_ENC_CONTENT_free,
+		ASN1_F_D2I_PKCS7_ENC_CONTENT);
+	}
+
+PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new()
+	{
+	PKCS7_ENC_CONTENT *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
+	M_ASN1_New(ret->content_type,ASN1_OBJECT_new);
+	M_ASN1_New(ret->algorithm,X509_ALGOR_new);
+	ret->enc_data=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_ENC_CONTENT_NEW);
+	}
+
+void PKCS7_ENC_CONTENT_free(a)
+PKCS7_ENC_CONTENT *a;
+	{
+	if (a == NULL) return;
+	ASN1_OBJECT_free(a->content_type);
+	X509_ALGOR_free(a->algorithm);
+	ASN1_OCTET_STRING_free(a->enc_data);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c
new file mode 100644
index 0000000000..a41d09db77
--- /dev/null
+++ b/crypto/asn1/p7_evp.c
@@ -0,0 +1,125 @@
+/* crypto/asn1/p7_evp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ENVELOPE_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ENVELOPE,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ENVELOPE(a,pp)
+PKCS7_ENVELOPE *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+	M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+	M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(a,pp,length)
+PKCS7_ENVELOPE **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_ENVELOPE *,PKCS7_ENVELOPE_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO);
+	M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
+
+	M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE);
+	}
+
+PKCS7_ENVELOPE *PKCS7_ENVELOPE_new()
+	{
+	PKCS7_ENVELOPE *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->recipientinfo,sk_new_null);
+	M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_ENVELOPE_NEW);
+	}
+
+void PKCS7_ENVELOPE_free(a)
+PKCS7_ENVELOPE *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	sk_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
+	PKCS7_ENC_CONTENT_free(a->enc_data);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c
new file mode 100644
index 0000000000..413c7e1e69
--- /dev/null
+++ b/crypto/asn1/p7_i_s.c
@@ -0,0 +1,120 @@
+/* crypto/asn1/p7_i_s.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ISSUER_AND_SERIAL(a,pp)
+PKCS7_ISSUER_AND_SERIAL *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
+	M_ASN1_I2D_len(a->serial,i2d_ASN1_INTEGER);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
+	M_ASN1_I2D_put(a->serial,i2d_ASN1_INTEGER);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(a,pp,length)
+PKCS7_ISSUER_AND_SERIAL **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_ISSUER_AND_SERIAL *,PKCS7_ISSUER_AND_SERIAL_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+	M_ASN1_D2I_get(ret->serial,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_Finish(a,PKCS7_ISSUER_AND_SERIAL_free,
+		ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL);
+	}
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new()
+	{
+	PKCS7_ISSUER_AND_SERIAL *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_New(ret->issuer,X509_NAME_new);
+	M_ASN1_New(ret->serial,ASN1_INTEGER_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW);
+	}
+
+void PKCS7_ISSUER_AND_SERIAL_free(a)
+PKCS7_ISSUER_AND_SERIAL *a;
+	{
+	if (a == NULL) return;
+	X509_NAME_free(a->issuer);
+	ASN1_INTEGER_free(a->serial);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c
new file mode 100644
index 0000000000..b745df0944
--- /dev/null
+++ b/crypto/asn1/p7_lib.c
@@ -0,0 +1,299 @@
+/* crypto/asn1/p7_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "objects.h"
+
+/* ASN1err(ASN1_F_D2I_PKCS7,ASN1_R_BAD_PKCS7_CONTENT);
+ * ASN1err(ASN1_F_I2D_PKCS7,ASN1_R_BAD_PKCS7_TYPE);
+ * ASN1err(ASN1_F_PKCS7_NEW,ASN1_R_BAD_PKCS7_TYPE);
+ */
+
+int i2d_PKCS7(a,pp)
+PKCS7 *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	if (a->asn1 != NULL)
+		{
+		if (pp == NULL)
+			return((int)a->length);
+		memcpy(*pp,a->asn1,(int)a->length);
+		*pp+=a->length;
+		return((int)a->length);
+		}
+
+	ret+=4; /* sequence, BER header plus '0 0' end padding */
+	M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
+	if (a->d.ptr != NULL)
+		{
+		ret+=4; /* explicit tag [ 0 ] BER plus '0 0' */
+		switch (OBJ_obj2nid(a->type))
+			{
+		case NID_pkcs7_data:
+			M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
+			break;
+		case NID_pkcs7_signed:
+			M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
+			break;
+		case NID_pkcs7_enveloped:
+			M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
+			break;
+		case NID_pkcs7_signedAndEnveloped:
+			M_ASN1_I2D_len(a->d.signed_and_enveloped,
+				i2d_PKCS7_SIGN_ENVELOPE);
+			break;
+		case NID_pkcs7_digest:
+			M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
+			break;
+		case NID_pkcs7_encrypted:
+			M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
+			break;
+		default:
+			break;
+			}
+		}
+	r=ret;
+	if (pp == NULL) return(r);
+	p= *pp;
+	M_ASN1_I2D_INF_seq_start(V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+	M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
+
+	if (a->d.ptr != NULL)
+		{
+		M_ASN1_I2D_INF_seq_start(0,V_ASN1_CONTEXT_SPECIFIC);
+		switch (OBJ_obj2nid(a->type))
+			{
+		case NID_pkcs7_data:
+			M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
+			break;
+		case NID_pkcs7_signed:
+			M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
+			break;
+		case NID_pkcs7_enveloped:
+			M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
+			break;
+		case NID_pkcs7_signedAndEnveloped:
+			M_ASN1_I2D_put(a->d.signed_and_enveloped,
+				i2d_PKCS7_SIGN_ENVELOPE);
+			break;
+		case NID_pkcs7_digest:
+			M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
+			break;
+		case NID_pkcs7_encrypted:
+			M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
+			break;
+		default:
+			break;
+			}
+		M_ASN1_I2D_INF_seq_end();
+		}
+	M_ASN1_I2D_INF_seq_end();
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7 *d2i_PKCS7(a,pp,length)
+PKCS7 **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7 *,PKCS7_new);
+
+	if ((a != NULL) && ((*a) != NULL))
+		{
+		if ((*a)->asn1 != NULL)
+			{
+			Free((char *)(*a)->asn1);
+			(*a)->asn1=NULL;
+			}
+		(*a)->length=0;
+		}
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->type,d2i_ASN1_OBJECT);
+	if (!M_ASN1_D2I_end_sequence())
+		{
+		int Tinf,Ttag,Tclass;
+		long Tlen;
+
+		if (M_ASN1_next != (V_ASN1_CONSTRUCTED|
+			V_ASN1_CONTEXT_SPECIFIC|0))
+			{
+			c.error=ASN1_R_BAD_PKCS7_CONTENT;
+			goto err;
+			}
+
+		ret->detached=0;
+
+		c.q=c.p;
+		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,
+			(c.inf & 1)?(length+ *pp-c.q):c.slen);
+		if (Tinf & 0x80) goto err;
+		c.slen-=(c.p-c.q);
+
+		switch (OBJ_obj2nid(ret->type))
+			{
+		case NID_pkcs7_data:
+			M_ASN1_D2I_get(ret->d.data,d2i_ASN1_OCTET_STRING);
+			break;
+		case NID_pkcs7_signed:
+			M_ASN1_D2I_get(ret->d.sign,d2i_PKCS7_SIGNED);
+			if (ret->d.sign->contents->d.ptr == NULL)
+				ret->detached=1;
+			break;
+		case NID_pkcs7_enveloped:
+			M_ASN1_D2I_get(ret->d.enveloped,d2i_PKCS7_ENVELOPE);
+			break;
+		case NID_pkcs7_signedAndEnveloped:
+			M_ASN1_D2I_get(ret->d.signed_and_enveloped,
+				d2i_PKCS7_SIGN_ENVELOPE);
+			break;
+		case NID_pkcs7_digest:
+			M_ASN1_D2I_get(ret->d.digest,d2i_PKCS7_DIGEST);
+			break;
+		case NID_pkcs7_encrypted:
+			M_ASN1_D2I_get(ret->d.encrypted,d2i_PKCS7_ENCRYPT);
+			break;
+		default:
+			c.error=ASN1_R_BAD_PKCS7_TYPE;
+			goto err;
+			break;
+			}
+		if (Tinf == (1|V_ASN1_CONSTRUCTED))
+			{
+			if (!ASN1_check_infinite_end(&c.p,c.slen))
+				{
+				c.error=ASN1_R_MISSING_EOS;
+				goto err;
+				}
+			}
+		}
+	else
+		ret->detached=1;
+		
+	M_ASN1_D2I_Finish(a,PKCS7_free,ASN1_F_D2I_PKCS7);
+	}
+
+PKCS7 *PKCS7_new()
+	{
+	PKCS7 *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7);
+	ret->type=ASN1_OBJECT_new();
+	ret->asn1=NULL;
+	ret->length=0;
+	ret->detached=0;
+	ret->d.ptr=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_NEW);
+	}
+
+void PKCS7_free(a)
+PKCS7 *a;
+	{
+	if (a == NULL) return;
+
+	PKCS7_content_free(a);
+	if (a->type != NULL)
+		{
+		ASN1_OBJECT_free(a->type);
+		}
+	Free((char *)(char *)a);
+	}
+
+void PKCS7_content_free(a)
+PKCS7 *a;
+	{
+	if (a->asn1 != NULL) Free((char *)a->asn1);
+
+	if (a->d.ptr != NULL)
+		{
+		if (a->type == NULL) return;
+
+		switch (OBJ_obj2nid(a->type))
+			{
+		case NID_pkcs7_data:
+			ASN1_OCTET_STRING_free(a->d.data);
+			break;
+		case NID_pkcs7_signed:
+			PKCS7_SIGNED_free(a->d.sign);
+			break;
+		case NID_pkcs7_enveloped:
+			PKCS7_ENVELOPE_free(a->d.enveloped);
+			break;
+		case NID_pkcs7_signedAndEnveloped:
+			PKCS7_SIGN_ENVELOPE_free(a->d.signed_and_enveloped);
+			break;
+		case NID_pkcs7_digest:
+			PKCS7_DIGEST_free(a->d.digest);
+			break;
+		case NID_pkcs7_encrypted:
+			PKCS7_ENCRYPT_free(a->d.encrypted);
+			break;
+		default:
+			/* MEMORY LEAK */
+			break;
+			}
+		}
+	a->d.ptr=NULL;
+	}
+
diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c
new file mode 100644
index 0000000000..e4ebda0060
--- /dev/null
+++ b/crypto/asn1/p7_recip.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/p7_recip.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_RECIP_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_RECIP_INFO,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_RECIP_INFO(a,pp)
+PKCS7_RECIP_INFO *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_I2D_len(a->key_enc_algor,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->enc_key,i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_I2D_put(a->key_enc_algor,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->enc_key,i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(a,pp,length)
+PKCS7_RECIP_INFO **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_RECIP_INFO *,PKCS7_RECIP_INFO_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_D2I_get(ret->key_enc_algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->enc_key,d2i_ASN1_OCTET_STRING);
+
+	M_ASN1_D2I_Finish(a,PKCS7_RECIP_INFO_free,ASN1_F_D2I_PKCS7_RECIP_INFO);
+	}
+
+PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new()
+	{
+	PKCS7_RECIP_INFO *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
+	M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new);
+	M_ASN1_New(ret->enc_key,ASN1_OCTET_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW);
+	}
+
+void PKCS7_RECIP_INFO_free(a)
+PKCS7_RECIP_INFO *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
+	X509_ALGOR_free(a->key_enc_algor);
+	ASN1_OCTET_STRING_free(a->enc_key);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c
new file mode 100644
index 0000000000..df5fa3ff8c
--- /dev/null
+++ b/crypto/asn1/p7_s_e.c
@@ -0,0 +1,146 @@
+/* crypto/asn1/p7_s_e.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_SIGN_ENVELOPE(a,pp)
+PKCS7_SIGN_ENVELOPE *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+	M_ASN1_I2D_len_SET(a->md_algs,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+	M_ASN1_I2D_len_IMP_set_opt(a->cert,i2d_X509,0);
+	M_ASN1_I2D_len_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+	M_ASN1_I2D_len_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+	M_ASN1_I2D_put_SET(a->md_algs,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+	M_ASN1_I2D_put_IMP_set_opt(a->cert,i2d_X509,0);
+	M_ASN1_I2D_put_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+	M_ASN1_I2D_put_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(a,pp,length)
+PKCS7_SIGN_ENVELOPE **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_SIGN_ENVELOPE *,PKCS7_SIGN_ENVELOPE_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO);
+	M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
+	M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,0);
+	M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,1);
+	M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO);
+
+	M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free,
+		ASN1_F_D2I_PKCS7_SIGN_ENVELOPE);
+	}
+
+PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new()
+	{
+	PKCS7_SIGN_ENVELOPE *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->recipientinfo,sk_new_null);
+	M_ASN1_New(ret->md_algs,sk_new_null);
+	M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
+	ret->cert=NULL;
+	ret->crl=NULL;
+	M_ASN1_New(ret->signer_info,sk_new_null);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW);
+	}
+
+void PKCS7_SIGN_ENVELOPE_free(a)
+PKCS7_SIGN_ENVELOPE *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	sk_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
+	sk_pop_free(a->md_algs,X509_ALGOR_free);
+	PKCS7_ENC_CONTENT_free(a->enc_data);
+	sk_pop_free(a->cert,X509_free);
+	sk_pop_free(a->crl,X509_CRL_free);
+	sk_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c
new file mode 100644
index 0000000000..23dc7ce268
--- /dev/null
+++ b/crypto/asn1/p7_signd.c
@@ -0,0 +1,140 @@
+/* crypto/asn1/p7_signd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_SIGNED_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_SIGNED,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_SIGNED(a,pp)
+PKCS7_SIGNED *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len_SET(a->md_algs,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->contents,i2d_PKCS7);
+	M_ASN1_I2D_len_IMP_set_opt(a->cert,i2d_X509,0);
+	M_ASN1_I2D_len_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+	M_ASN1_I2D_len_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put_SET(a->md_algs,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->contents,i2d_PKCS7);
+	M_ASN1_I2D_put_IMP_set_opt(a->cert,i2d_X509,0);
+	M_ASN1_I2D_put_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+	M_ASN1_I2D_put_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_SIGNED *d2i_PKCS7_SIGNED(a,pp,length)
+PKCS7_SIGNED **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_SIGNED *,PKCS7_SIGNED_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
+	M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,0);
+	M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,1);
+	M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO);
+
+	M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED);
+	}
+
+PKCS7_SIGNED *PKCS7_SIGNED_new()
+	{
+	PKCS7_SIGNED *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_SIGNED);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->md_algs,sk_new_null);
+	M_ASN1_New(ret->contents,PKCS7_new);
+	ret->cert=NULL;
+	ret->crl=NULL;
+	M_ASN1_New(ret->signer_info,sk_new_null);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_SIGNED_NEW);
+	}
+
+void PKCS7_SIGNED_free(a)
+PKCS7_SIGNED *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	sk_pop_free(a->md_algs,X509_ALGOR_free);
+	PKCS7_free(a->contents);
+	sk_pop_free(a->cert,X509_free);
+	sk_pop_free(a->crl,X509_CRL_free);
+	sk_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c
new file mode 100644
index 0000000000..d6682e0359
--- /dev/null
+++ b/crypto/asn1/p7_signi.c
@@ -0,0 +1,149 @@
+/* crypto/asn1/p7_signi.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_SIGNER_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_SIGNER_INFO,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_SIGNER_INFO(a,pp)
+PKCS7_SIGNER_INFO *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_len_IMP_set_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
+	M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING);
+	M_ASN1_I2D_len_IMP_set_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_put_IMP_set_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
+	M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING);
+	M_ASN1_I2D_put_IMP_set_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
+
+	M_ASN1_I2D_finish();
+	}
+
+PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(a,pp,length)
+PKCS7_SIGNER_INFO **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,PKCS7_SIGNER_INFO *,PKCS7_SIGNER_INFO_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
+	M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get_IMP_set_opt(ret->auth_attr,d2i_X509_ATTRIBUTE,0);
+	M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING);
+	M_ASN1_D2I_get_IMP_set_opt(ret->unauth_attr,d2i_X509_ATTRIBUTE,1);
+
+	M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free,
+		ASN1_F_D2I_PKCS7_SIGNER_INFO);
+	}
+
+PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new()
+	{
+	PKCS7_SIGNER_INFO *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
+	M_ASN1_New(ret->digest_alg,X509_ALGOR_new);
+	ret->auth_attr=NULL;
+	M_ASN1_New(ret->digest_enc_alg,X509_ALGOR_new);
+	M_ASN1_New(ret->enc_digest,ASN1_OCTET_STRING_new);
+	ret->unauth_attr=NULL;
+	ret->pkey=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_PKCS7_SIGNER_INFO_NEW);
+	}
+
+void PKCS7_SIGNER_INFO_free(a)
+PKCS7_SIGNER_INFO *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
+	X509_ALGOR_free(a->digest_alg);
+	sk_pop_free(a->auth_attr,X509_ATTRIBUTE_free);
+	X509_ALGOR_free(a->digest_enc_alg);
+	ASN1_OCTET_STRING_free(a->enc_digest);
+	sk_pop_free(a->unauth_attr,X509_ATTRIBUTE_free);
+	if (a->pkey != NULL)
+		EVP_PKEY_free(a->pkey);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/pk.c b/crypto/asn1/pk.c
new file mode 100644
index 0000000000..b96f22d139
--- /dev/null
+++ b/crypto/asn1/pk.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/pk.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "../error/err.h"
+#include "./asn1.h"
+#include "rsa.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+main()
+	{
+	PKCS7 *x;
+	FILE *in;
+	unsigned char buf[10240],buf2[10240],*p;
+	int num,i;
+
+	PKCS7 *nx=NULL,*mx=NULL;
+
+	in=fopen("pkcs7.der","r");
+	if (in == NULL)
+		{
+		perror("pkcs7.der");
+		exit(1);
+		}
+	num=fread(buf,1,10240,in);
+	fclose(in);
+
+
+		p=buf;
+		if (d2i_PKCS7(&nx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf);
+
+exit(0);
+		p=buf2;
+		num=i2d_PKCS7(nx,&p);
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+		if (memcmp(buf,buf2,num) != 0)
+			{
+			fprintf(stderr,"data difference\n");
+			for (i=0; i<num; i++)
+				fprintf(stderr,"%c%03d <%02X-%02X>\n",
+					(buf[i] == buf2[i])?' ':'*',i,
+					buf[i],buf2[i]);
+			fprintf(stderr,"\n");
+			exit(1);
+			}
+
+		p=buf2;
+		if (d2i_PKCS7(&mx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+/*		X509_print(stdout,mx);*/
+
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(stderr);
+	exit(1);
+	}
+
diff --git a/crypto/asn1/pkcs8.c b/crypto/asn1/pkcs8.c
new file mode 100644
index 0000000000..bd0d191530
--- /dev/null
+++ b/crypto/asn1/pkcs8.c
@@ -0,0 +1,139 @@
+/* crypto/asn1/pkcs8.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "objects.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_KEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_KEY_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+int i2d_X509_KEY(a,pp)
+X509 *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->cert_info,	i2d_X509_CINF);
+	M_ASN1_I2D_len(a->sig_alg,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->cert_info,	i2d_X509_CINF);
+	M_ASN1_I2D_put(a->sig_alg,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509 *d2i_X509_KEY(a,pp,length)
+X509 **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509 *,X509_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
+	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+	M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
+	}
+
+X509 *X509_KEY_new()
+	{
+	X509_KEY *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_KEY);
+	ret->references=1;
+	ret->type=NID
+	M_ASN1_New(ret->cert_info,X509_CINF_new);
+	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_NEW);
+	}
+
+void X509_KEY_free(a)
+X509 *a;
+	{
+	int i;
+
+	if (a == NULL) return;
+
+	i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"X509_KEY_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	X509_CINF_free(a->cert_info);
+	X509_ALGOR_free(a->sig_alg);
+	ASN1_BIT_STRING_free(a->signature);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
new file mode 100644
index 0000000000..09a5abec67
--- /dev/null
+++ b/crypto/asn1/t_pkey.c
@@ -0,0 +1,389 @@
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifndef NO_DH
+#include "dh.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+
+/* DHerr(DH_F_DHPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
+ * DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int print(BIO *fp,char *str,BIGNUM *num,
+		unsigned char *buf,int off);
+#else
+static int print();
+#endif
+
+#ifndef NO_RSA
+#ifndef WIN16
+int RSA_print_fp(fp,x,off)
+FILE *fp;
+RSA *x;
+int off;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=RSA_print(b,x,off);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int RSA_print(bp,x,off)
+BIO *bp;
+RSA *x;
+int off;
+	{
+	char str[128],*s;
+	unsigned char *m=NULL;
+	int i,ret=0;
+
+	i=RSA_size(x);
+	m=(unsigned char *)Malloc((unsigned int)i+10);
+	if (m == NULL)
+		{
+		RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (off)
+		{
+		if (off > 128) off=128;
+		memset(str,' ',off);
+		}
+	if (x->d != NULL)
+		{
+		if (off && (BIO_write(bp,str,off) <= 0)) goto err;
+		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
+			<= 0) goto err;
+		}
+
+	if (x->d == NULL)
+		sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
+	else
+		strcpy(str,"modulus:");
+	if (!print(bp,str,x->n,m,off)) goto err;
+	s=(x->d == NULL)?"Exponent:":"publicExponent:";
+	if (!print(bp,s,x->e,m,off)) goto err;
+	if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
+	if (!print(bp,"prime1:",x->p,m,off)) goto err;
+	if (!print(bp,"prime2:",x->q,m,off)) goto err;
+	if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
+	if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
+	if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
+	ret=1;
+err:
+	if (m != NULL) Free((char *)m);
+	return(ret);
+	}
+#endif /* NO_RSA */
+
+#ifndef NO_DSA
+#ifndef WIN16
+int DSA_print_fp(fp,x,off)
+FILE *fp;
+DSA *x;
+int off;
+	{
+	BIO *b;
+	int ret;
+
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
+		return(0);
+		}
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=DSA_print(b,x,off);
+	BIO_free(b);
+	return(ret);
+	}
+#endif
+
+int DSA_print(bp,x,off)
+BIO *bp;
+DSA *x;
+int off;
+	{
+	char str[128];
+	unsigned char *m=NULL;
+	int i,ret=0;
+	BIGNUM *bn=NULL;
+
+	if (x->p != NULL)
+		bn=x->p;
+	else if (x->priv_key != NULL)
+		bn=x->priv_key;
+	else if (x->pub_key != NULL)
+		bn=x->pub_key;
+		
+	/* larger than needed but what the hell :-) */
+	if (bn != NULL)
+		i=BN_num_bytes(bn)*2;
+	else
+		i=256;
+	m=(unsigned char *)Malloc((unsigned int)i+10);
+	if (m == NULL)
+		{
+		DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (off)
+		{
+		if (off > 128) off=128;
+		memset(str,' ',off);
+		}
+	if (x->priv_key != NULL)
+		{
+		if (off && (BIO_write(bp,str,off) <= 0)) goto err;
+		if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
+			<= 0) goto err;
+		}
+
+	if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
+		goto err;
+	if ((x->pub_key  != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
+		goto err;
+	if ((x->p != NULL) && !print(bp,"P:   ",x->p,m,off)) goto err;
+	if ((x->q != NULL) && !print(bp,"Q:   ",x->q,m,off)) goto err;
+	if ((x->g != NULL) && !print(bp,"G:   ",x->g,m,off)) goto err;
+	ret=1;
+err:
+	if (m != NULL) Free((char *)m);
+	return(ret);
+	}
+#endif /* !NO_DSA */
+
+static int print(bp,number,num,buf,off)
+BIO *bp;
+char *number;
+BIGNUM *num;
+unsigned char *buf;
+int off;
+	{
+	int n,i;
+	char str[128],*neg;
+
+	if (num == NULL) return(1);
+	neg=(num->neg)?"-":"";
+	if (off)
+		{
+		if (off > 128) off=128;
+		memset(str,' ',off);
+		if (BIO_write(bp,str,off) <= 0) return(0);
+		}
+
+	if (BN_num_bytes(num) <= BN_BYTES)
+		{
+		if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
+			(unsigned long)num->d[0],neg,(unsigned long)num->d[0])
+			<= 0) return(0);
+		}
+	else
+		{
+		buf[0]=0;
+		if (BIO_printf(bp,"%s%s",number,
+			(neg[0] == '-')?" (Negative)":"") <= 0)
+			return(0);
+		n=BN_bn2bin(num,&buf[1]);
+	
+		if (buf[1] & 0x80)
+			n++;
+		else	buf++;
+
+		for (i=0; i<n; i++)
+			{
+			if ((i%15) == 0)
+				{
+				str[0]='\n';
+				memset(&(str[1]),' ',off+4);
+				if (BIO_write(bp,str,off+1+4) <= 0) return(0);
+				}
+			if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
+				<= 0) return(0);
+			}
+		if (BIO_write(bp,"\n",1) <= 0) return(0);
+		}
+	return(1);
+	}
+
+#ifndef NO_DH
+#ifndef WIN16
+int DHparams_print_fp(fp,x)
+FILE *fp;
+DH *x;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=DHparams_print(b, x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int DHparams_print(bp,x)
+BIO *bp;
+DH *x;
+	{
+	unsigned char *m=NULL;
+	int reason=ERR_R_BUF_LIB,i,ret=0;
+
+	i=BN_num_bytes(x->p);
+	m=(unsigned char *)Malloc((unsigned int)i+10);
+	if (m == NULL)
+		{
+		reason=ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
+		BN_num_bits(x->p)) <= 0)
+		goto err;
+	if (!print(bp,"prime:",x->p,m,4)) goto err;
+	if (!print(bp,"generator:",x->g,m,4)) goto err;
+	if (x->length != 0)
+		{
+		if (BIO_printf(bp,"    recomented-private-length: %d bits\n",
+			(int)x->length) <= 0) goto err;
+		}
+	ret=1;
+err:
+	if (m != NULL) Free((char *)m);
+	DHerr(DH_F_DHPARAMS_PRINT,reason);
+	return(ret);
+	}
+#endif
+
+#ifndef NO_DSA
+#ifndef WIN16
+int DSAparams_print_fp(fp,x)
+FILE *fp;
+DSA *x;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=DSAparams_print(b, x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int DSAparams_print(bp,x)
+BIO *bp;
+DSA *x;
+	{
+	unsigned char *m=NULL;
+	int reason=ERR_R_BUF_LIB,i,ret=0;
+
+	i=BN_num_bytes(x->p);
+	m=(unsigned char *)Malloc((unsigned int)i+10);
+	if (m == NULL)
+		{
+		reason=ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
+		BN_num_bits(x->p)) <= 0)
+		goto err;
+	if (!print(bp,"p:",x->p,m,4)) goto err;
+	if (!print(bp,"q:",x->q,m,4)) goto err;
+	if (!print(bp,"g:",x->g,m,4)) goto err;
+	ret=1;
+err:
+	if (m != NULL) Free((char *)m);
+	DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
+	return(ret);
+	}
+
+#endif /* !NO_DSA */
+
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
new file mode 100644
index 0000000000..922f6b3923
--- /dev/null
+++ b/crypto/asn1/t_req.c
@@ -0,0 +1,226 @@
+/* crypto/asn1/t_req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifndef WIN16
+int X509_REQ_print_fp(fp,x)
+FILE *fp;
+X509_REQ *x;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=X509_REQ_print(b, x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int X509_REQ_print(bp,x)
+BIO *bp;
+X509_REQ *x;
+	{
+	unsigned long l;
+	int i,n;
+	char *s,*neg;
+	X509_REQ_INFO *ri;
+	EVP_PKEY *pkey;
+	STACK *sk;
+	char str[128];
+
+	ri=x->req_info;
+	sprintf(str,"Certificate Request:\n");
+	if (BIO_puts(bp,str) <= 0) goto err;
+	sprintf(str,"%4sData:\n","");
+	if (BIO_puts(bp,str) <= 0) goto err;
+
+	neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
+	l=0;
+	for (i=0; i<ri->version->length; i++)
+		{ l<<=8; l+=ri->version->data[i]; }
+	sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l);
+	if (BIO_puts(bp,str) <= 0) goto err;
+	sprintf(str,"%8sSubject: ","");
+	if (BIO_puts(bp,str) <= 0) goto err;
+
+	X509_NAME_print(bp,ri->subject,16);
+	sprintf(str,"\n%8sSubject Public Key Info:\n","");
+	if (BIO_puts(bp,str) <= 0) goto err;
+	i=OBJ_obj2nid(ri->pubkey->algor->algorithm);
+	sprintf(str,"%12sPublic Key Algorithm: %s\n","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
+	if (BIO_puts(bp,str) <= 0) goto err;
+
+	pkey=X509_REQ_get_pubkey(x);
+#ifndef NO_RSA
+	if (pkey->type == EVP_PKEY_RSA)
+		{
+		BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+			BN_num_bits(pkey->pkey.rsa->n));
+		RSA_print(bp,pkey->pkey.rsa,16);
+		}
+	else 
+#endif
+#ifndef NO_DSA
+		if (pkey->type == EVP_PKEY_DSA)
+		{
+		BIO_printf(bp,"%12sDSA Public Key:\n","");
+		DSA_print(bp,pkey->pkey.dsa,16);
+		}
+	else
+#endif
+		BIO_printf(bp,"%12sUnknown Public Key:\n","");
+
+	/* may not be */
+	sprintf(str,"%8sAttributes:\n","");
+	if (BIO_puts(bp,str) <= 0) goto err;
+
+	sk=x->req_info->attributes;
+	if ((sk == NULL) || (sk_num(sk) == 0))
+		{
+		if (!x->req_info->req_kludge)
+			{
+			sprintf(str,"%12sa0:00\n","");
+			if (BIO_puts(bp,str) <= 0) goto err;
+			}
+		}
+	else
+		{
+		for (i=0; i<sk_num(sk); i++)
+			{
+			ASN1_TYPE *at;
+			X509_ATTRIBUTE *a;
+			ASN1_BIT_STRING *bs=NULL;
+			ASN1_TYPE *t;
+			int j,type=0,count=1,ii=0;
+
+			a=(X509_ATTRIBUTE *)sk_value(sk,i);
+			sprintf(str,"%12s","");
+			if (BIO_puts(bp,str) <= 0) goto err;
+			if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
+
+			if (a->set)
+				{
+				ii=0;
+				count=sk_num(a->value.set);
+get_next:
+				at=(ASN1_TYPE *)sk_value(a->value.set,ii);
+				type=at->type;
+				bs=at->value.asn1_string;
+				}
+			else
+				{
+				t=a->value.single;
+				type=t->type;
+				bs=t->value.bit_string;
+				}
+			for (j=25-j; j>0; j--)
+				if (BIO_write(bp," ",1) != 1) goto err;
+			if (BIO_puts(bp,":") <= 0) goto err;
+			if (	(type == V_ASN1_PRINTABLESTRING) ||
+				(type == V_ASN1_T61STRING) ||
+				(type == V_ASN1_IA5STRING))
+				{
+				if (BIO_write(bp,(char *)bs->data,bs->length)
+					!= bs->length)
+					goto err;
+				BIO_puts(bp,"\n");
+				}
+			else
+				{
+				BIO_puts(bp,"unable to print attribute\n");
+				}
+			if (++ii < count) goto get_next;
+			}
+		}
+
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	sprintf(str,"%4sSignature Algorithm: %s","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
+	if (BIO_puts(bp,str) <= 0) goto err;
+
+	n=x->signature->length;
+	s=(char *)x->signature->data;
+	for (i=0; i<n; i++)
+		{
+		if ((i%18) == 0)
+			{
+			sprintf(str,"\n%8s","");
+			if (BIO_puts(bp,str) <= 0) goto err;
+			}
+		sprintf(str,"%02x%s",(unsigned char)s[i],((i+1) == n)?"":":");
+		if (BIO_puts(bp,str) <= 0) goto err;
+		}
+	if (BIO_puts(bp,"\n") <= 0) goto err;
+	return(1);
+err:
+	X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
+	return(0);
+	}
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
new file mode 100644
index 0000000000..8ff0a85166
--- /dev/null
+++ b/crypto/asn1/t_x509.c
@@ -0,0 +1,386 @@
+/* crypto/asn1/t_x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+#include "objects.h"
+#include "x509.h"
+
+#ifndef WIN16
+int X509_print_fp(fp,x)
+FILE *fp;
+X509 *x;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=X509_print(b, x);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int X509_print(bp,x)
+BIO *bp;
+X509 *x;
+	{
+	long l;
+	int ret=0,i,j,n;
+	char *m=NULL,*s;
+	X509_CINF *ci;
+	ASN1_INTEGER *bs;
+	EVP_PKEY *pkey=NULL;
+	char *neg;
+	X509_EXTENSION *ex;
+	ASN1_STRING *str=NULL;
+
+	ci=x->cert_info;
+	if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
+	if (BIO_write(bp,"    Data:\n",10) <= 0) goto err;
+	l=X509_get_version(x);
+	if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
+	if (BIO_write(bp,"        Serial Number:",22) <= 0) goto err;
+
+	bs=X509_get_serialNumber(x);
+	if (bs->length <= 4)
+		{
+		l=ASN1_INTEGER_get(bs);
+		if (l < 0)
+			{
+			l= -l;
+			neg="-";
+			}
+		else
+			neg="";
+		if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
+			goto err;
+		}
+	else
+		{
+		neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
+		if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
+
+		for (i=0; i<bs->length; i++)
+			{
+			if (BIO_printf(bp,"%02x%c",bs->data[i],
+				((i+1 == bs->length)?'\n':':')) <= 0)
+				goto err;
+			}
+		}
+
+	i=OBJ_obj2nid(ci->signature->algorithm);
+	if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
+		goto err;
+
+	if (BIO_write(bp,"        Issuer: ",16) <= 0) goto err;
+	if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
+	if (BIO_write(bp,"\n        Validity\n",18) <= 0) goto err;
+	if (BIO_write(bp,"            Not Before: ",24) <= 0) goto err;
+	if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err;
+	if (BIO_write(bp,"\n            Not After : ",25) <= 0) goto err;
+	if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err;
+	if (BIO_write(bp,"\n        Subject: ",18) <= 0) goto err;
+	if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
+	if (BIO_write(bp,"\n        Subject Public Key Info:\n",34) <= 0)
+		goto err;
+	i=OBJ_obj2nid(ci->key->algor->algorithm);
+	if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+
+	pkey=X509_get_pubkey(x);
+#ifndef NO_RSA
+	if (pkey->type == EVP_PKEY_RSA)
+		{
+		BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+		BN_num_bits(pkey->pkey.rsa->n));
+		RSA_print(bp,pkey->pkey.rsa,16);
+		}
+	else
+#endif
+#ifndef NO_DSA
+	if (pkey->type == EVP_PKEY_DSA)
+		{
+		BIO_printf(bp,"%12sDSA Public Key:\n","");
+		DSA_print(bp,pkey->pkey.dsa,16);
+		}
+	else
+#endif
+		BIO_printf(bp,"%12sDSA Public Key:\n","");
+
+	n=X509_get_ext_count(x);
+	if (n > 0)
+		{
+		BIO_printf(bp,"%8sX509v3 extensions:\n","");
+		for (i=0; i<n; i++)
+			{
+			int data_type,pack_type;
+			ASN1_OBJECT *obj;
+
+			ex=X509_get_ext(x,i);
+			if (BIO_printf(bp,"%12s","") <= 0) goto err;
+			obj=X509_EXTENSION_get_object(ex);
+			i2a_ASN1_OBJECT(bp,obj);
+			j=X509_EXTENSION_get_critical(ex);
+			if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)
+				goto err;
+
+			pack_type=X509v3_pack_type_by_OBJ(obj);
+			data_type=X509v3_data_type_by_OBJ(obj);
+			
+			if (pack_type == X509_EXT_PACK_STRING)
+				{
+				if (X509v3_unpack_string(
+					&str,data_type,
+					X509_EXTENSION_get_data(ex)) == NULL)
+					{
+					/* hmm... */
+					goto err;
+					}
+				if (	(data_type == V_ASN1_IA5STRING) ||
+					(data_type == V_ASN1_PRINTABLESTRING) ||
+					(data_type == V_ASN1_T61STRING))
+					{
+					if (BIO_write(bp,(char *)str->data,
+							str->length) <= 0)
+						goto err;
+					}
+				else if (data_type == V_ASN1_BIT_STRING)
+					{
+					BIO_printf(bp,"0x");
+					for (j=0; j<str->length; j++)
+						{
+						BIO_printf(bp,"%02X",
+							str->data[j]);
+						}
+					}
+				}
+			else
+				{
+				ASN1_OCTET_STRING_print(bp,ex->value);
+				}
+			if (BIO_write(bp,"\n",1) <= 0) goto err;
+			}
+		}
+
+	i=OBJ_obj2nid(x->sig_alg->algorithm);
+	if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
+		(i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+
+	n=x->signature->length;
+	s=(char *)x->signature->data;
+	for (i=0; i<n; i++)
+		{
+		if ((i%18) == 0)
+			if (BIO_write(bp,"\n        ",9) <= 0) goto err;
+		if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
+			((i+1) == n)?"":":") <= 0) goto err;
+		}
+	if (BIO_write(bp,"\n",1) != 1) goto err;
+	ret=1;
+err:
+	if (str != NULL) ASN1_STRING_free(str);
+	if (m != NULL) Free((char *)m);
+	return(ret);
+	}
+
+int ASN1_STRING_print(bp,v)
+BIO *bp;
+ASN1_STRING *v;
+	{
+	int i,n;
+	char buf[80],*p;;
+
+	if (v == NULL) return(0);
+	n=0;
+	p=(char *)v->data;
+	for (i=0; i<v->length; i++)
+		{
+		if ((p[i] > '~') || ((p[i] < ' ') &&
+			(p[i] != '\n') && (p[i] != '\r')))
+			buf[n]='.';
+		else
+			buf[n]=p[i];
+		n++;
+		if (n >= 80)
+			{
+			if (BIO_write(bp,buf,n) <= 0)
+				return(0);
+			n=0;
+			}
+		}
+	if (n > 0)
+		if (BIO_write(bp,buf,n) <= 0)
+			return(0);
+	return(1);
+	}
+
+int ASN1_UTCTIME_print(bp,tm)
+BIO *bp;
+ASN1_UTCTIME *tm;
+	{
+	char *v;
+	int gmt=0;
+	static char *mon[12]={
+		"Jan","Feb","Mar","Apr","May","Jun",
+		"Jul","Aug","Sep","Oct","Nov","Dec"};
+	int i;
+	int y=0,M=0,d=0,h=0,m=0,s=0;
+
+	i=tm->length;
+	v=(char *)tm->data;
+
+	if (i < 10) goto err;
+	if (v[i-1] == 'Z') gmt=1;
+	for (i=0; i<10; i++)
+		if ((v[i] > '9') || (v[i] < '0')) goto err;
+	y= (v[0]-'0')*10+(v[1]-'0');
+	if (y < 70) y+=100;
+	M= (v[2]-'0')*10+(v[3]-'0');
+	if ((M > 12) || (M < 1)) goto err;
+	d= (v[4]-'0')*10+(v[5]-'0');
+	h= (v[6]-'0')*10+(v[7]-'0');
+	m=  (v[8]-'0')*10+(v[9]-'0');
+	if (	(v[10] >= '0') && (v[10] <= '9') &&
+		(v[11] >= '0') && (v[11] <= '9'))
+		s=  (v[10]-'0')*10+(v[11]-'0');
+
+	if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
+		mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
+		return(0);
+	else
+		return(1);
+err:
+	BIO_write(bp,"Bad time value",14);
+	return(0);
+	}
+
+int X509_NAME_print(bp,name,obase)
+BIO *bp;
+X509_NAME *name;
+int obase;
+	{
+	char *s,*c;
+	int ret=0,l,ll,i,first=1;
+	char buf[256];
+
+	ll=80-2-obase;
+
+	s=X509_NAME_oneline(name,buf,256);
+	s++; /* skip the first slash */
+
+	l=ll;
+	c=s;
+	for (;;)
+		{
+		if (	((*s == '/') &&
+				((s[1] >= 'A') && (s[1] <= 'Z') && (
+					(s[2] == '=') ||
+					((s[2] >= 'A') && (s[2] <= 'Z') &&
+					(s[3] == '='))
+				 ))) ||
+			(*s == '\0'))
+			{
+			if ((l <= 0) && !first)
+				{
+				first=0;
+				if (BIO_write(bp,"\n",1) != 1) goto err;
+				for (i=0; i<obase; i++)
+					{
+					if (BIO_write(bp," ",1) != 1) goto err;
+					}
+				l=ll;
+				}
+			i=s-c;
+			if (BIO_write(bp,c,i) != i) goto err;
+			c+=i;
+			c++;
+			if (*s != '\0')
+				{
+				if (BIO_write(bp,", ",2) != 2) goto err;
+				}
+			l--;
+			}
+		if (*s == '\0') break;
+		s++;
+		l--;
+		}
+	
+	ret=1;
+	if (0)
+		{
+err:
+		X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/asn1/test.c b/crypto/asn1/test.c
new file mode 100644
index 0000000000..fe46cd0e76
--- /dev/null
+++ b/crypto/asn1/test.c
@@ -0,0 +1,253 @@
+/* crypto/asn1/test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "../error/err.h"
+#include "./asn1.h"
+#include "rsa.h"
+#include "../x509/x509.h"
+#include "x509.h"
+
+main()
+	{
+	main1();
+	main2();
+	main3();
+	main4();
+	}
+
+main1()
+	{
+	FILE *in;
+	unsigned char buf[10240],buf2[10240],*p;
+	int num,i;
+
+	X509 *nx=NULL,*mx=NULL;
+
+	in=fopen("x.der","r");
+	if (in == NULL)
+		{
+		perror("x.der");
+		exit(1);
+		}
+	num=fread(buf,1,10240,in);
+	fclose(in);
+
+
+		p=buf;
+		if (d2i_X509(&nx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf);
+
+		p=buf2;
+		num=i2d_X509(nx,&p);
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+		if (memcmp(buf,buf2,num) != 0)
+			{
+			fprintf(stderr,"data difference\n");
+			for (i=0; i<num; i++)
+				fprintf(stderr,"%c%03d <%02X-%02X>\n",
+					(buf[i] == buf2[i])?' ':'*',i,
+					buf[i],buf2[i]);
+			fprintf(stderr,"\n");
+			exit(1);
+			}
+
+		p=buf2;
+		if (d2i_X509(&mx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+	return(1);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(stderr);
+	return(0);
+	}
+
+main2()
+	{
+	FILE *in;
+	unsigned char buf[10240],buf2[10240],*p;
+	int num,i;
+
+	X509_CRL *nx=NULL,*mx=NULL;
+
+	in=fopen("crl.der","r");
+	if (in == NULL)
+		{
+		perror("crl.der");
+		exit(1);
+		}
+	num=fread(buf,1,10240,in);
+	fclose(in);
+
+
+		p=buf;
+		if (d2i_X509_CRL(&nx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf);
+
+		p=buf2;
+		num=i2d_X509_CRL(nx,&p);
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+		if (memcmp(buf,buf2,num) != 0)
+			{
+			fprintf(stderr,"data difference\n");
+			for (i=0; i<num; i++)
+				fprintf(stderr,"%c%03d <%02X-%02X>\n",
+					(buf[i] == buf2[i])?' ':'*',i,
+					buf[i],buf2[i]);
+			fprintf(stderr,"\n");
+			exit(1);
+			}
+
+	return(1);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(stderr);
+	return(0);
+	}
+
+main3()
+	{
+	FILE *in;
+	unsigned char buf[10240],buf2[10240],*p;
+	int num,i;
+
+	X509_REQ *nx=NULL,*mx=NULL;
+
+	in=fopen("req.der","r");
+	if (in == NULL)
+		{
+		perror("req.der");
+		exit(1);
+		}
+	num=fread(buf,1,10240,in);
+	fclose(in);
+
+
+		p=buf;
+		if (d2i_X509_REQ(&nx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf);
+
+		p=buf2;
+		num=i2d_X509_REQ(nx,&p);
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+		if (memcmp(buf,buf2,num) != 0)
+			{
+			fprintf(stderr,"data difference\n");
+			for (i=0; i<num; i++)
+				fprintf(stderr,"%c%03d <%02X-%02X>\n",
+					(buf[i] == buf2[i])?' ':'*',i,
+					buf[i],buf2[i]);
+			fprintf(stderr,"\n");
+			exit(1);
+			}
+
+	return(1);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(stderr);
+	return(0);
+	}
+
+main4()
+	{
+	FILE *in;
+	unsigned char buf[10240],buf2[10240],*p;
+	int num,i;
+
+	RSA *nx=NULL,*mx=NULL;
+
+	in=fopen("rsa.der","r");
+	if (in == NULL)
+		{
+		perror("rsa.der");
+		exit(1);
+		}
+	num=fread(buf,1,10240,in);
+	fclose(in);
+
+
+		p=buf;
+		if (d2i_RSAPrivateKey(&nx,&p,num) == NULL) goto err;
+		printf("num=%d p-buf=%d\n",num,p-buf);
+
+		p=buf2;
+		num=i2d_RSAPrivateKey(nx,&p);
+		printf("num=%d p-buf=%d\n",num,p-buf2);
+
+		if (memcmp(buf,buf2,num) != 0)
+			{
+			fprintf(stderr,"data difference\n");
+			for (i=0; i<num; i++)
+				fprintf(stderr,"%c%03d <%02X-%02X>\n",
+					(buf[i] == buf2[i])?' ':'*',i,
+					buf[i],buf2[i]);
+			fprintf(stderr,"\n");
+			exit(1);
+			}
+
+	return(1);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(stderr);
+	return(0);
+	}
+
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
new file mode 100644
index 0000000000..1a23812c96
--- /dev/null
+++ b/crypto/asn1/x_algor.c
@@ -0,0 +1,126 @@
+/* crypto/asn1/x_algor.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_ALGOR_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_ALGOR(a,pp)
+X509_ALGOR *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
+	if (a->parameter != NULL)
+		{ M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
+
+	M_ASN1_I2D_seq_total();
+	M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
+	if (a->parameter != NULL)
+		{ M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_ALGOR *d2i_X509_ALGOR(a,pp,length)
+X509_ALGOR **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
+	if (!M_ASN1_D2I_end_sequence())
+		{ M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
+	else
+		{
+		ASN1_TYPE_free(ret->parameter);
+		ret->parameter=NULL;
+		}
+	M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
+	}
+
+X509_ALGOR *X509_ALGOR_new()
+	{
+	X509_ALGOR *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_ALGOR);
+	M_ASN1_New(ret->algorithm,ASN1_OBJECT_new);
+	ret->parameter=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
+	}
+
+void X509_ALGOR_free(a)
+X509_ALGOR *a;
+	{
+	if (a == NULL) return;
+	ASN1_OBJECT_free(a->algorithm);
+	ASN1_TYPE_free(a->parameter);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c
new file mode 100644
index 0000000000..bce6f3aad5
--- /dev/null
+++ b/crypto/asn1/x_attrib.c
@@ -0,0 +1,152 @@
+/* crypto/asn1/x_attrib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_ATTRIBUTE_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_X509_ATTRIBUTE,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+/* sequence */
+int i2d_X509_ATTRIBUTE(a,pp)
+X509_ATTRIBUTE *a;
+unsigned char **pp;
+	{
+	int k=0;
+	int r=0,ret=0;
+	unsigned char **p=NULL;
+
+	if (a == NULL) return(0);
+
+	p=NULL;
+	for (;;)
+		{
+		if (k)
+			{
+			r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+			if (pp == NULL) return(r);
+			p=pp;
+			ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
+				V_ASN1_UNIVERSAL);
+			}
+
+		ret+=i2d_ASN1_OBJECT(a->object,p);
+		if (a->set)
+			ret+=i2d_ASN1_SET(a->value.set,p,i2d_ASN1_TYPE,
+				V_ASN1_SET,V_ASN1_UNIVERSAL);
+		else
+			ret+=i2d_ASN1_TYPE(a->value.single,p);
+		if (k++) return(r);
+		}
+	}
+
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(a,pp,length)
+X509_ATTRIBUTE **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+
+	if ((c.slen != 0) &&
+		(M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
+		{
+		ret->set=1;
+		M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE);
+		}
+	else
+		{
+		ret->set=0;
+		M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
+		}
+
+	M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
+	}
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new()
+	{
+	X509_ATTRIBUTE *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
+	M_ASN1_New(ret->object,ASN1_OBJECT_new);
+	ret->set=0;
+	ret->value.ptr=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
+	}
+	
+void X509_ATTRIBUTE_free(a)
+X509_ATTRIBUTE *a;
+	{
+	if (a == NULL) return;
+	ASN1_OBJECT_free(a->object);
+	if (a->set)
+		sk_pop_free(a->value.set,ASN1_TYPE_free);
+	else
+		ASN1_TYPE_free(a->value.single);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c
new file mode 100644
index 0000000000..e5cc2af722
--- /dev/null
+++ b/crypto/asn1/x_cinf.c
@@ -0,0 +1,197 @@
+/* crypto/asn1/x_cinf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_CINF,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CINF_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_CINF(a,pp)
+X509_CINF *a;
+unsigned char **pp;
+	{
+	int v1=0,v2=0;
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
+	M_ASN1_I2D_len(a->serialNumber,		i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->signature,		i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->issuer,		i2d_X509_NAME);
+	M_ASN1_I2D_len(a->validity,		i2d_X509_VAL);
+	M_ASN1_I2D_len(a->subject,		i2d_X509_NAME);
+	M_ASN1_I2D_len(a->key,			i2d_X509_PUBKEY);
+	M_ASN1_I2D_len_IMP_opt(a->issuerUID,	i2d_ASN1_BIT_STRING);
+	M_ASN1_I2D_len_IMP_opt(a->subjectUID,	i2d_ASN1_BIT_STRING);
+	M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
+	M_ASN1_I2D_put(a->serialNumber,		i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->signature,		i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->issuer,		i2d_X509_NAME);
+	M_ASN1_I2D_put(a->validity,		i2d_X509_VAL);
+	M_ASN1_I2D_put(a->subject,		i2d_X509_NAME);
+	M_ASN1_I2D_put(a->key,			i2d_X509_PUBKEY);
+	M_ASN1_I2D_put_IMP_opt(a->issuerUID,	i2d_ASN1_BIT_STRING,1);
+	M_ASN1_I2D_put_IMP_opt(a->subjectUID,	i2d_ASN1_BIT_STRING,2);
+	M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_CINF *d2i_X509_CINF(a,pp,length)
+X509_CINF **a;
+unsigned char **pp;
+long length;
+	{
+	int ver=0;
+	M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	/* we have the optional version field */
+	if (M_ASN1_next == (V_ASN1_CONTEXT_SPECIFIC | V_ASN1_CONSTRUCTED | 0))
+		{
+		M_ASN1_D2I_get_EXP_opt(ret->version,d2i_ASN1_INTEGER,0);
+		if (ret->version->data != NULL)
+			ver=ret->version->data[0];
+		}
+	else
+		{
+		if (ret->version != NULL)
+			{
+			ASN1_INTEGER_free(ret->version);
+			ret->version=NULL;
+			}
+		}
+	M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->signature,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+	M_ASN1_D2I_get(ret->validity,d2i_X509_VAL);
+	M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
+	M_ASN1_D2I_get(ret->key,d2i_X509_PUBKEY);
+	if (ver >= 1) /* version 2 extensions */
+		{
+		if (ret->issuerUID != NULL)
+			{
+			ASN1_BIT_STRING_free(ret->issuerUID);
+			ret->issuerUID=NULL;
+			}
+		if (ret->subjectUID != NULL)
+			{
+			ASN1_BIT_STRING_free(ret->subjectUID);
+			ret->issuerUID=NULL;
+			}
+		M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING,  1,
+			V_ASN1_BIT_STRING);
+		M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2,
+			V_ASN1_BIT_STRING);
+		}
+	if (ver >= 2) /* version 3 extensions */
+		{
+		if (ret->extensions != NULL)
+			while (sk_num(ret->extensions))
+				X509_EXTENSION_free((X509_EXTENSION *)
+					sk_pop(ret->extensions));
+		M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,3,
+			V_ASN1_SEQUENCE);
+		}
+	M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF);
+	}
+
+X509_CINF *X509_CINF_new()
+	{
+	X509_CINF *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_CINF);
+	ret->version=NULL;
+	M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
+	M_ASN1_New(ret->signature,X509_ALGOR_new);
+	M_ASN1_New(ret->issuer,X509_NAME_new);
+	M_ASN1_New(ret->validity,X509_VAL_new);
+	M_ASN1_New(ret->subject,X509_NAME_new);
+	M_ASN1_New(ret->key,X509_PUBKEY_new);
+	ret->issuerUID=NULL;
+	ret->subjectUID=NULL;
+	ret->extensions=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_CINF_NEW);
+	}
+
+void X509_CINF_free(a)
+X509_CINF *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	ASN1_INTEGER_free(a->serialNumber);
+	X509_ALGOR_free(a->signature);
+	X509_NAME_free(a->issuer);
+	X509_VAL_free(a->validity);
+	X509_NAME_free(a->subject);
+	X509_PUBKEY_free(a->key);
+	ASN1_BIT_STRING_free(a->issuerUID);
+	ASN1_BIT_STRING_free(a->subjectUID);
+	sk_pop_free(a->extensions,X509_EXTENSION_free);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
new file mode 100644
index 0000000000..22cb99fb00
--- /dev/null
+++ b/crypto/asn1/x_crl.c
@@ -0,0 +1,347 @@
+/* crypto/asn1/x_crl.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+#ifndef NOPROTO
+static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b);
+static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b);
+#else
+static int X509_REVOKED_cmp();
+static int X509_REVOKED_seq_cmp();
+#endif
+
+int i2d_X509_REVOKED(a,pp)
+X509_REVOKED *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_REVOKED *d2i_X509_REVOKED(a,pp,length)
+X509_REVOKED **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME);
+	M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION);
+	M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
+	}
+
+int i2d_X509_CRL_INFO(a,pp)
+X509_CRL_INFO *a;
+unsigned char **pp;
+	{
+	int v1=0;
+	long l=0;
+	M_ASN1_I2D_vars(a);
+
+	if (sk_num(a->revoked) != 0)
+		qsort((char *)a->revoked->data,sk_num(a->revoked),
+			sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp);
+	if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
+		{
+		M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+		}
+	M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
+	M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
+	M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
+		V_ASN1_SEQUENCE,v1);
+
+	M_ASN1_I2D_seq_total();
+
+	if ((a->version != NULL) && (l != 0))
+		{
+		M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+		}
+	M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
+	M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
+	M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
+		V_ASN1_SEQUENCE,v1);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length)
+X509_CRL_INFO **a;
+unsigned char **pp;
+long length;
+	{
+	int i,ver=0;
+	M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
+
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
+	if (ret->version != NULL)
+		ver=ret->version->data[0];
+	
+	if ((ver == 0) && (ret->version != NULL))
+		{
+		ASN1_INTEGER_free(ret->version);
+		ret->version=NULL;
+		}
+	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+	M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
+	M_ASN1_D2I_get(ret->nextUpdate,d2i_ASN1_UTCTIME);
+	if (ret->revoked != NULL)
+		{
+		while (sk_num(ret->revoked))
+			X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked));
+		}
+	M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED);
+
+	if (ret->revoked != NULL)
+		{
+		for (i=0; i<sk_num(ret->revoked); i++)
+			{
+			((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i;
+			}
+		}
+
+	if (ver >= 1)
+		{
+		if (ret->extensions != NULL)
+			{
+			while (sk_num(ret->extensions))
+				X509_EXTENSION_free((X509_EXTENSION *)
+				sk_pop(ret->extensions));
+			}
+			
+		M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,
+			0,V_ASN1_SEQUENCE);
+		}
+
+	M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
+	}
+
+int i2d_X509_CRL(a,pp)
+X509_CRL *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
+	M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
+	M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_CRL *d2i_X509_CRL(a,pp,length)
+X509_CRL **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
+	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+
+	M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
+	}
+
+
+X509_REVOKED *X509_REVOKED_new()
+	{
+	X509_REVOKED *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_REVOKED);
+	M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
+	M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new);
+	ret->extensions=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
+	}
+
+X509_CRL_INFO *X509_CRL_INFO_new()
+	{
+	X509_CRL_INFO *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_CRL_INFO);
+	ret->version=NULL;
+	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+	M_ASN1_New(ret->issuer,X509_NAME_new);
+	M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
+	M_ASN1_New(ret->nextUpdate,ASN1_UTCTIME_new);
+	M_ASN1_New(ret->revoked,sk_new_null);
+	M_ASN1_New(ret->extensions,sk_new_null);
+	ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
+	}
+
+X509_CRL *X509_CRL_new()
+	{
+	X509_CRL *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_CRL);
+	ret->references=1;
+	M_ASN1_New(ret->crl,X509_CRL_INFO_new);
+	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
+	}
+
+void X509_REVOKED_free(a)
+X509_REVOKED *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->serialNumber);
+	ASN1_UTCTIME_free(a->revocationDate);
+	sk_pop_free(a->extensions,X509_EXTENSION_free);
+	Free((char *)a);
+	}
+
+void X509_CRL_INFO_free(a)
+X509_CRL_INFO *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	X509_ALGOR_free(a->sig_alg);
+	X509_NAME_free(a->issuer);
+	ASN1_UTCTIME_free(a->lastUpdate);
+	ASN1_UTCTIME_free(a->nextUpdate);
+	sk_pop_free(a->revoked,X509_REVOKED_free);
+	sk_pop_free(a->extensions,X509_EXTENSION_free);
+	Free((char *)a);
+	}
+
+void X509_CRL_free(a)
+X509_CRL *a;
+	{
+	int i;
+
+	if (a == NULL) return;
+
+	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"X509_CRL_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	X509_CRL_INFO_free(a->crl);
+	X509_ALGOR_free(a->sig_alg);
+	ASN1_BIT_STRING_free(a->signature);
+	Free((char *)a);
+	}
+
+static int X509_REVOKED_cmp(a,b)
+X509_REVOKED **a,**b;
+	{
+	return(ASN1_STRING_cmp(
+		(ASN1_STRING *)(*a)->serialNumber,
+		(ASN1_STRING *)(*b)->serialNumber));
+	}
+
+static int X509_REVOKED_seq_cmp(a,b)
+X509_REVOKED **a,**b;
+	{
+	return((*a)->sequence-(*b)->sequence);
+	}
diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c
new file mode 100644
index 0000000000..89daf3f226
--- /dev/null
+++ b/crypto/asn1/x_exten.c
@@ -0,0 +1,147 @@
+/* crypto/asn1/x_exten.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_EXTENSION,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_EXTENSION_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_EXTENSION(a,pp)
+X509_EXTENSION *a;
+unsigned char **pp;
+	{
+	int k=0;
+	int r=0,ret=0;
+	unsigned char **p=NULL;
+
+	if (a == NULL) return(0);
+
+	p=NULL;
+	for (;;)
+		{
+		if (k)
+			{
+			r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+			if (pp == NULL) return(r);
+			p=pp;
+			ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
+				V_ASN1_UNIVERSAL);
+			}
+
+		ret+=i2d_ASN1_OBJECT(a->object,p);
+		if ((a->critical) || a->netscape_hack)
+			ret+=i2d_ASN1_BOOLEAN(a->critical,p);
+		ret+=i2d_ASN1_OCTET_STRING(a->value,p);
+		if (k++) return(r);
+		}
+	}
+
+X509_EXTENSION *d2i_X509_EXTENSION(a,pp,length)
+X509_EXTENSION **a;
+unsigned char **pp;
+long length;
+	{
+	int i;
+	M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+
+	ret->netscape_hack=0;
+	if ((c.slen != 0) &&
+		(M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
+		{
+		c.q=c.p;
+		if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
+		ret->critical=i;
+		c.slen-=(c.p-c.q);
+		if (ret->critical == 0) ret->netscape_hack=1;
+		}
+	M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
+
+	M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
+	}
+
+X509_EXTENSION *X509_EXTENSION_new()
+	{
+	X509_EXTENSION *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_EXTENSION);
+	M_ASN1_New(ret->object,ASN1_OBJECT_new);
+	M_ASN1_New(ret->value,ASN1_OCTET_STRING_new);
+	ret->critical=0;
+	ret->netscape_hack=0;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
+	}
+	
+void X509_EXTENSION_free(a)
+X509_EXTENSION *a;
+	{
+	if (a == NULL) return;
+	ASN1_OBJECT_free(a->object);
+	ASN1_OCTET_STRING_free(a->value);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
new file mode 100644
index 0000000000..e46c67298f
--- /dev/null
+++ b/crypto/asn1/x_info.c
@@ -0,0 +1,108 @@
+/* crypto/asn1/x_info.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+X509_INFO *X509_INFO_new()
+	{
+	X509_INFO *ret=NULL;
+
+	ret=(X509_INFO *)Malloc(sizeof(X509_INFO));
+	if (ret == NULL)
+		{
+		ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+ 
+        ret->enc_cipher.cipher=NULL;
+        ret->enc_len=0;
+        ret->enc_data=NULL;
+ 
+	ret->references=1;
+	ret->x509=NULL;
+	ret->crl=NULL;
+	ret->x_pkey=NULL;
+	return(ret);
+	}
+
+void X509_INFO_free(x)
+X509_INFO *x;
+	{
+	int i;
+
+	if (x == NULL) return;
+
+	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"X509_INFO_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	if (x->x509 != NULL) X509_free(x->x509);
+	if (x->crl != NULL) X509_CRL_free(x->crl);
+	if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
+	Free((char *)x);
+	}
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
new file mode 100644
index 0000000000..c03f9169cb
--- /dev/null
+++ b/crypto/asn1/x_name.c
@@ -0,0 +1,295 @@
+/* crypto/asn1/x_name.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_NAME,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NAME_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NAME_ENTRY_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+#ifndef NOPROTO
+static int i2d_X509_NAME_entries(X509_NAME *a);
+#else
+static int i2d_X509_NAME_entries();
+#endif
+
+int i2d_X509_NAME_ENTRY(a,pp)
+X509_NAME_ENTRY *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
+	M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
+	M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(a,pp,length)
+X509_NAME_ENTRY **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+	M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
+	ret->set=0;
+	M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
+	}
+
+int i2d_X509_NAME(a,pp)
+X509_NAME *a;
+unsigned char **pp;
+	{
+	int ret;
+
+	if (a == NULL) return(0);
+	if (a->modified)
+		{
+		ret=i2d_X509_NAME_entries(a);
+		if (ret < 0) return(ret);
+		}
+
+	ret=a->bytes->length;
+	if (pp != NULL)
+		{
+		memcpy(*pp,a->bytes->data,ret);
+		*pp+=ret;
+		}
+	return(ret);
+	}
+
+static int i2d_X509_NAME_entries(a)
+X509_NAME *a;
+	{
+	X509_NAME_ENTRY *ne,*fe=NULL;
+	STACK *sk;
+	BUF_MEM *buf=NULL;
+	int set=0,r,ret=0;
+	int i;
+	unsigned char *p;
+	int size=0;
+
+	sk=a->entries;
+	for (i=0; i<sk_num(sk); i++)
+		{
+		ne=(X509_NAME_ENTRY *)sk_value(sk,i);
+		if (fe == NULL)
+			{
+			fe=ne;
+			size=0;
+			}
+
+		if (ne->set != set)
+			{
+			ret+=ASN1_object_size(1,size,V_ASN1_SET);
+			fe->size=size;
+			fe=ne;
+			size=0;
+			set=ne->set;
+			}
+		size+=i2d_X509_NAME_ENTRY(ne,NULL);
+		}
+
+	ret+=ASN1_object_size(1,size,V_ASN1_SET);
+	if (fe != NULL)
+		fe->size=size;
+
+	r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+
+	buf=a->bytes;
+	if (!BUF_MEM_grow(buf,r)) goto err;
+	p=(unsigned char *)buf->data;
+
+	ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+	set= -1;
+	for (i=0; i<sk_num(sk); i++)
+		{
+		ne=(X509_NAME_ENTRY *)sk_value(sk,i);
+		if (set != ne->set)
+			{
+			set=ne->set;
+			ASN1_put_object(&p,1,ne->size,
+				V_ASN1_SET,V_ASN1_UNIVERSAL);
+			}
+		i2d_X509_NAME_ENTRY(ne,&p);
+		}
+	a->modified=0;
+	return(r);
+err:
+	return(-1);
+	}
+
+X509_NAME *d2i_X509_NAME(a,pp,length)
+X509_NAME **a;
+unsigned char **pp;
+long length;
+	{
+	int set=0,i;
+	int idx=0;
+	unsigned char *orig;
+	M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
+
+	orig= *pp;
+	if (sk_num(ret->entries) > 0)
+		{
+		while (sk_num(ret->entries) > 0)
+			X509_NAME_ENTRY_free((X509_NAME_ENTRY *)
+				sk_pop(ret->entries));
+		}
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	for (;;)
+		{
+		if (M_ASN1_D2I_end_sequence()) break;
+		M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY);
+		for (; idx < sk_num(ret->entries); idx++)
+			{
+			((X509_NAME_ENTRY *)sk_value(ret->entries,idx))->set=
+				set;
+			}
+		set++;
+		}
+
+	i=(int)(c.p-orig);
+	if (!BUF_MEM_grow(ret->bytes,i)) goto err;
+	memcpy(ret->bytes->data,orig,i);
+	ret->bytes->length=i;
+	ret->modified=0;
+
+	M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
+	}
+
+X509_NAME *X509_NAME_new()
+	{
+	X509_NAME *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_NAME);
+	if ((ret->entries=sk_new(NULL)) == NULL) goto err2;
+	M_ASN1_New(ret->bytes,BUF_MEM_new);
+	ret->modified=1;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
+	}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new()
+	{
+	X509_NAME_ENTRY *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
+/*	M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
+	ret->object=NULL;
+	ret->set=0;
+	M_ASN1_New(ret->value,ASN1_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
+	}
+
+void X509_NAME_free(a)
+X509_NAME *a;
+	{
+	BUF_MEM_free(a->bytes);
+	sk_pop_free(a->entries,X509_NAME_ENTRY_free);
+	Free((char *)a);
+	}
+
+void X509_NAME_ENTRY_free(a)
+X509_NAME_ENTRY *a;
+	{
+	if (a == NULL) return;
+	ASN1_OBJECT_free(a->object);
+	ASN1_BIT_STRING_free(a->value);
+	Free((char *)a);
+	}
+
+int X509_NAME_set(xn,name)
+X509_NAME **xn;
+X509_NAME *name;
+	{
+	X509_NAME *in;
+
+	if (*xn == NULL) return(0);
+
+	if (*xn != name)
+		{
+		in=X509_NAME_dup(name);
+		if (in != NULL)
+			{
+			X509_NAME_free(*xn);
+			*xn=in;
+			}
+		}
+	return(*xn != NULL);
+	}
+	
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
new file mode 100644
index 0000000000..ced975b40e
--- /dev/null
+++ b/crypto/asn1/x_pkey.c
@@ -0,0 +1,153 @@
+/* crypto/asn1/x_pkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_D2I_X509_PKEY,ASN1_R_UNSUPPORTED_CIPHER); */
+/* ASN1err(ASN1_F_X509_PKEY_NEW,ASN1_R_IV_TOO_LARGE); */
+
+/* need to implement */
+int i2d_X509_PKEY(a,pp)
+X509_PKEY *a;
+unsigned char **pp;
+	{
+	return(0);
+	}
+
+X509_PKEY *d2i_X509_PKEY(a,pp,length)
+X509_PKEY **a;
+unsigned char **pp;
+long length;
+	{
+	int i;
+	M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
+
+	ret->cipher.cipher=EVP_get_cipherbyname(
+		OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
+	if (ret->cipher.cipher == NULL)
+		{
+		c.error=ASN1_R_UNSUPPORTED_CIPHER;
+		goto err;
+		}
+	if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) 
+		{
+		i=ret->enc_algor->parameter->value.octet_string->length;
+		if (i > EVP_MAX_IV_LENGTH)
+			{
+			c.error=ASN1_R_IV_TOO_LARGE;
+			goto err;
+			}
+		memcpy(ret->cipher.iv,
+			ret->enc_algor->parameter->value.octet_string->data,i);
+		}
+	else
+		memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
+	M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
+	}
+
+X509_PKEY *X509_PKEY_new()
+	{
+	X509_PKEY *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_PKEY);
+	ret->version=0;
+	M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
+	M_ASN1_New(ret->enc_pkey,ASN1_OCTET_STRING_new);
+	ret->dec_pkey=NULL;
+	ret->key_length=0;
+	ret->key_data=NULL;
+	ret->key_free=0;
+	ret->cipher.cipher=NULL;
+	memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
+	ret->references=1;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
+	}
+
+void X509_PKEY_free(x)
+X509_PKEY *x;
+	{
+	int i;
+
+	if (x == NULL) return;
+
+	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"X509_PKEY_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
+	if (x->enc_pkey != NULL) ASN1_OCTET_STRING_free(x->enc_pkey);
+	if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
+	if ((x->key_data != NULL) && (x->key_free)) Free((char *)x->key_data);
+	Free((char *)(char *)x);
+	}
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
new file mode 100644
index 0000000000..b1a2499d34
--- /dev/null
+++ b/crypto/asn1/x_pubkey.c
@@ -0,0 +1,252 @@
+/* crypto/asn1/x_pubkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_PUBKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_PUBKEY_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_PUBKEY(a,pp)
+X509_PUBKEY *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->public_key,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->public_key,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_PUBKEY *d2i_X509_PUBKEY(a,pp,length)
+X509_PUBKEY **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
+	if (ret->pkey != NULL)
+		{
+		EVP_PKEY_free(ret->pkey);
+		ret->pkey=NULL;
+		}
+	M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
+	}
+
+X509_PUBKEY *X509_PUBKEY_new()
+	{
+	X509_PUBKEY *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_PUBKEY);
+	M_ASN1_New(ret->algor,X509_ALGOR_new);
+	M_ASN1_New(ret->public_key,ASN1_BIT_STRING_new);
+	ret->pkey=NULL;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
+	}
+
+void X509_PUBKEY_free(a)
+X509_PUBKEY *a;
+	{
+	if (a == NULL) return;
+	X509_ALGOR_free(a->algor);
+	ASN1_BIT_STRING_free(a->public_key);
+	if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
+	Free((char *)a);
+	}
+
+int X509_PUBKEY_set(x,pkey)
+X509_PUBKEY **x;
+EVP_PKEY *pkey;
+	{
+	int ok=0;
+	X509_PUBKEY *pk;
+	X509_ALGOR *a;
+	ASN1_OBJECT *o;
+	unsigned char *s,*p;
+	int i;
+
+	if (x == NULL) return(0);
+
+	if ((pk=X509_PUBKEY_new()) == NULL) goto err;
+	a=pk->algor;
+
+	/* set the algorithm id */
+	if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
+	ASN1_OBJECT_free(a->algorithm);
+	a->algorithm=o;
+
+	/* Set the parameter list */
+	if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
+		{
+		if ((a->parameter == NULL) ||
+			(a->parameter->type != V_ASN1_NULL))
+			{
+			ASN1_TYPE_free(a->parameter);
+			a->parameter=ASN1_TYPE_new();
+			a->parameter->type=V_ASN1_NULL;
+			}
+		}
+	else
+#ifndef NO_DSA
+		if (pkey->type == EVP_PKEY_DSA)
+		{
+		unsigned char *pp;
+		DSA *dsa;
+
+		dsa=pkey->pkey.dsa;
+		dsa->write_params=0;
+		ASN1_TYPE_free(a->parameter);
+		i=i2d_DSAparams(dsa,NULL);
+		p=(unsigned char *)Malloc(i);
+		pp=p;
+		i2d_DSAparams(dsa,&pp);
+		a->parameter=ASN1_TYPE_new();
+		a->parameter->type=V_ASN1_SEQUENCE;
+		a->parameter->value.sequence=ASN1_STRING_new();
+		ASN1_STRING_set(a->parameter->value.sequence,p,i);
+		Free(p);
+		}
+	else
+#endif
+		{
+		X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
+		goto err;
+		}
+
+	i=i2d_PublicKey(pkey,NULL);
+	if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err;
+	p=s;
+	i2d_PublicKey(pkey,&p);
+	if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+	Free(s);
+
+	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+	pk->pkey=pkey;
+
+	if (*x != NULL)
+		X509_PUBKEY_free(*x);
+
+	*x=pk;
+	pk=NULL;
+
+	ok=1;
+err:
+	if (pk != NULL) X509_PUBKEY_free(pk);
+	return(ok);
+	}
+
+EVP_PKEY *X509_PUBKEY_get(key)
+X509_PUBKEY *key;
+	{
+	EVP_PKEY *ret=NULL;
+	long j;
+	int type;
+	unsigned char *p;
+	X509_ALGOR *a;
+
+	if (key->pkey != NULL)
+		{
+		return(key->pkey);
+		}
+	type=OBJ_obj2nid(key->algor->algorithm);
+	p=key->public_key->data;
+        j=key->public_key->length;
+        if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
+		{
+		X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
+		goto err;
+		}
+	ret->save_parameters=0;
+
+#ifndef NO_DSA
+	a=key->algor;
+	if (ret->type == EVP_PKEY_DSA)
+		{
+		if (a->parameter->type == V_ASN1_SEQUENCE)
+			{
+			ret->pkey.dsa->write_params=0;
+			p=a->parameter->value.sequence->data;
+			j=a->parameter->value.sequence->length;
+			if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j))
+				goto err;
+			}
+		ret->save_parameters=1;
+		}
+#endif
+	key->pkey=ret;
+	return(ret);
+err:
+	if (ret != NULL)
+		EVP_PKEY_free(ret);
+	return(NULL);
+	}
+
diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c
new file mode 100644
index 0000000000..02b31add17
--- /dev/null
+++ b/crypto/asn1/x_req.c
@@ -0,0 +1,244 @@
+/* crypto/asn1/x_req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_REQ,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_REQ_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_REQ_INFO(a,pp)
+X509_REQ_INFO *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->version,		i2d_ASN1_INTEGER);
+	M_ASN1_I2D_len(a->subject,		i2d_X509_NAME);
+	M_ASN1_I2D_len(a->pubkey,		i2d_X509_PUBKEY);
+
+	/* this is a *nasty* hack reported to be required to
+	 * allow some CA Software to accept the cert request.
+	 * It is not following the PKCS standards ...
+	 * PKCS#10 pg 5
+	 * attributes [0] IMPLICIT Attibutes
+	 * NOTE: no OPTIONAL ... so it *must* be there
+	 */
+	if (a->req_kludge) 
+	        {
+	        M_ASN1_I2D_len_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
+		}
+	else
+	        {
+	        M_ASN1_I2D_len_IMP_set(a->attributes,	i2d_X509_ATTRIBUTE,0);
+		}
+	
+	M_ASN1_I2D_seq_total();
+	M_ASN1_I2D_put(a->version,		i2d_ASN1_INTEGER);
+	M_ASN1_I2D_put(a->subject,		i2d_X509_NAME);
+	M_ASN1_I2D_put(a->pubkey,		i2d_X509_PUBKEY);
+
+	/* this is a *nasty* hack reported to be required by some CA's.
+	 * It is not following the PKCS standards ...
+	 * PKCS#10 pg 5
+	 * attributes [0] IMPLICIT Attibutes
+	 * NOTE: no OPTIONAL ... so it *must* be there
+	 */
+	if (a->req_kludge)
+		{
+	        M_ASN1_I2D_put_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
+		}
+	else
+		{
+	        M_ASN1_I2D_put_IMP_set(a->attributes,i2d_X509_ATTRIBUTE,0);
+		}
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_REQ_INFO *d2i_X509_REQ_INFO(a,pp,length)
+X509_REQ_INFO **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+	M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
+	M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
+
+	/* this is a *nasty* hack to allow for some CA's that
+	 * have been reported as requiring it.
+	 * It is not following the PKCS standards ...
+	 * PKCS#10 pg 5
+	 * attributes [0] IMPLICIT Attibutes
+	 * NOTE: no OPTIONAL ... so it *must* be there
+	 */
+	if (asn1_Finish(&c))
+		ret->req_kludge=1;
+	else
+		{
+		M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE,0);
+		}
+
+	M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
+	}
+
+X509_REQ_INFO *X509_REQ_INFO_new()
+	{
+	X509_REQ_INFO *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_REQ_INFO);
+	M_ASN1_New(ret->version,ASN1_INTEGER_new);
+	M_ASN1_New(ret->subject,X509_NAME_new);
+	M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
+	M_ASN1_New(ret->attributes,sk_new_null);
+	ret->req_kludge=0;
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
+	}
+	
+void X509_REQ_INFO_free(a)
+X509_REQ_INFO *a;
+	{
+	if (a == NULL) return;
+	ASN1_INTEGER_free(a->version);
+	X509_NAME_free(a->subject);
+	X509_PUBKEY_free(a->pubkey);
+	sk_pop_free(a->attributes,X509_ATTRIBUTE_free);
+	Free((char *)a);
+	}
+
+int i2d_X509_REQ(a,pp)
+X509_REQ *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+	M_ASN1_I2D_len(a->req_info,	i2d_X509_REQ_INFO);
+	M_ASN1_I2D_len(a->sig_alg,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->req_info,	i2d_X509_REQ_INFO);
+	M_ASN1_I2D_put(a->sig_alg,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_REQ *d2i_X509_REQ(a,pp,length)
+X509_REQ **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
+	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+	M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
+	}
+
+X509_REQ *X509_REQ_new()
+	{
+	X509_REQ *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_REQ);
+	ret->references=1;
+	M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
+	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
+	}
+
+void X509_REQ_free(a)
+X509_REQ *a;
+	{
+	int i;
+
+	if (a == NULL) return;
+
+	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"X509_REQ_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	X509_REQ_INFO_free(a->req_info);
+	X509_ALGOR_free(a->sig_alg);
+	ASN1_BIT_STRING_free(a->signature);
+	Free((char *)a);
+	}
+
+
diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c
new file mode 100644
index 0000000000..186c404e86
--- /dev/null
+++ b/crypto/asn1/x_sig.c
@@ -0,0 +1,119 @@
+/* crypto/asn1/x_sig.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_SIG,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_SIG_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_SIG(a,pp)
+X509_SIG *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->digest,	i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->digest,	i2d_ASN1_OCTET_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_SIG *d2i_X509_SIG(a,pp,length)
+X509_SIG **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
+	M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
+	}
+
+X509_SIG *X509_SIG_new()
+	{
+	X509_SIG *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_SIG);
+	M_ASN1_New(ret->algor,X509_ALGOR_new);
+	M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
+	}
+
+void X509_SIG_free(a)
+X509_SIG *a;
+	{
+	if (a == NULL) return;
+	X509_ALGOR_free(a->algor);
+	ASN1_OCTET_STRING_free(a->digest);
+	Free((char *)a);
+	}
+
+
diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c
new file mode 100644
index 0000000000..bfeb0659a6
--- /dev/null
+++ b/crypto/asn1/x_spki.c
@@ -0,0 +1,181 @@
+/* crypto/asn1/x_spki.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+ /* This module was send to me my Pat Richards <patr@x509.com> who
+  * wrote it.  It is under my Copyright with his permision
+  */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "x509.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_NETSCAPE_SPKAC(a,pp)
+NETSCAPE_SPKAC *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->pubkey,	i2d_X509_PUBKEY);
+	M_ASN1_I2D_len(a->challenge,	i2d_ASN1_IA5STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->pubkey,	i2d_X509_PUBKEY);
+	M_ASN1_I2D_put(a->challenge,	i2d_ASN1_IA5STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(a,pp,length)
+NETSCAPE_SPKAC **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
+	M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
+	M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
+	}
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new()
+	{
+	NETSCAPE_SPKAC *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
+	M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
+	M_ASN1_New(ret->challenge,ASN1_IA5STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
+	}
+
+void NETSCAPE_SPKAC_free(a)
+NETSCAPE_SPKAC *a;
+	{
+	if (a == NULL) return;
+	X509_PUBKEY_free(a->pubkey);
+	ASN1_IA5STRING_free(a->challenge);
+	Free((char *)a);
+	}
+
+int i2d_NETSCAPE_SPKI(a,pp)
+NETSCAPE_SPKI *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->spkac,	i2d_NETSCAPE_SPKAC);
+	M_ASN1_I2D_len(a->sig_algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->spkac,	i2d_NETSCAPE_SPKAC);
+	M_ASN1_I2D_put(a->sig_algor,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(a,pp,length)
+NETSCAPE_SPKI **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
+	M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+	M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
+	}
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_new()
+	{
+	NETSCAPE_SPKI *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
+	M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
+	M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
+	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
+	}
+
+void NETSCAPE_SPKI_free(a)
+NETSCAPE_SPKI *a;
+	{
+	if (a == NULL) return;
+	NETSCAPE_SPKAC_free(a->spkac);
+	X509_ALGOR_free(a->sig_algor);
+	ASN1_BIT_STRING_free(a->signature);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c
new file mode 100644
index 0000000000..e2e4d00436
--- /dev/null
+++ b/crypto/asn1/x_val.c
@@ -0,0 +1,118 @@
+/* crypto/asn1/x_val.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_X509_VAL_NEW,ERR_R_MALLOC_FAILURE);
+ * ASN1err(ASN1_F_X509_VAL_FREE,ERR_R_MALLOC_FAILURE);
+ * ASN1err(ASN1_F_D2I_X509_VAL,ERR_R_MALLOC_FAILURE);
+ */
+
+int i2d_X509_VAL(a,pp)
+X509_VAL *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->notBefore,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_len(a->notAfter,i2d_ASN1_UTCTIME);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->notBefore,i2d_ASN1_UTCTIME);
+	M_ASN1_I2D_put(a->notAfter,i2d_ASN1_UTCTIME);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509_VAL *d2i_X509_VAL(a,pp,length)
+X509_VAL **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_UTCTIME);
+	M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_UTCTIME);
+	M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
+	}
+
+X509_VAL *X509_VAL_new()
+	{
+	X509_VAL *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509_VAL);
+	M_ASN1_New(ret->notBefore,ASN1_UTCTIME_new);
+	M_ASN1_New(ret->notAfter,ASN1_UTCTIME_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
+	}
+
+void X509_VAL_free(a)
+X509_VAL *a;
+	{
+	if (a == NULL) return;
+	ASN1_UTCTIME_free(a->notBefore);
+	ASN1_UTCTIME_free(a->notAfter);
+	Free((char *)a);
+	}
+
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
new file mode 100644
index 0000000000..d80a5cbc01
--- /dev/null
+++ b/crypto/asn1/x_x509.c
@@ -0,0 +1,155 @@
+/* crypto/asn1/x_x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+static ASN1_METHOD meth={
+	(int (*)())  i2d_X509,
+	(char *(*)())d2i_X509,
+	(char *(*)())X509_new,
+	(void (*)()) X509_free};
+
+ASN1_METHOD *X509_asn1_meth()
+	{
+	return(&meth);
+	}
+
+int i2d_X509(a,pp)
+X509 *a;
+unsigned char **pp;
+	{
+	M_ASN1_I2D_vars(a);
+
+	M_ASN1_I2D_len(a->cert_info,	i2d_X509_CINF);
+	M_ASN1_I2D_len(a->sig_alg,	i2d_X509_ALGOR);
+	M_ASN1_I2D_len(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_seq_total();
+
+	M_ASN1_I2D_put(a->cert_info,	i2d_X509_CINF);
+	M_ASN1_I2D_put(a->sig_alg,	i2d_X509_ALGOR);
+	M_ASN1_I2D_put(a->signature,	i2d_ASN1_BIT_STRING);
+
+	M_ASN1_I2D_finish();
+	}
+
+X509 *d2i_X509(a,pp,length)
+X509 **a;
+unsigned char **pp;
+long length;
+	{
+	M_ASN1_D2I_vars(a,X509 *,X509_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
+	M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+	M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+if (ret->name != NULL) Free(ret->name);
+ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+
+	M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
+	}
+
+X509 *X509_new()
+	{
+	X509 *ret=NULL;
+
+	M_ASN1_New_Malloc(ret,X509);
+	ret->references=1;
+	ret->valid=0;
+	ret->name=NULL;
+	M_ASN1_New(ret->cert_info,X509_CINF_new);
+	M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+	M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+	return(ret);
+	M_ASN1_New_Error(ASN1_F_X509_NEW);
+	}
+
+void X509_free(a)
+X509 *a;
+	{
+	int i;
+
+	if (a == NULL) return;
+
+	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"X509_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	X509_CINF_free(a->cert_info);
+	X509_ALGOR_free(a->sig_alg);
+	ASN1_BIT_STRING_free(a->signature);
+	if (a->name != NULL) Free(a->name);
+	Free((char *)a);
+	}
+
diff --git a/crypto/bf/COPYRIGHT b/crypto/bf/COPYRIGHT
new file mode 100644
index 0000000000..6857223506
--- /dev/null
+++ b/crypto/bf/COPYRIGHT
@@ -0,0 +1,46 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an Blowfish implementation written
+by Eric Young (eay@cryptsoft.com).
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed.  i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/crypto/bf/INSTALL b/crypto/bf/INSTALL
new file mode 100644
index 0000000000..3b25923532
--- /dev/null
+++ b/crypto/bf/INSTALL
@@ -0,0 +1,14 @@
+This Eric Young's blowfish implementation, taken from his SSLeay library
+and made available as a separate library.
+ 
+The version number (0.7.2m) is the SSLeay version that this library was
+taken from.
+ 
+To build, just unpack and type make.
+If you are not using gcc, edit the Makefile.
+If you are compiling for an x86 box, try the assembler (it needs improving).
+There are also some compile time options that can improve performance,
+these are documented in the Makefile.
+ 
+eric 15-Apr-1997
+ 
diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl
new file mode 100644
index 0000000000..1a44992a1a
--- /dev/null
+++ b/crypto/bf/Makefile.ssl
@@ -0,0 +1,108 @@
+#
+# SSLeay/crypto/blowfish/Makefile
+#
+
+DIR=	bf
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+BF_ENC=		bf_enc.o
+# or use
+#DES_ENC=	bx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=bftest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c 
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cbc.o bf_cfb64.o bf_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= blowfish.h
+HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+# elf
+asm/bx86-elf.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CPP) -DELF asm/bx86unix.cpp | as -o asm/bx86-elf.o
+
+# solaris
+asm/bx86-sol.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
+	as -o asm/bx86-sol.o asm/bx86-sol.s
+	rm -f asm/bx86-sol.s
+
+# a.out
+asm/bx86-out.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CPP) -DBSDI asm/bx86unix.cpp | as -o asm/bx86bsdi.o
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/point.sh ../../doc/blowfish.doc blowfish.doc ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+	/bin/rm -f asm/x86ms.pl asm/x86unix.pl
+	$(TOP)/util/point.sh ../../perlasm/x86ms.pl asm/x86ms.pl
+	$(TOP)/util/point.sh ../../perlasm/x86unix.pl asm/x86unix.pl
+
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bf/Makefile.uni b/crypto/bf/Makefile.uni
new file mode 100644
index 0000000000..8517295475
--- /dev/null
+++ b/crypto/bf/Makefile.uni
@@ -0,0 +1,160 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# use BF_PTR2 for intel boxes,
+# BF_PTR for sparc and MIPS/SGI
+# use nothing for Alpha and HP.
+
+# There are 3 possible performance options, experiment :-)
+#OPTS= -DBF_PTR  # usr for sparc and MIPS/SGI
+#OPTS= -DBF_PTR2 # use for pentium
+OPTS=		 # use for pentium pro, Alpha and HP
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of bf_encrypt().
+BF_ENC=bf_enc.o		# normal C version
+#BF_ENC=asm/bx86-elf.o	# elf format x86
+#BF_ENC=asm/bx86-out.o	# a.out format x86
+#BF_ENC=asm/bx86-sol.o	# solaris format x86 
+#BF_ENC=asm/bx86bsdi.o	# bsdi format x86 
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cbc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+
+GENERAL=Makefile Makefile.ssl Makefile.uni asm bf_locl.org README \
+	COPYRIGHT blowfish.doc INSTALL
+   
+TESTING=    bftest bfspeed
+TESTING_SRC=bftest.c bfspeed.c
+HEADERS=bf_locl.h blowfish.h bf_pi.h
+
+ALL=	$(GENERAL) $(TESTING_SRC) $(LIBSRC) $(HEADERS)
+
+BLIB=	libblowfish.a
+
+all: $(BLIB) $(TESTING)
+
+cc:
+	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+	$(MAKE) BF_ENC='asm/bx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+	$(MAKE) BF_ENC='asm/bx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+	$(MAKE) BF_ENC='asm/bx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+	$(MAKE) BF_ENC='asm/bx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/bx86-elf.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CPP) -DELF asm/bx86unix.cpp | $(AS) -o asm/bx86-elf.o
+
+# solaris
+asm/bx86-sol.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
+	as -o asm/bx86-sol.o asm/bx86-sol.s
+	rm -f asm/bx86-sol.s
+
+# a.out
+asm/bx86-out.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CPP) -DOUT asm/bx86unix.cpp | $(AS) -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86-cpp.s asm/bx86unix.cpp
+	$(CPP) -DBSDI asm/bx86unix.cpp | $(AS) -o asm/bx86bsdi.o
+
+test:	all
+	./bftest
+
+$(BLIB): $(LIBOBJ)
+	/bin/rm -f $(BLIB)
+	ar cr $(BLIB) $(LIBOBJ)
+	-if test -s /bin/ranlib; then /bin/ranlib $(BLIB); \
+	else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(BLIB); \
+	else exit 0; fi; fi
+
+bftest: bftest.o $(BLIB)
+	$(CC) $(CFLAGS) -o bftest bftest.o $(BLIB)
+
+bfspeed: bfspeed.o $(BLIB)
+	$(CC) $(CFLAGS) -o bfspeed bfspeed.o $(BLIB)
+
+tags:
+	ctags $(TESTING_SRC) $(LIBBF)
+
+tar:
+	tar chf libbf.tar $(ALL)
+
+shar:
+	shar $(ALL) >libbf.shar
+
+depend:
+	makedepend $(LIBBF) $(TESTING_SRC)
+
+clean:
+	/bin/rm -f *.o tags core $(TESTING) $(BLIB) .nfs* *.old *.bak asm/*.o 
+
+dclean:
+	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+	mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(BLIB)
+	if test $(INSTALLTOP); then \
+	    echo SSL style install; \
+	    cp $(BLIB) $(INSTALLTOP)/lib; \
+	    if test -s /bin/ranlib; then \
+	        /bin/ranlib $(INSTALLTOP)/lib/$(BLIB); \
+	    else \
+		if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(INSTALLTOP)/lib/$(BLIB); \
+	    fi; fi; \
+	    chmod 644 $(INSTALLTOP)/lib/$(BLIB); \
+	    cp blowfish.h $(INSTALLTOP)/include; \
+	    chmod 644 $(INSTALLTOP)/include/blowfish.h; \
+	else \
+	    echo Standalone install; \
+	    cp $(BLIB) $(LIBDIR)/$(BLIB); \
+	    if test -s /bin/ranlib; then \
+	      /bin/ranlib $(LIBDIR)/$(BLIB); \
+	    else \
+	      if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(LIBDIR)/$(BLIB); \
+	      fi; \
+	    fi; \
+	    chmod 644 $(LIBDIR)/$(BLIB); \
+	    cp blowfish.h $(INCDIR)/blowfish.h; \
+	    chmod 644 $(INCDIR)/blowfish.h; \
+	fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bf/README b/crypto/bf/README
new file mode 100644
index 0000000000..f2712fd0e7
--- /dev/null
+++ b/crypto/bf/README
@@ -0,0 +1,8 @@
+This is a quick packaging up of my blowfish code into a library.
+It has been lifted from SSLeay.
+The copyright notices seem a little harsh because I have not spent the
+time to rewrite the conditions from the normal SSLeay ones.
+
+Basically if you just want to play with the library, not a problem.
+
+eric 15-Apr-1997
diff --git a/crypto/bf/VERSION b/crypto/bf/VERSION
new file mode 100644
index 0000000000..be995855e4
--- /dev/null
+++ b/crypto/bf/VERSION
@@ -0,0 +1,6 @@
+The version numbers will follow my SSL implementation
+
+0.7.2r - Some reasonable default compiler options from 
+	Peter Gutman <pgut001@cs.auckland.ac.nz>
+
+0.7.2m - the first release
diff --git a/crypto/bf/asm/b-win32.asm b/crypto/bf/asm/b-win32.asm
new file mode 100644
index 0000000000..bef272eebb
--- /dev/null
+++ b/crypto/bf/asm/b-win32.asm
@@ -0,0 +1,662 @@
+	; Don't even think of reading this code

+	; It was automatically generated by bf586.pl

+	; Which is a perl program used to generate the x86 assember for

+	; any of elf, a.out, Win32, or Solaris

+	; It can be found in SSLeay 0.7.0+

+	; eric <eay@cryptsoft.com>

+	; 

+	TITLE	bfx86xxxx.asm

+        .386

+.model FLAT

+_TEXT	SEGMENT

+PUBLIC	_BF_encrypt

+_BF_encrypt PROC NEAR

+	push	ebp

+	push	ebx

+	push	esi

+	push	edi

+	; 

+	; Load the 2 words

+	mov	eax,		DWORD PTR 20[esp]

+	mov	ecx,		DWORD PTR [eax]

+	mov	edx,		DWORD PTR 4[eax]

+	; 

+	; P pointer, s and enc flag

+	mov	edi,		DWORD PTR 24[esp]

+	xor	eax,		eax

+	xor	ebx,		ebx

+	mov	ebp,		DWORD PTR 28[esp]

+	cmp	ebp,		0

+	je	$L000start_decrypt

+	xor	ecx,		DWORD PTR [edi]

+	; 

+	; Round 0

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 4[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 1

+	ror	edx,		16

+	mov	esi,		DWORD PTR 8[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 2

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 12[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 3

+	ror	edx,		16

+	mov	esi,		DWORD PTR 16[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 4

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 20[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 5

+	ror	edx,		16

+	mov	esi,		DWORD PTR 24[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 6

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 28[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 7

+	ror	edx,		16

+	mov	esi,		DWORD PTR 32[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 8

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 36[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 9

+	ror	edx,		16

+	mov	esi,		DWORD PTR 40[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 10

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 44[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 11

+	ror	edx,		16

+	mov	esi,		DWORD PTR 48[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 12

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 52[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 13

+	ror	edx,		16

+	mov	esi,		DWORD PTR 56[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 14

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 60[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 15

+	ror	edx,		16

+	mov	esi,		DWORD PTR 64[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	xor	edx,		DWORD PTR 68[edi]

+	mov	eax,		DWORD PTR 20[esp]

+	mov	DWORD PTR [eax],edx

+	mov	DWORD PTR 4[eax],ecx

+	pop	edi

+	pop	esi

+	pop	ebx

+	pop	ebp

+	ret

+$L000start_decrypt:

+	xor	ecx,		DWORD PTR 68[edi]

+	; 

+	; Round 16

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 64[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 15

+	ror	edx,		16

+	mov	esi,		DWORD PTR 60[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 14

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 56[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 13

+	ror	edx,		16

+	mov	esi,		DWORD PTR 52[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 12

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 48[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 11

+	ror	edx,		16

+	mov	esi,		DWORD PTR 44[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 10

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 40[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 9

+	ror	edx,		16

+	mov	esi,		DWORD PTR 36[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 8

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 32[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 7

+	ror	edx,		16

+	mov	esi,		DWORD PTR 28[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 6

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 24[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 5

+	ror	edx,		16

+	mov	esi,		DWORD PTR 20[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 4

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 16[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 3

+	ror	edx,		16

+	mov	esi,		DWORD PTR 12[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	; 

+	; Round 2

+	ror	ecx,		16

+	mov	esi,		DWORD PTR 8[edi]

+	mov	al,		ch

+	mov	bl,		cl

+	ror	ecx,		16

+	xor	edx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		ch

+	mov	bl,		cl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	edx,		esi

+	; 

+	; Round 1

+	ror	edx,		16

+	mov	esi,		DWORD PTR 4[edi]

+	mov	al,		dh

+	mov	bl,		dl

+	ror	edx,		16

+	xor	ecx,		esi

+	mov	esi,		DWORD PTR 72[eax*4+edi]

+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]

+	mov	al,		dh

+	mov	bl,		dl

+	add	esi,		ebp

+	mov	eax,		DWORD PTR 2120[eax*4+edi]

+	xor	esi,		eax

+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]

+	add	esi,		ebp

+	xor	eax,		eax

+	xor	ecx,		esi

+	xor	edx,		DWORD PTR [edi]

+	mov	eax,		DWORD PTR 20[esp]

+	mov	DWORD PTR [eax],edx

+	mov	DWORD PTR 4[eax],ecx

+	pop	edi

+	pop	esi

+	pop	ebx

+	pop	ebp

+	ret

+_BF_encrypt ENDP

+_TEXT	ENDS

+END

diff --git a/crypto/bf/asm/bf586.pl b/crypto/bf/asm/bf586.pl
new file mode 100644
index 0000000000..bcb53cf3f5
--- /dev/null
+++ b/crypto/bf/asm/bf586.pl
@@ -0,0 +1,159 @@
+#!/usr/local/bin/perl
+#!/usr/local/bin/perl

+

+$prog="bf586.pl";

+

+# base code is in microsft

+# op dest, source

+# format.

+#

+

+if (	($ARGV[0] eq "elf"))

+	{ require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "a.out"))

+	{ $aout=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "sol"))

+	{ $sol=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "cpp"))

+	{ $cpp=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "win32"))

+	{ require "x86ms.pl"; }

+else

+	{

+	print STDERR <<"EOF";

+Pick one target type from

+	elf	- linux, FreeBSD etc

+	a.out	- old linux

+	sol	- x86 solaris

+	cpp	- format so x86unix.cpp can be used

+	win32	- Windows 95/Windows NT

+EOF

+	exit(1);

+	}

+

+&comment("Don't even think of reading this code");

+&comment("It was automatically generated by $prog");

+&comment("Which is a perl program used to generate the x86 assember for");

+&comment("any of elf, a.out, Win32, or Solaris");

+&comment("It can be found in SSLeay 0.7.0+");

+&comment("eric <eay\@cryptsoft.com>");

+&comment("");

+

+&file("bfx86xxxx");

+

+$BF_ROUNDS=16;

+$BF_OFF=($BF_ROUNDS+2)*4;

+$L="ecx";

+$R="edx";

+$P="edi";

+$tot="esi";

+$tmp1="eax";

+$tmp2="ebx";

+$tmp3="ebp";

+

+&des_encrypt("BF_encrypt");

+

+&file_end();

+

+sub des_encrypt

+	{

+	local($name)=@_;

+

+	&function_begin($name,3,"");

+

+	&comment("");

+	&comment("Load the 2 words");

+	&mov("eax",&wparam(0));

+	&mov($L,&DWP(0,"eax","",0));

+	&mov($R,&DWP(4,"eax","",0));

+

+	&comment("");

+	&comment("P pointer, s and enc flag");

+	&mov($P,&wparam(1));

+

+	&xor(	$tmp1,	$tmp1);

+	&xor(	$tmp2,	$tmp2);

+

+	# encrypting part

+

+	&mov("ebp",&wparam(2));	# get encrypt flag

+	&cmp("ebp","0");

+	&je(&label("start_decrypt"));

+

+	&xor($L,&DWP(0,$P,"",0));

+	for ($i=0; $i<$BF_ROUNDS; $i+=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);

+

+		&comment("");

+		&comment("Round ".sprintf("%d",$i+1));

+		&BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);

+		}

+	&xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));

+

+	&mov("eax",&wparam(0));

+	&mov(&DWP(0,"eax","",0),$R);

+	&mov(&DWP(4,"eax","",0),$L);

+	&function_end_A($name);

+

+	&set_label("start_decrypt");

+

+	&xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));

+	for ($i=$BF_ROUNDS; $i>0; $i-=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);

+		&comment("");

+		&comment("Round ".sprintf("%d",$i-1));

+		&BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);

+		}

+	&xor($R,&DWP(0,$P,"",0));

+

+	&mov("eax",&wparam(0));

+	&mov(&DWP(0,"eax","",0),$R);

+	&mov(&DWP(4,"eax","",0),$L);

+	&function_end_A($name);

+

+	&function_end_B($name);

+	}

+

+sub BF_ENCRYPT

+	{

+	local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;

+

+	&rotr(	$R,		16);

+	&mov(	$tot,		&DWP(&n2a($i*4),$P,"",0));

+

+	&movb(	&LB($tmp1),	&HB($R));

+	&movb(	&LB($tmp2),	&LB($R));

+

+	&rotr(	$R,		16);

+	&xor(	$L,		$tot);

+

+	&mov(	$tot,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));

+	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));

+

+	&movb(	&LB($tmp1),	&HB($R));

+	&movb(	&LB($tmp2),	&LB($R));

+

+	&add(	$tot,		$tmp3);

+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay

+

+	&xor(	$tot,		$tmp1);

+	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));

+

+	&add(	$tot,		$tmp3);

+	&xor(	$tmp1,		$tmp1);

+

+	&xor(	$L,		$tot);					

+	# delay

+	}

+

+sub n2a

+	{

+	sprintf("%d",$_[0]);

+	}

+

diff --git a/crypto/bf/asm/bx86-cpp.s b/crypto/bf/asm/bx86-cpp.s
new file mode 100644
index 0000000000..0925137a6d
--- /dev/null
+++ b/crypto/bf/asm/bx86-cpp.s
@@ -0,0 +1,666 @@
+	/* Don't even think of reading this code */
+	/* It was automatically generated by bf586.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, Win32, or Solaris */
+	/* It can be found in SSLeay 0.7.0+ */
+	/* eric <eay@cryptsoft.com> */
+
+	.file	"bfx86xxxx.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl BF_encrypt
+	TYPE(BF_encrypt,@function)
+BF_encrypt:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the 2 words */
+	movl	20(%esp),	%eax
+	movl	(%eax),		%ecx
+	movl	4(%eax),	%edx
+
+	/* P pointer, s and enc flag */
+	movl	24(%esp),	%edi
+	xorl	%eax,		%eax
+	xorl	%ebx,		%ebx
+	movl	28(%esp),	%ebp
+	cmpl	$0,		%ebp
+	je	.L000start_decrypt
+	xorl	(%edi),		%ecx
+
+	/* Round 0 */
+	rorl	$16,		%ecx
+	movl	4(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 1 */
+	rorl	$16,		%edx
+	movl	8(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 2 */
+	rorl	$16,		%ecx
+	movl	12(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 3 */
+	rorl	$16,		%edx
+	movl	16(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 4 */
+	rorl	$16,		%ecx
+	movl	20(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 5 */
+	rorl	$16,		%edx
+	movl	24(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 6 */
+	rorl	$16,		%ecx
+	movl	28(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 7 */
+	rorl	$16,		%edx
+	movl	32(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 8 */
+	rorl	$16,		%ecx
+	movl	36(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 9 */
+	rorl	$16,		%edx
+	movl	40(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 10 */
+	rorl	$16,		%ecx
+	movl	44(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 11 */
+	rorl	$16,		%edx
+	movl	48(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 12 */
+	rorl	$16,		%ecx
+	movl	52(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 13 */
+	rorl	$16,		%edx
+	movl	56(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 14 */
+	rorl	$16,		%ecx
+	movl	60(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 15 */
+	rorl	$16,		%edx
+	movl	64(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+	xorl	68(%edi),	%edx
+	movl	20(%esp),	%eax
+	movl	%edx,		(%eax)
+	movl	%ecx,		4(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.align ALIGN
+.L000start_decrypt:
+	xorl	68(%edi),	%ecx
+
+	/* Round 16 */
+	rorl	$16,		%ecx
+	movl	64(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 15 */
+	rorl	$16,		%edx
+	movl	60(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 14 */
+	rorl	$16,		%ecx
+	movl	56(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 13 */
+	rorl	$16,		%edx
+	movl	52(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 12 */
+	rorl	$16,		%ecx
+	movl	48(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 11 */
+	rorl	$16,		%edx
+	movl	44(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 10 */
+	rorl	$16,		%ecx
+	movl	40(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 9 */
+	rorl	$16,		%edx
+	movl	36(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 8 */
+	rorl	$16,		%ecx
+	movl	32(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 7 */
+	rorl	$16,		%edx
+	movl	28(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 6 */
+	rorl	$16,		%ecx
+	movl	24(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 5 */
+	rorl	$16,		%edx
+	movl	20(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 4 */
+	rorl	$16,		%ecx
+	movl	16(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 3 */
+	rorl	$16,		%edx
+	movl	12(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+
+	/* Round 2 */
+	rorl	$16,		%ecx
+	movl	8(%edi),	%esi
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	rorl	$16,		%ecx
+	xorl	%esi,		%edx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%ch,		%al
+	movb	%cl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%edx
+
+	/* Round 1 */
+	rorl	$16,		%edx
+	movl	4(%edi),	%esi
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	rorl	$16,		%edx
+	xorl	%esi,		%ecx
+	movl	72(%edi,%eax,4),%esi
+	movl	1096(%edi,%ebx,4),%ebp
+	movb	%dh,		%al
+	movb	%dl,		%bl
+	addl	%ebp,		%esi
+	movl	2120(%edi,%eax,4),%eax
+	xorl	%eax,		%esi
+	movl	3144(%edi,%ebx,4),%ebp
+	addl	%ebp,		%esi
+	xorl	%eax,		%eax
+	xorl	%esi,		%ecx
+	xorl	(%edi),		%edx
+	movl	20(%esp),	%eax
+	movl	%edx,		(%eax)
+	movl	%ecx,		4(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.BF_encrypt_end:
+	SIZE(BF_encrypt,.BF_encrypt_end-BF_encrypt)
+.ident	"desasm.pl"
diff --git a/crypto/bf/asm/bx86unix.cpp b/crypto/bf/asm/bx86unix.cpp
new file mode 100644
index 0000000000..dcb10d23dd
--- /dev/null
+++ b/crypto/bf/asm/bx86unix.cpp
@@ -0,0 +1,33 @@
+
+#define TYPE(a,b)	.type	a,b
+#define SIZE(a,b)	.size	a,b
+
+#ifdef OUT
+#define OK		1
+#define BF_encrypt	_BF_encrypt
+#define ALIGN		4
+#endif
+
+#ifdef BSDI
+#define OK		1
+#define BF_encrypt	_BF_encrypt
+#define ALIGN		4
+#undef SIZE
+#undef TYPE
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK		1
+#define ALIGN		16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+#include "bx86-cpp.s" 
+
diff --git a/crypto/bf/asm/readme b/crypto/bf/asm/readme
new file mode 100644
index 0000000000..71e4bb2d5d
--- /dev/null
+++ b/crypto/bf/asm/readme
@@ -0,0 +1,3 @@
+If you want more of an idea of how this all works,
+have a read of the readme file in SSLeay/crypto/des/asm.
+SSLeay can be found at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL.
diff --git a/crypto/bf/asm/win32.asm b/crypto/bf/asm/win32.asm
new file mode 100644
index 0000000000..6d2333f323
--- /dev/null
+++ b/crypto/bf/asm/win32.asm
@@ -0,0 +1,663 @@
+	; Don't even think of reading this code
+	; It was automatically generated by bf586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, Win32, or Solaris
+	; It can be found in SSLeay 0.7.0+
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	bfx86xxxx.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_BF_encrypt
+EXTRN	_des_SPtrans:DWORD
+_BF_encrypt PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the 2 words
+	mov	eax,		DWORD PTR 20[esp]
+	mov	ecx,		DWORD PTR [eax]
+	mov	edx,		DWORD PTR 4[eax]
+	; 
+	; P pointer, s and enc flag
+	mov	edi,		DWORD PTR 24[esp]
+	xor	eax,		eax
+	xor	ebx,		ebx
+	mov	ebp,		DWORD PTR 28[esp]
+	cmp	ebp,		0
+	je	$L000start_decrypt
+	xor	ecx,		DWORD PTR [edi]
+	; 
+	; Round 0
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 4[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 1
+	ror	edx,		16
+	mov	esi,		DWORD PTR 8[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 2
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 12[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 3
+	ror	edx,		16
+	mov	esi,		DWORD PTR 16[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 4
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 20[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 5
+	ror	edx,		16
+	mov	esi,		DWORD PTR 24[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 6
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 28[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 7
+	ror	edx,		16
+	mov	esi,		DWORD PTR 32[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 8
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 36[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 9
+	ror	edx,		16
+	mov	esi,		DWORD PTR 40[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 10
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 44[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 11
+	ror	edx,		16
+	mov	esi,		DWORD PTR 48[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 12
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 52[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 13
+	ror	edx,		16
+	mov	esi,		DWORD PTR 56[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 14
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 60[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 15
+	ror	edx,		16
+	mov	esi,		DWORD PTR 64[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	xor	edx,		DWORD PTR 68[edi]
+	mov	eax,		DWORD PTR 20[esp]
+	mov	DWORD PTR [eax],edx
+	mov	DWORD PTR 4[eax],ecx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L000start_decrypt:
+	xor	ecx,		DWORD PTR 68[edi]
+	; 
+	; Round 16
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 64[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 15
+	ror	edx,		16
+	mov	esi,		DWORD PTR 60[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 14
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 56[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 13
+	ror	edx,		16
+	mov	esi,		DWORD PTR 52[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 12
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 48[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 11
+	ror	edx,		16
+	mov	esi,		DWORD PTR 44[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 10
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 40[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 9
+	ror	edx,		16
+	mov	esi,		DWORD PTR 36[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 8
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 32[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 7
+	ror	edx,		16
+	mov	esi,		DWORD PTR 28[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 6
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 24[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 5
+	ror	edx,		16
+	mov	esi,		DWORD PTR 20[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 4
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 16[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 3
+	ror	edx,		16
+	mov	esi,		DWORD PTR 12[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	; 
+	; Round 2
+	ror	ecx,		16
+	mov	esi,		DWORD PTR 8[edi]
+	mov	al,		ch
+	mov	bl,		cl
+	ror	ecx,		16
+	xor	edx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		ch
+	mov	bl,		cl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	edx,		esi
+	; 
+	; Round 1
+	ror	edx,		16
+	mov	esi,		DWORD PTR 4[edi]
+	mov	al,		dh
+	mov	bl,		dl
+	ror	edx,		16
+	xor	ecx,		esi
+	mov	esi,		DWORD PTR 72[eax*4+edi]
+	mov	ebp,		DWORD PTR 1096[ebx*4+edi]
+	mov	al,		dh
+	mov	bl,		dl
+	add	esi,		ebp
+	mov	eax,		DWORD PTR 2120[eax*4+edi]
+	xor	esi,		eax
+	mov	ebp,		DWORD PTR 3144[ebx*4+edi]
+	add	esi,		ebp
+	xor	eax,		eax
+	xor	ecx,		esi
+	xor	edx,		DWORD PTR [edi]
+	mov	eax,		DWORD PTR 20[esp]
+	mov	DWORD PTR [eax],edx
+	mov	DWORD PTR 4[eax],ecx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_BF_encrypt ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/bf/bf_cbc.c b/crypto/bf/bf_cbc.c
new file mode 100644
index 0000000000..3d05d27cf1
--- /dev/null
+++ b/crypto/bf/bf_cbc.c
@@ -0,0 +1,148 @@
+/* crypto/bf/bf_cbc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+void BF_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *ks;
+unsigned char *iv;
+int encrypt;
+	{
+	register BF_LONG tin0,tin1;
+	register BF_LONG tout0,tout1,xor0,xor1;
+	register long l=length;
+	BF_LONG tin[2];
+
+	if (encrypt)
+		{
+		n2l(iv,tout0);
+		n2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_encrypt(tin,ks,BF_ENCRYPT);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		if (l != -8)
+			{
+			n2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_encrypt(tin,ks,BF_ENCRYPT);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		l2n(tout0,iv);
+		l2n(tout1,iv);
+		}
+	else
+		{
+		n2l(iv,xor0);
+		n2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_encrypt(tin,ks,BF_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2n(tout0,out);
+			l2n(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			BF_encrypt(tin,ks,BF_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2nn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2n(xor0,iv);
+		l2n(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/bf/bf_cfb64.c b/crypto/bf/bf_cfb64.c
new file mode 100644
index 0000000000..92fc68261b
--- /dev/null
+++ b/crypto/bf/bf_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/bf/bf_cfb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void BF_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+	{
+	register BF_LONG v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	BF_LONG ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (encrypt)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				n2l(iv,v0); ti[0]=v0;
+				n2l(iv,v1); ti[1]=v1;
+				BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2n(t,iv);
+				t=ti[1]; l2n(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				n2l(iv,v0); ti[0]=v0;
+				n2l(iv,v1); ti[1]=v1;
+				BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2n(t,iv);
+				t=ti[1]; l2n(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=t=c=cc=0;
+	*num=n;
+	}
+
diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c
new file mode 100644
index 0000000000..7840352dc3
--- /dev/null
+++ b/crypto/bf/bf_ecb.c
@@ -0,0 +1,95 @@
+/* crypto/bf/bf_ecb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+char *BF_version="BlowFish part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *BF_options()
+	{
+#ifdef BF_PTR
+	return("blowfish(ptr)");
+#elif defined(BF_PTR2)
+	return("blowfish(ptr2)");
+#else
+	return("blowfish(idx)");
+#endif
+	}
+
+void BF_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+BF_KEY *ks;
+int encrypt;
+	{
+	BF_LONG l,d[2];
+
+	n2l(in,l); d[0]=l;
+	n2l(in,l); d[1]=l;
+	BF_encrypt(d,ks,encrypt);
+	l=d[0]; l2n(l,out);
+	l=d[1]; l2n(l,out);
+	l=d[0]=d[1]=0;
+	}
+
diff --git a/crypto/bf/bf_enc.c b/crypto/bf/bf_enc.c
new file mode 100644
index 0000000000..9bcc2169ce
--- /dev/null
+++ b/crypto/bf/bf_enc.c
@@ -0,0 +1,140 @@
+/* crypto/bf/bf_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
+If you set BF_ROUNDS to some value other than 16 or 20, you will have
+to modify the code.
+#endif
+
+void BF_encrypt(data,key,encrypt)
+BF_LONG *data;
+BF_KEY *key;
+int encrypt;
+	{
+	register BF_LONG l,r,*p,*s;
+
+	p=key->P;
+	s= &(key->S[0]);
+	l=data[0];
+	r=data[1];
+
+	if (encrypt)
+		{
+		l^=p[0];
+		BF_ENC(r,l,s,p[ 1]);
+		BF_ENC(l,r,s,p[ 2]);
+		BF_ENC(r,l,s,p[ 3]);
+		BF_ENC(l,r,s,p[ 4]);
+		BF_ENC(r,l,s,p[ 5]);
+		BF_ENC(l,r,s,p[ 6]);
+		BF_ENC(r,l,s,p[ 7]);
+		BF_ENC(l,r,s,p[ 8]);
+		BF_ENC(r,l,s,p[ 9]);
+		BF_ENC(l,r,s,p[10]);
+		BF_ENC(r,l,s,p[11]);
+		BF_ENC(l,r,s,p[12]);
+		BF_ENC(r,l,s,p[13]);
+		BF_ENC(l,r,s,p[14]);
+		BF_ENC(r,l,s,p[15]);
+		BF_ENC(l,r,s,p[16]);
+#if BF_ROUNDS == 20
+		BF_ENC(r,l,s,p[17]);
+		BF_ENC(l,r,s,p[18]);
+		BF_ENC(r,l,s,p[19]);
+		BF_ENC(l,r,s,p[20]);
+#endif
+		r^=p[BF_ROUNDS+1];
+		}
+	else
+		{
+		l^=p[BF_ROUNDS+1];
+#if BF_ROUNDS == 20
+		BF_ENC(r,l,s,p[20]);
+		BF_ENC(l,r,s,p[19]);
+		BF_ENC(r,l,s,p[18]);
+		BF_ENC(l,r,s,p[17]);
+#endif
+		BF_ENC(r,l,s,p[16]);
+		BF_ENC(l,r,s,p[15]);
+		BF_ENC(r,l,s,p[14]);
+		BF_ENC(l,r,s,p[13]);
+		BF_ENC(r,l,s,p[12]);
+		BF_ENC(l,r,s,p[11]);
+		BF_ENC(r,l,s,p[10]);
+		BF_ENC(l,r,s,p[ 9]);
+		BF_ENC(r,l,s,p[ 8]);
+		BF_ENC(l,r,s,p[ 7]);
+		BF_ENC(r,l,s,p[ 6]);
+		BF_ENC(l,r,s,p[ 5]);
+		BF_ENC(r,l,s,p[ 4]);
+		BF_ENC(l,r,s,p[ 3]);
+		BF_ENC(r,l,s,p[ 2]);
+		BF_ENC(l,r,s,p[ 1]);
+		r^=p[0];
+		}
+	data[1]=l&0xffffffffL;
+	data[0]=r&0xffffffffL;
+	}
diff --git a/crypto/bf/bf_locl b/crypto/bf/bf_locl
new file mode 100644
index 0000000000..abc23d7060
--- /dev/null
+++ b/crypto/bf/bf_locl
@@ -0,0 +1,243 @@
+/* crypto/bf/bf_local.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@mincom.oz.au).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@mincom.oz.au)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun )                    /* Newer Sparc's */
+#  define BF_PTR
+#elif defined( __ultrix )     /* Older MIPS */
+#  define BF_PTR
+#elif defined( __osf1__ )     /* Alpha */
+  /* None */
+#elif defined ( _AIX )                /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )               /* HP-PA */
+  /* None */
+#elif defined( __aux )                /* 68K */
+  /* Unknown */
+#elif defined( __dgux )               /* 88K (but P6 in latest boxes) */
+  /* Unknown */
+#elif defined( __sgi )                /* Newer MIPS */
+#  define BF_PTR
+#elif defined( i386 )         /* x86 boxes, should be gcc */
+#  define BF_PTR2
+#elif defined( _MSC_VER )     /* x86 boxes, Visual C */
+#  define BF_PTR2
+#endif /* Systems-specific speed defines */
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* This is actually a big endian algorithm, the most significate byte
+ * is used to lookup array 0 */
+
+/* use BF_PTR2 for intel boxes,
+ * BF_PTR for sparc and MIPS/SGI
+ * use nothing for Alpha and HP.
+ */
+#if !defined(BF_PTR) && !defined(BF_PTR2)
+#undef BF_PTR
+#endif
+
+#define BF_M	0x3fc
+#define BF_0	22L
+#define BF_1	14L
+#define BF_2	 6L
+#define BF_3	 2L /* left shift */
+
+#if defined(BF_PTR2)
+
+/* This is basically a special pentium verson */
+#define BF_ENC(LL,R,S,P) \
+	{ \
+	BF_LONG t,u,v; \
+	u=R>>BF_0; \
+	v=R>>BF_1; \
+	u&=BF_M; \
+	v&=BF_M; \
+	t=  *(BF_LONG *)((unsigned char *)&(S[  0])+u); \
+	u=R>>BF_2; \
+	t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
+	v=R<<BF_3; \
+	u&=BF_M; \
+	v&=BF_M; \
+	t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
+	LL^=P; \
+	t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
+	LL^=t; \
+	}
+
+#elif defined(BF_PTR)
+
+/* This is normally very good */
+
+#define BF_ENC(LL,R,S,P) \
+	LL^=P; \
+	LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
+		*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+		*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+		*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
+#else
+
+/* This will always work, even on 64 bit machines and strangly enough,
+ * on the Alpha it is faster than the pointer versions (both 32 and 64
+ * versions of BF_LONG) */
+
+#define BF_ENC(LL,R,S,P) \
+	LL^=P; \
+	LL^=(((	S[        (int)(R>>24L)      ] + \
+		S[0x0100+((int)(R>>16L)&0xff)])^ \
+		S[0x0200+((int)(R>> 8L)&0xff)])+ \
+		S[0x0300+((int)(R     )&0xff)])&0xffffffffL;
+#endif
diff --git a/crypto/bf/bf_locl.h b/crypto/bf/bf_locl.h
new file mode 100644
index 0000000000..592ece99a4
--- /dev/null
+++ b/crypto/bf/bf_locl.h
@@ -0,0 +1,244 @@
+/* crypto/bf/bf_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun )                    /* Newer Sparc's */
+#  define BF_PTR
+#elif defined( __ultrix )     /* Older MIPS */
+#  define BF_PTR
+#elif defined( __osf1__ )     /* Alpha */
+  /* None */
+#elif defined ( _AIX )                /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )               /* HP-PA */
+  /* None */
+#elif defined( __aux )                /* 68K */
+  /* Unknown */
+#elif defined( __dgux )               /* 88K (but P6 in latest boxes) */
+  /* Unknown */
+#elif defined( __sgi )                /* Newer MIPS */
+#  define BF_PTR
+#elif defined( i386 )         /* x86 boxes, should be gcc */
+#  define BF_PTR2
+#elif defined( _MSC_VER )     /* x86 boxes, Visual C */
+#  define BF_PTR2
+#endif /* Systems-specific speed defines */
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* This is actually a big endian algorithm, the most significate byte
+ * is used to lookup array 0 */
+
+/* use BF_PTR2 for intel boxes,
+ * BF_PTR for sparc and MIPS/SGI
+ * use nothing for Alpha and HP.
+ */
+#if !defined(BF_PTR) && !defined(BF_PTR2)
+#undef BF_PTR
+#endif
+
+#define BF_M	0x3fc
+#define BF_0	22L
+#define BF_1	14L
+#define BF_2	 6L
+#define BF_3	 2L /* left shift */
+
+#if defined(BF_PTR2)
+
+/* This is basically a special pentium verson */
+#define BF_ENC(LL,R,S,P) \
+	{ \
+	BF_LONG t,u,v; \
+	u=R>>BF_0; \
+	v=R>>BF_1; \
+	u&=BF_M; \
+	v&=BF_M; \
+	t=  *(BF_LONG *)((unsigned char *)&(S[  0])+u); \
+	u=R>>BF_2; \
+	t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
+	v=R<<BF_3; \
+	u&=BF_M; \
+	v&=BF_M; \
+	t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
+	LL^=P; \
+	t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
+	LL^=t; \
+	}
+
+#elif defined(BF_PTR)
+
+/* This is normally very good */
+
+#define BF_ENC(LL,R,S,P) \
+	LL^=P; \
+	LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
+		*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+		*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+		*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
+#else
+
+/* This will always work, even on 64 bit machines and strangly enough,
+ * on the Alpha it is faster than the pointer versions (both 32 and 64
+ * versions of BF_LONG) */
+
+#define BF_ENC(LL,R,S,P) \
+	LL^=P; \
+	LL^=(((	S[        (int)(R>>24L)      ] + \
+		S[0x0100+((int)(R>>16L)&0xff)])^ \
+		S[0x0200+((int)(R>> 8L)&0xff)])+ \
+		S[0x0300+((int)(R     )&0xff)])&0xffffffffL;
+#endif
diff --git a/crypto/bf/bf_locl.org b/crypto/bf/bf_locl.org
new file mode 100644
index 0000000000..592ece99a4
--- /dev/null
+++ b/crypto/bf/bf_locl.org
@@ -0,0 +1,244 @@
+/* crypto/bf/bf_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun )                    /* Newer Sparc's */
+#  define BF_PTR
+#elif defined( __ultrix )     /* Older MIPS */
+#  define BF_PTR
+#elif defined( __osf1__ )     /* Alpha */
+  /* None */
+#elif defined ( _AIX )                /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )               /* HP-PA */
+  /* None */
+#elif defined( __aux )                /* 68K */
+  /* Unknown */
+#elif defined( __dgux )               /* 88K (but P6 in latest boxes) */
+  /* Unknown */
+#elif defined( __sgi )                /* Newer MIPS */
+#  define BF_PTR
+#elif defined( i386 )         /* x86 boxes, should be gcc */
+#  define BF_PTR2
+#elif defined( _MSC_VER )     /* x86 boxes, Visual C */
+#  define BF_PTR2
+#endif /* Systems-specific speed defines */
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* This is actually a big endian algorithm, the most significate byte
+ * is used to lookup array 0 */
+
+/* use BF_PTR2 for intel boxes,
+ * BF_PTR for sparc and MIPS/SGI
+ * use nothing for Alpha and HP.
+ */
+#if !defined(BF_PTR) && !defined(BF_PTR2)
+#undef BF_PTR
+#endif
+
+#define BF_M	0x3fc
+#define BF_0	22L
+#define BF_1	14L
+#define BF_2	 6L
+#define BF_3	 2L /* left shift */
+
+#if defined(BF_PTR2)
+
+/* This is basically a special pentium verson */
+#define BF_ENC(LL,R,S,P) \
+	{ \
+	BF_LONG t,u,v; \
+	u=R>>BF_0; \
+	v=R>>BF_1; \
+	u&=BF_M; \
+	v&=BF_M; \
+	t=  *(BF_LONG *)((unsigned char *)&(S[  0])+u); \
+	u=R>>BF_2; \
+	t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
+	v=R<<BF_3; \
+	u&=BF_M; \
+	v&=BF_M; \
+	t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
+	LL^=P; \
+	t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
+	LL^=t; \
+	}
+
+#elif defined(BF_PTR)
+
+/* This is normally very good */
+
+#define BF_ENC(LL,R,S,P) \
+	LL^=P; \
+	LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
+		*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+		*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+		*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
+#else
+
+/* This will always work, even on 64 bit machines and strangly enough,
+ * on the Alpha it is faster than the pointer versions (both 32 and 64
+ * versions of BF_LONG) */
+
+#define BF_ENC(LL,R,S,P) \
+	LL^=P; \
+	LL^=(((	S[        (int)(R>>24L)      ] + \
+		S[0x0100+((int)(R>>16L)&0xff)])^ \
+		S[0x0200+((int)(R>> 8L)&0xff)])+ \
+		S[0x0300+((int)(R     )&0xff)])&0xffffffffL;
+#endif
diff --git a/crypto/bf/bf_ofb64.c b/crypto/bf/bf_ofb64.c
new file mode 100644
index 0000000000..e95aca5310
--- /dev/null
+++ b/crypto/bf/bf_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/bf/bf_ofb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void BF_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *schedule;
+unsigned char *ivec;
+int *num;
+	{
+	register BF_LONG v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned char d[8];
+	register char *dp;
+	BF_LONG ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	n2l(iv,v0);
+	n2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2n(v0,dp);
+	l2n(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+			dp=(char *)d;
+			t=ti[0]; l2n(t,dp);
+			t=ti[1]; l2n(t,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+		v0=ti[0];
+		v1=ti[1];
+		iv=(unsigned char *)ivec;
+		l2n(v0,iv);
+		l2n(v1,iv);
+		}
+	t=v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
diff --git a/crypto/bf/bf_pi.h b/crypto/bf/bf_pi.h
new file mode 100644
index 0000000000..f5918b361e
--- /dev/null
+++ b/crypto/bf/bf_pi.h
@@ -0,0 +1,325 @@
+/* crypto/bf/bf_pi.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static BF_KEY bf_init= {
+	{
+	0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
+	0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
+	0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
+	0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
+	0x9216d5d9L, 0x8979fb1b
+	},{
+	0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, 
+	0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, 
+	0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, 
+	0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, 
+	0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, 
+	0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, 
+	0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, 
+	0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, 
+	0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, 
+	0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, 
+	0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, 
+	0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, 
+	0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, 
+	0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, 
+	0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, 
+	0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, 
+	0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, 
+	0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, 
+	0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, 
+	0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, 
+	0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, 
+	0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, 
+	0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, 
+	0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, 
+	0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, 
+	0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, 
+	0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, 
+	0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, 
+	0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, 
+	0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, 
+	0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, 
+	0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, 
+	0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, 
+	0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, 
+	0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, 
+	0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, 
+	0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, 
+	0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, 
+	0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, 
+	0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, 
+	0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, 
+	0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, 
+	0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, 
+	0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, 
+	0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, 
+	0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, 
+	0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, 
+	0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, 
+	0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, 
+	0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, 
+	0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, 
+	0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, 
+	0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, 
+	0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, 
+	0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, 
+	0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, 
+	0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, 
+	0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, 
+	0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, 
+	0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, 
+	0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, 
+	0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, 
+	0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, 
+	0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, 
+	0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, 
+	0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, 
+	0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, 
+	0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, 
+	0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, 
+	0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, 
+	0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, 
+	0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, 
+	0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, 
+	0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, 
+	0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, 
+	0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, 
+	0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, 
+	0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, 
+	0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, 
+	0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, 
+	0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, 
+	0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, 
+	0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, 
+	0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, 
+	0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, 
+	0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, 
+	0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, 
+	0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, 
+	0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, 
+	0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, 
+	0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, 
+	0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, 
+	0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, 
+	0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, 
+	0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, 
+	0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, 
+	0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, 
+	0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, 
+	0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, 
+	0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, 
+	0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, 
+	0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, 
+	0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, 
+	0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, 
+	0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, 
+	0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, 
+	0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, 
+	0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, 
+	0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, 
+	0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, 
+	0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, 
+	0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, 
+	0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, 
+	0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, 
+	0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, 
+	0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, 
+	0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, 
+	0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, 
+	0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, 
+	0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, 
+	0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, 
+	0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, 
+	0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, 
+	0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, 
+	0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, 
+	0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, 
+	0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, 
+	0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, 
+	0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, 
+	0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, 
+	0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, 
+	0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, 
+	0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, 
+	0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, 
+	0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, 
+	0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, 
+	0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, 
+	0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, 
+	0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, 
+	0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, 
+	0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, 
+	0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, 
+	0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, 
+	0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, 
+	0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, 
+	0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, 
+	0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, 
+	0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, 
+	0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, 
+	0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, 
+	0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, 
+	0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, 
+	0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, 
+	0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, 
+	0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, 
+	0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, 
+	0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, 
+	0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, 
+	0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, 
+	0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, 
+	0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, 
+	0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, 
+	0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, 
+	0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, 
+	0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, 
+	0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, 
+	0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, 
+	0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, 
+	0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, 
+	0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, 
+	0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, 
+	0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, 
+	0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, 
+	0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, 
+	0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, 
+	0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, 
+	0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, 
+	0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, 
+	0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, 
+	0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, 
+	0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, 
+	0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, 
+	0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, 
+	0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, 
+	0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, 
+	0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, 
+	0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, 
+	0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, 
+	0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, 
+	0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, 
+	0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, 
+	0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, 
+	0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, 
+	0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, 
+	0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, 
+	0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, 
+	0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, 
+	0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, 
+	0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, 
+	0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, 
+	0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, 
+	0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, 
+	0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, 
+	0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, 
+	0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, 
+	0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, 
+	0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, 
+	0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, 
+	0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, 
+	0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, 
+	0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, 
+	0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, 
+	0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, 
+	0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, 
+	0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, 
+	0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, 
+	0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, 
+	0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, 
+	0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, 
+	0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, 
+	0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, 
+	0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, 
+	0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, 
+	0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, 
+	0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, 
+	0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, 
+	0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, 
+	0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, 
+	0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, 
+	0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, 
+	0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, 
+	0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, 
+	0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, 
+	0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, 
+	0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, 
+	0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, 
+	0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, 
+	0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, 
+	0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, 
+	0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, 
+	0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, 
+	0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, 
+	0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, 
+	0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, 
+	0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, 
+	0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, 
+	0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, 
+	0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, 
+	0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, 
+	0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, 
+	0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, 
+	0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, 
+	0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, 
+	0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, 
+	0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, 
+	0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, 
+	}
+	};
+
diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c
new file mode 100644
index 0000000000..18ea37f7cc
--- /dev/null
+++ b/crypto/bf/bf_skey.c
@@ -0,0 +1,119 @@
+/* crypto/bf/bf_skey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "blowfish.h"
+#include "bf_locl.h"
+#include "bf_pi.h"
+
+void BF_set_key(key,len,data)
+BF_KEY *key;
+int len;
+unsigned char *data;
+	{
+	int i;
+	BF_LONG *p,ri,in[2];
+	unsigned char *d,*end;
+
+
+	memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY));
+	p=key->P;
+
+	if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
+
+	d=data;
+	end= &(data[len]);
+	for (i=0; i<(BF_ROUNDS+2); i++)
+		{
+		ri= *(d++);
+		if (d >= end) d=data;
+
+		ri<<=8;
+		ri|= *(d++);
+		if (d >= end) d=data;
+
+		ri<<=8;
+		ri|= *(d++);
+		if (d >= end) d=data;
+
+		ri<<=8;
+		ri|= *(d++);
+		if (d >= end) d=data;
+
+		p[i]^=ri;
+		}
+
+	in[0]=0L;
+	in[1]=0L;
+	for (i=0; i<(BF_ROUNDS+2); i+=2)
+		{
+		BF_encrypt(in,key,BF_ENCRYPT);
+		p[i  ]=in[0];
+		p[i+1]=in[1];
+		}
+
+	p=key->S;
+	for (i=0; i<4*256; i+=2)
+		{
+		BF_encrypt(in,key,BF_ENCRYPT);
+		p[i  ]=in[0];
+		p[i+1]=in[1];
+		}
+	}
+
diff --git a/crypto/bf/bfspeed.c b/crypto/bf/bfspeed.c
new file mode 100644
index 0000000000..ee20bd00f7
--- /dev/null
+++ b/crypto/bf/bfspeed.c
@@ -0,0 +1,285 @@
+/* crypto/bf/bfspeed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ	100.0
+#else /* VMS */
+#define HZ	100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static unsigned char key[] ={
+			0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+			0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+			};
+	BF_KEY sch;
+	double a,b,c,d;
+#ifndef SIGALRM
+	long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	BF_set_key(&sch,16,key);
+	count=10;
+	do	{
+		long i;
+		BF_LONG data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			BF_encrypt(data,&sch,BF_ENCRYPT);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count/512;
+	cb=count;
+	cc=count*8/BUFSIZE+1;
+	printf("Doing BF_set_key %ld times\n",ca);
+#define COND(d)	(count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing BF_set_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count++)
+		BF_set_key(&sch,16,key);
+	d=Time_F(STOP);
+	printf("%ld blowfish set_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing BF_encrypt's for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing BF_encrypt %ld times\n",cb);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cb); count++)
+		{
+		BF_LONG data[2];
+
+		BF_encrypt(data,&sch,BF_ENCRYPT);
+		}
+	d=Time_F(STOP);
+	printf("%ld BF_encrypt's in %.2f second\n",count,d);
+	b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+	printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		BF_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+			&(key[0]),BF_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+	printf("blowfish set_key       per sec = %12.2f (%7.1fuS)\n",a,1.0e6/a);
+	printf("Blowfish raw ecb bytes per sec = %12.2f (%7.1fuS)\n",b,8.0e6/b);
+	printf("Blowfish cbc     bytes per sec = %12.2f (%7.1fuS)\n",c,8.0e6/c);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c
new file mode 100644
index 0000000000..2c678e418b
--- /dev/null
+++ b/crypto/bf/bftest.c
@@ -0,0 +1,521 @@
+/* crypto/bf/bftest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'.  When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+char *bf_key[2]={
+	"abcdefghijklmnopqrstuvwxyz",
+	"Who is John Galt?"
+	};
+
+/* big endian */
+BF_LONG bf_plain[2][2]={
+	{0x424c4f57,0x46495348},
+	{0xfedcba98,0x76543210}
+	};
+
+BF_LONG bf_cipher[2][2]={
+	{0x324ed0fe,0xf413a203},
+	{0xcc91732b,0x8022f684}
+	};
+/************/
+
+/* Lets use the DES test vectors :-) */
+#define NUM_TESTS 34
+static unsigned char ecb_data[NUM_TESTS][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+	{0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+	{0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+	{0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+	{0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+	{0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+	{0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+	{0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+	{0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+	{0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+	{0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+	{0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+	{0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+	{0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+	{0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+	{0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+	{0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+	{0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+	{0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+	{0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+	{0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+	{0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+	{0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+	{0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+	{0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+	{0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+	{0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+	{0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+	{0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+	{0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+	{0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+	{0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+	{0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+	{0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+	{0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+	{0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+	{0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+	{0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+	{0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+	{0x51,0x86,0x6F,0xD5,0xB8,0x5E,0xCB,0x8A},
+	{0x7D,0x85,0x6F,0x9A,0x61,0x30,0x63,0xF2},
+	{0x24,0x66,0xDD,0x87,0x8B,0x96,0x3C,0x9D},
+	{0x61,0xF9,0xC3,0x80,0x22,0x81,0xB0,0x96},
+	{0x7D,0x0C,0xC6,0x30,0xAF,0xDA,0x1E,0xC7},
+	{0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+	{0x0A,0xCE,0xAB,0x0F,0xC6,0xA0,0xA2,0x8D},
+	{0x59,0xC6,0x82,0x45,0xEB,0x05,0x28,0x2B},
+	{0xB1,0xB8,0xCC,0x0B,0x25,0x0F,0x09,0xA0},
+	{0x17,0x30,0xE5,0x77,0x8B,0xEA,0x1D,0xA4},
+	{0xA2,0x5E,0x78,0x56,0xCF,0x26,0x51,0xEB},
+	{0x35,0x38,0x82,0xB1,0x09,0xCE,0x8F,0x1A},
+	{0x48,0xF4,0xD0,0x88,0x4C,0x37,0x99,0x18},
+	{0x43,0x21,0x93,0xB7,0x89,0x51,0xFC,0x98},
+	{0x13,0xF0,0x41,0x54,0xD6,0x9D,0x1A,0xE5},
+	{0x2E,0xED,0xDA,0x93,0xFF,0xD3,0x9C,0x79},
+	{0xD8,0x87,0xE0,0x39,0x3C,0x2D,0xA6,0xE3},
+	{0x5F,0x99,0xD0,0x4F,0x5B,0x16,0x39,0x69},
+	{0x4A,0x05,0x7A,0x3B,0x24,0xD3,0x97,0x7B},
+	{0x45,0x20,0x31,0xC1,0xE4,0xFA,0xDA,0x8E},
+	{0x75,0x55,0xAE,0x39,0xF5,0x9B,0x87,0xBD},
+	{0x53,0xC5,0x5F,0x9C,0xB4,0x9F,0xC0,0x19},
+	{0x7A,0x8E,0x7B,0xFA,0x93,0x7E,0x89,0xA3},
+	{0xCF,0x9C,0x5D,0x7A,0x49,0x86,0xAD,0xB5},
+	{0xD1,0xAB,0xB2,0x90,0x65,0x8B,0xC7,0x78},
+	{0x55,0xCB,0x37,0x74,0xD1,0x3E,0xF2,0x01},
+	{0xFA,0x34,0xEC,0x48,0x47,0xB2,0x68,0xB2},
+	{0xA7,0x90,0x79,0x51,0x08,0xEA,0x3C,0xAE},
+	{0xC3,0x9E,0x07,0x2D,0x9F,0xAC,0x63,0x1D},
+	{0x01,0x49,0x33,0xE0,0xCD,0xAF,0xF6,0xE4},
+	{0xF2,0x1E,0x9A,0x77,0xB7,0x1C,0x49,0xBC},
+	{0x24,0x59,0x46,0x88,0x57,0x54,0x36,0x9A},
+	{0x6B,0x5C,0x5A,0x9C,0x5D,0x9E,0x0A,0x5A},
+	};
+
+static unsigned char cbc_key [16]={
+	0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+	0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static char cbc_data[40]="7654321 Now is the time for ";
+static unsigned char cbc_ok[32]={
+	0x6B,0x77,0xB4,0xD6,0x30,0x06,0xDE,0xE6,
+	0x05,0xB1,0x56,0xE2,0x74,0x03,0x97,0x93,
+	0x58,0xDE,0xB9,0xE7,0x15,0x46,0x16,0xD9,
+	0x59,0xF1,0x65,0x2B,0xD5,0xFF,0x92,0xCC};
+
+static unsigned char cfb64_ok[]={
+	0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+	0xF2,0x6E,0xCF,0x6D,0x2E,0xB9,0xE7,0x6E,
+	0x3D,0xA3,0xDE,0x04,0xD1,0x51,0x72,0x00,
+	0x51,0x9D,0x57,0xA6,0xC3};
+
+static unsigned char ofb64_ok[]={
+	0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+	0x62,0xB3,0x43,0xCC,0x5B,0x65,0x58,0x73,
+	0x10,0xDD,0x90,0x8D,0x0C,0x24,0x1B,0x22,
+	0x63,0xC2,0xCF,0x80,0xDA};
+
+#define KEY_TEST_NUM	25
+unsigned char key_test[KEY_TEST_NUM]={
+	0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
+	0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
+	0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
+	0x88};
+
+unsigned char key_data[8]=
+	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10};
+
+unsigned char key_out[KEY_TEST_NUM][8]={
+	{0xF9,0xAD,0x59,0x7C,0x49,0xDB,0x00,0x5E},
+	{0xE9,0x1D,0x21,0xC1,0xD9,0x61,0xA6,0xD6},
+	{0xE9,0xC2,0xB7,0x0A,0x1B,0xC6,0x5C,0xF3},
+	{0xBE,0x1E,0x63,0x94,0x08,0x64,0x0F,0x05},
+	{0xB3,0x9E,0x44,0x48,0x1B,0xDB,0x1E,0x6E},
+	{0x94,0x57,0xAA,0x83,0xB1,0x92,0x8C,0x0D},
+	{0x8B,0xB7,0x70,0x32,0xF9,0x60,0x62,0x9D},
+	{0xE8,0x7A,0x24,0x4E,0x2C,0xC8,0x5E,0x82},
+	{0x15,0x75,0x0E,0x7A,0x4F,0x4E,0xC5,0x77},
+	{0x12,0x2B,0xA7,0x0B,0x3A,0xB6,0x4A,0xE0},
+	{0x3A,0x83,0x3C,0x9A,0xFF,0xC5,0x37,0xF6},
+	{0x94,0x09,0xDA,0x87,0xA9,0x0F,0x6B,0xF2},
+	{0x88,0x4F,0x80,0x62,0x50,0x60,0xB8,0xB4},
+	{0x1F,0x85,0x03,0x1C,0x19,0xE1,0x19,0x68},
+	{0x79,0xD9,0x37,0x3A,0x71,0x4C,0xA3,0x4F},
+	{0x93,0x14,0x28,0x87,0xEE,0x3B,0xE1,0x5C},
+	{0x03,0x42,0x9E,0x83,0x8C,0xE2,0xD1,0x4B},
+	{0xA4,0x29,0x9E,0x27,0x46,0x9F,0xF6,0x7B},
+	{0xAF,0xD5,0xAE,0xD1,0xC1,0xBC,0x96,0xA8},
+	{0x10,0x85,0x1C,0x0E,0x38,0x58,0xDA,0x9F},
+	{0xE6,0xF5,0x1E,0xD7,0x9B,0x9D,0xB2,0x1F},
+	{0x64,0xA6,0xE1,0x4A,0xFD,0x36,0xB4,0x6F},
+	{0x80,0xC7,0xD7,0xD4,0x5A,0x54,0x79,0xAD},
+	{0x05,0x04,0x4B,0x62,0xFA,0x52,0xD0,0x80},
+	};
+
+#ifndef NOPROTO
+static int test(void );
+static int print_test_data(void );
+#else
+static int test();
+static int print_test_data();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int ret;
+
+	if (argc > 1)
+		ret=print_test_data();
+	else
+		ret=test();
+
+	exit(ret);
+	return(0);
+	}
+
+static int print_test_data()
+	{
+	unsigned int i,j;
+
+	printf("ecb test data\n");
+	printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
+	for (i=0; i<NUM_TESTS; i++)
+		{
+		for (j=0; j<8; j++)
+			printf("%02X",ecb_data[i][j]);
+		printf("\t");
+		for (j=0; j<8; j++)
+			printf("%02X",plain_data[i][j]);
+		printf("\t");
+		for (j=0; j<8; j++)
+			printf("%02X",cipher_data[i][j]);
+		printf("\n");
+		}
+
+	printf("set_key test data\n");
+	printf("data[8]= ");
+	for (j=0; j<8; j++)
+		printf("%02X",key_data[j]);
+	printf("\n");
+	for (i=0; i<KEY_TEST_NUM-1; i++)
+		{
+		printf("c=");
+		for (j=0; j<8; j++)
+			printf("%02X",key_out[i][j]);
+		printf(" k[%2d]=",i+1);
+		for (j=0; j<i+1; j++)
+			printf("%02X",key_test[j]);
+		printf("\n");
+		}
+
+	printf("\nchaining mode test data\n");
+	printf("key[16]   = ");
+	for (j=0; j<16; j++)
+		printf("%02X",cbc_key[j]);
+	printf("\niv[8]     = ");
+	for (j=0; j<8; j++)
+		printf("%02X",cbc_iv[j]);
+	printf("\ndata[%d]  = '%s'",strlen(cbc_data)+1,cbc_data);
+	printf("\ndata[%d]  = ",strlen(cbc_data)+1);
+	for (j=0; j<strlen(cbc_data)+1; j++)
+		printf("%02X",cbc_data[j]);
+	printf("\n");
+	printf("cbc cipher text\n");
+	printf("cipher[%d]= ",32);
+	for (j=0; j<32; j++)
+		printf("%02X",cbc_ok[j]);
+	printf("\n");
+
+	printf("cfb64 cipher text\n");
+	printf("cipher[%d]= ",strlen(cbc_data)+1);
+	for (j=0; j<strlen(cbc_data)+1; j++)
+		printf("%02X",cfb64_ok[j]);
+	printf("\n");
+
+	printf("ofb64 cipher text\n");
+	printf("cipher[%d]= ",strlen(cbc_data)+1);
+	for (j=0; j<strlen(cbc_data)+1; j++)
+		printf("%02X",ofb64_ok[j]);
+	printf("\n");
+	return(0);
+	}
+
+static int test()
+	{
+	unsigned char cbc_in[40],cbc_out[40],iv[8];
+	int i,n,err=0;
+	BF_KEY key;
+	BF_LONG data[2]; 
+	unsigned char out[8]; 
+	BF_LONG len;
+
+	printf("testing blowfish in raw ecb mode\n");
+	for (n=0; n<2; n++)
+		{
+		BF_set_key(&key,strlen(bf_key[n]),(unsigned char *)bf_key[n]);
+
+		data[0]=bf_plain[n][0];
+		data[1]=bf_plain[n][1];
+		BF_encrypt(data,&key,BF_ENCRYPT);
+		if (memcmp(&(bf_cipher[n][0]),&(data[0]),8) != 0)
+			{
+			printf("BF_encrypt error encrypting\n");
+			printf("got     :");
+			for (i=0; i<2; i++)
+				printf("%08lX ",data[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<2; i++)
+				printf("%08lX ",bf_cipher[n][i]);
+			err=1;
+			printf("\n");
+			}
+
+		BF_encrypt(&(data[0]),&key,BF_DECRYPT);
+		if (memcmp(&(bf_plain[n][0]),&(data[0]),8) != 0)
+			{
+			printf("BF_encrypt error decrypting\n");
+			printf("got     :");
+			for (i=0; i<2; i++)
+				printf("%08lX ",data[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<2; i++)
+				printf("%08lX ",bf_plain[n][i]);
+			printf("\n");
+			err=1;
+			}
+		}
+
+	printf("testing blowfish in ecb mode\n");
+
+	for (n=0; n<NUM_TESTS; n++)
+		{
+		BF_set_key(&key,8,ecb_data[n]);
+
+		BF_ecb_encrypt(&(plain_data[n][0]),out,&key,BF_ENCRYPT);
+		if (memcmp(&(cipher_data[n][0]),out,8) != 0)
+			{
+			printf("BF_ecb_encrypt blowfish error encrypting\n");
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",out[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",cipher_data[n][i]);
+			err=1;
+			printf("\n");
+			}
+
+		BF_ecb_encrypt(out,out,&key,BF_DECRYPT);
+		if (memcmp(&(plain_data[n][0]),out,8) != 0)
+			{
+			printf("BF_ecb_encrypt error decrypting\n");
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",out[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",plain_data[n][i]);
+			printf("\n");
+			err=1;
+			}
+		}
+
+	printf("testing blowfish set_key\n");
+	for (n=1; n<KEY_TEST_NUM; n++)
+		{
+		BF_set_key(&key,n,key_test);
+		BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT);
+		if (memcmp(out,&(key_out[n-1][0]),8) != 0)
+			{
+			printf("blowfish setkey error\n");
+			err=1;
+			}
+		}
+
+	printf("testing blowfish in cbc mode\n");
+	len=strlen(cbc_data)+1;
+
+	BF_set_key(&key,16,cbc_key);
+	memset(cbc_in,0,40);
+	memset(cbc_out,0,40);
+	memcpy(iv,cbc_iv,8);
+	BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
+		&key,iv,BF_ENCRYPT);
+	if (memcmp(cbc_out,cbc_ok,32) != 0)
+		{
+		err=1;
+		printf("BF_cbc_encrypt encrypt error\n");
+		for (i=0; i<32; i++) printf("0x%02X,",cbc_out[i]);
+		}
+	memcpy(iv,cbc_iv,8);
+	BF_cbc_encrypt(cbc_out,cbc_in,len,
+		&key,iv,BF_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+		{
+		printf("BF_cbc_encrypt decrypt error\n");
+		err=1;
+		}
+
+	printf("testing blowfish in cfb64 mode\n");
+
+	BF_set_key(&key,16,cbc_key);
+	memset(cbc_in,0,40);
+	memset(cbc_out,0,40);
+	memcpy(iv,cbc_iv,8);
+	n=0;
+	BF_cfb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,
+		&key,iv,&n,BF_ENCRYPT);
+	BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]),&(cbc_out[13]),len-13,
+		&key,iv,&n,BF_ENCRYPT);
+	if (memcmp(cbc_out,cfb64_ok,(int)len) != 0)
+		{
+		err=1;
+		printf("BF_cfb64_encrypt encrypt error\n");
+		for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+		}
+	n=0;
+	memcpy(iv,cbc_iv,8);
+	BF_cfb64_encrypt(cbc_out,cbc_in,17,
+		&key,iv,&n,BF_DECRYPT);
+	BF_cfb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,
+		&key,iv,&n,BF_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+		{
+		printf("BF_cfb64_encrypt decrypt error\n");
+		err=1;
+		}
+
+	printf("testing blowfish in ofb64\n");
+
+	BF_set_key(&key,16,cbc_key);
+	memset(cbc_in,0,40);
+	memset(cbc_out,0,40);
+	memcpy(iv,cbc_iv,8);
+	n=0;
+	BF_ofb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,&key,iv,&n);
+	BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]),
+		&(cbc_out[13]),len-13,&key,iv,&n);
+	if (memcmp(cbc_out,ofb64_ok,(int)len) != 0)
+		{
+		err=1;
+		printf("BF_ofb64_encrypt encrypt error\n");
+		for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+		}
+	n=0;
+	memcpy(iv,cbc_iv,8);
+	BF_ofb64_encrypt(cbc_out,cbc_in,17,&key,iv,&n);
+	BF_ofb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,&key,iv,&n);
+	if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+		{
+		printf("BF_ofb64_encrypt decrypt error\n");
+		err=1;
+		}
+
+	return(err);
+	}
diff --git a/crypto/bf/blowfish.h b/crypto/bf/blowfish.h
new file mode 100644
index 0000000000..24ec818218
--- /dev/null
+++ b/crypto/bf/blowfish.h
@@ -0,0 +1,114 @@
+/* crypto/bf/blowfish.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BLOWFISH_H
+#define HEADER_BLOWFISH_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define BF_ENCRYPT	1
+#define BF_DECRYPT	0
+
+/* If you make this 'unsigned int' the pointer variants will work on
+ * the Alpha, otherwise they will not.  Strangly using the '8 byte'
+ * BF_LONG and the default 'non-pointer' inner loop is the best configuration
+ * for the Alpha */
+#define BF_LONG unsigned long
+
+#define BF_ROUNDS	16
+#define BF_BLOCK	8
+
+typedef struct bf_key_st
+	{
+	BF_LONG P[BF_ROUNDS+2];
+	BF_LONG S[4*256];
+	} BF_KEY;
+
+#ifndef NOPROTO
+ 
+void BF_set_key(BF_KEY *key, int len, unsigned char *data);
+void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key,
+	int enc);
+void BF_encrypt(BF_LONG *data,BF_KEY *key,int enc);
+void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+	BF_KEY *ks, unsigned char *iv, int enc);
+void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	BF_KEY *schedule, unsigned char *ivec, int *num);
+char *BF_options(void);
+
+#else
+
+void BF_set_key();
+void BF_ecb_encrypt();
+void BF_encrypt();
+void BF_cbc_encrypt();
+void BF_cfb64_encrypt();
+void BF_ofb64_encrypt();
+char *BF_options();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl
new file mode 100644
index 0000000000..9d21a3594d
--- /dev/null
+++ b/crypto/bio/Makefile.ssl
@@ -0,0 +1,92 @@
+#
+# SSLeay/crypto/bio/Makefile
+#
+
+DIR=	bio
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=bio
+ERRC=bio_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bio_lib.c bio_cb.c $(ERRC).c \
+	bss_mem.c bss_null.c bss_fd.c \
+	bss_file.c bss_sock.c bss_conn.c \
+	bf_null.c bf_buff.c b_print.c b_dump.c \
+	b_sock.c bss_acpt.c bf_nbio.c
+LIBOBJ= bio_lib.o bio_cb.o $(ERRC).o \
+	bss_mem.o bss_null.o bss_fd.o \
+	bss_file.o bss_sock.o bss_conn.o \
+	bf_null.o bf_buff.o b_print.o b_dump.o \
+	b_sock.o bss_acpt.o bf_nbio.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bio.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
new file mode 100644
index 0000000000..287aff2a5e
--- /dev/null
+++ b/crypto/bio/b_dump.c
@@ -0,0 +1,125 @@
+/* crypto/bio/b_dump.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#define TRUNCATE
+#define DUMP_WIDTH	16
+
+int BIO_dump(bio,s,len)
+BIO *bio;
+char *s;
+int len;
+{
+  int ret=0;
+  char buf[160+1],tmp[20];
+  int i,j,rows,trunc;
+  unsigned char ch;
+
+  trunc=0;
+
+#ifdef TRUNCATE
+  for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) 
+    trunc++;
+#endif
+
+  rows=(len/DUMP_WIDTH);
+  if ((rows*DUMP_WIDTH)<len)
+    rows++;
+  for(i=0;i<rows;i++) {
+    buf[0]='\0';	/* start with empty string */
+    sprintf(tmp,"%04x - ",i*DUMP_WIDTH);
+    strcpy(buf,tmp);
+    for(j=0;j<DUMP_WIDTH;j++) {
+      if (((i*DUMP_WIDTH)+j)>=len) {
+	strcat(buf,"   ");
+      } else {
+        ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff;
+	sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
+        strcat(buf,tmp);
+      }
+    }
+    strcat(buf,"  ");
+    for(j=0;j<DUMP_WIDTH;j++) {
+      if (((i*DUMP_WIDTH)+j)>=len)
+	break;
+      ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff;
+      sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
+      strcat(buf,tmp);
+    }
+    strcat(buf,"\n");
+    /* if this is the last call then update the ddt_dump thing so that
+     * we will move the selection point in the debug window 
+     */
+    ret+=BIO_write(bio,(char *)buf,strlen(buf));
+  }
+#ifdef TRUNCATE
+  if (trunc > 0) {
+    sprintf(buf,"%04x - <SPACES/NULS>\n",len+trunc);
+    ret+=BIO_write(bio,(char *)buf,strlen(buf));
+  }
+#endif
+  return(ret);
+}
+
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
new file mode 100644
index 0000000000..0296296a7d
--- /dev/null
+++ b/crypto/bio/b_print.c
@@ -0,0 +1,92 @@
+/* crypto/bio/b_print.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+int BIO_printf ( VAR_PLIST( BIO *, bio ) )
+VAR_ALIST
+	{
+	VAR_BDEFN(args, BIO *, bio);
+	char *format;
+	int ret;
+	MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */
+
+	VAR_INIT(args, BIO *, bio);
+	VAR_ARG(args, char *, format);
+
+	hugebuf[0]='\0';
+
+/* no-one uses _doprnt anymore and it appears to be broken under SunOS 4.1.4 */
+#if 0 && defined(sun) && !defined(VAR_ANSI) /**/
+	_doprnt(hugebuf,format,args);
+#else /* !sun */
+	vsprintf(hugebuf,format,args);
+#endif /* sun */
+
+	ret=BIO_write(bio,hugebuf,strlen(hugebuf));
+
+	VAR_END( args );
+	return(ret);
+	}
+
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
new file mode 100644
index 0000000000..adab62135e
--- /dev/null
+++ b/crypto/bio/b_sock.c
@@ -0,0 +1,512 @@
+/* crypto/bio/b_sock.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/*	BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+#ifdef WINDOWS
+static int wsa_init_done=0;
+#endif
+
+unsigned long BIO_ghbn_hits=0L;
+unsigned long BIO_ghbn_miss=0L;
+
+#ifndef NOPROTO
+static int get_ip(char *str,unsigned char *ip);
+#else
+static int get_ip();
+#endif
+
+int BIO_get_host_ip(str,ip)
+char *str;
+unsigned char *ip;
+	{
+	int i;
+	struct hostent *he;
+
+	i=get_ip(str,ip);
+	if (i > 0) return(1);
+	if (i < 0)
+		{
+		BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
+		return(0);
+		}
+	else
+		{ /* do a gethostbyname */
+		if (!BIO_sock_init()) return(0);
+
+		he=BIO_gethostbyname(str);
+		if (he == NULL)
+			{
+			BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
+			return(0);
+			}
+
+		/* cast to short because of win16 winsock definition */
+		if ((short)he->h_addrtype != AF_INET)
+			{
+			BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
+			return(0);
+			}
+		for (i=0; i<4; i++)
+			ip[i]=he->h_addr_list[0][i];
+		}
+	return(1);
+	}
+
+int BIO_get_port(str,port_ptr)
+char *str;
+short *port_ptr;
+	{
+	int i;
+	struct servent *s;
+
+	if (str == NULL)
+		{
+		BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED);
+		return(0);
+		}
+	i=atoi(str);
+	if (i != 0)
+		*port_ptr=(unsigned short)i;
+	else
+		{
+		s=getservbyname(str,"tcp");
+		if (s == NULL)
+			{
+			if (strcmp(str,"http") == 0)
+				*port_ptr=80;
+			else if (strcmp(str,"telnet") == 0)
+				*port_ptr=23;
+			else if (strcmp(str,"socks") == 0)
+				*port_ptr=1080;
+			else if (strcmp(str,"https") == 0)
+				*port_ptr=443;
+			else if (strcmp(str,"ssl") == 0)
+				*port_ptr=443;
+			else if (strcmp(str,"ftp") == 0)
+				*port_ptr=21;
+			else if (strcmp(str,"gopher") == 0)
+				*port_ptr=70;
+#if 0
+			else if (strcmp(str,"wais") == 0)
+				*port_ptr=21;
+#endif
+			else
+				{
+				SYSerr(SYS_F_GETSERVBYNAME,errno);
+				return(0);
+				}
+			return(1);
+			}
+		*port_ptr=htons((unsigned short)s->s_port);
+		}
+	return(1);
+	}
+
+int BIO_sock_error(sock)
+int sock;
+	{
+	int j,i,size;
+		 
+	size=sizeof(int);
+
+	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
+	if (i < 0)
+		return(1);
+	else
+		return(j);
+	}
+
+#define GHBN_NUM	4
+static struct ghbn_cache_st
+	{
+	char name[128];
+	struct hostent ent;
+	unsigned long order;
+	} ghbn_cache[GHBN_NUM];
+
+struct hostent *BIO_gethostbyname(name)
+char *name;
+	{
+	struct hostent *ret;
+	int i,lowi=0;
+	unsigned long low= (unsigned long)-1;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
+	if (strlen(name) < 128)
+		{
+		for (i=0; i<GHBN_NUM; i++)
+			{
+			if (low > ghbn_cache[i].order)
+				{
+				low=ghbn_cache[i].order;
+				lowi=i;
+				}
+			if (ghbn_cache[i].order > 0)
+				{
+				if (strncmp(name,ghbn_cache[i].name,128) == 0)
+					break;
+				}
+			}
+		}
+	else
+		i=GHBN_NUM;
+
+	if (i == GHBN_NUM) /* no hit*/
+		{
+		BIO_ghbn_miss++;
+		ret=gethostbyname(name);
+		if (ret == NULL) return(NULL);
+		/* else add to cache */
+		strncpy(ghbn_cache[lowi].name,name,128);
+		memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
+		ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
+		}
+	else
+		{
+		BIO_ghbn_hits++;
+		ret= &(ghbn_cache[i].ent);
+		ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
+	return(ret);
+	}
+
+int BIO_sock_init()
+	{
+#ifdef WINDOWS
+	static struct WSAData wsa_state;
+
+	if (!wsa_init_done)
+		{
+		int err;
+	  
+#ifdef SIGINT
+		signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
+#endif
+		wsa_init_done=1;
+		memset(&wsa_state,0,sizeof(wsa_state));
+		if (WSAStartup(0x0101,&wsa_state)!=0)
+			{
+			err=WSAGetLastError();
+			SYSerr(SYS_F_WSASTARTUP,err);
+			BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP);
+			return(-1);
+			}
+		}
+#endif /* WINDOWS */
+	return(1);
+	}
+
+void BIO_sock_cleanup()
+	{
+#ifdef WINDOWS
+	if (wsa_init_done)
+		{
+		wsa_init_done=0;
+		WSACancelBlockingCall();
+		WSACleanup();
+		}
+#endif
+	}
+
+int BIO_socket_ioctl(fd,type,arg)
+int fd;
+long type;
+unsigned long *arg;
+	{
+	int i,err;
+
+#ifdef WINDOWS
+	i=ioctlsocket(fd,type,arg);
+#else
+	i=ioctl(fd,type,arg);
+#endif
+	if (i < 0)
+		{
+#ifdef WINDOWS
+		err=WSAGetLastError();
+#else
+		err=errno;
+#endif
+		SYSerr(SYS_F_IOCTLSOCKET,err);
+		}
+	return(i);
+	}
+
+/* The reason I have implemented this instead of using sscanf is because
+ * Visual C 1.52c gives an unresolved external when linking a DLL :-( */
+static int get_ip(str,ip)
+char *str;
+unsigned char ip[4];
+	{
+	unsigned int tmp[4];
+	int num=0,c,ok=0;
+
+	tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
+
+	for (;;)
+		{
+		c= *(str++);
+		if ((c >= '0') && (c <= '9'))
+			{
+			ok=1;
+			tmp[num]=tmp[num]*10+c-'0';
+			if (tmp[num] > 255) return(-1);
+			}
+		else if (c == '.')
+			{
+			if (!ok) return(-1);
+			if (num == 3) break;
+			num++;
+			ok=0;
+			}
+		else if ((num == 3) && ok)
+			break;
+		else
+			return(0);
+		}
+	ip[0]=tmp[0];
+	ip[1]=tmp[1];
+	ip[2]=tmp[2];
+	ip[3]=tmp[3];
+	return(1);
+	}
+
+int BIO_get_accept_socket(host)
+char *host;
+	{
+	int ret=0;
+	struct sockaddr_in server;
+	int s= -1;
+	unsigned char ip[4];
+	short port;
+	char *str,*h,*p,*e;
+	unsigned long l;
+
+	if (!BIO_sock_init()) return(INVALID_SOCKET);
+
+	if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
+
+	h=p=NULL;
+	h=str;
+	for (e=str; *e; e++)
+		{
+		if (*e == ':')
+			{
+			p= &(e[1]);
+			*e='\0';
+			}
+		else if (*e == '/')
+			{
+			*e='\0';
+			break;
+			}
+		}
+
+	if (p == NULL)
+		{
+		p=h;
+		h="*";
+		}
+
+	if (!BIO_get_port(p,&port)) return(INVALID_SOCKET);
+
+	memset((char *)&server,0,sizeof(server));
+	server.sin_family=AF_INET;
+	server.sin_port=htons((unsigned short)port);
+
+	if (strcmp(h,"*") == 0)
+		server.sin_addr.s_addr=INADDR_ANY;
+	else
+		{
+		if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET);
+		l=(unsigned long)
+			((unsigned long)ip[0]<<24L)|
+			((unsigned long)ip[0]<<16L)|
+			((unsigned long)ip[0]<< 8L)|
+			((unsigned long)ip[0]);
+		server.sin_addr.s_addr=htonl(l);
+		}
+
+	s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+	if (s == INVALID_SOCKET)
+		{
+#ifdef WINDOWS
+		errno=WSAGetLastError();
+#endif
+		SYSerr(SYS_F_SOCKET,errno);
+		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
+		goto err;
+		}
+	if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+		{
+#ifdef WINDOWS
+		errno=WSAGetLastError();
+#endif
+		SYSerr(SYS_F_BIND,errno);
+		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
+		goto err;
+		}
+	if (listen(s,5) == -1)
+		{
+#ifdef WINDOWS
+		errno=WSAGetLastError();
+#endif
+		SYSerr(SYS_F_LISTEN,errno);
+		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
+		goto err;
+		}
+	ret=1;
+err:
+	if (str != NULL) Free(str);
+	if ((ret == 0) && (s != INVALID_SOCKET))
+		{
+#ifdef WINDOWS
+		closesocket(s);
+#else
+		close(s);
+#endif
+		s= INVALID_SOCKET;
+		}
+	return(s);
+	}
+
+int BIO_accept(sock,addr)
+int sock;
+char **addr;
+	{
+	int ret=INVALID_SOCKET;
+	static struct sockaddr_in from;
+	unsigned long l;
+	short port;
+	int len;
+	char *p;
+
+	memset((char *)&from,0,sizeof(from));
+	len=sizeof(from);
+	ret=accept(sock,(struct sockaddr *)&from,&len);
+	if (ret == INVALID_SOCKET)
+		{
+#ifdef WINDOWS
+		errno=WSAGetLastError();
+#endif
+		SYSerr(SYS_F_ACCEPT,errno);
+		BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
+		goto end;
+		}
+
+	if (addr == NULL) goto end;
+
+	l=ntohl(from.sin_addr.s_addr);
+	port=ntohs(from.sin_port);
+	if (*addr == NULL)
+		{
+		if ((p=Malloc(24)) == NULL)
+			{
+			BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
+			goto end;
+			}
+		*addr=p;
+		}
+	sprintf(*addr,"%d.%d.%d.%d:%d",
+		(unsigned char)(l>>24L)&0xff,
+		(unsigned char)(l>>16L)&0xff,
+		(unsigned char)(l>> 8L)&0xff,
+		(unsigned char)(l     )&0xff,
+		port);
+end:
+	return(ret);
+	}
+
+int BIO_set_tcp_ndelay(s,on)
+int s;
+int on;
+	{
+	int ret=0;
+#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
+	int opt;
+
+#ifdef SOL_TCP
+	opt=SOL_TCP;
+#else
+#ifdef IPPROTO_TCP
+	opt=IPPROTO_TCP;
+#endif
+#endif
+	
+	ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on));
+#endif
+	return(ret == 0);
+	}
+#endif
+
diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c
new file mode 100644
index 0000000000..ac3ba14fe0
--- /dev/null
+++ b/crypto/bio/bf_buff.c
@@ -0,0 +1,489 @@
+/* crypto/bio/bf_buff.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int buffer_write(BIO *h,char *buf,int num);
+static int buffer_read(BIO *h,char *buf,int size);
+static int buffer_puts(BIO *h,char *str);
+static int buffer_gets(BIO *h,char *str,int size);
+static long buffer_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int buffer_new(BIO *h);
+static int buffer_free(BIO *data);
+#else
+static int buffer_write();
+static int buffer_read();
+static int buffer_puts();
+static int buffer_gets();
+static long buffer_ctrl();
+static int buffer_new();
+static int buffer_free();
+#endif
+
+#define DEFAULT_BUFFER_SIZE	1024
+
+static BIO_METHOD methods_buffer=
+	{
+	BIO_TYPE_BUFFER,"buffer",
+	buffer_write,
+	buffer_read,
+	buffer_puts,
+	buffer_gets,
+	buffer_ctrl,
+	buffer_new,
+	buffer_free,
+	};
+
+BIO_METHOD *BIO_f_buffer()
+	{
+	return(&methods_buffer);
+	}
+
+static int buffer_new(bi)
+BIO *bi;
+	{
+	BIO_F_BUFFER_CTX *ctx;
+
+	ctx=(BIO_F_BUFFER_CTX *)Malloc(sizeof(BIO_F_BUFFER_CTX));
+	if (ctx == NULL) return(0);
+	ctx->ibuf=(char *)Malloc(DEFAULT_BUFFER_SIZE);
+	if (ctx->ibuf == NULL) { Free(ctx); return(0); }
+	ctx->obuf=(char *)Malloc(DEFAULT_BUFFER_SIZE);
+	if (ctx->obuf == NULL) { Free(ctx->ibuf); Free(ctx); return(0); }
+	ctx->ibuf_size=DEFAULT_BUFFER_SIZE;
+	ctx->obuf_size=DEFAULT_BUFFER_SIZE;
+	ctx->ibuf_len=0;
+	ctx->ibuf_off=0;
+	ctx->obuf_len=0;
+	ctx->obuf_off=0;
+
+	bi->init=1;
+	bi->ptr=(char *)ctx;
+	bi->flags=0;
+	return(1);
+	}
+
+static int buffer_free(a)
+BIO *a;
+	{
+	BIO_F_BUFFER_CTX *b;
+
+	if (a == NULL) return(0);
+	b=(BIO_F_BUFFER_CTX *)a->ptr;
+	if (b->ibuf != NULL) Free(b->ibuf);
+	if (b->obuf != NULL) Free(b->obuf);
+	Free(a->ptr);
+	a->ptr=NULL;
+	a->init=0;
+	a->flags=0;
+	return(1);
+	}
+	
+static int buffer_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int i,num=0;
+	BIO_F_BUFFER_CTX *ctx;
+
+	if (out == NULL) return(0);
+	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+
+	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+	num=0;
+	BIO_clear_retry_flags(b);
+
+start:
+	i=ctx->ibuf_len;
+	/* If there is stuff left over, grab it */
+	if (i != 0)
+		{
+		if (i > outl) i=outl;
+		memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i);
+		ctx->ibuf_off+=i;
+		ctx->ibuf_len-=i;
+		num+=i;
+		if (outl == i)  return(num);
+		outl-=i;
+		out+=i;
+		}
+
+	/* We may have done a partial read. try to do more.
+	 * We have nothing in the buffer.
+	 * If we get an error and have read some data, just return it
+	 * and let them retry to get the error again.
+	 * copy direct to parent address space */
+	if (outl > ctx->ibuf_size)
+		{
+		for (;;)
+			{
+			i=BIO_read(b->next_bio,out,outl);
+			if (i <= 0)
+				{
+				BIO_copy_next_retry(b);
+				if (i < 0) return((num > 0)?num:i);
+				if (i == 0) return(num);
+				}
+			num+=i;
+			if (outl == i) return(num);
+			out+=i;
+			outl-=i;
+			}
+		}
+	/* else */
+
+	/* we are going to be doing some buffering */
+	i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
+	if (i <= 0)
+		{
+		BIO_copy_next_retry(b);
+		if (i < 0) return((num > 0)?num:i);
+		if (i == 0) return(num);
+		}
+	ctx->ibuf_off=0;
+	ctx->ibuf_len=i;
+
+	/* Lets re-read using ourselves :-) */
+	goto start;
+	}
+
+static int buffer_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int i,num=0;
+	BIO_F_BUFFER_CTX *ctx;
+
+	if ((in == NULL) || (inl <= 0)) return(0);
+	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+	BIO_clear_retry_flags(b);
+start:
+	i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off);
+	/* add to buffer and return */
+	if (i >= inl)
+		{
+		memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl);
+		ctx->obuf_len+=inl;
+		return(num+inl);
+		}
+	/* else */
+	/* stuff already in buffer, so add to it first, then flush */
+	if (ctx->obuf_len != 0)
+		{
+		if (i > 0) /* lets fill it up if we can */
+			{
+			memcpy(&(ctx->obuf[ctx->obuf_len]),in,i);
+			in+=i;
+			inl-=i;
+			num+=i;
+			ctx->obuf_len+=i;
+			}
+		/* we now have a full buffer needing flushing */
+		for (;;)
+			{
+			i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]),
+				ctx->obuf_len);
+			if (i <= 0)
+				{
+				BIO_copy_next_retry(b);
+
+				if (i < 0) return((num > 0)?num:i);
+				if (i == 0) return(num);
+				}
+			ctx->obuf_off+=i;
+			ctx->obuf_len-=i;
+			if (ctx->obuf_len == 0) break;
+			}
+		}
+	/* we only get here if the buffer has been flushed and we
+	 * still have stuff to write */
+	ctx->obuf_off=0;
+
+	/* we now have inl bytes to write */
+	while (inl >= ctx->obuf_size)
+		{
+		i=BIO_write(b->next_bio,in,inl);
+		if (i <= 0)
+			{
+			BIO_copy_next_retry(b);
+			if (i < 0) return((num > 0)?num:i);
+			if (i == 0) return(num);
+			}
+		num+=i;
+		in+=i;
+		inl-=i;
+		if (inl == 0) return(num);
+		}
+
+	/* copy the rest into the buffer since we have only a small 
+	 * amount left */
+	goto start;
+	}
+
+static long buffer_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	BIO *dbio;
+	BIO_F_BUFFER_CTX *ctx;
+	long ret=1;
+	char *p1,*p2;
+	int r,i,*ip;
+	int ibs,obs;
+
+	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ctx->ibuf_off=0;
+		ctx->ibuf_len=0;
+		ctx->obuf_off=0;
+		ctx->obuf_len=0;
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_INFO:
+		ret=(long)ctx->obuf_len;
+		break;
+	case BIO_C_GET_BUFF_NUM_LINES:
+		ret=0;
+		p1=ctx->ibuf;
+		for (i=ctx->ibuf_off; i<ctx->ibuf_len; i++)
+			{
+			if (p1[i] == '\n') ret++;
+			}
+		break;
+	case BIO_CTRL_WPENDING:
+		ret=(long)ctx->obuf_len;
+		if (ret == 0)
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_PENDING:
+		ret=(long)ctx->ibuf_len;
+		if (ret == 0)
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_C_SET_BUFF_SIZE:
+		if (ptr != NULL)
+			{
+			ip=(int *)ptr;
+			if (*ip == 0)
+				{
+				ibs=(int)num;
+				obs=ctx->obuf_size;
+				}
+			else /* if (*ip == 1) */
+				{
+				ibs=ctx->ibuf_size;
+				obs=(int)num;
+				}
+			}
+		else
+			{
+			ibs=(int)num;
+			obs=(int)num;
+			}
+		p1=ctx->ibuf;
+		p2=ctx->obuf;
+		if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
+			{
+			p1=(char *)Malloc((int)num);
+			if (p1 == NULL) { ret=0; break; }
+			}
+		if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
+			{
+			p2=(char *)Malloc((int)num);
+			if (p2 == NULL)
+				{
+				ret=0;
+				if (p1 != ctx->ibuf) Free(p1);
+				break;
+				}
+			}
+		if (ctx->ibuf != p1)
+			{
+			Free(ctx->ibuf);
+			ctx->ibuf=p1;
+			ctx->ibuf_off=0;
+			ctx->ibuf_len=0;
+			ctx->ibuf_size=ibs;
+			}
+		if (ctx->obuf != p2)
+			{
+			Free(ctx->obuf);
+			ctx->obuf=p2;
+			ctx->obuf_off=0;
+			ctx->obuf_len=0;
+			ctx->obuf_size=obs;
+			}
+		break;
+	case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		BIO_copy_next_retry(b);
+		break;
+
+	case BIO_CTRL_FLUSH:
+		if (ctx->obuf_len <= 0)
+			break;
+
+		for (;;)
+			{
+			BIO_clear_retry_flags(b);
+			if (ctx->obuf_len > ctx->obuf_off)
+				{
+				r=BIO_write(b->next_bio,
+					&(ctx->obuf[ctx->obuf_off]),
+					ctx->obuf_len-ctx->obuf_off);
+#if 0
+fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r);
+#endif
+				BIO_copy_next_retry(b);
+				if (r <= 0) return((long)r);
+				ctx->obuf_off+=r;
+				}
+			else
+				{
+				ctx->obuf_len=0;
+				ctx->obuf_off=0;
+				ret=1;
+				break;
+				}
+			}
+		break;
+	case BIO_CTRL_DUP:
+		dbio=(BIO *)ptr;
+		if (	!BIO_set_read_buffer_size(dbio,ctx->ibuf_size) ||
+			!BIO_set_write_buffer_size(dbio,ctx->obuf_size))
+			ret=0;
+		break;
+	default:
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+		}
+	return(ret);
+	}
+
+static int buffer_gets(b,buf,size)
+BIO *b;
+char *buf;
+int size;
+	{
+	BIO_F_BUFFER_CTX *ctx;
+	int num=0,i;
+	char *p;
+
+	ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+	size--;
+	BIO_clear_retry_flags(b);
+
+	for (;;)
+		{
+		if (ctx->ibuf_len != 0)
+			{
+			p= &(ctx->ibuf[ctx->ibuf_off]);
+			for (i=0; (i<ctx->ibuf_len) && (i<(size-1)); i++)
+				{
+				*(buf++)=p[i];
+				if (p[i] == '\n') break;
+				}
+			num+=i;
+			size-=i;
+			ctx->ibuf_len-=i;
+			ctx->ibuf_off+=i;
+			if (p[i] == '\n')
+				{
+				buf[i+1]='\0';
+				ctx->ibuf_len--;
+				ctx->ibuf_off++;
+				return(num);
+				}
+			}
+		else	/* read another chunk */
+			{
+			i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
+			if (i <= 0)
+				{
+				BIO_copy_next_retry(b);
+				if (i < 0) return((num > 0)?num:i);
+				if (i == 0) return(num);
+				}
+			ctx->ibuf_len=i;
+			ctx->ibuf_off=0;
+			}
+		}
+	}
+
+static int buffer_puts(b,str)
+BIO *b;
+char *str;
+	{
+	return(BIO_write(b,str,strlen(str)));
+	}
+
diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
new file mode 100644
index 0000000000..b493100ba4
--- /dev/null
+++ b/crypto/bio/bf_nbio.c
@@ -0,0 +1,266 @@
+/* crypto/bio/bf_nbio.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "bio.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int nbiof_write(BIO *h,char *buf,int num);
+static int nbiof_read(BIO *h,char *buf,int size);
+static int nbiof_puts(BIO *h,char *str);
+static int nbiof_gets(BIO *h,char *str,int size);
+static long nbiof_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int nbiof_new(BIO *h);
+static int nbiof_free(BIO *data);
+#else
+static int nbiof_write();
+static int nbiof_read();
+static int nbiof_puts();
+static int nbiof_gets();
+static long nbiof_ctrl();
+static int nbiof_new();
+static int nbiof_free();
+#endif
+
+typedef struct nbio_test_st
+	{
+	/* only set if we sent a 'should retry' error */
+	int lrn;
+	int lwn;
+	} NBIO_TEST;
+
+static BIO_METHOD methods_nbiof=
+	{
+	BIO_TYPE_NBIO_TEST,"non-blocking IO test filter",
+	nbiof_write,
+	nbiof_read,
+	nbiof_puts,
+	nbiof_gets,
+	nbiof_ctrl,
+	nbiof_new,
+	nbiof_free,
+	};
+
+BIO_METHOD *BIO_f_nbio_test()
+	{
+	return(&methods_nbiof);
+	}
+
+static int nbiof_new(bi)
+BIO *bi;
+	{
+	NBIO_TEST *nt;
+
+	nt=(NBIO_TEST *)Malloc(sizeof(NBIO_TEST));
+	nt->lrn= -1;
+	nt->lwn= -1;
+	bi->ptr=(char *)nt;
+	bi->init=1;
+	bi->flags=0;
+	return(1);
+	}
+
+static int nbiof_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	if (a->ptr != NULL)
+		Free(a->ptr);
+	a->ptr=NULL;
+	a->init=0;
+	a->flags=0;
+	return(1);
+	}
+	
+static int nbiof_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	NBIO_TEST *nt;
+	int ret=0;
+#if 0
+	int num;
+	unsigned char n;
+#endif
+
+	if (out == NULL) return(0);
+	if (b->next_bio == NULL) return(0);
+	nt=(NBIO_TEST *)b->ptr;
+
+	BIO_clear_retry_flags(b);
+#if 0
+	RAND_bytes(&n,1);
+	num=(n&0x07);
+
+	if (outl > num) outl=num;
+
+	if (num == 0)
+		{
+		ret= -1;
+		BIO_set_retry_read(b);
+		}
+	else
+#endif
+		{
+		ret=BIO_read(b->next_bio,out,outl);
+		if (ret < 0)
+			BIO_copy_next_retry(b);
+		}
+	return(ret);
+	}
+
+static int nbiof_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	NBIO_TEST *nt;
+	int ret=0;
+	int num;
+	unsigned char n;
+
+	if ((in == NULL) || (inl <= 0)) return(0);
+	if (b->next_bio == NULL) return(0);
+	nt=(NBIO_TEST *)b->ptr;
+
+	BIO_clear_retry_flags(b);
+
+#if 1
+	if (nt->lwn > 0)
+		{
+		num=nt->lwn;
+		nt->lwn=0;
+		}
+	else
+		{
+		RAND_bytes(&n,1);
+		num=(n&7);
+		}
+
+	if (inl > num) inl=num;
+
+	if (num == 0)
+		{
+		ret= -1;
+		BIO_set_retry_write(b);
+		}
+	else
+#endif
+		{
+		ret=BIO_write(b->next_bio,in,inl);
+		if (ret < 0)
+			{
+			BIO_copy_next_retry(b);
+			nt->lwn=inl;
+			}
+		}
+	return(ret);
+	}
+
+static long nbiof_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret;
+
+	if (b->next_bio == NULL) return(0);
+	switch (cmd)
+		{
+        case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		BIO_copy_next_retry(b);
+		break;
+	case BIO_CTRL_DUP:
+		break;
+	default:
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+		}
+	return(ret);
+	}
+
+static int nbiof_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	if (bp->next_bio == NULL) return(0);
+	return(BIO_gets(bp->next_bio,buf,size));
+	}
+
+
+static int nbiof_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	if (bp->next_bio == NULL) return(0);
+	return(BIO_puts(bp->next_bio,str));
+	}
+
+
diff --git a/crypto/bio/bf_null.c b/crypto/bio/bf_null.c
new file mode 100644
index 0000000000..9864f4a03c
--- /dev/null
+++ b/crypto/bio/bf_null.c
@@ -0,0 +1,194 @@
+/* crypto/bio/bf_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int nullf_write(BIO *h,char *buf,int num);
+static int nullf_read(BIO *h,char *buf,int size);
+static int nullf_puts(BIO *h,char *str);
+static int nullf_gets(BIO *h,char *str,int size);
+static long nullf_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int nullf_new(BIO *h);
+static int nullf_free(BIO *data);
+#else
+static int nullf_write();
+static int nullf_read();
+static int nullf_puts();
+static int nullf_gets();
+static long nullf_ctrl();
+static int nullf_new();
+static int nullf_free();
+#endif
+
+static BIO_METHOD methods_nullf=
+	{
+	BIO_TYPE_NULL_FILTER,"NULL filter",
+	nullf_write,
+	nullf_read,
+	nullf_puts,
+	nullf_gets,
+	nullf_ctrl,
+	nullf_new,
+	nullf_free,
+	};
+
+BIO_METHOD *BIO_f_null()
+	{
+	return(&methods_nullf);
+	}
+
+static int nullf_new(bi)
+BIO *bi;
+	{
+	bi->init=1;
+	bi->ptr=NULL;
+	bi->flags=0;
+	return(1);
+	}
+
+static int nullf_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+/*	a->ptr=NULL;
+	a->init=0;
+	a->flags=0;*/
+	return(1);
+	}
+	
+static int nullf_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+ 
+	if (out == NULL) return(0);
+	if (b->next_bio == NULL) return(0);
+	ret=BIO_read(b->next_bio,out,outl);
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static int nullf_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret=0;
+
+	if ((in == NULL) || (inl <= 0)) return(0);
+	if (b->next_bio == NULL) return(0);
+	ret=BIO_write(b->next_bio,in,inl);
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static long nullf_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret;
+
+	if (b->next_bio == NULL) return(0);
+	switch(cmd)
+		{
+        case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		BIO_copy_next_retry(b);
+		break;
+	case BIO_CTRL_DUP:
+		break;
+	default:
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		}
+	return(ret);
+	}
+
+static int nullf_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	if (bp->next_bio == NULL) return(0);
+	return(BIO_gets(bp->next_bio,buf,size));
+	}
+
+
+static int nullf_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	if (bp->next_bio == NULL) return(0);
+	return(BIO_puts(bp->next_bio,str));
+	}
+
+
diff --git a/crypto/bio/bio.err b/crypto/bio/bio.err
new file mode 100644
index 0000000000..3363971b31
--- /dev/null
+++ b/crypto/bio/bio.err
@@ -0,0 +1,43 @@
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+#define BIO_F_ACPT_STATE				 100
+#define BIO_F_BIO_ACCEPT				 101
+#define BIO_F_BIO_CTRL					 102
+#define BIO_F_BIO_GETS					 103
+#define BIO_F_BIO_GET_ACCEPT_SOCKET			 104
+#define BIO_F_BIO_GET_HOST_IP				 105
+#define BIO_F_BIO_GET_PORT				 106
+#define BIO_F_BIO_NEW					 107
+#define BIO_F_BIO_NEW_FILE				 108
+#define BIO_F_BIO_PUTS					 109
+#define BIO_F_BIO_READ					 110
+#define BIO_F_BIO_SOCK_INIT				 111
+#define BIO_F_BIO_WRITE					 112
+#define BIO_F_CONN_STATE				 113
+#define BIO_F_FILE_CTRL					 114
+#define BIO_F_MEM_WRITE					 115
+#define BIO_F_WSASTARTUP				 116
+
+/* Reason codes. */
+#define BIO_R_ACCEPT_ERROR				 100
+#define BIO_R_BAD_FOPEN_MODE				 101
+#define BIO_R_BAD_HOSTNAME_LOOKUP			 102
+#define BIO_R_CONNECT_ERROR				 103
+#define BIO_R_ERROR_SETTING_NBIO			 104
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET	 105
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
+#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
+#define BIO_R_INVALID_IP_ADDRESS			 108
+#define BIO_R_NBIO_CONNECT_ERROR			 109
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 110
+#define BIO_R_NO_HOSTHNAME_SPECIFIED			 111
+#define BIO_R_NO_PORT_DEFINED				 112
+#define BIO_R_NO_PORT_SPECIFIED				 113
+#define BIO_R_NULL_PARAMETER				 114
+#define BIO_R_UNABLE_TO_BIND_SOCKET			 115
+#define BIO_R_UNABLE_TO_CREATE_SOCKET			 116
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 117
+#define BIO_R_UNINITALISED				 118
+#define BIO_R_UNSUPPORTED_METHOD			 119
+#define BIO_R_WSASTARTUP				 120
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
new file mode 100644
index 0000000000..0b2c6e77e1
--- /dev/null
+++ b/crypto/bio/bio.h
@@ -0,0 +1,597 @@
+/* crypto/bio/bio.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BIO_H
+#define HEADER_BIO_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* These are the 'types' of BIOs */
+#define BIO_TYPE_NONE		0
+#define BIO_TYPE_MEM		(1|0x0400)
+#define BIO_TYPE_FILE		(2|0x0400)
+
+#define BIO_TYPE_FD		(4|0x0400|0x0100)
+#define BIO_TYPE_SOCKET		(5|0x0400|0x0100)
+#define BIO_TYPE_NULL		(6|0x0400)
+#define BIO_TYPE_SSL		(7|0x0200)
+#define BIO_TYPE_MD		(8|0x0200)		/* pasive filter */
+#define BIO_TYPE_BUFFER		(9|0x0200)		/* filter */
+#define BIO_TYPE_CIPHER		(10|0x0200)		/* filter */
+#define BIO_TYPE_BASE64		(11|0x0200)		/* filter */
+#define BIO_TYPE_CONNECT	(12|0x0400|0x0100)	/* socket - connect */
+#define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)	/* socket for accept */
+#define BIO_TYPE_PROXY_CLIENT	(14|0x0400)		/* client proxy BIO */
+#define BIO_TYPE_PROXY_SERVER	(15|0x0200)		/* server proxy BIO */
+#define BIO_TYPE_NBIO_TEST	(16|0x0200)		/* server proxy BIO */
+#define BIO_TYPE_NULL_FILTER	(17|0x0200)
+
+#define BIO_TYPE_DESCRIPTOR	0x0100	/* socket, fd, connect or accept */
+#define BIO_TYPE_FILTER		0x0200
+#define BIO_TYPE_SOURCE_SINK	0x0400
+
+/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
+#define BIO_NOCLOSE		0x00
+#define BIO_CLOSE		0x01
+
+/* These are used in the following macros and are passed to
+ * BIO_ctrl() */
+#define BIO_CTRL_RESET		1  /* opt - rewind/zero etc */
+#define BIO_CTRL_EOF		2  /* opt - are we at the eof */
+#define BIO_CTRL_INFO		3  /* opt - extra tit-bits */
+#define BIO_CTRL_SET		4  /* man - set the 'IO' type */
+#define BIO_CTRL_GET		5  /* man - get the 'IO' type */
+#define BIO_CTRL_PUSH		6  /* opt - internal, used to signify change */
+#define BIO_CTRL_POP		7  /* opt - internal, used to signify change */
+#define BIO_CTRL_GET_CLOSE	8  /* man - set the 'close' on free */
+#define BIO_CTRL_SET_CLOSE	9  /* man - set the 'close' on free */
+#define BIO_CTRL_PENDING	10  /* opt - is their more data buffered */
+#define BIO_CTRL_FLUSH		11  /* opt - 'flush' buffered output */
+#define BIO_CTRL_DUP		12  /* man - extra stuff for 'duped' BIO */
+#define BIO_CTRL_WPENDING	13  /* opt - number of bytes still to write */
+
+#define BIO_CTRL_SET_FILENAME	30	/* BIO_s_file special */
+
+/* modifiers */
+#define BIO_FP_READ		0x02
+#define BIO_FP_WRITE		0x04
+#define BIO_FP_APPEND		0x08
+#define BIO_FP_TEXT		0x10
+
+#define BIO_FLAGS_READ		0x01
+#define BIO_FLAGS_WRITE		0x02
+#define BIO_FLAGS_IO_SPECIAL	0x04
+#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+#define BIO_FLAGS_SHOULD_RETRY	0x08
+
+/* Mostly used in the SSL BIO */
+#define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+#define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+#define BIO_FLAGS_PROTOCOL_STARTUP	0x40
+
+#define BIO_set_flags(b,f) ((b)->flags|=(f))
+#define BIO_set_retry_special(b) \
+		((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_set_retry_read(b) \
+		((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_set_retry_write(b) \
+		((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
+#define BIO_clear_retry_flags(b) \
+		((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_get_retry_flags(b) \
+		((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These shouldbe used by the application to tell why we should retry */
+#define BIO_should_read(a)		((a)->flags & BIO_FLAGS_READ)
+#define BIO_should_write(a)		((a)->flags & BIO_FLAGS_WRITE)
+#define BIO_should_io_special(a)	((a)->flags & BIO_FLAGS_IO_SPECIAL)
+#define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
+#define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+
+/* The next two are used in conjunction with the
+ * BIO_should_io_special() condition.  After this returns true,
+ * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO 
+ * stack and return the 'reason' for the special and the offending BIO.
+ * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
+/* Returned from the SSL bio when the certificate retrieval code had an error */
+#define BIO_RR_SSL_X509_LOOKUP		0x01
+/* Returned from the connect BIO when a connect would have blocked */
+#define BIO_RR_CONNECT			0x02
+
+/* These are passed by the BIO callback */
+#define BIO_CB_FREE	0x01
+#define BIO_CB_READ	0x02
+#define BIO_CB_WRITE	0x03
+#define BIO_CB_PUTS	0x04
+#define BIO_CB_GETS	0x05
+#define BIO_CB_CTRL	0x06
+
+/* The callback is called before and after the underling operation,
+ * The BIO_CB_RETURN flag indicates if it is after the call */
+#define BIO_CB_RETURN	0x80
+#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
+#define BIO_cb_pre(a)	(!((a)&BIO_CB_RETURN))
+#define BIO_cb_post(a)	((a)&BIO_CB_RETURN)
+
+#define BIO_set_callback(b,cb)		((b)->callback=(cb))
+#define BIO_set_callback_arg(b,arg)	((b)->cb_arg=(char *)(arg))
+#define BIO_get_callback_arg(b)		((b)->cb_arg)
+#define BIO_get_callback(b)		((b)->callback)
+#define BIO_method_name(b)		((b)->method->name)
+#define BIO_method_type(b)		((b)->method->type)
+
+#ifndef WIN16
+typedef struct bio_method_st
+	{
+	int type;
+	char *name;
+	int (*bwrite)();
+	int (*bread)();
+	int (*bputs)();
+	int (*bgets)();
+	long (*ctrl)();
+	int (*create)();
+	int (*destroy)();
+	} BIO_METHOD;
+#else
+typedef struct bio_method_st
+	{
+	int type;
+	char *name;
+	int (_far *bwrite)();
+	int (_far *bread)();
+	int (_far *bputs)();
+	int (_far *bgets)();
+	long (_far *ctrl)();
+	int (_far *create)();
+	int (_far *destroy)();
+	} BIO_METHOD;
+#endif
+
+typedef struct bio_st
+	{
+	BIO_METHOD *method;
+#ifndef NOPROTO
+	/* bio, mode, argp, argi, argl, ret */
+	long (*callback)(struct bio_st *,int,char *,int, long,long);
+#else
+	long (*callback)();
+#endif
+	char *cb_arg; /* first argument for the callback */
+
+	int init;
+	int shutdown;
+	int flags;	/* extra storage */
+	int retry_reason;
+	int num;
+	char *ptr;
+	struct bio_st *next_bio;	/* used by filter BIOs */
+	struct bio_st *prev_bio;	/* used by filter BIOs */
+	int references;
+	unsigned long num_read;
+	unsigned long num_write;
+
+	char *app_data;
+	} BIO;
+
+typedef struct bio_f_buffer_ctx_struct
+	{
+	/* BIO *bio; */ /* this is now in the BIO struct */
+	int ibuf_size;	/* how big is the input buffer */
+	int obuf_size;	/* how big is the output buffer */
+
+	char *ibuf;		/* the char array */
+	int ibuf_len;		/* how many bytes are in it */
+	int ibuf_off;		/* write/read offset */
+
+	char *obuf;		/* the char array */
+	int obuf_len;		/* how many bytes are in it */
+	int obuf_off;		/* write/read offset */
+	} BIO_F_BUFFER_CTX;
+
+#define BIO_number_read(b)	((b)->num_read)
+#define BIO_number_written(b)	((b)->num_write)
+
+#define BIO_C_SET_CONNECT			100
+#define BIO_C_DO_STATE_MACHINE			101
+#define BIO_C_SET_NBIO				102
+#define BIO_C_SET_PROXY_PARAM			103
+#define BIO_C_SET_FD				104
+#define BIO_C_GET_FD				105
+#define BIO_C_SET_FILE_PTR			106
+#define BIO_C_GET_FILE_PTR			107
+#define BIO_C_SET_FILENAME			108
+#define BIO_C_SET_SSL				109
+#define BIO_C_GET_SSL				110
+#define BIO_C_SET_MD				111
+#define BIO_C_GET_MD				112
+#define BIO_C_GET_CIPHER_STATUS			113
+#define BIO_C_SET_BUF_MEM			114
+#define BIO_C_GET_BUF_MEM_PTR			115
+#define BIO_C_GET_BUFF_NUM_LINES		116
+#define BIO_C_SET_BUFF_SIZE			117
+#define BIO_C_SET_ACCEPT			118
+#define BIO_C_SSL_MODE				119
+#define BIO_C_GET_MD_CTX			120
+#define BIO_C_GET_PROXY_PARAM			121
+
+#define BIO_set_app_data(s,arg)		((s)->app_data=(char *)arg)
+#define BIO_get_app_data(s)		((s)->app_data)
+
+/* BIO_s_connect_socket() */
+#define BIO_set_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+#define BIO_set_port(b,port)	BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+#define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+/* BIO_s_accept_socket() */
+#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+/* #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+#define BIO_set_nbio_accpet(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
+#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+
+#define BIO_do_connect(b)	BIO_do_handshake(b)
+#define BIO_do_accept(b)	BIO_do_handshake(b)
+#define BIO_do_handshake(b)	BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_proxy_client() */
+#define BIO_set_url(b,url)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+#define BIO_set_proxies(b,p)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+/* BIO_set_nbio(b,n) */
+#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+/* BIO *BIO_get_filter_bio(BIO *bio); */
+#define BIO_set_proxy_cb(b,cb) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(char *)(cb))
+#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+
+#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+#define BIO_get_url(b,url)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+
+#define BIO_set_fd(b,fd,c)	BIO_ctrl_int(b,BIO_C_SET_FD,c,fd)
+#define BIO_get_fd(b,c)		BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+#define BIO_set_fp(b,fp,c)	BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+#define BIO_get_fp(b,fpp)	BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+
+#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+		BIO_CLOSE|BIO_FP_READ,name)
+#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+		BIO_CLOSE|BIO_FP_WRITE,name)
+#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+		BIO_CLOSE|BIO_FP_APPEND,name)
+
+#define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+#define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+#define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md)	BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+
+#define BIO_set_mem_buf(b,bm,c)	BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+#define BIO_get_mem_ptr(b,pp)	BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+
+/* For the BIO_f_buffer() type */
+#define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+#define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+#define BIO_set_read_buffer_size(b,size) BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,0)
+#define BIO_set_write_buffer_size(b,size) BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,1)
+
+/* Don't use the next one unless you know what you are doing :-) */
+#define BIO_dup_state(b,ret)	BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)ret)
+
+#define BIO_reset(b)		(int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+#define BIO_eof(b)		(int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+#define BIO_set_close(b,c)	(int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+#define BIO_get_close(b)	(int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+#define BIO_pending(b)		(int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+#define BIO_wpending(b)		(int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+#define BIO_flush(b)		(int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+
+/* For the BIO_f_buffer() type */
+#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+
+#ifndef NOPROTO
+BIO *	BIO_new(BIO_METHOD *type);
+int	BIO_set(BIO *a,BIO_METHOD *type);
+int	BIO_free(BIO *a);
+int	BIO_read(BIO *b, char *data, int len);
+int	BIO_gets(BIO *bp,char *buf, int size);
+int	BIO_write(BIO *b, char *data, int len);
+int	BIO_puts(BIO *bp,char *buf);
+long	BIO_ctrl(BIO *bp,int cmd,long larg,char *parg);
+long	BIO_ctrl_int(BIO *bp,int cmd,long larg,int iarg);
+BIO *	BIO_push(BIO *b,BIO *append);
+BIO *	BIO_pop(BIO *b);
+void	BIO_free_all(BIO *a);
+BIO *	BIO_find_type(BIO *b,int bio_type);
+BIO *	BIO_get_retry_BIO(BIO *bio, int *reason);
+int	BIO_get_retry_reason(BIO *bio);
+BIO *	BIO_dup_chain(BIO *in);
+
+#ifndef WIN16
+long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
+	long argl,long ret);
+#else
+long _far _loadds BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
+	long argl,long ret);
+#endif
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO_METHOD *BIO_s_file(void);
+#else
+BIO_METHOD *BIO_s_file_internal_w16(void);
+#endif
+
+BIO_METHOD *BIO_s_mem(void);
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_connect(void);
+BIO_METHOD *BIO_s_accept(void);
+BIO_METHOD *BIO_s_fd(void);
+BIO_METHOD *BIO_s_null(void);
+BIO_METHOD *BIO_f_null(void);
+BIO_METHOD *BIO_f_nbio_test(void);
+BIO_METHOD *BIO_f_buffer(void);
+
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump(BIO *b,char *bytes,int len);
+
+struct hostent *BIO_gethostbyname(char *name);
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, unsigned long *arg);
+int BIO_get_port(char *str, short *port_ptr);
+int BIO_get_host_ip(char *str, unsigned char *ip);
+int BIO_get_accept_socket(char *host_port);
+int BIO_accept(int sock,char **ip_port);
+int BIO_sock_init(void );
+void BIO_sock_cleanup(void);
+int BIO_set_tcp_ndelay(int sock,int turn_on);
+
+void ERR_load_BIO_strings(void );
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO *BIO_new_file(char *filename, char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+#endif
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_fd(int fd, int close_flag);
+BIO *BIO_new_connect(char *host_port);
+BIO *BIO_new_accept(char *host_port);
+
+void BIO_copy_next_retry(BIO *b);
+
+#else
+
+BIO *	BIO_new();
+int	BIO_set();
+int	BIO_free();
+int	BIO_read();
+int	BIO_gets();
+int	BIO_write();
+int	BIO_puts();
+long	BIO_ctrl();
+long	BIO_ctrl_int();
+BIO *	BIO_push();
+BIO *	BIO_pop();
+void	BIO_free_all();
+BIO *	BIO_find_type();
+BIO *	BIO_get_retry_BIO();
+int	BIO_get_retry_reason();
+BIO *	BIO_dup_chain();
+
+#ifndef WIN16
+long BIO_debug_callback();
+#else
+long _far _loadds BIO_debug_callback();
+#endif
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO_METHOD *BIO_s_file();
+#else
+BIO_METHOD *BIO_s_file_internal_w16();
+#endif
+
+BIO_METHOD *BIO_s_mem();
+BIO_METHOD *BIO_s_socket();
+BIO_METHOD *BIO_s_connect();
+BIO_METHOD *BIO_s_accept();
+BIO_METHOD *BIO_s_fd();
+BIO_METHOD *BIO_s_null();
+BIO_METHOD *BIO_f_null();
+BIO_METHOD *BIO_f_buffer();
+BIO_METHOD *BIO_f_nbio_test();
+
+int BIO_sock_should_retry();
+int BIO_sock_non_fatal_error();
+int BIO_fd_should_retry();
+int BIO_fd_non_fatal_error();
+int BIO_dump();
+
+struct hostent *BIO_gethostbyname();
+int BIO_sock_error();
+int BIO_socket_ioctl();
+int BIO_get_port();
+int BIO_get_host_ip();
+int BIO_get_accept_socket();
+int BIO_accept();
+int BIO_sock_init();
+void BIO_sock_cleanup();
+int BIO_set_tcp_ndelay();
+
+void ERR_load_BIO_strings();
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO *BIO_new_file();
+BIO *BIO_new_fp();
+#endif
+BIO *BIO_new_socket();
+BIO *BIO_new_fd();
+BIO *BIO_new_connect();
+BIO *BIO_new_accept();
+
+void BIO_copy_next_retry();
+
+#endif
+
+/* Tim Hudson's portable varargs stuff */
+
+#ifndef NOPROTO
+#define VAR_ANSI	/* select ANSI version by default */
+#endif
+
+#ifdef VAR_ANSI
+/* ANSI version of a "portable" macro set for variable length args */
+#ifndef __STDARG_H__ /**/
+#include <stdarg.h>
+#endif /**/
+
+#define VAR_PLIST(arg1type,arg1)    arg1type arg1, ...
+#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) arg1type arg1,arg2type arg2,...
+#define VAR_ALIST
+#define VAR_BDEFN(args,arg1type,arg1)   va_list args
+#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2)    va_list args
+#define VAR_INIT(args,arg1type,arg1)    va_start(args,arg1);
+#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args,arg2);
+#define VAR_ARG(args,type,arg)	arg=va_arg(args,type)
+#define VAR_END(args)		va_end(args);
+
+#else
+
+/* K&R version of a "portable" macro set for variable length args */
+#ifndef __VARARGS_H__
+#include <varargs.h>
+#endif
+
+#define VAR_PLIST(arg1type,arg1)	va_alist
+#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) va_alist
+#define VAR_ALIST		va_dcl
+#define VAR_BDEFN(args,arg1type,arg1)	va_list args; arg1type arg1
+#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2)    va_list args; \
+	arg1type arg1; arg2type arg2
+#define VAR_INIT(args,arg1type,arg1)	va_start(args); \
+	arg1=va_arg(args,arg1type);
+#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args); \
+	arg1=va_arg(args,arg1type);	arg2=va_arg(args,arg2type);
+#define VAR_ARG(args,type,arg)		arg=va_arg(args,type)
+#define VAR_END(args)			va_end(args);
+
+#endif
+
+#ifndef NOPROTO
+int BIO_printf( VAR_PLIST( BIO *, bio ) );
+#else
+int BIO_printf();
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+#define BIO_F_ACPT_STATE				 100
+#define BIO_F_BIO_ACCEPT				 101
+#define BIO_F_BIO_CTRL					 102
+#define BIO_F_BIO_GETS					 103
+#define BIO_F_BIO_GET_ACCEPT_SOCKET			 104
+#define BIO_F_BIO_GET_HOST_IP				 105
+#define BIO_F_BIO_GET_PORT				 106
+#define BIO_F_BIO_NEW					 107
+#define BIO_F_BIO_NEW_FILE				 108
+#define BIO_F_BIO_PUTS					 109
+#define BIO_F_BIO_READ					 110
+#define BIO_F_BIO_SOCK_INIT				 111
+#define BIO_F_BIO_WRITE					 112
+#define BIO_F_CONN_STATE				 113
+#define BIO_F_FILE_CTRL					 114
+#define BIO_F_MEM_WRITE					 115
+#define BIO_F_WSASTARTUP				 116
+
+/* Reason codes. */
+#define BIO_R_ACCEPT_ERROR				 100
+#define BIO_R_BAD_FOPEN_MODE				 101
+#define BIO_R_BAD_HOSTNAME_LOOKUP			 102
+#define BIO_R_CONNECT_ERROR				 103
+#define BIO_R_ERROR_SETTING_NBIO			 104
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET	 105
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
+#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
+#define BIO_R_INVALID_IP_ADDRESS			 108
+#define BIO_R_NBIO_CONNECT_ERROR			 109
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 110
+#define BIO_R_NO_HOSTHNAME_SPECIFIED			 111
+#define BIO_R_NO_PORT_DEFINED				 112
+#define BIO_R_NO_PORT_SPECIFIED				 113
+#define BIO_R_NULL_PARAMETER				 114
+#define BIO_R_UNABLE_TO_BIND_SOCKET			 115
+#define BIO_R_UNABLE_TO_CREATE_SOCKET			 116
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 117
+#define BIO_R_UNINITALISED				 118
+#define BIO_R_UNSUPPORTED_METHOD			 119
+#define BIO_R_WSASTARTUP				 120
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
new file mode 100644
index 0000000000..2f98cd1256
--- /dev/null
+++ b/crypto/bio/bio_cb.c
@@ -0,0 +1,132 @@
+/* crypto/bio/bio_cb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+long MS_CALLBACK BIO_debug_callback(bio,cmd,argp,argi,argl,ret)
+BIO *bio;
+int cmd;
+char *argp;
+int argi;
+long argl;
+long ret;
+	{
+	BIO *b;
+	MS_STATIC char buf[256];
+	char *p;
+	long r=1;
+
+	if (BIO_CB_RETURN & cmd)
+		r=ret;
+
+	sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
+	p= &(buf[14]);
+	switch (cmd)
+		{
+	case BIO_CB_FREE:
+		sprintf(p,"Free - %s\n",bio->method->name);
+		break;
+	case BIO_CB_READ:
+		sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+		break;
+	case BIO_CB_WRITE:
+		sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+		break;
+	case BIO_CB_PUTS:
+		sprintf(p,"puts() - %s\n",bio->method->name);
+		break;
+	case BIO_CB_GETS:
+		sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
+		break;
+	case BIO_CB_CTRL:
+		sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
+		break;
+	case BIO_CB_RETURN|BIO_CB_READ:
+		sprintf(p,"read return %ld\n",ret);
+		break;
+	case BIO_CB_RETURN|BIO_CB_WRITE:
+		sprintf(p,"write return %ld\n",ret);
+		break;
+	case BIO_CB_RETURN|BIO_CB_GETS:
+		sprintf(p,"gets return %ld\n",ret);
+		break;
+	case BIO_CB_RETURN|BIO_CB_PUTS:
+		sprintf(p,"puts return %ld\n",ret);
+		break;
+	case BIO_CB_RETURN|BIO_CB_CTRL:
+		sprintf(p,"ctrl return %ld\n",ret);
+		break;
+	default:
+		sprintf(p,"bio callback - unknown type (%d)\n",cmd);
+		break;
+		}
+
+	b=(BIO *)bio->cb_arg;
+	if (b != NULL)
+		BIO_write(b,buf,strlen(buf));
+#ifndef WIN16
+	else
+		fputs(buf,stderr);
+#endif
+	return(r);
+	}
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
new file mode 100644
index 0000000000..b78878fcb8
--- /dev/null
+++ b/crypto/bio/bio_err.c
@@ -0,0 +1,121 @@
+/* lib/bio/bio_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "bio.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA BIO_str_functs[]=
+	{
+{ERR_PACK(0,BIO_F_ACPT_STATE,0),	"ACPT_STATE"},
+{ERR_PACK(0,BIO_F_BIO_ACCEPT,0),	"BIO_accept"},
+{ERR_PACK(0,BIO_F_BIO_CTRL,0),	"BIO_ctrl"},
+{ERR_PACK(0,BIO_F_BIO_GETS,0),	"BIO_gets"},
+{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0),	"BIO_get_accept_socket"},
+{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0),	"BIO_get_host_ip"},
+{ERR_PACK(0,BIO_F_BIO_GET_PORT,0),	"BIO_get_port"},
+{ERR_PACK(0,BIO_F_BIO_NEW,0),	"BIO_new"},
+{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0),	"BIO_new_file"},
+{ERR_PACK(0,BIO_F_BIO_PUTS,0),	"BIO_puts"},
+{ERR_PACK(0,BIO_F_BIO_READ,0),	"BIO_read"},
+{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0),	"BIO_sock_init"},
+{ERR_PACK(0,BIO_F_BIO_WRITE,0),	"BIO_write"},
+{ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
+{ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
+{ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},
+{ERR_PACK(0,BIO_F_WSASTARTUP,0),	"WSASTARTUP"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA BIO_str_reasons[]=
+	{
+{BIO_R_ACCEPT_ERROR                      ,"accept error"},
+{BIO_R_BAD_FOPEN_MODE                    ,"bad fopen mode"},
+{BIO_R_BAD_HOSTNAME_LOOKUP               ,"bad hostname lookup"},
+{BIO_R_CONNECT_ERROR                     ,"connect error"},
+{BIO_R_ERROR_SETTING_NBIO                ,"error setting nbio"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
+{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
+{BIO_R_INVALID_IP_ADDRESS                ,"invalid ip address"},
+{BIO_R_NBIO_CONNECT_ERROR                ,"nbio connect error"},
+{BIO_R_NO_ACCEPT_PORT_SPECIFIED          ,"no accept port specified"},
+{BIO_R_NO_HOSTHNAME_SPECIFIED            ,"no hosthname specified"},
+{BIO_R_NO_PORT_DEFINED                   ,"no port defined"},
+{BIO_R_NO_PORT_SPECIFIED                 ,"no port specified"},
+{BIO_R_NULL_PARAMETER                    ,"null parameter"},
+{BIO_R_UNABLE_TO_BIND_SOCKET             ,"unable to bind socket"},
+{BIO_R_UNABLE_TO_CREATE_SOCKET           ,"unable to create socket"},
+{BIO_R_UNABLE_TO_LISTEN_SOCKET           ,"unable to listen socket"},
+{BIO_R_UNINITALISED                      ,"uninitalised"},
+{BIO_R_UNSUPPORTED_METHOD                ,"unsupported method"},
+{BIO_R_WSASTARTUP                        ,"wsastartup"},
+{0,NULL},
+	};
+
+void ERR_load_BIO_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
+		ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
+		}
+	}
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
new file mode 100644
index 0000000000..78e896f9ae
--- /dev/null
+++ b/crypto/bio/bio_lib.c
@@ -0,0 +1,447 @@
+/* crypto/bio/bio_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+BIO *BIO_new(method)
+BIO_METHOD *method;
+	{
+	BIO *ret=NULL;
+
+	ret=(BIO *)Malloc(sizeof(BIO));
+	if (ret == NULL)
+		{
+		BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	if (!BIO_set(ret,method))
+		{
+		Free(ret);
+		ret=NULL;
+		}
+	return(ret);
+	}
+
+int BIO_set(bio,method)
+BIO *bio;
+BIO_METHOD *method;
+	{
+	bio->method=method;
+	bio->callback=NULL;
+	bio->cb_arg=NULL;
+	bio->init=0;
+	bio->shutdown=1;
+	bio->num=0;
+	bio->flags=0;
+	bio->retry_reason=0;
+	bio->ptr=NULL;
+	bio->prev_bio=NULL;
+	bio->next_bio=NULL;
+	bio->references=1;
+	bio->num_read=0L;
+	bio->num_write=0L;
+	if (method->create != NULL)
+		if (!method->create(bio))
+			return(0);
+	return(1);
+	}
+
+int BIO_free(a)
+BIO *a;
+	{
+	int ret=0,i;
+
+	if (a == NULL) return(0);
+
+	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
+
+        if (i > 0) return(1);
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"BIO_free, bad reference count\n");
+		abort();
+		}
+#endif
+	if ((a->callback != NULL) &&
+		((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
+			return(i);
+
+	if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
+	ret=a->method->destroy(a);
+	Free(a);
+	return(1);
+	}
+
+int BIO_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int i;
+
+	if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
+		{
+		BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD);
+		return(-2);
+		}
+
+	if ((b->callback != NULL) &&
+		((i=(int)b->callback(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
+			return(i);
+
+	if (!b->init)
+		{
+		BIOerr(BIO_F_BIO_READ,BIO_R_UNINITALISED);
+		return(-2);
+		}
+
+	i=b->method->bread(b,out,outl);
+	if (i > 0) b->num_read+=(unsigned long)i;
+
+	if (b->callback != NULL)
+		i=(int)b->callback(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
+			0L,(long)i);
+	return(i);
+	}
+
+int BIO_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int i;
+
+	if ((b == NULL) || (b->method == NULL) || (b->method->bwrite == NULL))
+		{
+		BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
+		return(-2);
+		}
+
+	if ((b->callback != NULL) &&
+		((i=(int)b->callback(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
+			return(i);
+
+	if (!b->init)
+		{
+		BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITALISED);
+		return(-2);
+		}
+
+	i=b->method->bwrite(b,in,inl);
+	if (i > 0) b->num_write+=(unsigned long)i;
+
+	if (b->callback != NULL)
+		i=(int)b->callback(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
+			0L,(long)i);
+	return(i);
+	}
+
+int BIO_puts(b,in)
+BIO *b;
+char *in;
+	{
+	int i;
+
+	if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
+		{
+		BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD);
+		return(-2);
+		}
+
+	if ((b->callback != NULL) &&
+		((i=(int)b->callback(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
+			return(i);
+
+	if (!b->init)
+		{
+		BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITALISED);
+		return(-2);
+		}
+
+	i=b->method->bputs(b,in);
+
+	if (b->callback != NULL)
+		i=(int)b->callback(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
+			0L,(long)i);
+	return(i);
+	}
+
+int BIO_gets(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int i;
+
+	if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
+		{
+		BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD);
+		return(-2);
+		}
+
+	if ((b->callback != NULL) &&
+		((i=(int)b->callback(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
+			return(i);
+
+	if (!b->init)
+		{
+		BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITALISED);
+		return(-2);
+		}
+
+	i=b->method->bgets(b,in,inl);
+
+	if (b->callback != NULL)
+		i=(int)b->callback(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
+			0L,(long)i);
+	return(i);
+	}
+
+long BIO_ctrl_int(b,cmd,larg,iarg)
+BIO *b;
+int cmd;
+long larg;
+int iarg;
+	{
+	int i;
+
+	i=iarg;
+	return(BIO_ctrl(b,cmd,larg,(char *)&i));
+	}
+
+long BIO_ctrl(b,cmd,larg,parg)
+BIO *b;
+int cmd;
+long larg;
+char *parg;
+	{
+	long ret;
+
+	if (b == NULL) return(0);
+
+	if ((b->method == NULL) || (b->method->ctrl == NULL))
+		{
+		BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
+		return(-2);
+		}
+
+	if ((b->callback != NULL) &&
+		((ret=b->callback(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
+		return(ret);
+
+	ret=b->method->ctrl(b,cmd,larg,parg);
+
+	if (b->callback != NULL)
+		ret=b->callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
+			larg,ret);
+	return(ret);
+	}
+
+/* put the 'bio' on the end of b's list of operators */
+BIO *BIO_push(b,bio)
+BIO *b,*bio;
+	{
+	BIO *lb;
+
+	if (b == NULL) return(bio);
+	lb=b;
+	while (lb->next_bio != NULL)
+		lb=lb->next_bio;
+	lb->next_bio=bio;
+	if (bio != NULL)
+		bio->prev_bio=lb;
+	BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
+	return(b);
+	}
+
+/* Remove the first and return the rest */
+BIO *BIO_pop(b)
+BIO *b;
+	{
+	BIO *ret;
+
+	if (b == NULL) return(NULL);
+	ret=b->next_bio;
+
+	if (b->prev_bio != NULL)
+		b->prev_bio->next_bio=b->next_bio;
+	if (b->next_bio != NULL)
+		b->next_bio->prev_bio=b->prev_bio;
+
+	b->next_bio=NULL;
+	b->prev_bio=NULL;
+	BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
+	return(ret);
+	}
+
+BIO *BIO_get_retry_BIO(bio,reason)
+BIO *bio;
+int *reason;
+	{
+	BIO *b,*last;
+
+	b=last=bio;
+	for (;;)
+		{
+		if (!BIO_should_retry(b)) break;
+		last=b;
+		b=b->next_bio;
+		if (b == NULL) break;
+		}
+	if (reason != NULL) *reason=last->retry_reason;
+	return(last);
+	}
+
+int BIO_get_retry_reason(bio)
+BIO *bio;
+	{
+	return(bio->retry_reason);
+	}
+
+BIO *BIO_find_type(bio,type)
+BIO *bio;
+int type;
+	{
+	int mt,mask;
+
+	mask=type&0xff;
+	do	{
+		if (bio->method != NULL)
+			{
+			mt=bio->method->type;
+
+			if (!mask)
+				{
+				if (mt & type) return(bio);
+				}
+			else if (mt == type)
+				return(bio);
+			}
+		bio=bio->next_bio;
+		} while (bio != NULL);
+	return(NULL);
+	}
+
+void BIO_free_all(bio)
+BIO *bio;
+	{
+	BIO *b;
+	int ref;
+
+	while (bio != NULL)
+		{
+		b=bio;
+		ref=b->references;
+		bio=bio->next_bio;
+		BIO_free(b);
+		/* Since ref count > 1, don't free anyone else. */
+		if (ref > 1) break;
+		}
+	}
+
+BIO *BIO_dup_chain(in)
+BIO *in;
+	{
+	BIO *ret=NULL,*eoc=NULL,*bio,*new;
+
+	for (bio=in; bio != NULL; bio=bio->next_bio)
+		{
+		if ((new=BIO_new(bio->method)) == NULL) goto err;
+		new->callback=bio->callback;
+		new->cb_arg=bio->cb_arg;
+		new->init=bio->init;
+		new->shutdown=bio->shutdown;
+		new->flags=bio->flags;
+
+		/* This will let SSL_s_sock() work with stdin/stdout */
+		new->num=bio->num;
+
+		if (!BIO_dup_state(bio,(char *)new))
+			{
+			BIO_free(new);
+			goto err;
+			}
+		if (ret == NULL)
+			{
+			eoc=new;
+			ret=eoc;
+			}
+		else
+			{
+			BIO_push(eoc,new);
+			eoc=new;
+			}
+		}
+	return(ret);
+err:
+	if (ret != NULL)
+		BIO_free(ret);
+	return(NULL);	
+	}
+
+void BIO_copy_next_retry(b)
+BIO *b;
+	{
+	BIO_set_flags(b,BIO_get_retry_flags(b->next_bio));
+	b->retry_reason=b->next_bio->retry_reason;
+	}
+
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
new file mode 100644
index 0000000000..251474198b
--- /dev/null
+++ b/crypto/bio/bss_acpt.c
@@ -0,0 +1,484 @@
+/* crypto/bio/bss_acpt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/*	BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+typedef struct bio_accept_st
+	{
+	int state;
+	char *param_addr;
+
+	int accept_sock;
+	int accept_nbio;
+
+	char *addr;
+	int nbio;
+	BIO *bio_chain;
+	} BIO_ACCEPT;
+
+#ifndef NOPROTO
+static int acpt_write(BIO *h,char *buf,int num);
+static int acpt_read(BIO *h,char *buf,int size);
+static int acpt_puts(BIO *h,char *str);
+static long acpt_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int acpt_new(BIO *h);
+static int acpt_free(BIO *data);
+#else
+static int acpt_write();
+static int acpt_read();
+static int acpt_puts();
+static long acpt_ctrl();
+static int acpt_new();
+static int acpt_free();
+#endif
+
+#ifndef NOPROTO
+static int acpt_state(BIO *b, BIO_ACCEPT *c);
+static void acpt_close_socket(BIO *data);
+BIO_ACCEPT *BIO_ACCEPT_new(void );
+void BIO_ACCEPT_free(BIO_ACCEPT *a);
+
+#else
+
+static int acpt_state();
+static void acpt_close_socket();
+BIO_ACCEPT *BIO_ACCEPT_new();
+void BIO_ACCEPT_free();
+#endif
+
+#define ACPT_S_BEFORE			1
+#define ACPT_S_GET_ACCEPT_SOCKET	2
+#define ACPT_S_OK			3
+
+static BIO_METHOD methods_acceptp=
+	{
+	BIO_TYPE_ACCEPT,"socket accept",
+	acpt_write,
+	acpt_read,
+	acpt_puts,
+	NULL, /* connect_gets, */
+	acpt_ctrl,
+	acpt_new,
+	acpt_free,
+	};
+
+BIO_METHOD *BIO_s_accept()
+	{
+	return(&methods_acceptp);
+	}
+
+static int acpt_new(bi)
+BIO *bi;
+	{
+	BIO_ACCEPT *ba;
+
+	bi->init=0;
+	bi->num=INVALID_SOCKET;
+	bi->flags=0;
+	if ((ba=BIO_ACCEPT_new()) == NULL)
+		return(0);
+	bi->ptr=(char *)ba;
+	ba->state=ACPT_S_BEFORE;
+	bi->shutdown=1;
+	return(1);
+	}
+
+BIO_ACCEPT *BIO_ACCEPT_new()
+	{
+	BIO_ACCEPT *ret;
+
+	if ((ret=(BIO_ACCEPT *)Malloc(sizeof(BIO_ACCEPT))) == NULL)
+		return(NULL);
+
+	memset(ret,0,sizeof(BIO_ACCEPT));
+	ret->accept_sock=INVALID_SOCKET;
+	return(ret);
+	}
+
+void BIO_ACCEPT_free(a)
+BIO_ACCEPT *a;
+	{
+	if (a->param_addr != NULL) Free(a->param_addr);
+	if (a->addr != NULL) Free(a->addr);
+	if (a->bio_chain != NULL) BIO_free(a->bio_chain);
+	Free(a);
+	}
+
+static void acpt_close_socket(bio)
+BIO *bio;
+	{
+	BIO_ACCEPT *c;
+
+	c=(BIO_ACCEPT *)bio->ptr;
+	if (c->accept_sock != INVALID_SOCKET)
+		{
+		shutdown(c->accept_sock,2);
+# ifdef WINDOWS
+		closesocket(c->accept_sock);
+# else
+		close(c->accept_sock);
+# endif
+		c->accept_sock=INVALID_SOCKET;
+		bio->num=INVALID_SOCKET;
+		}
+	}
+
+static int acpt_free(a)
+BIO *a;
+	{
+	BIO_ACCEPT *data;
+
+	if (a == NULL) return(0);
+	data=(BIO_ACCEPT *)a->ptr;
+	 
+	if (a->shutdown)
+		{
+		acpt_close_socket(a);
+		BIO_ACCEPT_free(data);
+		a->ptr=NULL;
+		a->flags=0;
+		a->init=0;
+		}
+	return(1);
+	}
+	
+static int acpt_state(b,c)
+BIO *b;
+BIO_ACCEPT *c;
+	{
+	BIO *bio=NULL,*dbio;
+	unsigned long l=1;
+	int s= -1;
+	int i;
+
+again:
+	switch (c->state)
+		{
+	case ACPT_S_BEFORE:
+		if (c->param_addr == NULL)
+			{
+			BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED);
+			return(-1);
+			}
+		s=BIO_get_accept_socket(c->param_addr);
+		if (s == INVALID_SOCKET)
+			return(-1);
+
+#ifdef FIONBIO
+		if (c->accept_nbio)
+			{
+			i=BIO_socket_ioctl(b->num,FIONBIO,&l);
+			if (i < 0)
+				{
+#ifdef WINDOWS
+				closesocket(s);
+#else
+				close(s);
+# endif
+				BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
+				return(-1);
+				}
+			}
+#endif
+		c->accept_sock=s;
+		b->num=s;
+		c->state=ACPT_S_GET_ACCEPT_SOCKET;
+		return(1);
+		break;
+	case ACPT_S_GET_ACCEPT_SOCKET:
+		if (b->next_bio != NULL)
+			{
+			c->state=ACPT_S_OK;
+			goto again;
+			}
+		i=BIO_accept(c->accept_sock,&(c->addr));
+		if (i < 0) return(i);
+		bio=BIO_new_socket(i,BIO_CLOSE);
+		if (bio == NULL) goto err;
+
+		BIO_set_callback(bio,BIO_get_callback(b));
+		BIO_set_callback_arg(bio,BIO_get_callback_arg(b));
+
+#ifdef FIONBIO
+		if (c->nbio)
+			{
+			i=BIO_socket_ioctl(i,FIONBIO,&l);
+			if (i < 0)
+				{
+				BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
+				goto err;
+				}
+			}
+#endif
+
+		/* If the accept BIO has an bio_chain, we dup it and
+		 * put the new socket at the end. */
+		if (c->bio_chain != NULL)
+			{
+			if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL)
+				goto err;
+			if (!BIO_push(dbio,bio)) goto err;
+			bio=dbio;
+			}
+		if (BIO_push(b,bio) == NULL) goto err;
+
+		c->state=ACPT_S_OK;
+		return(1);
+err:
+		if (bio != NULL)
+			BIO_free(bio);
+		else if (s >= 0)
+			{
+#ifdef WINDOWS
+			closesocket(s);
+#else
+			close(s);
+# endif
+			}
+		return(0);
+		break;
+	case ACPT_S_OK:
+		if (b->next_bio == NULL)
+			{
+			c->state=ACPT_S_GET_ACCEPT_SOCKET;
+			goto again;
+			}
+		return(1);
+		break;
+	default:	
+		return(0);
+		break;
+		}
+
+	}
+
+static int acpt_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+	BIO_ACCEPT *data;
+
+        BIO_clear_retry_flags(b);
+	data=(BIO_ACCEPT *)b->ptr;
+
+	while (b->next_bio == NULL)
+		{
+		ret=acpt_state(b,data);
+		if (ret <= 0) return(ret);
+		}
+
+	ret=BIO_read(b->next_bio,out,outl);
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static int acpt_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret;
+	BIO_ACCEPT *data;
+
+	BIO_clear_retry_flags(b);
+	data=(BIO_ACCEPT *)b->ptr;
+
+	while (b->next_bio == NULL)
+		{
+		ret=acpt_state(b,data);
+		if (ret <= 0) return(ret);
+		}
+
+	ret=BIO_write(b->next_bio,in,inl);
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static long acpt_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	BIO *dbio;
+	int *ip;
+	long ret=1;
+	BIO_ACCEPT *data;
+
+	data=(BIO_ACCEPT *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ret=0;
+		data->state=ACPT_S_BEFORE;
+		acpt_close_socket(b);
+		b->flags=0;
+		break;
+	case BIO_C_DO_STATE_MACHINE:
+		/* use this one to start the connection */
+		ret=(long)acpt_state(b,data);
+		break;
+	case BIO_C_SET_ACCEPT:
+		if (ptr != NULL)
+			{
+			if (num == 0)
+				{
+				b->init=1;
+				if (data->param_addr != NULL)
+					Free(data->param_addr);
+				data->param_addr=BUF_strdup(ptr);
+				}
+			else if (num == 1)
+				{
+				data->accept_nbio=(ptr != NULL);
+				}
+			else if (num == 2)
+				{
+				if (data->bio_chain != NULL)
+					BIO_free(data->bio_chain);
+				data->bio_chain=(BIO *)ptr;
+				}
+			}
+		break;
+	case BIO_C_SET_NBIO:
+		data->nbio=(int)num;
+		break;
+	case BIO_C_GET_FD:
+		if (b->init)
+			{
+			ip=(int *)ptr;
+			if (ip != NULL)
+				*ip=data->accept_sock;
+			ret=b->num;
+			}
+		else
+			ret= -1;
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_WPENDING:
+		ret=0;
+		break;
+	case BIO_CTRL_FLUSH:
+		break;
+	case BIO_CTRL_DUP:
+		dbio=(BIO *)ptr;
+/*		if (data->param_port) EAY EAY
+			BIO_set_port(dbio,data->param_port);
+		if (data->param_hostname)
+			BIO_set_hostname(dbio,data->param_hostname);
+		BIO_set_nbio(dbio,data->nbio); */
+		break;
+
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int acpt_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	int n,ret;
+
+	n=strlen(str);
+	ret=acpt_write(bp,str,n);
+	return(ret);
+	}
+
+BIO *BIO_new_accept(str)
+char *str;
+	{
+	BIO *ret;
+
+	ret=BIO_new(BIO_s_accept());
+	if (ret == NULL) return(NULL);
+	if (BIO_set_accept_port(ret,str))
+		return(ret);
+	else
+		{
+		BIO_free(ret);
+		return(NULL);
+		}
+	}
+
+#endif
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
new file mode 100644
index 0000000000..4e31e3c1f8
--- /dev/null
+++ b/crypto/bio/bss_conn.c
@@ -0,0 +1,558 @@
+/* crypto/bio/bss_conn.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/*	BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+typedef struct bio_connect_st
+	{
+	int state;
+
+	char *param_hostname;
+	char *param_port;
+	int nbio;
+
+	unsigned char ip[4];
+	short port;
+
+	struct sockaddr_in them;
+
+	/* int socket; this will be kept in bio->num so that it is
+	 * compatable with the bss_sock bio */ 
+	int error;
+	} BIO_CONNECT;
+
+#ifndef NOPROTO
+static int conn_write(BIO *h,char *buf,int num);
+static int conn_read(BIO *h,char *buf,int size);
+static int conn_puts(BIO *h,char *str);
+static long conn_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int conn_new(BIO *h);
+static int conn_free(BIO *data);
+#else
+static int conn_write();
+static int conn_read();
+static int conn_puts();
+static long conn_ctrl();
+static int conn_new();
+static int conn_free();
+#endif
+
+#ifndef NOPROTO
+
+static int conn_state(BIO *b, BIO_CONNECT *c);
+static void conn_close_socket(BIO *data);
+BIO_CONNECT *BIO_CONNECT_new(void );
+void BIO_CONNECT_free(BIO_CONNECT *a);
+
+#else
+
+static int conn_state();
+static void conn_close_socket();
+BIO_CONNECT *BIO_CONNECT_new();
+void BIO_CONNECT_free();
+
+#endif
+
+#define CONN_S_BEFORE		1
+#define CONN_S_GET_IP		2
+#define CONN_S_GET_PORT		3
+#define CONN_S_CREATE_SOCKET	4
+#define CONN_S_CONNECT		5
+#define CONN_S_OK		6
+#define CONN_S_BLOCKED_CONNECT	7
+#define CONN_S_NBIO		8
+
+static BIO_METHOD methods_connectp=
+	{
+	BIO_TYPE_CONNECT,"socket connect",
+	conn_write,
+	conn_read,
+	conn_puts,
+	NULL, /* connect_gets, */
+	conn_ctrl,
+	conn_new,
+	conn_free,
+	};
+
+static int conn_state(b,c)
+BIO *b;
+BIO_CONNECT *c;
+	{
+	int ret= -1,i;
+	unsigned long l;
+	char *p,*q;
+
+	switch (c->state)
+		{
+	case CONN_S_BEFORE:
+		p=c->param_hostname;
+		if (p == NULL)
+			{
+			BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTHNAME_SPECIFIED);
+			break;
+			}
+		for ( ; *p != '\0'; p++)
+			{
+			if ((*p == ':') || (*p == '/')) break;
+			}
+
+		i= *p;
+		if ((i == ':') || (i == '/'))
+			{
+
+			*(p++)='\0';
+			if (i == ':')
+				{
+				for (q=p; *q; q++)
+					if (*q == '/')
+						{
+						*q='\0';
+						break;
+						}
+				if (c->param_port != NULL)
+					Free(c->param_port);
+				c->param_port=BUF_strdup(p);
+				}
+			}
+
+		if (p == NULL)
+			{
+			BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
+			break;
+			}
+		c->state=CONN_S_GET_IP;
+
+	case CONN_S_GET_IP:
+		if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
+			break;
+		c->state=CONN_S_GET_PORT;
+
+	case CONN_S_GET_PORT:
+		if (BIO_get_port(c->param_port,&c->port) <= 0)
+			break;
+		c->state=CONN_S_CREATE_SOCKET;
+
+	case CONN_S_CREATE_SOCKET:
+		/* now setup address */
+		memset((char *)&c->them,0,sizeof(c->them));
+		c->them.sin_family=AF_INET;
+		c->them.sin_port=htons((unsigned short)c->port);
+		l=(unsigned long)
+			((unsigned long)c->ip[0]<<24L)|
+			((unsigned long)c->ip[1]<<16L)|
+			((unsigned long)c->ip[2]<< 8L)|
+			((unsigned long)c->ip[3]);
+		c->them.sin_addr.s_addr=htonl(l);
+		c->state=CONN_S_CREATE_SOCKET;
+
+		ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+		if (ret == INVALID_SOCKET)
+			{
+			SYSerr(SYS_F_SOCKET,errno);
+			BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
+			break;
+			}
+		b->num=ret;
+		c->state=CONN_S_NBIO;
+
+	case CONN_S_NBIO:
+#ifdef FIONBIO
+		if (c->nbio)
+			{
+			l=1;
+			ret=BIO_socket_ioctl(b->num,FIONBIO,&l);
+			if (ret < 0)
+				{
+				BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
+				break;
+				}
+			}
+#endif
+		c->state=CONN_S_CONNECT;
+
+	case CONN_S_CONNECT:
+		BIO_clear_retry_flags(b);
+		ret=connect(b->num,
+			(struct sockaddr *)&c->them,
+			sizeof(c->them));
+		b->retry_reason=0;
+		if (ret < 0)
+			{
+			if (BIO_sock_should_retry(ret))
+				{
+				BIO_set_retry_special(b);
+				c->state=CONN_S_BLOCKED_CONNECT;
+				b->retry_reason=BIO_RR_CONNECT;
+				}
+			else
+				{
+				SYSerr(SYS_F_CONNECT,errno);
+				BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
+				}
+			}
+		else
+			{
+			ret=1;
+			c->state=CONN_S_OK;
+			}
+		break;
+
+	case CONN_S_BLOCKED_CONNECT:
+		BIO_clear_retry_flags(b);
+		i=BIO_sock_error(b->num);
+		if (i)
+			{
+			SYSerr(SYS_F_CONNECT,i);
+			BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
+			}
+		else
+			{
+			c->state=CONN_S_OK;
+			ret=1;
+			}
+		break;
+
+	case CONN_S_OK:
+		ret=1;
+		break;
+	default:
+		abort();
+		}
+	return(ret);
+	}
+
+BIO_CONNECT *BIO_CONNECT_new()
+	{
+	BIO_CONNECT *ret;
+
+	if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL)
+		return(NULL);
+	ret->state=CONN_S_BEFORE;
+	ret->param_hostname=NULL;
+	ret->param_port=NULL;
+	ret->nbio=0;
+	ret->ip[0]=0;
+	ret->ip[1]=0;
+	ret->ip[2]=0;
+	ret->ip[3]=0;
+	ret->port=0;
+	memset((char *)&ret->them,0,sizeof(ret->them));
+	ret->error=0;
+	return(ret);
+	}
+
+void BIO_CONNECT_free(a)
+BIO_CONNECT *a;
+	{
+	if (a->param_hostname != NULL)
+		Free(a->param_hostname);
+	if (a->param_port != NULL)
+		Free(a->param_port);
+	Free(a);
+	}
+
+BIO_METHOD *BIO_s_connect()
+	{
+	return(&methods_connectp);
+	}
+
+static int conn_new(bi)
+BIO *bi;
+	{
+	bi->init=0;
+	bi->num=INVALID_SOCKET;
+	bi->flags=0;
+	if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL)
+		return(0);
+	else
+		return(1);
+	}
+
+static void conn_close_socket(bio)
+BIO *bio;
+	{
+	BIO_CONNECT *c;
+
+	c=(BIO_CONNECT *)bio->ptr;
+	if (bio->num != INVALID_SOCKET)
+		{
+		/* Only do a shutdown if things were established */
+		if (c->state == CONN_S_OK)
+			shutdown(bio->num,2);
+# ifdef WINDOWS
+		closesocket(bio->num);
+# else
+		close(bio->num);
+# endif
+		bio->num=INVALID_SOCKET;
+		}
+	}
+
+static int conn_free(a)
+BIO *a;
+	{
+	BIO_CONNECT *data;
+
+	if (a == NULL) return(0);
+	data=(BIO_CONNECT *)a->ptr;
+	 
+	if (a->shutdown)
+		{
+		conn_close_socket(a);
+		BIO_CONNECT_free(data);
+		a->ptr=NULL;
+		a->flags=0;
+		a->init=0;
+		}
+	return(1);
+	}
+	
+static int conn_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+	BIO_CONNECT *data;
+
+	data=(BIO_CONNECT *)b->ptr;
+	if (data->state != CONN_S_OK)
+		{
+		ret=conn_state(b,data);
+		if (ret <= 0) return(ret);
+		}
+
+	if (out != NULL)
+		{
+		errno=0;
+#if defined(WINDOWS)
+		ret=recv(b->num,out,outl,0);
+#else
+		ret=read(b->num,out,outl);
+#endif
+		BIO_clear_retry_flags(b);
+		if (ret <= 0)
+			{
+			if (BIO_sock_should_retry(ret))
+				BIO_set_retry_read(b);
+			}
+		}
+	return(ret);
+	}
+
+static int conn_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret;
+	BIO_CONNECT *data;
+
+	data=(BIO_CONNECT *)b->ptr;
+	if (data->state != CONN_S_OK)
+		{
+		ret=conn_state(b,data);
+		if (ret <= 0) return(ret);
+		}
+
+	errno=0;
+#if defined(WINDOWS)
+	ret=send(b->num,in,inl,0);
+#else
+	ret=write(b->num,in,inl);
+#endif
+	BIO_clear_retry_flags(b);
+	if (ret <= 0)
+		{
+		if (BIO_sock_should_retry(ret))
+			BIO_set_retry_write(b);
+		}
+	return(ret);
+	}
+
+static long conn_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	BIO *dbio;
+	int *ip;
+	long ret=1;
+	BIO_CONNECT *data;
+
+	data=(BIO_CONNECT *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ret=0;
+		data->state=CONN_S_BEFORE;
+		conn_close_socket(b);
+		b->flags=0;
+		break;
+	case BIO_C_DO_STATE_MACHINE:
+		/* use this one to start the connection */
+		if (!data->state != CONN_S_OK)
+			ret=(long)conn_state(b,data);
+		else
+			ret=1;
+		break;
+	case BIO_C_SET_CONNECT:
+		if (ptr != NULL)
+			{
+			b->init=1;
+			if (num == 0)
+				{
+				if (data->param_hostname != NULL)
+					Free(data->param_hostname);
+				data->param_hostname=BUF_strdup(ptr);
+				}
+			else if (num == 1)
+				{
+				if (data->param_port != NULL)
+					Free(data->param_port);
+				data->param_port=BUF_strdup(ptr);
+				}
+			}
+		break;
+	case BIO_C_SET_NBIO:
+		data->nbio=(int)num;
+		break;
+	case BIO_C_GET_FD:
+		if (b->init)
+			{
+			ip=(int *)ptr;
+			if (ip != NULL)
+				*ip=b->num;
+			ret=b->num;
+			}
+		else
+			ret= -1;
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_WPENDING:
+		ret=0;
+		break;
+	case BIO_CTRL_FLUSH:
+		break;
+	case BIO_CTRL_DUP:
+		dbio=(BIO *)ptr;
+		if (data->param_port)
+			BIO_set_port(dbio,data->param_port);
+		if (data->param_hostname)
+			BIO_set_hostname(dbio,data->param_hostname);
+		BIO_set_nbio(dbio,data->nbio);
+		break;
+
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int conn_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	int n,ret;
+
+	n=strlen(str);
+	ret=conn_write(bp,str,n);
+	return(ret);
+	}
+
+BIO *BIO_new_connect(str)
+char *str;
+	{
+	BIO *ret;
+
+	ret=BIO_new(BIO_s_connect());
+	if (ret == NULL) return(NULL);
+	if (BIO_set_hostname(ret,str))
+		return(ret);
+	else
+		{
+		BIO_free(ret);
+		return(NULL);
+		}
+	}
+
+#endif
+
diff --git a/crypto/bio/bss_fd.c b/crypto/bio/bss_fd.c
new file mode 100644
index 0000000000..06ae229ff6
--- /dev/null
+++ b/crypto/bio/bss_fd.c
@@ -0,0 +1,62 @@
+/* crypto/bio/bss_fd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define BIO_FD
+#include "bss_sock.c"
+#undef BIO_FD
+
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
new file mode 100644
index 0000000000..33c18e744b
--- /dev/null
+++ b/crypto/bio/bss_file.c
@@ -0,0 +1,334 @@
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+#ifndef NOPROTO
+static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
+static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
+static int MS_CALLBACK file_puts(BIO *h,char *str);
+static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
+static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+#else
+static int MS_CALLBACK file_write();
+static int MS_CALLBACK file_read();
+static int MS_CALLBACK file_puts();
+static int MS_CALLBACK file_gets();
+static long MS_CALLBACK file_ctrl();
+static int MS_CALLBACK file_new();
+static int MS_CALLBACK file_free();
+#endif
+
+static BIO_METHOD methods_filep=
+	{
+	BIO_TYPE_FILE,"FILE pointer",
+	file_write,
+	file_read,
+	file_puts,
+	file_gets,
+	file_ctrl,
+	file_new,
+	file_free,
+	};
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO *BIO_new_file(filename,mode)
+char *filename;
+char *mode;
+	{
+	BIO *ret;
+	FILE *file;
+
+	if ((file=fopen(filename,mode)) == NULL)
+		{
+		SYSerr(SYS_F_FOPEN,errno);
+		BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
+		return(NULL);
+		}
+
+	if ((ret=BIO_new(BIO_s_file())) == NULL)
+		return(NULL);
+#if 0
+	if ((ret=BIO_new(BIO_s_file_internal_w16())) == NULL)
+		return(NULL);
+#endif
+
+	BIO_set_fp(ret,file,BIO_CLOSE);
+	return(ret);
+	}
+
+BIO *BIO_new_fp(stream,close_flag)
+FILE *stream;
+int close_flag;
+	{
+	BIO *ret;
+
+	if ((ret=BIO_new(BIO_s_file())) == NULL)
+		return(NULL);
+#if 0
+	if ((ret=BIO_new(BIO_s_file_internal_w16())) == NULL)
+#endif
+
+	BIO_set_fp(ret,stream,close_flag);
+	return(ret);
+	}
+#endif /* !APPS_WIN16 */
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+
+BIO_METHOD *BIO_s_file()
+	{
+	return(&methods_filep);
+	}
+
+#else
+
+BIO_METHOD *BIO_s_file_internal_w16()
+	{
+	return(&methods_filep);
+	}
+
+#endif
+
+static int MS_CALLBACK file_new(bi)
+BIO *bi;
+	{
+	bi->init=0;
+	bi->num=0;
+	bi->ptr=NULL;
+	return(1);
+	}
+
+static int MS_CALLBACK file_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	if (a->shutdown)
+		{
+		if ((a->init) && (a->ptr != NULL))
+			{
+			fclose((FILE *)a->ptr);
+			a->ptr=NULL;
+			}
+		a->init=0;
+		}
+	return(1);
+	}
+	
+static int MS_CALLBACK file_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+
+	if (b->init && (out != NULL))
+		{
+		ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+		}
+	return(ret);
+	}
+
+static int MS_CALLBACK file_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret=0;
+
+	if (b->init && (in != NULL))
+		{
+		if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+			ret=inl;
+		/* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+		/* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
+		 * out version above can cause 'inl' write calls under
+		 * some stupid stdio implementations (VMS) */
+		}
+	return(ret);
+	}
+
+static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret=1;
+	FILE *fp=(FILE *)b->ptr;
+	FILE **fpp;
+	char p[4];
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ret=(long)fseek(fp,num,0);
+		break;
+	case BIO_CTRL_EOF:
+		ret=(long)feof(fp);
+		break;
+	case BIO_CTRL_INFO:
+		ret=ftell(fp);
+		break;
+	case BIO_C_SET_FILE_PTR:
+		file_free(b);
+		b->shutdown=(int)num;
+		b->ptr=(char *)ptr;
+		b->init=1;
+		break;
+	case BIO_C_SET_FILENAME:
+		file_free(b);
+		b->shutdown=(int)num&BIO_CLOSE;
+		if (num & BIO_FP_APPEND)
+			{
+			if (num & BIO_FP_READ)
+				strcpy(p,"a+");
+			else	strcpy(p,"a");
+			}
+		else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+			strcpy(p,"r+");
+		else if (num & BIO_FP_WRITE)
+			strcpy(p,"w");
+		else if (num & BIO_FP_READ)
+			strcpy(p,"r");
+		else
+			{
+			BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
+			ret=0;
+			break;
+			}
+#if defined(MSDOS) || defined(WINDOWS)
+		if (!(num & BIO_FP_TEXT))
+			strcat(p,"b");
+		else
+			strcat(p,"t");
+#endif
+		fp=fopen(ptr,p);
+		if (fp == NULL)
+			{
+			SYSerr(SYS_F_FOPEN,errno);
+			BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
+			ret=0;
+			break;
+			}
+		b->ptr=(char *)fp;
+		b->init=1;
+		break;
+	case BIO_C_GET_FILE_PTR:
+		/* the ptr parameter is actually a FILE ** in this case. */
+		if (ptr != NULL)
+			{
+			fpp=(FILE **)ptr;
+			*fpp=(FILE *)b->ptr;
+			}
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=(long)b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+	case BIO_CTRL_FLUSH:
+		fflush((FILE *)b->ptr);
+		break;
+	case BIO_CTRL_DUP:
+		ret=1;
+		break;
+
+	case BIO_CTRL_WPENDING:
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_PUSH:
+	case BIO_CTRL_POP:
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int MS_CALLBACK file_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	int ret=0;
+
+	buf[0]='\0';
+	fgets(buf,size,(FILE *)bp->ptr);
+	if (buf[0] != '\0')
+		ret=strlen(buf);
+	return(ret);
+	}
+
+static int MS_CALLBACK file_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	int n,ret;
+
+	n=strlen(str);
+	ret=file_write(bp,str,n);
+	return(ret);
+	}
+
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
new file mode 100644
index 0000000000..9b4cf40acf
--- /dev/null
+++ b/crypto/bio/bss_mem.c
@@ -0,0 +1,296 @@
+/* crypto/bio/bss_mem.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef NOPROTO
+static int mem_write(BIO *h,char *buf,int num);
+static int mem_read(BIO *h,char *buf,int size);
+static int mem_puts(BIO *h,char *str);
+static int mem_gets(BIO *h,char *str,int size);
+static long mem_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int mem_new(BIO *h);
+static int mem_free(BIO *data);
+#else
+static int mem_write();
+static int mem_read();
+static int mem_puts();
+static int mem_gets();
+static long mem_ctrl();
+static int mem_new();
+static int mem_free();
+#endif
+
+static BIO_METHOD mem_method=
+	{
+	BIO_TYPE_MEM,"memory buffer",
+	mem_write,
+	mem_read,
+	mem_puts,
+	mem_gets,
+	mem_ctrl,
+	mem_new,
+	mem_free,
+	};
+
+BIO_METHOD *BIO_s_mem()
+	{
+	return(&mem_method);
+	}
+
+static int mem_new(bi)
+BIO *bi;
+	{
+	BUF_MEM *b;
+
+	if ((b=BUF_MEM_new()) == NULL)
+		return(0);
+	bi->shutdown=1;
+	bi->init=1;
+	bi->num=0;
+	bi->ptr=(char *)b;
+	return(1);
+	}
+
+static int mem_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	if (a->shutdown)
+		{
+		if ((a->init) && (a->ptr != NULL))
+			{
+			BUF_MEM_free((BUF_MEM *)a->ptr);
+			a->ptr=NULL;
+			}
+		}
+	return(1);
+	}
+	
+static int mem_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret= -1;
+	BUF_MEM *bm;
+	int i;
+	char *from,*to;
+
+	bm=(BUF_MEM *)b->ptr;
+	BIO_clear_retry_flags(b);
+	ret=(outl > bm->length)?bm->length:outl;
+	if ((out != NULL) && (ret > 0))
+		{
+		memcpy(out,bm->data,ret);
+		bm->length-=ret;
+		/* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
+		from=(char *)&(bm->data[ret]);
+		to=(char *)&(bm->data[0]);
+		for (i=0; i<bm->length; i++)
+			to[i]=from[i];
+		}
+	else if (bm->length == 0)
+		{
+		BIO_set_retry_read(b);
+		ret= -1;
+		}
+	return(ret);
+	}
+
+static int mem_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret= -1;
+	int blen;
+	BUF_MEM *bm;
+
+	bm=(BUF_MEM *)b->ptr;
+	if (in == NULL)
+		{
+		BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER);
+		goto end;
+		}
+
+	BIO_clear_retry_flags(b);
+	blen=bm->length;
+	if (BUF_MEM_grow(bm,blen+inl) != (blen+inl))
+		goto end;
+	memcpy(&(bm->data[blen]),in,inl);
+	ret=inl;
+end:
+	return(ret);
+	}
+
+static long mem_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret=1;
+	char **pptr;
+
+	BUF_MEM *bm=(BUF_MEM *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		if (bm->data != NULL)
+			memset(bm->data,0,bm->max);
+		bm->length=0;
+		break;
+	case BIO_CTRL_EOF:
+		ret=(long)(bm->length == 0);
+		break;
+	case BIO_CTRL_INFO:
+		ret=(long)bm->length;
+		if (ptr != NULL)
+			{
+			pptr=(char **)ptr;
+			*pptr=(char *)&(bm->data[0]);
+			}
+		break;
+	case BIO_C_SET_BUF_MEM:
+		mem_free(b);
+		b->shutdown=(int)num;
+		b->ptr=ptr;
+		break;
+	case BIO_C_GET_BUF_MEM_PTR:
+		if (ptr != NULL)
+			{
+			pptr=(char **)ptr;
+			*pptr=(char *)bm;
+			}
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=(long)b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+
+	case BIO_CTRL_WPENDING:
+		ret=0L;
+		break;
+	case BIO_CTRL_PENDING:
+		ret=(long)bm->length;
+		break;
+	case BIO_CTRL_DUP:
+	case BIO_CTRL_FLUSH:
+		ret=1;
+		break;
+	case BIO_CTRL_PUSH:
+	case BIO_CTRL_POP:
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int mem_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	int i,j;
+	int ret= -1;
+	char *p;
+	BUF_MEM *bm=(BUF_MEM *)bp->ptr;
+
+	BIO_clear_retry_flags(bp);
+	j=bm->length;
+	if (j <= 0) return(0);
+	p=bm->data;
+	for (i=0; i<j; i++)
+		{
+		if (p[i] == '\n') break;
+		}
+	if (i == j)
+		{
+		BIO_set_retry_read(bp);
+		/* return(-1);  change the semantics 0.6.6a */ 
+		}
+	else
+		i++;
+	/* i is the max to copy */
+	if ((size-1) < i) i=size-1;
+	i=mem_read(bp,buf,i);
+	if (i > 0) buf[i]='\0';
+	ret=i;
+	return(ret);
+	}
+
+static int mem_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	int n,ret;
+
+	n=strlen(str);
+	ret=mem_write(bp,str,n);
+	/* memory semantics is that it will always work */
+	return(ret);
+	}
+
diff --git a/crypto/bio/bss_null.c b/crypto/bio/bss_null.c
new file mode 100644
index 0000000000..f93d471121
--- /dev/null
+++ b/crypto/bio/bss_null.c
@@ -0,0 +1,176 @@
+/* crypto/bio/bss_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef NOPROTO
+static int null_write(BIO *h,char *buf,int num);
+static int null_read(BIO *h,char *buf,int size);
+static int null_puts(BIO *h,char *str);
+static int null_gets(BIO *h,char *str,int size);
+static long null_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int null_new(BIO *h);
+static int null_free(BIO *data);
+#else
+static int null_write();
+static int null_read();
+static int null_puts();
+static int null_gets();
+static long null_ctrl();
+static int null_new();
+static int null_free();
+#endif
+
+static BIO_METHOD null_method=
+	{
+	BIO_TYPE_NULL,"NULL",
+	null_write,
+	null_read,
+	null_puts,
+	null_gets,
+	null_ctrl,
+	null_new,
+	null_free,
+	};
+
+BIO_METHOD *BIO_s_null()
+	{
+	return(&null_method);
+	}
+
+static int null_new(bi)
+BIO *bi;
+	{
+	bi->init=1;
+	bi->num=0;
+	bi->ptr=(NULL);
+	return(1);
+	}
+
+static int null_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	return(1);
+	}
+	
+static int null_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	return(0);
+	}
+
+static int null_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	return(inl);
+	}
+
+static long null_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret=1;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+	case BIO_CTRL_EOF:
+	case BIO_CTRL_SET:
+	case BIO_CTRL_SET_CLOSE:
+	case BIO_CTRL_FLUSH:
+	case BIO_CTRL_DUP:
+		ret=1;
+		break;
+	case BIO_CTRL_GET_CLOSE:
+	case BIO_CTRL_INFO:
+	case BIO_CTRL_GET:
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_WPENDING:
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int null_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	return(0);
+	}
+
+static int null_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	if (str == NULL) return(0);
+	return(strlen(str));
+	}
+
diff --git a/crypto/bio/bss_rtcp.c b/crypto/bio/bss_rtcp.c
new file mode 100644
index 0000000000..cd48f7ce95
--- /dev/null
+++ b/crypto/bio/bss_rtcp.c
@@ -0,0 +1,296 @@
+/* crypto/bio/bss_rtcp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
+ * Date:   22-JUL-1996
+ */
+/* VMS */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#include <iodef.h>		/* VMS IO$_ definitions */
+extern int SYS$QIOW();
+typedef unsigned short io_channel;
+/*************************************************************************/
+struct io_status { short status, count; long flags; };
+
+struct rpc_msg {		/* Should have member alignment inhibited */
+   char channel;		/* 'A'-app data. 'R'-remote client 'G'-global */
+   char function;		/* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+   unsigned short int length;	/* Amount of data returned or max to return */
+   char data[4092];		/* variable data */
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+struct rpc_ctx {
+    int filled, pos;
+    struct rpc_msg msg;
+};
+
+static int rtcp_write(BIO *h,char *buf,int num);
+static int rtcp_read(BIO *h,char *buf,int size);
+static int rtcp_puts(BIO *h,char *str);
+static int rtcp_gets(BIO *h,char *str,int size);
+static long rtcp_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int rtcp_new(BIO *h);
+static int rtcp_free(BIO *data);
+
+static BIO_METHOD rtcp_method=
+	{
+	BIO_TYPE_FD,"RTCP",
+	rtcp_write,
+	rtcp_read,
+	rtcp_puts,
+	rtcp_gets,
+	rtcp_ctrl,
+	rtcp_new,
+	rtcp_free,
+	};
+
+BIO_METHOD *BIO_s_rtcp()
+	{
+	return(&rtcp_method);
+	}
+/*****************************************************************************/
+/* Decnet I/O routines.
+ */
+static int get ( io_channel chan, char *buffer, int maxlen, int *length )
+{
+    int status;
+    struct io_status iosb;
+    status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
+	buffer, maxlen, 0, 0, 0, 0 );
+    if ( (status&1) == 1 ) status = iosb.status;
+    if ( (status&1) == 1 ) *length = iosb.count;
+    return status;
+}
+
+static int put ( io_channel chan, char *buffer, int length )
+{
+    int status;
+    struct io_status iosb;
+    status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+	buffer, length, 0, 0, 0, 0 );
+    if ( (status&1) == 1 ) status = iosb.status;
+    return status;
+}
+/***************************************************************************/
+
+static int rtcp_new(bi)
+BIO *bi;
+{
+    struct rpc_ctx *ctx;
+	bi->init=1;
+	bi->num=0;
+	bi->flags = 0;
+	bi->ptr=Malloc(sizeof(struct rpc_ctx));
+	ctx = (struct rpc_ctx *) bi->ptr;
+	ctx->filled = 0;
+	ctx->pos = 0;
+	return(1);
+}
+
+static int rtcp_free(a)
+BIO *a;
+{
+	if (a == NULL) return(0);
+	if ( a->ptr ) Free ( a->ptr );
+	a->ptr = NULL;
+	return(1);
+}
+	
+static int rtcp_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+{
+    int status, length;
+    struct rpc_ctx *ctx;
+    /*
+     * read data, return existing.
+     */
+    ctx = (struct rpc_ctx *) b->ptr;
+    if ( ctx->pos < ctx->filled ) {
+	length = ctx->filled - ctx->pos;
+	if ( length > outl ) length = outl;
+	memmove ( out, &ctx->msg.data[ctx->pos], length );
+	ctx->pos += length;
+	return length;
+    }
+    /*
+     * Requst more data from R channel.
+     */
+    ctx->msg.channel = 'R';
+    ctx->msg.function = 'G';
+    ctx->msg.length = sizeof(ctx->msg.data);
+    status = put ( b->num, (char *) &ctx->msg, RPC_HDR_SIZE );
+    if ( (status&1) == 0 ) {
+	return -1;
+    }
+    /*
+     * Read.
+     */
+    ctx->pos = ctx->filled = 0;
+    status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+    if ( (status&1) == 0 ) length = -1;
+    if ( ctx->msg.channel != 'R' || ctx->msg.function != 'C' ) {
+	length = -1;
+    }
+    ctx->filled = length - RPC_HDR_SIZE;
+    
+    if ( ctx->pos < ctx->filled ) {
+	length = ctx->filled - ctx->pos;
+	if ( length > outl ) length = outl;
+	memmove ( out, ctx->msg.data, length );
+	ctx->pos += length;
+	return length;
+    }
+
+    return length;
+}
+
+static int rtcp_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+{
+    int status, i, segment, length;
+    struct rpc_ctx *ctx;
+    /*
+     * Output data, send in chunks no larger that sizeof(ctx->msg.data).
+     */
+    ctx = (struct rpc_ctx *) b->ptr;
+    for ( i = 0; i < inl; i += segment ) {
+	segment = inl - i;
+	if ( segment > sizeof(ctx->msg.data) ) segment = sizeof(ctx->msg.data);
+	ctx->msg.channel = 'R';
+	ctx->msg.function = 'P';
+	ctx->msg.length = segment;
+	memmove ( ctx->msg.data, &in[i], segment );
+	status = put ( b->num, (char *) &ctx->msg, segment + RPC_HDR_SIZE );
+	if ((status&1) == 0 ) { i = -1; break; }
+
+	status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+	if ( ((status&1) == 0) || (length < RPC_HDR_SIZE) ) { i = -1; break; }
+	if ( (ctx->msg.channel != 'R') || (ctx->msg.function != 'C') ) {
+	   printf("unexpected response when confirming put %c %c\n",
+		ctx->msg.channel, ctx->msg.function );
+
+	}
+    }
+    return(i);
+}
+
+static long rtcp_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret=1;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+	case BIO_CTRL_EOF:
+		ret = 1;
+		break;
+	case BIO_CTRL_SET:
+		b->num = num;
+		ret = 1;
+	 	break;
+	case BIO_CTRL_SET_CLOSE:
+	case BIO_CTRL_FLUSH:
+	case BIO_CTRL_DUP:
+		ret=1;
+		break;
+	case BIO_CTRL_GET_CLOSE:
+	case BIO_CTRL_INFO:
+	case BIO_CTRL_GET:
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_WPENDING:
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+static int rtcp_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	return(0);
+	}
+
+static int rtcp_puts(bp,str)
+BIO *bp;
+char *str;
+{
+    int length;
+    if (str == NULL) return(0);
+    length = strlen ( str );
+    if ( length == 0 ) return (0);
+    return rtcp_write ( bp,str, length );
+}
+
diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
new file mode 100644
index 0000000000..ac96027051
--- /dev/null
+++ b/crypto/bio/bss_sock.c
@@ -0,0 +1,449 @@
+/* crypto/bio/bss_sock.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if !defined(NO_SOCK) || defined(BIO_FD)
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef BIO_FD
+#ifndef NOPROTO
+static int sock_write(BIO *h,char *buf,int num);
+static int sock_read(BIO *h,char *buf,int size);
+static int sock_puts(BIO *h,char *str);
+static long sock_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int sock_new(BIO *h);
+static int sock_free(BIO *data);
+int BIO_sock_should_retry(int s);
+#else
+static int sock_write();
+static int sock_read();
+static int sock_puts();
+static long sock_ctrl();
+static int sock_new();
+static int sock_free();
+int BIO_sock_should_retry();
+#endif
+
+#else
+
+#ifndef NOPROTO
+static int fd_write(BIO *h,char *buf,int num);
+static int fd_read(BIO *h,char *buf,int size);
+static int fd_puts(BIO *h,char *str);
+static long fd_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int fd_new(BIO *h);
+static int fd_free(BIO *data);
+int BIO_fd_should_retry(int s);
+#else
+static int fd_write();
+static int fd_read();
+static int fd_puts();
+static long fd_ctrl();
+static int fd_new();
+static int fd_free();
+int BIO_fd_should_retry();
+#endif
+#endif
+
+#ifndef BIO_FD
+static BIO_METHOD methods_sockp=
+	{
+	BIO_TYPE_SOCKET,"socket",
+	sock_write,
+	sock_read,
+	sock_puts,
+	NULL, /* sock_gets, */
+	sock_ctrl,
+	sock_new,
+	sock_free,
+	};
+
+BIO_METHOD *BIO_s_socket()
+	{
+	return(&methods_sockp);
+	}
+#else
+static BIO_METHOD methods_fdp=
+	{
+	BIO_TYPE_FD,"file descriptor",
+	fd_write,
+	fd_read,
+	fd_puts,
+	NULL, /* fd_gets, */
+	fd_ctrl,
+	fd_new,
+	fd_free,
+	};
+
+BIO_METHOD *BIO_s_fd()
+	{
+	return(&methods_fdp);
+	}
+#endif
+
+#ifndef BIO_FD
+BIO *BIO_new_socket(fd,close_flag)
+#else
+BIO *BIO_new_fd(fd,close_flag)
+#endif
+int fd;
+int close_flag;
+	{
+	BIO *ret;
+
+#ifndef BIO_FD
+	ret=BIO_new(BIO_s_socket());
+#else
+	ret=BIO_new(BIO_s_fd());
+#endif
+	if (ret == NULL) return(NULL);
+	BIO_set_fd(ret,fd,close_flag);
+	return(ret);
+	}
+
+#ifndef BIO_FD
+static int sock_new(bi)
+#else
+static int fd_new(bi)
+#endif
+BIO *bi;
+	{
+	bi->init=0;
+	bi->num=0;
+	bi->ptr=NULL;
+	bi->flags=0;
+	return(1);
+	}
+
+#ifndef BIO_FD
+static int sock_free(a)
+#else
+static int fd_free(a)
+#endif
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	if (a->shutdown)
+		{
+		if (a->init)
+			{
+#ifndef BIO_FD
+			shutdown(a->num,2);
+# ifdef WINDOWS
+			closesocket(a->num);
+# else
+			close(a->num);
+# endif
+#else			/* BIO_FD */
+			close(a->num);
+#endif
+
+			}
+		a->init=0;
+		a->flags=0;
+		}
+	return(1);
+	}
+	
+#ifndef BIO_FD
+static int sock_read(b,out,outl)
+#else
+static int fd_read(b,out,outl)
+#endif
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+
+	if (out != NULL)
+		{
+		errno=0;
+#if defined(WINDOWS) && !defined(BIO_FD)
+		ret=recv(b->num,out,outl,0);
+#else
+		ret=read(b->num,out,outl);
+#endif
+		BIO_clear_retry_flags(b);
+		if (ret <= 0)
+			{
+#ifndef BIO_FD
+			if (BIO_sock_should_retry(ret))
+#else
+			if (BIO_fd_should_retry(ret))
+#endif
+				BIO_set_retry_read(b);
+			}
+		}
+	return(ret);
+	}
+
+#ifndef BIO_FD
+static int sock_write(b,in,inl)
+#else
+static int fd_write(b,in,inl)
+#endif
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret;
+	
+	errno=0;
+#if defined(WINDOWS) && !defined(BIO_FD)
+	ret=send(b->num,in,inl,0);
+#else
+	ret=write(b->num,in,inl);
+#endif
+	BIO_clear_retry_flags(b);
+	if (ret <= 0)
+		{
+#ifndef BIO_FD
+		if (BIO_sock_should_retry(ret))
+#else
+		if (BIO_fd_should_retry(ret))
+#endif
+			BIO_set_retry_write(b);
+		}
+	return(ret);
+	}
+
+#ifndef BIO_FD
+static long sock_ctrl(b,cmd,num,ptr)
+#else
+static long fd_ctrl(b,cmd,num,ptr)
+#endif
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	long ret=1;
+	int *ip;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+#ifdef BIO_FD
+		ret=(long)lseek(b->num,0,0);
+#else
+		ret=0;
+#endif
+		break;
+	case BIO_CTRL_INFO:
+		ret=0;
+		break;
+	case BIO_C_SET_FD:
+#ifndef BIO_FD
+		sock_free(b);
+#else
+		fd_free(b);
+#endif
+		b->num= *((int *)ptr);
+		b->shutdown=(int)num;
+		b->init=1;
+		break;
+	case BIO_C_GET_FD:
+		if (b->init)
+			{
+			ip=(int *)ptr;
+			if (ip != NULL) *ip=b->num;
+			ret=b->num;
+			}
+		else
+			ret= -1;
+		break;
+	case BIO_CTRL_GET_CLOSE:
+		ret=b->shutdown;
+		break;
+	case BIO_CTRL_SET_CLOSE:
+		b->shutdown=(int)num;
+		break;
+	case BIO_CTRL_PENDING:
+	case BIO_CTRL_WPENDING:
+		ret=0;
+		break;
+	case BIO_CTRL_DUP:
+	case BIO_CTRL_FLUSH:
+		ret=1;
+		break;
+		break;
+	default:
+		ret=0;
+		break;
+		}
+	return(ret);
+	}
+
+#ifdef undef
+static int sock_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	return(-1);
+	}
+#endif
+
+#ifndef BIO_FD
+static int sock_puts(bp,str)
+#else
+static int fd_puts(bp,str)
+#endif
+BIO *bp;
+char *str;
+	{
+	int n,ret;
+
+	n=strlen(str);
+#ifndef BIO_FD
+	ret=sock_write(bp,str,n);
+#else
+	ret=fd_write(bp,str,n);
+#endif
+	return(ret);
+	}
+
+#ifndef BIO_FD
+int BIO_sock_should_retry(i)
+#else
+int BIO_fd_should_retry(i)
+#endif
+int i;
+	{
+	if ((i == 0) || (i == -1))
+		{
+#if !defined(BIO_FD) && defined(WINDOWS)
+		errno=WSAGetLastError();
+#endif
+
+#if defined(WINDOWS) /* more microsoft stupidity */
+		if ((i == -1) && (errno == 0))
+			return(1);
+#endif
+#ifndef BIO_FD
+		return(BIO_sock_non_fatal_error(errno));
+#else
+		return(BIO_fd_non_fatal_error(errno));
+#endif
+		}
+	return(0);
+	}
+
+#ifndef BIO_FD
+int BIO_sock_non_fatal_error(err)
+#else
+int BIO_fd_non_fatal_error(err)
+#endif
+int err;
+	{
+	switch (err)
+		{
+#if !defined(BIO_FD) && defined(WINDOWS)
+# if defined(WSAEWOULDBLOCK)
+	case WSAEWOULDBLOCK:
+# endif
+
+# if defined(WSAENOTCONN)
+	case WSAENOTCONN:
+# endif
+#endif
+
+#ifdef EWOULDBLOCK
+# ifdef WSAEWOULDBLOCK
+#  if WSAEWOULDBLOCK != EWOULDBLOCK
+	case EWOULDBLOCK:
+#  endif
+# else
+	case EWOULDBLOCK:
+# endif
+#endif
+
+#ifdef EINTR
+	case EINTR:
+#endif
+
+#ifdef EAGAIN
+#if EWOULDBLOCK != EAGAIN
+	case EAGAIN:
+# endif
+#endif
+
+#ifdef EPROTO
+	case EPROTO:
+#endif
+
+#ifdef EINPROGRESS
+	case EINPROGRESS:
+#endif
+
+#ifdef EALREADY
+	case EALREADY:
+#endif
+		return(1);
+		break;
+	default:
+		break;
+		}
+	return(0);
+	}
+#endif
diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl
new file mode 100644
index 0000000000..cbddd4f3ea
--- /dev/null
+++ b/crypto/bn/Makefile.ssl
@@ -0,0 +1,107 @@
+#
+# SSLeay/crypto/bn/Makefile
+#
+
+DIR=	bn
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+BN_MULW=	bn_mulw.o
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=bn
+ERRC=bn_err
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c \
+	bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c \
+	bn_gcd.c bn_prime.c $(ERRC).c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+
+LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o \
+	bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o \
+	bn_gcd.o bn_prime.o $(ERRC).o bn_sqr.o $(BN_MULW) bn_recp.o bn_mont.o
+
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+knuth: bn_knuth.c
+	cc -pg -I.. -I../../include bn_knuth.c -o knuth $(LIB) #../../../libefence.a
+
+knuth.fast: bn_knuth.c
+	cc -pg -fast -I.. -I../../include bn_knuth.c -o knuth $(LIB) #../../../libefence.a
+
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+exptest:
+	/bin/rm -f exptest
+	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+	/bin/rm -f a.out
+	gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_mulw.s
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # special case .org
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bn/asm/README b/crypto/bn/asm/README
new file mode 100644
index 0000000000..d93fbff77f
--- /dev/null
+++ b/crypto/bn/asm/README
@@ -0,0 +1,30 @@
+All assember in this directory are just version of the file
+crypto/bn/bn_mulw.c.
+
+Quite a few of these files are just the assember output from gcc since on 
+quite a few machines they are 2 times faster than the system compiler.
+
+For the x86, I have hand written assember because of the bad job all
+compilers seem to do on it.  This normally gives a 2 time speed up in the RSA
+routines.
+
+For the DEC alpha, I also hand wrote the assember (except the division which
+is just the output from the C compiler pasted on the end of the file).
+On the 2 alpha C compilers I had access to, it was not possible to do
+64b x 64b -> 128b calculations (both long and the long long data types
+were 64 bits).  So the hand assember gives access to the 128 bit result and
+a 2 times speedup :-).
+
+The x86xxxx.obj files are the assembled version of x86xxxx.asm files.
+I had such a hard time finding a macro assember for Microsoft, I decided to
+include the object file to save others the hassle :-).
+
+I have also included uu encoded versions of the .obj incase they get
+trashed.
+
+There are 2 versions of assember for the HP PA-RISC.
+pa-risc.s is the origional one which works fine.
+pa-risc2.s is a new version that often generates warnings but if the
+tests pass, it gives performance that is over 2 times faster than
+pa-risc.s.
+Both were generated using gcc :-)
diff --git a/crypto/bn/asm/alpha.s b/crypto/bn/asm/alpha.s
new file mode 100644
index 0000000000..d56f715ecd
--- /dev/null
+++ b/crypto/bn/asm/alpha.s
@@ -0,0 +1,310 @@
+ # DEC Alpha assember
+ # The bn_div64 is actually gcc output but the other parts are hand done.
+ # Thanks to tzeruch@ceddec.com for sending me the gcc output for
+ # bn_div64.
+	.file	1 "bn_mulw.c"
+	.version	"01.01"
+	.set noat
+gcc2_compiled.:
+__gnu_compiled_c:
+	.text
+	.align 3
+	.globl bn_mul_add_word
+	.ent bn_mul_add_word
+bn_mul_add_word:
+bn_mul_add_word..ng:
+	.frame $30,0,$26,0
+	.prologue 0
+	subq $18,2,$25	# num=-2
+	bis $31,$31,$0
+	blt $25,$42
+	.align 5
+$142:
+	subq $18,2,$18	# num-=2
+	subq $25,2,$25	# num-=2
+
+	ldq $1,0($17)	# a[0]
+	ldq $2,8($17)	# a[1]
+
+	mulq $19,$1,$3	# a[0]*w low part	r3
+ 	umulh $19,$1,$1 # a[0]*w high part	r1
+	mulq $19,$2,$4	# a[1]*w low part	r4
+ 	umulh $19,$2,$2 # a[1]*w high part	r2
+
+	ldq $22,0($16)	# r[0]			r22
+	ldq $23,8($16)	# r[1]			r23
+
+	addq $3,$22,$3	# a0 low part + r[0]	
+	addq $4,$23,$4	# a1 low part + r[1]	
+	cmpult $3,$22,$5 # overflow?
+	cmpult $4,$23,$6 # overflow?
+	addq $5,$1,$1	# high part + overflow 
+	addq $6,$2,$2	# high part + overflow 
+
+	addq $3,$0,$3	# add c
+	cmpult $3,$0,$5 # overflow?
+	stq $3,0($16)
+	addq $5,$1,$0	# c=high part + overflow 
+
+	addq $4,$0,$4	# add c
+	cmpult $4,$0,$5 # overflow?
+	stq $4,8($16)
+	addq $5,$2,$0	# c=high part + overflow 
+
+	ble $18,$43
+
+ 	addq $16,16,$16
+ 	addq $17,16,$17
+	blt $25,$42
+
+ 	br $31,$142
+$42:
+	ldq $1,0($17)	# a[0]
+ 	umulh $19,$1,$3 # a[0]*w high part
+	mulq $19,$1,$1	# a[0]*w low part
+	ldq $2,0($16)	# r[0]
+	addq $1,$2,$1	# low part + r[0]
+	cmpult $1,$2,$4 # overflow?
+	addq $4,$3,$3	# high part + overflow 
+	addq $1,$0,$1	# add c
+	cmpult $1,$0,$4 # overflow?
+	addq $4,$3,$0	# c=high part + overflow 
+	stq $1,0($16)
+
+	.align 4
+$43:
+	ret $31,($26),1
+	.end bn_mul_add_word
+	.align 3
+	.globl bn_mul_word
+	.ent bn_mul_word
+bn_mul_word:
+bn_mul_word..ng:
+	.frame $30,0,$26,0
+	.prologue 0
+	subq $18,2,$25	# num=-2
+	bis $31,$31,$0
+	blt $25,$242
+	.align 5
+$342:
+	subq $18,2,$18	# num-=2
+	subq $25,2,$25	# num-=2
+
+	ldq $1,0($17)	# a[0]
+	ldq $2,8($17)	# a[1]
+
+	mulq $19,$1,$3	# a[0]*w low part	r3
+ 	umulh $19,$1,$1 # a[0]*w high part	r1
+	mulq $19,$2,$4	# a[1]*w low part	r4
+ 	umulh $19,$2,$2 # a[1]*w high part	r2
+
+	addq $3,$0,$3	# add c
+	cmpult $3,$0,$5 # overflow?
+	stq $3,0($16)
+	addq $5,$1,$0	# c=high part + overflow 
+
+	addq $4,$0,$4	# add c
+	cmpult $4,$0,$5 # overflow?
+	stq $4,8($16)
+	addq $5,$2,$0	# c=high part + overflow 
+
+	ble $18,$243
+
+ 	addq $16,16,$16
+ 	addq $17,16,$17
+	blt $25,$242
+
+ 	br $31,$342
+$242:
+	ldq $1,0($17)	# a[0]
+ 	umulh $19,$1,$3 # a[0]*w high part
+	mulq $19,$1,$1	# a[0]*w low part
+	addq $1,$0,$1	# add c
+	cmpult $1,$0,$4 # overflow?
+	addq $4,$3,$0	# c=high part + overflow 
+	stq $1,0($16)
+$243:
+	ret $31,($26),1
+	.end bn_mul_word
+	.align 3
+	.globl bn_sqr_words
+	.ent bn_sqr_words
+bn_sqr_words:
+bn_sqr_words..ng:
+	.frame $30,0,$26,0
+	.prologue 0
+	
+	subq $18,2,$25	# num=-2
+	blt $25,$442
+	.align 5
+$542:
+	subq $18,2,$18	# num-=2
+	subq $25,2,$25	# num-=2
+
+	ldq $1,0($17)	# a[0]
+	ldq $4,8($17)	# a[1]
+
+	mulq $1,$1,$2	# a[0]*w low part	r2
+ 	umulh $1,$1,$3 # a[0]*w high part	r3
+	mulq $4,$4,$5	# a[1]*w low part	r5
+ 	umulh $4,$4,$6 # a[1]*w high part	r6
+
+	stq $2,0($16)	# r[0]
+	stq $3,8($16)	# r[1]
+	stq $5,16($16)	# r[3]
+	stq $6,24($16)	# r[4]
+
+	ble $18,$443
+
+ 	addq $16,32,$16
+ 	addq $17,16,$17
+	blt $25,$442
+ 	br $31,$542
+
+$442:
+	ldq $1,0($17)   # a[0]
+	mulq $1,$1,$2   # a[0]*w low part       r2
+        umulh $1,$1,$3  # a[0]*w high part       r3
+	stq $2,0($16)   # r[0]
+        stq $3,8($16)   # r[1]
+
+	.align 4
+$443:
+	ret $31,($26),1
+	.end bn_sqr_words
+
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+	.align 3
+	.globl bn_div64
+	.ent bn_div64
+bn_div64:
+	ldgp $29,0($27)
+bn_div64..ng:
+	lda $30,-48($30)
+	.frame $30,48,$26,0
+	stq $26,0($30)
+	stq $9,8($30)
+	stq $10,16($30)
+	stq $11,24($30)
+	stq $12,32($30)
+	stq $13,40($30)
+	.mask 0x4003e00,-48
+	.prologue 1
+	bis $16,$16,$9
+	bis $17,$17,$10
+	bis $18,$18,$11
+	bis $31,$31,$13
+	bis $31,2,$12
+	bne $11,$119
+	lda $0,-1
+	br $31,$136
+	.align 4
+$119:
+	bis $11,$11,$16
+	jsr $26,BN_num_bits_word
+	ldgp $29,0($26)
+	subq $0,64,$1
+	beq $1,$120
+	bis $31,1,$1
+	sll $1,$0,$1
+	cmpule $9,$1,$1
+	bne $1,$120
+ #	lda $16,_IO_stderr_
+ #	lda $17,$C32
+ #	bis $0,$0,$18
+ #	jsr $26,fprintf
+ #	ldgp $29,0($26)
+	jsr $26,abort
+	ldgp $29,0($26)
+	.align 4
+$120:
+	bis $31,64,$3
+	cmpult $9,$11,$2
+	subq $3,$0,$1
+	addl $1,$31,$0
+	subq $9,$11,$1
+	cmoveq $2,$1,$9
+	beq $0,$122
+	zapnot $0,15,$2
+	subq $3,$0,$1
+	sll $11,$2,$11
+	sll $9,$2,$3
+	srl $10,$1,$1
+	sll $10,$2,$10
+	bis $3,$1,$9
+$122:
+	srl $11,32,$5
+	zapnot $11,15,$6
+	lda $7,-1
+	.align 5
+$123:
+	srl $9,32,$1
+	subq $1,$5,$1
+	bne $1,$126
+	zapnot $7,15,$27
+	br $31,$127
+	.align 4
+$126:
+	bis $9,$9,$24
+	bis $5,$5,$25
+	divqu $24,$25,$27
+$127:
+	srl $10,32,$4
+	.align 5
+$128:
+	mulq $27,$5,$1
+	subq $9,$1,$3
+	zapnot $3,240,$1
+	bne $1,$129
+	mulq $6,$27,$2
+	sll $3,32,$1
+	addq $1,$4,$1
+	cmpule $2,$1,$2
+	bne $2,$129
+	subq $27,1,$27
+	br $31,$128
+	.align 4
+$129:
+	mulq $27,$6,$1
+	mulq $27,$5,$4
+	srl $1,32,$3
+	sll $1,32,$1
+	addq $4,$3,$4
+	cmpult $10,$1,$2
+	subq $10,$1,$10
+	addq $2,$4,$2
+	cmpult $9,$2,$1
+	bis $2,$2,$4
+	beq $1,$134
+	addq $9,$11,$9
+	subq $27,1,$27
+$134:
+	subl $12,1,$12
+	subq $9,$4,$9
+	beq $12,$124
+	sll $27,32,$13
+	sll $9,32,$2
+	srl $10,32,$1
+	sll $10,32,$10
+	bis $2,$1,$9
+	br $31,$123
+	.align 4
+$124:
+	bis $13,$27,$0
+$136:
+	ldq $26,0($30)
+	ldq $9,8($30)
+	ldq $10,16($30)
+	ldq $11,24($30)
+	ldq $12,32($30)
+	ldq $13,40($30)
+	addq $30,48,$30
+	ret $31,($26),1
+	.end bn_div64
+	.ident	"GCC: (GNU) 2.7.2.1"
+
+
diff --git a/crypto/bn/asm/pa-risc.s b/crypto/bn/asm/pa-risc.s
new file mode 100644
index 0000000000..c49c433a83
--- /dev/null
+++ b/crypto/bn/asm/pa-risc.s
@@ -0,0 +1,710 @@
+	.SPACE $PRIVATE$
+	.SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+	.SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+	.SPACE $TEXT$
+	.SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+	.SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+	.IMPORT $global$,DATA
+	.IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+	.SPACE $TEXT$
+	.SUBSPA $CODE$
+
+	.align 4
+	.EXPORT bn_mul_add_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_word
+	.PROC
+	.CALLINFO FRAME=0,CALLS,SAVE_RP
+	.ENTRY
+	stw %r2,-20(0,%r30)
+	ldi 0,%r28
+	extru %r23,31,16,%r2
+	stw %r2,-16(0,%r30)
+	extru %r23,15,16,%r23
+	ldil L'65536,%r31
+	fldws -16(0,%r30),%fr11R
+	stw %r23,-16(0,%r30)
+	ldo 12(%r25),%r29
+	ldo 12(%r26),%r23
+	fldws -16(0,%r30),%fr11L
+L$0002
+	ldw 0(0,%r25),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0005
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi 1,%r19,%r19
+	ldw 0(0,%r26),%r28
+	addl %r20,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0003
+	stw %r20,0(0,%r26)
+	ldw -8(0,%r29),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0010
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi 1,%r19,%r19
+	ldw -8(0,%r23),%r28
+	addl %r20,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0003
+	stw %r20,-8(0,%r23)
+	ldw -4(0,%r29),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0015
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi 1,%r19,%r19
+	ldw -4(0,%r23),%r28
+	addl %r20,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0003
+	stw %r20,-4(0,%r23)
+	ldw 0(0,%r29),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0020
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi 1,%r19,%r19
+	ldw 0(0,%r23),%r28
+	addl %r20,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0003
+	stw %r20,0(0,%r23)
+	ldo 16(%r29),%r29
+	ldo 16(%r25),%r25
+	ldo 16(%r23),%r23
+	bl L$0002,0
+	ldo 16(%r26),%r26
+L$0003
+	ldw -20(0,%r30),%r2
+	bv,n 0(%r2)
+	.EXIT
+	.PROCEND
+	.align 4
+	.EXPORT bn_mul_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_word
+	.PROC
+	.CALLINFO FRAME=0,CALLS,SAVE_RP
+	.ENTRY
+	stw %r2,-20(0,%r30)
+	ldi 0,%r28
+	extru %r23,31,16,%r2
+	stw %r2,-16(0,%r30)
+	extru %r23,15,16,%r23
+	ldil L'65536,%r31
+	fldws -16(0,%r30),%fr11R
+	stw %r23,-16(0,%r30)
+	ldo 12(%r26),%r29
+	ldo 12(%r25),%r23
+	fldws -16(0,%r30),%fr11L
+L$0026
+	ldw 0(0,%r25),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0029
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0027
+	stw %r20,0(0,%r26)
+	ldw -8(0,%r23),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0033
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0027
+	stw %r20,-8(0,%r29)
+	ldw -4(0,%r23),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0037
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0027
+	stw %r20,-4(0,%r29)
+	ldw 0(0,%r23),%r19
+	extru %r19,31,16,%r20
+	stw %r20,-16(0,%r30)
+	extru %r19,15,16,%r19
+	fldws -16(0,%r30),%fr22L
+	stw %r19,-16(0,%r30)
+	xmpyu %fr22L,%fr11R,%fr8
+	fldws -16(0,%r30),%fr22L
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr11R,%fr22L,%fr10
+	ldw -16(0,%r30),%r2
+	stw %r20,-16(0,%r30)
+	xmpyu %fr22L,%fr11L,%fr9
+	fldws -16(0,%r30),%fr22L
+	fstws %fr10R,-16(0,%r30)
+	copy %r2,%r22
+	ldw -16(0,%r30),%r2
+	fstws %fr9R,-16(0,%r30)
+	xmpyu %fr11L,%fr22L,%fr8
+	copy %r2,%r19
+	ldw -16(0,%r30),%r2
+	fstws %fr8R,-16(0,%r30)
+	copy %r2,%r20
+	ldw -16(0,%r30),%r2
+	addl %r2,%r19,%r21
+	comclr,<<= %r19,%r21,0
+	addl %r20,%r31,%r20
+L$0041
+	extru %r21,15,16,%r19
+	addl %r20,%r19,%r20
+	zdep %r21,15,16,%r19
+	addl %r22,%r19,%r22
+	comclr,<<= %r19,%r22,0
+	addi,tr 1,%r20,%r19
+	copy %r20,%r19
+	addl %r22,%r28,%r20
+	comclr,<<= %r28,%r20,0
+	addi,tr 1,%r19,%r28
+	copy %r19,%r28
+	addib,= -1,%r24,L$0027
+	stw %r20,0(0,%r29)
+	ldo 16(%r23),%r23
+	ldo 16(%r25),%r25
+	ldo 16(%r29),%r29
+	bl L$0026,0
+	ldo 16(%r26),%r26
+L$0027
+	ldw -20(0,%r30),%r2
+	bv,n 0(%r2)
+	.EXIT
+	.PROCEND
+	.align 4
+	.EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+	.PROC
+	.CALLINFO FRAME=0,NO_CALLS
+	.ENTRY
+	ldo 28(%r26),%r23
+	ldo 12(%r25),%r28
+L$0046
+	ldw 0(0,%r25),%r21
+	extru %r21,31,16,%r22
+	stw %r22,-16(0,%r30)
+	extru %r21,15,16,%r21
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	stw %r22,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	stw %r21,-16(0,%r30)
+	copy %r29,%r19
+	xmpyu %fr10L,%fr10R,%fr8
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	fstws %fr8R,-16(0,%r30)
+	extru %r19,16,17,%r20
+	zdep %r19,14,15,%r19
+	ldw -16(0,%r30),%r29
+	xmpyu %fr10L,%fr10R,%fr9
+	addl %r29,%r19,%r22
+	stw %r22,0(0,%r26)
+	fstws %fr9R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	addl %r29,%r20,%r21
+	comclr,<<= %r19,%r22,0
+	addi 1,%r21,%r21
+	addib,= -1,%r24,L$0057
+	stw %r21,-24(0,%r23)
+	ldw -8(0,%r28),%r21
+	extru %r21,31,16,%r22
+	stw %r22,-16(0,%r30)
+	extru %r21,15,16,%r21
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	stw %r22,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	stw %r21,-16(0,%r30)
+	copy %r29,%r19
+	xmpyu %fr10L,%fr10R,%fr8
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	fstws %fr8R,-16(0,%r30)
+	extru %r19,16,17,%r20
+	zdep %r19,14,15,%r19
+	ldw -16(0,%r30),%r29
+	xmpyu %fr10L,%fr10R,%fr9
+	addl %r29,%r19,%r22
+	stw %r22,-20(0,%r23)
+	fstws %fr9R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	addl %r29,%r20,%r21
+	comclr,<<= %r19,%r22,0
+	addi 1,%r21,%r21
+	addib,= -1,%r24,L$0057
+	stw %r21,-16(0,%r23)
+	ldw -4(0,%r28),%r21
+	extru %r21,31,16,%r22
+	stw %r22,-16(0,%r30)
+	extru %r21,15,16,%r21
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	stw %r22,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	stw %r21,-16(0,%r30)
+	copy %r29,%r19
+	xmpyu %fr10L,%fr10R,%fr8
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	fstws %fr8R,-16(0,%r30)
+	extru %r19,16,17,%r20
+	zdep %r19,14,15,%r19
+	ldw -16(0,%r30),%r29
+	xmpyu %fr10L,%fr10R,%fr9
+	addl %r29,%r19,%r22
+	stw %r22,-12(0,%r23)
+	fstws %fr9R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	addl %r29,%r20,%r21
+	comclr,<<= %r19,%r22,0
+	addi 1,%r21,%r21
+	addib,= -1,%r24,L$0057
+	stw %r21,-8(0,%r23)
+	ldw 0(0,%r28),%r21
+	extru %r21,31,16,%r22
+	stw %r22,-16(0,%r30)
+	extru %r21,15,16,%r21
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	stw %r22,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	stw %r21,-16(0,%r30)
+	copy %r29,%r19
+	xmpyu %fr10L,%fr10R,%fr8
+	fldws -16(0,%r30),%fr10L
+	stw %r21,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	fstws %fr8R,-16(0,%r30)
+	extru %r19,16,17,%r20
+	zdep %r19,14,15,%r19
+	ldw -16(0,%r30),%r29
+	xmpyu %fr10L,%fr10R,%fr9
+	addl %r29,%r19,%r22
+	stw %r22,-4(0,%r23)
+	fstws %fr9R,-16(0,%r30)
+	ldw -16(0,%r30),%r29
+	addl %r29,%r20,%r21
+	comclr,<<= %r19,%r22,0
+	addi 1,%r21,%r21
+	addib,= -1,%r24,L$0057
+	stw %r21,0(0,%r23)
+	ldo 16(%r28),%r28
+	ldo 16(%r25),%r25
+	ldo 32(%r23),%r23
+	bl L$0046,0
+	ldo 32(%r26),%r26
+L$0057
+	bv,n 0(%r2)
+	.EXIT
+	.PROCEND
+	.IMPORT BN_num_bits_word,CODE
+	.IMPORT fprintf,CODE
+	.IMPORT __iob,DATA
+	.SPACE $TEXT$
+	.SUBSPA $LIT$
+
+	.align 4
+L$C0000
+	.STRING "Division would overflow\x0a\x00"
+	.IMPORT abort,CODE
+	.SPACE $TEXT$
+	.SUBSPA $CODE$
+
+	.align 4
+	.EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+	.PROC
+	.CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+	.ENTRY
+	stw %r2,-20(0,%r30)
+	stwm %r8,128(0,%r30)
+	stw %r7,-124(0,%r30)
+	stw %r4,-112(0,%r30)
+	stw %r3,-108(0,%r30)
+	copy %r26,%r3
+	copy %r25,%r4
+	stw %r6,-120(0,%r30)
+	ldi 0,%r7
+	stw %r5,-116(0,%r30)
+	movb,<> %r24,%r5,L$0059
+	ldi 2,%r6
+	bl L$0076,0
+	ldi -1,%r28
+L$0059
+	.CALL ARGW0=GR
+	bl BN_num_bits_word,%r2
+	copy %r5,%r26
+	ldi 32,%r19
+	comb,= %r19,%r28,L$0060
+	subi 31,%r28,%r19
+	mtsar %r19
+	zvdepi 1,32,%r19
+	comb,>>= %r19,%r3,L$0060
+	addil LR'__iob-$global$+32,%r27
+	ldo RR'__iob-$global$+32(%r1),%r26
+	ldil LR'L$C0000,%r25
+	.CALL ARGW0=GR,ARGW1=GR
+	bl fprintf,%r2
+	ldo RR'L$C0000(%r25),%r25
+	.CALL 
+	bl abort,%r2
+	nop
+L$0060
+	comb,>> %r5,%r3,L$0061
+	subi 32,%r28,%r28
+	sub %r3,%r5,%r3
+L$0061
+	comib,= 0,%r28,L$0062
+	subi 31,%r28,%r19
+	mtsar %r19
+	zvdep %r5,32,%r5
+	zvdep %r3,32,%r21
+	subi 32,%r28,%r20
+	mtsar %r20
+	vshd 0,%r4,%r20
+	or %r21,%r20,%r3
+	mtsar %r19
+	zvdep %r4,32,%r4
+L$0062
+	extru %r5,15,16,%r23
+	extru %r5,31,16,%r28
+L$0063
+	extru %r3,15,16,%r19
+	comb,<> %r23,%r19,L$0066
+	copy %r3,%r26
+	bl L$0067,0
+	zdepi -1,31,16,%r29
+L$0066
+	.IMPORT $$divU,MILLICODE
+	bl $$divU,%r31
+	copy %r23,%r25
+L$0067
+	stw %r29,-16(0,%r30)
+	fldws -16(0,%r30),%fr10L
+	stw %r28,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	stw %r23,-16(0,%r30)
+	xmpyu %fr10L,%fr10R,%fr8
+	fldws -16(0,%r30),%fr10R
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr10L,%fr10R,%fr9
+	ldw -16(0,%r30),%r8
+	fstws %fr9R,-16(0,%r30)
+	copy %r8,%r22
+	ldw -16(0,%r30),%r8
+	extru %r4,15,16,%r24
+	copy %r8,%r21
+L$0068
+	sub %r3,%r21,%r20
+	copy %r20,%r19
+	depi 0,31,16,%r19
+	comib,<> 0,%r19,L$0069
+	zdep %r20,15,16,%r19
+	addl %r19,%r24,%r19
+	comb,>>= %r19,%r22,L$0069
+	sub %r22,%r28,%r22
+	sub %r21,%r23,%r21
+	bl L$0068,0
+	ldo -1(%r29),%r29
+L$0069
+	stw %r29,-16(0,%r30)
+	fldws -16(0,%r30),%fr10L
+	stw %r28,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	ldw -16(0,%r30),%r8
+	stw %r23,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	copy %r8,%r19
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	extru %r19,15,16,%r20
+	ldw -16(0,%r30),%r8
+	zdep %r19,15,16,%r19
+	addl %r8,%r20,%r20
+	comclr,<<= %r19,%r4,0
+	addi 1,%r20,%r20
+	comb,<<= %r20,%r3,L$0074
+	sub %r4,%r19,%r4
+	addl %r3,%r5,%r3
+	ldo -1(%r29),%r29
+L$0074
+	addib,= -1,%r6,L$0064
+	sub %r3,%r20,%r3
+	zdep %r29,15,16,%r7
+	shd %r3,%r4,16,%r3
+	bl L$0063,0
+	zdep %r4,15,16,%r4
+L$0064
+	or %r7,%r29,%r28
+L$0076
+	ldw -148(0,%r30),%r2
+	ldw -124(0,%r30),%r7
+	ldw -120(0,%r30),%r6
+	ldw -116(0,%r30),%r5
+	ldw -112(0,%r30),%r4
+	ldw -108(0,%r30),%r3
+	bv 0(%r2)
+	ldwm -128(0,%r30),%r8
+	.EXIT
+	.PROCEND
diff --git a/crypto/bn/asm/pa-risc2.s b/crypto/bn/asm/pa-risc2.s
new file mode 100644
index 0000000000..5e07b7d2e8
--- /dev/null
+++ b/crypto/bn/asm/pa-risc2.s
@@ -0,0 +1,416 @@
+	.SPACE $PRIVATE$
+	.SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+	.SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+	.SPACE $TEXT$
+	.SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+	.SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+	.IMPORT $global$,DATA
+	.IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+	.SPACE $TEXT$
+	.SUBSPA $CODE$
+
+	.align 4
+	.EXPORT bn_mul_add_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_word
+	.PROC
+	.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
+	.ENTRY
+	stw %r2,-20(0,%r30)
+	stwm %r4,64(0,%r30)
+	copy %r24,%r31
+	stw %r3,-60(0,%r30)
+	ldi 0,%r20
+	ldo 12(%r26),%r2
+	stw %r23,-16(0,%r30)
+	copy %r25,%r3
+	ldo 12(%r3),%r1
+	fldws -16(0,%r30),%fr8L
+L$0010
+	copy %r20,%r25
+	ldi 0,%r24
+	fldws 0(0,%r3),%fr9L
+	ldw 0(0,%r26),%r19
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r19,%r23
+	ldw -16(0,%r30),%r28
+	ldw -12(0,%r30),%r29
+	ldi 0,%r22
+	add %r23,%r29,%r29
+	addc %r22,%r28,%r28
+	add %r25,%r29,%r29
+	addc %r24,%r28,%r28
+	copy %r28,%r21
+	ldi 0,%r20
+	copy %r21,%r20
+	addib,= -1,%r31,L$0011
+	stw %r29,0(0,%r26)
+	copy %r20,%r25
+	ldi 0,%r24
+	fldws -8(0,%r1),%fr9L
+	ldw -8(0,%r2),%r19
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r19,%r23
+	ldw -16(0,%r30),%r28
+	ldw -12(0,%r30),%r29
+	ldi 0,%r22
+	add %r23,%r29,%r29
+	addc %r22,%r28,%r28
+	add %r25,%r29,%r29
+	addc %r24,%r28,%r28
+	copy %r28,%r21
+	ldi 0,%r20
+	copy %r21,%r20
+	addib,= -1,%r31,L$0011
+	stw %r29,-8(0,%r2)
+	copy %r20,%r25
+	ldi 0,%r24
+	fldws -4(0,%r1),%fr9L
+	ldw -4(0,%r2),%r19
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r19,%r23
+	ldw -16(0,%r30),%r28
+	ldw -12(0,%r30),%r29
+	ldi 0,%r22
+	add %r23,%r29,%r29
+	addc %r22,%r28,%r28
+	add %r25,%r29,%r29
+	addc %r24,%r28,%r28
+	copy %r28,%r21
+	ldi 0,%r20
+	copy %r21,%r20
+	addib,= -1,%r31,L$0011
+	stw %r29,-4(0,%r2)
+	copy %r20,%r25
+	ldi 0,%r24
+	fldws 0(0,%r1),%fr9L
+	ldw 0(0,%r2),%r19
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r19,%r23
+	ldw -16(0,%r30),%r28
+	ldw -12(0,%r30),%r29
+	ldi 0,%r22
+	add %r23,%r29,%r29
+	addc %r22,%r28,%r28
+	add %r25,%r29,%r29
+	addc %r24,%r28,%r28
+	copy %r28,%r21
+	ldi 0,%r20
+	copy %r21,%r20
+	addib,= -1,%r31,L$0011
+	stw %r29,0(0,%r2)
+	ldo 16(%r1),%r1
+	ldo 16(%r3),%r3
+	ldo 16(%r2),%r2
+	bl L$0010,0
+	ldo 16(%r26),%r26
+L$0011
+	copy %r20,%r28
+	ldw -84(0,%r30),%r2
+	ldw -60(0,%r30),%r3
+	bv 0(%r2)
+	ldwm -64(0,%r30),%r4
+	.EXIT
+	.PROCEND
+	.align 4
+	.EXPORT bn_mul_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_word
+	.PROC
+	.CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
+	.ENTRY
+	stw %r2,-20(0,%r30)
+	copy %r25,%r2
+	stwm %r4,64(0,%r30)
+	copy %r24,%r19
+	ldi 0,%r28
+	stw %r23,-16(0,%r30)
+	ldo 12(%r26),%r31
+	ldo 12(%r2),%r29
+	fldws -16(0,%r30),%fr8L
+L$0026
+	fldws 0(0,%r2),%fr9L
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r28,%r21
+	ldi 0,%r20
+	ldw -16(0,%r30),%r24
+	ldw -12(0,%r30),%r25
+	add %r21,%r25,%r25
+	addc %r20,%r24,%r24
+	copy %r24,%r23
+	ldi 0,%r22
+	copy %r23,%r28
+	addib,= -1,%r19,L$0027
+	stw %r25,0(0,%r26)
+	fldws -8(0,%r29),%fr9L
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r28,%r21
+	ldi 0,%r20
+	ldw -16(0,%r30),%r24
+	ldw -12(0,%r30),%r25
+	add %r21,%r25,%r25
+	addc %r20,%r24,%r24
+	copy %r24,%r23
+	ldi 0,%r22
+	copy %r23,%r28
+	addib,= -1,%r19,L$0027
+	stw %r25,-8(0,%r31)
+	fldws -4(0,%r29),%fr9L
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r28,%r21
+	ldi 0,%r20
+	ldw -16(0,%r30),%r24
+	ldw -12(0,%r30),%r25
+	add %r21,%r25,%r25
+	addc %r20,%r24,%r24
+	copy %r24,%r23
+	ldi 0,%r22
+	copy %r23,%r28
+	addib,= -1,%r19,L$0027
+	stw %r25,-4(0,%r31)
+	fldws 0(0,%r29),%fr9L
+	xmpyu %fr8L,%fr9L,%fr9
+	fstds %fr9,-16(0,%r30)
+	copy %r28,%r21
+	ldi 0,%r20
+	ldw -16(0,%r30),%r24
+	ldw -12(0,%r30),%r25
+	add %r21,%r25,%r25
+	addc %r20,%r24,%r24
+	copy %r24,%r23
+	ldi 0,%r22
+	copy %r23,%r28
+	addib,= -1,%r19,L$0027
+	stw %r25,0(0,%r31)
+	ldo 16(%r29),%r29
+	ldo 16(%r2),%r2
+	ldo 16(%r31),%r31
+	bl L$0026,0
+	ldo 16(%r26),%r26
+L$0027
+	ldw -84(0,%r30),%r2
+	bv 0(%r2)
+	ldwm -64(0,%r30),%r4
+	.EXIT
+	.PROCEND
+	.align 4
+	.EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+	.PROC
+	.CALLINFO FRAME=0,NO_CALLS
+	.ENTRY
+	ldo 28(%r26),%r19
+	ldo 12(%r25),%r28
+L$0042
+	fldws 0(0,%r25),%fr8L
+	fldws 0(0,%r25),%fr8R
+	xmpyu %fr8L,%fr8R,%fr8
+	fstds %fr8,-16(0,%r30)
+	ldw -16(0,%r30),%r22
+	ldw -12(0,%r30),%r23
+	stw %r23,0(0,%r26)
+	copy %r22,%r21
+	ldi 0,%r20
+	addib,= -1,%r24,L$0049
+	stw %r21,-24(0,%r19)
+	fldws -8(0,%r28),%fr8L
+	fldws -8(0,%r28),%fr8R
+	xmpyu %fr8L,%fr8R,%fr8
+	fstds %fr8,-16(0,%r30)
+	ldw -16(0,%r30),%r22
+	ldw -12(0,%r30),%r23
+	stw %r23,-20(0,%r19)
+	copy %r22,%r21
+	ldi 0,%r20
+	addib,= -1,%r24,L$0049
+	stw %r21,-16(0,%r19)
+	fldws -4(0,%r28),%fr8L
+	fldws -4(0,%r28),%fr8R
+	xmpyu %fr8L,%fr8R,%fr8
+	fstds %fr8,-16(0,%r30)
+	ldw -16(0,%r30),%r22
+	ldw -12(0,%r30),%r23
+	stw %r23,-12(0,%r19)
+	copy %r22,%r21
+	ldi 0,%r20
+	addib,= -1,%r24,L$0049
+	stw %r21,-8(0,%r19)
+	fldws 0(0,%r28),%fr8L
+	fldws 0(0,%r28),%fr8R
+	xmpyu %fr8L,%fr8R,%fr8
+	fstds %fr8,-16(0,%r30)
+	ldw -16(0,%r30),%r22
+	ldw -12(0,%r30),%r23
+	stw %r23,-4(0,%r19)
+	copy %r22,%r21
+	ldi 0,%r20
+	addib,= -1,%r24,L$0049
+	stw %r21,0(0,%r19)
+	ldo 16(%r28),%r28
+	ldo 16(%r25),%r25
+	ldo 32(%r19),%r19
+	bl L$0042,0
+	ldo 32(%r26),%r26
+L$0049
+	bv,n 0(%r2)
+	.EXIT
+	.PROCEND
+	.IMPORT BN_num_bits_word,CODE
+	.IMPORT fprintf,CODE
+	.IMPORT __iob,DATA
+	.SPACE $TEXT$
+	.SUBSPA $LIT$
+
+	.align 4
+L$C0000
+	.STRING "Division would overflow (%d)\x0a\x00"
+	.IMPORT abort,CODE
+	.SPACE $TEXT$
+	.SUBSPA $CODE$
+
+	.align 4
+	.EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+	.PROC
+	.CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+	.ENTRY
+	stw %r2,-20(0,%r30)
+	stwm %r8,128(0,%r30)
+	stw %r7,-124(0,%r30)
+	stw %r4,-112(0,%r30)
+	stw %r3,-108(0,%r30)
+	copy %r26,%r3
+	copy %r25,%r4
+	stw %r6,-120(0,%r30)
+	ldi 0,%r7
+	stw %r5,-116(0,%r30)
+	movb,<> %r24,%r5,L$0051
+	ldi 2,%r6
+	bl L$0068,0
+	ldi -1,%r28
+L$0051
+	.CALL ARGW0=GR
+	bl BN_num_bits_word,%r2
+	copy %r5,%r26
+	copy %r28,%r24
+	ldi 32,%r19
+	comb,= %r19,%r24,L$0052
+	subi 31,%r24,%r19
+	mtsar %r19
+	zvdepi 1,32,%r19
+	comb,>>= %r19,%r3,L$0052
+	addil LR'__iob-$global$+32,%r27
+	ldo RR'__iob-$global$+32(%r1),%r26
+	ldil LR'L$C0000,%r25
+	.CALL ARGW0=GR,ARGW1=GR,ARGW2=GR
+	bl fprintf,%r2
+	ldo RR'L$C0000(%r25),%r25
+	.CALL 
+	bl abort,%r2
+	nop
+L$0052
+	comb,>> %r5,%r3,L$0053
+	subi 32,%r24,%r24
+	sub %r3,%r5,%r3
+L$0053
+	comib,= 0,%r24,L$0054
+	subi 31,%r24,%r19
+	mtsar %r19
+	zvdep %r5,32,%r5
+	zvdep %r3,32,%r21
+	subi 32,%r24,%r20
+	mtsar %r20
+	vshd 0,%r4,%r20
+	or %r21,%r20,%r3
+	mtsar %r19
+	zvdep %r4,32,%r4
+L$0054
+	extru %r5,15,16,%r23
+	extru %r5,31,16,%r28
+L$0055
+	extru %r3,15,16,%r19
+	comb,<> %r23,%r19,L$0058
+	copy %r3,%r26
+	bl L$0059,0
+	zdepi -1,31,16,%r29
+L$0058
+	.IMPORT $$divU,MILLICODE
+	bl $$divU,%r31
+	copy %r23,%r25
+L$0059
+	stw %r29,-16(0,%r30)
+	fldws -16(0,%r30),%fr10L
+	stw %r28,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	stw %r23,-16(0,%r30)
+	xmpyu %fr10L,%fr10R,%fr8
+	fldws -16(0,%r30),%fr10R
+	fstws %fr8R,-16(0,%r30)
+	xmpyu %fr10L,%fr10R,%fr9
+	ldw -16(0,%r30),%r8
+	fstws %fr9R,-16(0,%r30)
+	copy %r8,%r22
+	ldw -16(0,%r30),%r8
+	extru %r4,15,16,%r24
+	copy %r8,%r21
+L$0060
+	sub %r3,%r21,%r20
+	copy %r20,%r19
+	depi 0,31,16,%r19
+	comib,<> 0,%r19,L$0061
+	zdep %r20,15,16,%r19
+	addl %r19,%r24,%r19
+	comb,>>= %r19,%r22,L$0061
+	sub %r22,%r28,%r22
+	sub %r21,%r23,%r21
+	bl L$0060,0
+	ldo -1(%r29),%r29
+L$0061
+	stw %r29,-16(0,%r30)
+	fldws -16(0,%r30),%fr10L
+	stw %r28,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	ldw -16(0,%r30),%r8
+	stw %r23,-16(0,%r30)
+	fldws -16(0,%r30),%fr10R
+	copy %r8,%r19
+	xmpyu %fr10L,%fr10R,%fr8
+	fstws %fr8R,-16(0,%r30)
+	extru %r19,15,16,%r20
+	ldw -16(0,%r30),%r8
+	zdep %r19,15,16,%r19
+	addl %r8,%r20,%r20
+	comclr,<<= %r19,%r4,0
+	addi 1,%r20,%r20
+	comb,<<= %r20,%r3,L$0066
+	sub %r4,%r19,%r4
+	addl %r3,%r5,%r3
+	ldo -1(%r29),%r29
+L$0066
+	addib,= -1,%r6,L$0056
+	sub %r3,%r20,%r3
+	zdep %r29,15,16,%r7
+	shd %r3,%r4,16,%r3
+	bl L$0055,0
+	zdep %r4,15,16,%r4
+L$0056
+	or %r7,%r29,%r28
+L$0068
+	ldw -148(0,%r30),%r2
+	ldw -124(0,%r30),%r7
+	ldw -120(0,%r30),%r6
+	ldw -116(0,%r30),%r5
+	ldw -112(0,%r30),%r4
+	ldw -108(0,%r30),%r3
+	bv 0(%r2)
+	ldwm -128(0,%r30),%r8
+	.EXIT
+	.PROCEND
diff --git a/crypto/bn/asm/r3000.s b/crypto/bn/asm/r3000.s
new file mode 100644
index 0000000000..5be2a0d0e6
--- /dev/null
+++ b/crypto/bn/asm/r3000.s
@@ -0,0 +1,646 @@
+	.file	1 "../bn_mulw.c"
+	.set	nobopt
+	.option pic2
+
+ # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C
+
+ # Cc1 defaults:
+ # -mabicalls
+
+ # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1):
+ # -quiet -dumpbase -O2 -o
+
+gcc2_compiled.:
+__gnu_compiled_c:
+	.rdata
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20
+	.byte	0x24,0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20
+	.byte	0x24,0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24
+	.byte	0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+	.byte	0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20
+	.byte	0x24,0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20
+	.byte	0x24,0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20
+	.byte	0x24,0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24
+	.byte	0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24
+	.byte	0x0
+
+	.byte	0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+	.byte	0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+	.byte	0x0
+	.text
+	.align	2
+	.globl	bn_mul_add_word
+	.ent	bn_mul_add_word
+bn_mul_add_word:
+	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
+	.mask	0x00000000,0
+	.fmask	0x00000000,0
+	.set	noreorder
+	.cpload	$25
+	.set	reorder
+	move	$12,$4
+	move	$14,$5
+	move	$9,$6
+	move	$13,$7
+	move	$8,$0
+	addu	$10,$12,12
+	addu	$11,$14,12
+$L2:
+	lw	$6,0($14)
+	#nop
+	multu	$13,$6
+	mfhi	$6
+	mflo	$7
+	#nop
+	move	$5,$8
+	move	$4,$0
+	lw	$3,0($12)
+	addu	$9,$9,-1
+	move	$2,$0
+	addu	$7,$7,$3
+	sltu	$8,$7,$3
+	addu	$6,$6,$2
+	addu	$6,$6,$8
+	addu	$7,$7,$5
+	sltu	$2,$7,$5
+	addu	$6,$6,$4
+	addu	$6,$6,$2
+	srl	$3,$6,0
+	move	$2,$0
+	move	$8,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$9,$0,$L3
+	sw	$7,0($12)
+	.set	macro
+	.set	reorder
+
+	lw	$6,-8($11)
+	#nop
+	multu	$13,$6
+	mfhi	$6
+	mflo	$7
+	#nop
+	move	$5,$8
+	move	$4,$0
+	lw	$3,-8($10)
+	addu	$9,$9,-1
+	move	$2,$0
+	addu	$7,$7,$3
+	sltu	$8,$7,$3
+	addu	$6,$6,$2
+	addu	$6,$6,$8
+	addu	$7,$7,$5
+	sltu	$2,$7,$5
+	addu	$6,$6,$4
+	addu	$6,$6,$2
+	srl	$3,$6,0
+	move	$2,$0
+	move	$8,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$9,$0,$L3
+	sw	$7,-8($10)
+	.set	macro
+	.set	reorder
+
+	lw	$6,-4($11)
+	#nop
+	multu	$13,$6
+	mfhi	$6
+	mflo	$7
+	#nop
+	move	$5,$8
+	move	$4,$0
+	lw	$3,-4($10)
+	addu	$9,$9,-1
+	move	$2,$0
+	addu	$7,$7,$3
+	sltu	$8,$7,$3
+	addu	$6,$6,$2
+	addu	$6,$6,$8
+	addu	$7,$7,$5
+	sltu	$2,$7,$5
+	addu	$6,$6,$4
+	addu	$6,$6,$2
+	srl	$3,$6,0
+	move	$2,$0
+	move	$8,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$9,$0,$L3
+	sw	$7,-4($10)
+	.set	macro
+	.set	reorder
+
+	lw	$6,0($11)
+	#nop
+	multu	$13,$6
+	mfhi	$6
+	mflo	$7
+	#nop
+	move	$5,$8
+	move	$4,$0
+	lw	$3,0($10)
+	addu	$9,$9,-1
+	move	$2,$0
+	addu	$7,$7,$3
+	sltu	$8,$7,$3
+	addu	$6,$6,$2
+	addu	$6,$6,$8
+	addu	$7,$7,$5
+	sltu	$2,$7,$5
+	addu	$6,$6,$4
+	addu	$6,$6,$2
+	srl	$3,$6,0
+	move	$2,$0
+	move	$8,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$9,$0,$L3
+	sw	$7,0($10)
+	.set	macro
+	.set	reorder
+
+	addu	$11,$11,16
+	addu	$14,$14,16
+	addu	$10,$10,16
+	.set	noreorder
+	.set	nomacro
+	j	$L2
+	addu	$12,$12,16
+	.set	macro
+	.set	reorder
+
+$L3:
+	.set	noreorder
+	.set	nomacro
+	j	$31
+	move	$2,$8
+	.set	macro
+	.set	reorder
+
+	.end	bn_mul_add_word
+	.align	2
+	.globl	bn_mul_word
+	.ent	bn_mul_word
+bn_mul_word:
+	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
+	.mask	0x00000000,0
+	.fmask	0x00000000,0
+	.set	noreorder
+	.cpload	$25
+	.set	reorder
+	move	$11,$4
+	move	$12,$5
+	move	$8,$6
+	move	$6,$0
+	addu	$10,$11,12
+	addu	$9,$12,12
+$L10:
+	lw	$4,0($12)
+	#nop
+	multu	$7,$4
+	mfhi	$4
+	mflo	$5
+	#nop
+	move	$3,$6
+	move	$2,$0
+	addu	$8,$8,-1
+	addu	$5,$5,$3
+	sltu	$6,$5,$3
+	addu	$4,$4,$2
+	addu	$4,$4,$6
+	srl	$3,$4,0
+	move	$2,$0
+	move	$6,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$8,$0,$L11
+	sw	$5,0($11)
+	.set	macro
+	.set	reorder
+
+	lw	$4,-8($9)
+	#nop
+	multu	$7,$4
+	mfhi	$4
+	mflo	$5
+	#nop
+	move	$3,$6
+	move	$2,$0
+	addu	$8,$8,-1
+	addu	$5,$5,$3
+	sltu	$6,$5,$3
+	addu	$4,$4,$2
+	addu	$4,$4,$6
+	srl	$3,$4,0
+	move	$2,$0
+	move	$6,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$8,$0,$L11
+	sw	$5,-8($10)
+	.set	macro
+	.set	reorder
+
+	lw	$4,-4($9)
+	#nop
+	multu	$7,$4
+	mfhi	$4
+	mflo	$5
+	#nop
+	move	$3,$6
+	move	$2,$0
+	addu	$8,$8,-1
+	addu	$5,$5,$3
+	sltu	$6,$5,$3
+	addu	$4,$4,$2
+	addu	$4,$4,$6
+	srl	$3,$4,0
+	move	$2,$0
+	move	$6,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$8,$0,$L11
+	sw	$5,-4($10)
+	.set	macro
+	.set	reorder
+
+	lw	$4,0($9)
+	#nop
+	multu	$7,$4
+	mfhi	$4
+	mflo	$5
+	#nop
+	move	$3,$6
+	move	$2,$0
+	addu	$8,$8,-1
+	addu	$5,$5,$3
+	sltu	$6,$5,$3
+	addu	$4,$4,$2
+	addu	$4,$4,$6
+	srl	$3,$4,0
+	move	$2,$0
+	move	$6,$3
+	.set	noreorder
+	.set	nomacro
+	beq	$8,$0,$L11
+	sw	$5,0($10)
+	.set	macro
+	.set	reorder
+
+	addu	$9,$9,16
+	addu	$12,$12,16
+	addu	$10,$10,16
+	.set	noreorder
+	.set	nomacro
+	j	$L10
+	addu	$11,$11,16
+	.set	macro
+	.set	reorder
+
+$L11:
+	.set	noreorder
+	.set	nomacro
+	j	$31
+	move	$2,$6
+	.set	macro
+	.set	reorder
+
+	.end	bn_mul_word
+	.align	2
+	.globl	bn_sqr_words
+	.ent	bn_sqr_words
+bn_sqr_words:
+	.frame	$sp,0,$31		# vars= 0, regs= 0/0, args= 0, extra= 0
+	.mask	0x00000000,0
+	.fmask	0x00000000,0
+	.set	noreorder
+	.cpload	$25
+	.set	reorder
+	move	$9,$4
+	addu	$7,$9,28
+	addu	$8,$5,12
+$L18:
+	lw	$2,0($5)
+	#nop
+	multu	$2,$2
+	mfhi	$2
+	mflo	$3
+	#nop
+	addu	$6,$6,-1
+	sw	$3,0($9)
+	srl	$3,$2,0
+	move	$2,$0
+	.set	noreorder
+	.set	nomacro
+	beq	$6,$0,$L19
+	sw	$3,-24($7)
+	.set	macro
+	.set	reorder
+
+	lw	$2,-8($8)
+	#nop
+	multu	$2,$2
+	mfhi	$2
+	mflo	$3
+	#nop
+	addu	$6,$6,-1
+	sw	$3,-20($7)
+	srl	$3,$2,0
+	move	$2,$0
+	.set	noreorder
+	.set	nomacro
+	beq	$6,$0,$L19
+	sw	$3,-16($7)
+	.set	macro
+	.set	reorder
+
+	lw	$2,-4($8)
+	#nop
+	multu	$2,$2
+	mfhi	$2
+	mflo	$3
+	#nop
+	addu	$6,$6,-1
+	sw	$3,-12($7)
+	srl	$3,$2,0
+	move	$2,$0
+	.set	noreorder
+	.set	nomacro
+	beq	$6,$0,$L19
+	sw	$3,-8($7)
+	.set	macro
+	.set	reorder
+
+	lw	$2,0($8)
+	#nop
+	multu	$2,$2
+	mfhi	$2
+	mflo	$3
+	#nop
+	addu	$6,$6,-1
+	sw	$3,-4($7)
+	srl	$3,$2,0
+	move	$2,$0
+	.set	noreorder
+	.set	nomacro
+	beq	$6,$0,$L19
+	sw	$3,0($7)
+	.set	macro
+	.set	reorder
+
+	addu	$8,$8,16
+	addu	$5,$5,16
+	addu	$7,$7,32
+	.set	noreorder
+	.set	nomacro
+	j	$L18
+	addu	$9,$9,32
+	.set	macro
+	.set	reorder
+
+$L19:
+	j	$31
+	.end	bn_sqr_words
+	.rdata
+	.align	2
+$LC0:
+
+	.byte	0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e
+	.byte	0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f
+	.byte	0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa
+	.byte	0x0
+	.text
+	.align	2
+	.globl	bn_div64
+	.ent	bn_div64
+bn_div64:
+	.frame	$sp,56,$31		# vars= 0, regs= 7/0, args= 16, extra= 8
+	.mask	0x901f0000,-8
+	.fmask	0x00000000,0
+	.set	noreorder
+	.cpload	$25
+	.set	reorder
+	subu	$sp,$sp,56
+	.cprestore 16
+	sw	$16,24($sp)
+	move	$16,$4
+	sw	$17,28($sp)
+	move	$17,$5
+	sw	$18,32($sp)
+	move	$18,$6
+	sw	$20,40($sp)
+	move	$20,$0
+	sw	$19,36($sp)
+	li	$19,0x00000002		# 2
+	sw	$31,48($sp)
+	.set	noreorder
+	.set	nomacro
+	bne	$18,$0,$L26
+	sw	$28,44($sp)
+	.set	macro
+	.set	reorder
+
+	.set	noreorder
+	.set	nomacro
+	j	$L43
+	li	$2,-1			# 0xffffffff
+	.set	macro
+	.set	reorder
+
+$L26:
+	move	$4,$18
+	jal	BN_num_bits_word
+	move	$4,$2
+	li	$2,0x00000020		# 32
+	.set	noreorder
+	.set	nomacro
+	beq	$4,$2,$L27
+	li	$2,0x00000001		# 1
+	.set	macro
+	.set	reorder
+
+	sll	$2,$2,$4
+	sltu	$2,$2,$16
+	.set	noreorder
+	.set	nomacro
+	beq	$2,$0,$L44
+	li	$5,0x00000020		# 32
+	.set	macro
+	.set	reorder
+
+	la	$4,__iob+32
+	la	$5,$LC0
+	jal	fprintf
+	jal	abort
+$L27:
+	li	$5,0x00000020		# 32
+$L44:
+	sltu	$2,$16,$18
+	.set	noreorder
+	.set	nomacro
+	bne	$2,$0,$L28
+	subu	$4,$5,$4
+	.set	macro
+	.set	reorder
+
+	subu	$16,$16,$18
+$L28:
+	.set	noreorder
+	.set	nomacro
+	beq	$4,$0,$L29
+	li	$10,-65536			# 0xffff0000
+	.set	macro
+	.set	reorder
+
+	sll	$18,$18,$4
+	sll	$3,$16,$4
+	subu	$2,$5,$4
+	srl	$2,$17,$2
+	or	$16,$3,$2
+	sll	$17,$17,$4
+$L29:
+	srl	$7,$18,16
+	andi	$9,$18,0xffff
+$L30:
+	srl	$2,$16,16
+	.set	noreorder
+	.set	nomacro
+	beq	$2,$7,$L34
+	li	$6,0x0000ffff		# 65535
+	.set	macro
+	.set	reorder
+
+	divu	$6,$16,$7
+$L34:
+	mult	$6,$9
+	mflo	$5
+	#nop
+	#nop
+	mult	$6,$7
+	and	$2,$17,$10
+	srl	$8,$2,16
+	mflo	$4
+$L35:
+	subu	$3,$16,$4
+	and	$2,$3,$10
+	.set	noreorder
+	.set	nomacro
+	bne	$2,$0,$L36
+	sll	$2,$3,16
+	.set	macro
+	.set	reorder
+
+	addu	$2,$2,$8
+	sltu	$2,$2,$5
+	.set	noreorder
+	.set	nomacro
+	beq	$2,$0,$L36
+	subu	$5,$5,$9
+	.set	macro
+	.set	reorder
+
+	subu	$4,$4,$7
+	.set	noreorder
+	.set	nomacro
+	j	$L35
+	addu	$6,$6,-1
+	.set	macro
+	.set	reorder
+
+$L36:
+	mult	$6,$7
+	mflo	$5
+	#nop
+	#nop
+	mult	$6,$9
+	mflo	$4
+	#nop
+	#nop
+	srl	$3,$4,16
+	sll	$2,$4,16
+	and	$4,$2,$10
+	sltu	$2,$17,$4
+	.set	noreorder
+	.set	nomacro
+	beq	$2,$0,$L40
+	addu	$5,$5,$3
+	.set	macro
+	.set	reorder
+
+	addu	$5,$5,1
+$L40:
+	sltu	$2,$16,$5
+	.set	noreorder
+	.set	nomacro
+	beq	$2,$0,$L41
+	subu	$17,$17,$4
+	.set	macro
+	.set	reorder
+
+	addu	$16,$16,$18
+	addu	$6,$6,-1
+$L41:
+	addu	$19,$19,-1
+	.set	noreorder
+	.set	nomacro
+	beq	$19,$0,$L31
+	subu	$16,$16,$5
+	.set	macro
+	.set	reorder
+
+	sll	$20,$6,16
+	sll	$3,$16,16
+	srl	$2,$17,16
+	or	$16,$3,$2
+	.set	noreorder
+	.set	nomacro
+	j	$L30
+	sll	$17,$17,16
+	.set	macro
+	.set	reorder
+
+$L31:
+	or	$2,$20,$6
+$L43:
+	lw	$31,48($sp)
+	lw	$20,40($sp)
+	lw	$19,36($sp)
+	lw	$18,32($sp)
+	lw	$17,28($sp)
+	lw	$16,24($sp)
+	addu	$sp,$sp,56
+	j	$31
+	.end	bn_div64
+
+	.globl abort .text
+	.globl fprintf .text
+	.globl BN_num_bits_word .text
diff --git a/crypto/bn/asm/sparc.s b/crypto/bn/asm/sparc.s
new file mode 100644
index 0000000000..37c5fb194e
--- /dev/null
+++ b/crypto/bn/asm/sparc.s
@@ -0,0 +1,359 @@
+	.file	"bn_mulw.c"
+gcc2_compiled.:
+.section	".text"
+	.align 4
+	.global bn_mul_add_word
+	.type	 bn_mul_add_word,#function
+	.proc	016
+bn_mul_add_word:
+	!#PROLOGUE# 0
+	save %sp,-112,%sp
+	!#PROLOGUE# 1
+	mov %i0,%o0
+	mov %i1,%o2
+	mov %i2,%g1
+	mov %i3,%o1
+	mov 0,%i4
+	add %o0,12,%g4
+	add %o2,12,%o7
+.LL2:
+	mov %i4,%i3
+	mov 0,%i2
+	ld [%o0],%g2
+	mov %g2,%i1
+	ld [%o2],%g2
+	mov 0,%i0
+	umul %o1,%g2,%g3
+	rd %y,%g2
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %g3,%i3,%g3
+	addx %g2,%i2,%g2
+	st %g3,[%o0]
+	mov %g2,%i5
+	mov 0,%i4
+	addcc %g1,-1,%g1
+	be .LL3
+	mov %i5,%i4
+	mov %i4,%i3
+	mov 0,%i2
+	ld [%g4-8],%g2
+	mov %g2,%i1
+	ld [%o7-8],%g2
+	mov 0,%i0
+	umul %o1,%g2,%g3
+	rd %y,%g2
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %g3,%i3,%g3
+	addx %g2,%i2,%g2
+	st %g3,[%g4-8]
+	mov %g2,%i5
+	mov 0,%i4
+	addcc %g1,-1,%g1
+	be .LL3
+	mov %i5,%i4
+	mov %i4,%i3
+	mov 0,%i2
+	ld [%g4-4],%g2
+	mov %g2,%i1
+	ld [%o7-4],%g2
+	mov 0,%i0
+	umul %o1,%g2,%g3
+	rd %y,%g2
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %g3,%i3,%g3
+	addx %g2,%i2,%g2
+	st %g3,[%g4-4]
+	mov %g2,%i5
+	mov 0,%i4
+	addcc %g1,-1,%g1
+	be .LL3
+	mov %i5,%i4
+	mov %i4,%i3
+	mov 0,%i2
+	ld [%g4],%g2
+	mov %g2,%i1
+	ld [%o7],%g2
+	mov 0,%i0
+	umul %o1,%g2,%g3
+	rd %y,%g2
+	addcc %g3,%i1,%g3
+	addx %g2,%i0,%g2
+	addcc %g3,%i3,%g3
+	addx %g2,%i2,%g2
+	st %g3,[%g4]
+	mov %g2,%i5
+	mov 0,%i4
+	addcc %g1,-1,%g1
+	be .LL3
+	mov %i5,%i4
+	add %o7,16,%o7
+	add %o2,16,%o2
+	add %g4,16,%g4
+	b .LL2
+	add %o0,16,%o0
+.LL3:
+	ret
+	restore %g0,%i4,%o0
+.LLfe1:
+	.size	 bn_mul_add_word,.LLfe1-bn_mul_add_word
+	.align 4
+	.global bn_mul_word
+	.type	 bn_mul_word,#function
+	.proc	016
+bn_mul_word:
+	!#PROLOGUE# 0
+	save %sp,-112,%sp
+	!#PROLOGUE# 1
+	mov %i0,%o7
+	mov %i1,%o0
+	mov %i2,%i4
+	mov %i3,%g4
+	mov 0,%i0
+	add %o7,12,%g1
+	add %o0,12,%i5
+.LL18:
+	mov %i0,%g3
+	mov 0,%g2
+	ld [%o0],%i2
+	umul %g4,%i2,%i3
+	rd %y,%i2
+	addcc %i3,%g3,%i3
+	addx %i2,%g2,%i2
+	st %i3,[%o7]
+	mov %i2,%i1
+	mov 0,%i0
+	addcc %i4,-1,%i4
+	be .LL19
+	mov %i1,%i0
+	mov %i0,%g3
+	mov 0,%g2
+	ld [%i5-8],%i2
+	umul %g4,%i2,%i3
+	rd %y,%i2
+	addcc %i3,%g3,%i3
+	addx %i2,%g2,%i2
+	st %i3,[%g1-8]
+	mov %i2,%i1
+	mov 0,%i0
+	addcc %i4,-1,%i4
+	be .LL19
+	mov %i1,%i0
+	mov %i0,%g3
+	mov 0,%g2
+	ld [%i5-4],%i2
+	umul %g4,%i2,%i3
+	rd %y,%i2
+	addcc %i3,%g3,%i3
+	addx %i2,%g2,%i2
+	st %i3,[%g1-4]
+	mov %i2,%i1
+	mov 0,%i0
+	addcc %i4,-1,%i4
+	be .LL19
+	mov %i1,%i0
+	mov %i0,%g3
+	mov 0,%g2
+	ld [%i5],%i2
+	umul %g4,%i2,%i3
+	rd %y,%i2
+	addcc %i3,%g3,%i3
+	addx %i2,%g2,%i2
+	st %i3,[%g1]
+	mov %i2,%i1
+	mov 0,%i0
+	addcc %i4,-1,%i4
+	be .LL19
+	mov %i1,%i0
+	add %i5,16,%i5
+	add %o0,16,%o0
+	add %g1,16,%g1
+	b .LL18
+	add %o7,16,%o7
+.LL19:
+	ret
+	restore
+.LLfe2:
+	.size	 bn_mul_word,.LLfe2-bn_mul_word
+	.align 4
+	.global bn_sqr_words
+	.type	 bn_sqr_words,#function
+	.proc	020
+bn_sqr_words:
+	!#PROLOGUE# 0
+	!#PROLOGUE# 1
+	mov %o0,%g4
+	add %g4,28,%o3
+	add %o1,12,%g1
+.LL34:
+	ld [%o1],%o0
+	addcc %o2,-1,%o2
+	umul %o0,%o0,%o5
+	rd %y,%o4
+	st %o5,[%g4]
+	mov %o4,%g3
+	mov 0,%g2
+	be .LL35
+	st %g3,[%o3-24]
+	ld [%g1-8],%o0
+	addcc %o2,-1,%o2
+	umul %o0,%o0,%o5
+	rd %y,%o4
+	st %o5,[%o3-20]
+	mov %o4,%g3
+	mov 0,%g2
+	be .LL35
+	st %g3,[%o3-16]
+	ld [%g1-4],%o0
+	addcc %o2,-1,%o2
+	umul %o0,%o0,%o5
+	rd %y,%o4
+	st %o5,[%o3-12]
+	mov %o4,%g3
+	mov 0,%g2
+	be .LL35
+	st %g3,[%o3-8]
+	ld [%g1],%o0
+	addcc %o2,-1,%o2
+	umul %o0,%o0,%o5
+	rd %y,%o4
+	st %o5,[%o3-4]
+	mov %o4,%g3
+	mov 0,%g2
+	be .LL35
+	st %g3,[%o3]
+	add %g1,16,%g1
+	add %o1,16,%o1
+	add %o3,32,%o3
+	b .LL34
+	add %g4,32,%g4
+.LL35:
+	retl
+	nop
+.LLfe3:
+	.size	 bn_sqr_words,.LLfe3-bn_sqr_words
+.section	".rodata"
+	.align 8
+.LLC0:
+	.asciz	"Division would overflow\n"
+.section	".text"
+	.align 4
+	.global bn_div64
+	.type	 bn_div64,#function
+	.proc	016
+bn_div64:
+	!#PROLOGUE# 0
+	save %sp,-112,%sp
+	!#PROLOGUE# 1
+	mov 0,%l1
+	cmp %i2,0
+	bne .LL42
+	mov 2,%l0
+	b .LL59
+	mov -1,%i0
+.LL42:
+	call BN_num_bits_word,0
+	mov %i2,%o0
+	mov %o0,%o2
+	cmp %o2,32
+	be .LL43
+	mov 1,%o0
+	sll %o0,%o2,%o0
+	cmp %i0,%o0
+	bleu .LL60
+	mov 32,%o0
+	sethi %hi(__iob+32),%o0
+	or %o0,%lo(__iob+32),%o0
+	sethi %hi(.LLC0),%o1
+	call fprintf,0
+	or %o1,%lo(.LLC0),%o1
+	call abort,0
+	nop
+.LL43:
+	mov 32,%o0
+.LL60:
+	cmp %i0,%i2
+	blu .LL44
+	sub %o0,%o2,%o2
+	sub %i0,%i2,%i0
+.LL44:
+	cmp %o2,0
+	be .LL45
+	sethi %hi(-65536),%o7
+	sll %i2,%o2,%i2
+	sll %i0,%o2,%o1
+	sub %o0,%o2,%o0
+	srl %i1,%o0,%o0
+	or %o1,%o0,%i0
+	sll %i1,%o2,%i1
+.LL45:
+	srl %i2,16,%g2
+	sethi %hi(65535),%o0
+	or %o0,%lo(65535),%o1
+	and %i2,%o1,%g3
+	mov %o0,%g4
+	mov %o1,%g1
+.LL46:
+	srl %i0,16,%o0
+	cmp %o0,%g2
+	be .LL50
+	or %g4,%lo(65535),%o3
+	wr %g0,%g0,%y
+	nop
+	nop
+	nop
+	udiv %i0,%g2,%o3
+.LL50:
+	and %i1,%o7,%o0
+	srl %o0,16,%o5
+	smul %o3,%g3,%o4
+	smul %o3,%g2,%o2
+.LL51:
+	sub %i0,%o2,%o1
+	andcc %o1,%o7,%g0
+	bne .LL52
+	sll %o1,16,%o0
+	add %o0,%o5,%o0
+	cmp %o4,%o0
+	bleu .LL52
+	sub %o4,%g3,%o4
+	sub %o2,%g2,%o2
+	b .LL51
+	add %o3,-1,%o3
+.LL52:
+	smul %o3,%g2,%o2
+	smul %o3,%g3,%o0
+	srl %o0,16,%o1
+	sll %o0,16,%o0
+	and %o0,%o7,%o0
+	cmp %i1,%o0
+	bgeu .LL56
+	add %o2,%o1,%o2
+	add %o2,1,%o2
+.LL56:
+	cmp %i0,%o2
+	bgeu .LL57
+	sub %i1,%o0,%i1
+	add %i0,%i2,%i0
+	add %o3,-1,%o3
+.LL57:
+	addcc %l0,-1,%l0
+	be .LL47
+	sub %i0,%o2,%i0
+	sll %o3,16,%l1
+	sll %i0,16,%o0
+	srl %i1,16,%o1
+	or %o0,%o1,%i0
+	and %i1,%g1,%o0
+	b .LL46
+	sll %o0,16,%i1
+.LL47:
+	or %l1,%o3,%i0
+.LL59:
+	ret
+	restore
+.LLfe4:
+	.size	 bn_div64,.LLfe4-bn_div64
+	.ident	"GCC: (GNU) 2.7.0"
diff --git a/crypto/bn/asm/x86-bsdi.s b/crypto/bn/asm/x86-bsdi.s
new file mode 100644
index 0000000000..ca6687648e
--- /dev/null
+++ b/crypto/bn/asm/x86-bsdi.s
@@ -0,0 +1,272 @@
+	.file	"bn_mulw.c"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align 4
+.globl _bn_mul_add_word
+_bn_mul_add_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	# ax		L(t)
+	# dx		H(t)
+	# bx		a
+	# cx		w
+	# di		r
+	# si		c
+	# bp		num
+	xorl %esi,%esi		# c=0
+	movl 20(%esp),%edi	# r => edi
+	movl 24(%esp),%ebx	# a => exb
+	movl 32(%esp),%ecx	# w => ecx
+	movl 28(%esp),%ebp	# num => ebp
+
+	shrl $2,%ebp		# num/4
+	je .L910
+
+#	.align 4
+.L110:
+	# Round 1
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl (%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+= carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 2
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl 4(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+= carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 3
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl 8(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 4
+	movl %ecx,%eax		# w => eax
+	mull 12(%ebx)		# w * *a 
+	addl 12(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,12(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	addl $16,%ebx		# a+=4 (4 words)
+	addl $16,%edi		# r+=4 (4 words)
+
+	decl %ebp		# --num
+	je .L910
+	jmp .L110
+#	.align 4
+.L910:
+	movl 28(%esp),%ebp	# num => ebp
+	andl $3,%ebp
+	je .L111
+
+	# Round 1
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl (%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L111
+
+	# Round 2
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl 4(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L111
+
+	# Round 3
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl 8(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+#	.align 4
+.L111:
+	movl %esi,%eax		# return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe1:
+	.align 4
+.globl _bn_mul_word
+_bn_mul_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	# ax		L(t)
+	# dx		H(t)
+	# bx		a
+	# cx		w
+	# di		r
+	# num		bp
+	# si		c
+	xorl %esi,%esi		# c=0
+	movl 20(%esp),%edi	# r => edi
+	movl 24(%esp),%ebx	# a => exb
+	movl 28(%esp),%ebp	# num => bp
+	movl 32(%esp),%ecx	# w => ecx
+
+#	.align 4
+.L210:
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 12(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,12(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	addl $16,%ebx		# a+=4 (4 words)
+	addl $16,%edi		# r+=4 (4 words)
+
+	jmp .L210
+#	.align 4
+.L211:
+	movl %esi,%eax		# return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe2:
+	.align 4
+.globl _bn_sqr_words
+_bn_sqr_words:
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+	movl 16(%esp),%esi	# r
+	movl 20(%esp),%edi	# a
+	movl 24(%esp),%ebx	# n
+#	.align 4
+	shrl $2,%ebx
+	jz .L99
+.L28:
+	movl (%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,(%esi)	# put low into return addr
+	movl %edx,4(%esi)	# put high into return addr
+
+	movl 4(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,8(%esi)	# put low into return addr
+	movl %edx,12(%esi)	# put high into return addr
+
+	movl 8(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,16(%esi)	# put low into return addr
+	movl %edx,20(%esi)	# put high into return addr
+
+	movl 12(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,24(%esi)	# put low into return addr
+	movl %edx,28(%esi)	# put high into return addr
+
+	addl $16,%edi
+	addl $32,%esi
+	decl %ebx		# n-=4;
+	jz .L99
+	jmp .L28
+#	.align 4
+.L99:
+	movl 24(%esp),%ebx	# n
+	andl $3,%ebx
+	jz .L29
+	movl (%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,(%esi)	# put low into return addr
+	movl %edx,4(%esi)	# put high into return addr
+	decl %ebx		# n--;
+	jz .L29
+	movl 4(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,8(%esi)	# put low into return addr
+	movl %edx,12(%esi)	# put high into return addr
+	decl %ebx		# n--;
+	jz .L29
+	movl 8(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,16(%esi)	# put low into return addr
+	movl %edx,20(%esi)	# put high into return addr
+
+.L29:
+	popl %ebx
+	popl %esi
+	popl %edi
+	ret
+.Lfe3:
+	.align 4
+.globl _bn_div64
+_bn_div64:
+	movl 4(%esp),%edx	# a
+	movl 8(%esp),%eax	# b
+	divl 12(%esp)		# ab/c
+	ret
+.Lfe4:
+	.ident	"GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86-lnx.s b/crypto/bn/asm/x86-lnx.s
new file mode 100644
index 0000000000..5123867440
--- /dev/null
+++ b/crypto/bn/asm/x86-lnx.s
@@ -0,0 +1,282 @@
+	.file	"bn_mulw.c"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align 16
+.globl bn_mul_add_word
+	.type	 bn_mul_add_word,@function
+bn_mul_add_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	# ax		L(t)
+	# dx		H(t)
+	# bx		a
+	# cx		w
+	# di		r
+	# si		c
+	# bp		num
+	xorl %esi,%esi		# c=0
+	movl 20(%esp),%edi	# r => edi
+	movl 24(%esp),%ebx	# a => exb
+	movl 32(%esp),%ecx	# w => ecx
+	movl 28(%esp),%ebp	# num => ebp
+
+	shrl $2,%ebp		# num/4
+	je .L910
+
+	.align 4
+.L110:
+	# Round 1
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl (%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+= carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 2
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl 4(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+= carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 3
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl 8(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 4
+	movl %ecx,%eax		# w => eax
+	mull 12(%ebx)		# w * *a 
+	addl 12(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,12(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	addl $16,%ebx		# a+=4 (4 words)
+	addl $16,%edi		# r+=4 (4 words)
+
+	decl %ebp		# --num
+	je .L910
+	jmp .L110
+	.align 4
+.L910:
+	movl 28(%esp),%ebp	# num => ebp
+	andl $3,%ebp
+	je .L111
+
+	# Round 1
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl (%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L111
+
+	# Round 2
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl 4(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L111
+
+	# Round 3
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl 8(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	.align 4
+.L111:
+	movl %esi,%eax		# return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe1:
+	.size	 bn_mul_add_word,.Lfe1-bn_mul_add_word
+	.align 16
+.globl bn_mul_word
+	.type	 bn_mul_word,@function
+bn_mul_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	# ax		L(t)
+	# dx		H(t)
+	# bx		a
+	# cx		w
+	# di		r
+	# num		bp
+	# si		c
+	xorl %esi,%esi		# c=0
+	movl 20(%esp),%edi	# r => edi
+	movl 24(%esp),%ebx	# a => exb
+	movl 28(%esp),%ebp	# num => bp
+	movl 32(%esp),%ecx	# w => ecx
+
+	.align 4
+.L210:
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 12(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,12(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	addl $16,%ebx		# a+=4 (4 words)
+	addl $16,%edi		# r+=4 (4 words)
+
+	jmp .L210
+	.align 16
+.L211:
+	movl %esi,%eax		# return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe2:
+	.size	 bn_mul_word,.Lfe2-bn_mul_word
+
+	.align 16
+.globl bn_sqr_words
+	.type	 bn_sqr_words,@function
+bn_sqr_words:
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+	movl 16(%esp),%esi	# r
+	movl 20(%esp),%edi	# a
+	movl 24(%esp),%ebx	# n
+	.align 4
+	shrl $2,%ebx
+	jz .L99
+.L28:
+	movl (%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,(%esi)	# put low into return addr
+	movl %edx,4(%esi)	# put high into return addr
+
+	movl 4(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,8(%esi)	# put low into return addr
+	movl %edx,12(%esi)	# put high into return addr
+
+	movl 8(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,16(%esi)	# put low into return addr
+	movl %edx,20(%esi)	# put high into return addr
+
+	movl 12(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,24(%esi)	# put low into return addr
+	movl %edx,28(%esi)	# put high into return addr
+
+	addl $16,%edi
+	addl $32,%esi
+	decl %ebx		# n-=4;
+	jz .L99
+	jmp .L28
+	.align 16
+.L99:
+	movl 24(%esp),%ebx	# n
+	andl $3,%ebx
+	jz .L29
+	movl (%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,(%esi)	# put low into return addr
+	movl %edx,4(%esi)	# put high into return addr
+	decl %ebx		# n--;
+	jz .L29
+	movl 4(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,8(%esi)	# put low into return addr
+	movl %edx,12(%esi)	# put high into return addr
+	decl %ebx		# n--;
+	jz .L29
+	movl 8(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,16(%esi)	# put low into return addr
+	movl %edx,20(%esi)	# put high into return addr
+
+.L29:
+	popl %ebx
+	popl %esi
+	popl %edi
+	ret
+.Lfe3:
+	.size	 bn_sqr_words,.Lfe3-bn_sqr_words
+
+	.align 16
+.globl bn_div64
+	.type	 bn_div64,@function
+bn_div64:
+	movl 4(%esp),%edx	# a
+	movl 8(%esp),%eax	# b
+	divl 12(%esp)		# ab/c
+	ret
+.Lfe4:
+	.size	 bn_div64,.Lfe4-bn_div64
+	.ident	"GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86-lnxa.s b/crypto/bn/asm/x86-lnxa.s
new file mode 100644
index 0000000000..74855dc74d
--- /dev/null
+++ b/crypto/bn/asm/x86-lnxa.s
@@ -0,0 +1,282 @@
+	.file	"bn_mulw.c"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align 4
+.globl _bn_mul_add_word
+	.type	 _bn_mul_add_word,@function
+_bn_mul_add_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	# ax		L(t)
+	# dx		H(t)
+	# bx		a
+	# cx		w
+	# di		r
+	# si		c
+	# bp		num
+	xorl %esi,%esi		# c=0
+	movl 20(%esp),%edi	# r => edi
+	movl 24(%esp),%ebx	# a => exb
+	movl 32(%esp),%ecx	# w => ecx
+	movl 28(%esp),%ebp	# num => ebp
+
+	shrl $2,%ebp		# num/4
+	je .L910
+
+#	.align 4
+.L110:
+	# Round 1
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl (%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+= carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 2
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl 4(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+= carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 3
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl 8(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	# Round 4
+	movl %ecx,%eax		# w => eax
+	mull 12(%ebx)		# w * *a 
+	addl 12(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,12(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+	addl $16,%ebx		# a+=4 (4 words)
+	addl $16,%edi		# r+=4 (4 words)
+
+	decl %ebp		# --num
+	je .L910
+	jmp .L110
+#	.align 4
+.L910:
+	movl 28(%esp),%ebp	# num => ebp
+	andl $3,%ebp
+	je .L111
+
+	# Round 1
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl (%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L111
+
+	# Round 2
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl 4(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L111
+
+	# Round 3
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl 8(%edi),%eax	# *r+=L(t)
+	adcl $0,%edx		# H(t)+=carry
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r+=L(t)
+	movl %edx,%esi		# c=H(t)
+
+#	.align 4
+.L111:
+	movl %esi,%eax		# return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe1:
+	.size	 _bn_mul_add_word,.Lfe1-_bn_mul_add_word
+	.align 4
+.globl _bn_mul_word
+	.type	 _bn_mul_word,@function
+_bn_mul_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	# ax		L(t)
+	# dx		H(t)
+	# bx		a
+	# cx		w
+	# di		r
+	# num		bp
+	# si		c
+	xorl %esi,%esi		# c=0
+	movl 20(%esp),%edi	# r => edi
+	movl 24(%esp),%ebx	# a => exb
+	movl 28(%esp),%ebp	# num => bp
+	movl 32(%esp),%ecx	# w => ecx
+
+#	.align 4
+.L210:
+	movl %ecx,%eax		# w => eax
+	mull (%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 4(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,4(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 8(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,8(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	movl %ecx,%eax		# w => eax
+	mull 12(%ebx)		# w * *a 
+	addl %esi,%eax		# L(t)+=c
+	adcl $0,%edx		# H(t)+=carry
+	movl %eax,12(%edi)	# *r=L(t)
+	movl %edx,%esi		# c=H(t)
+	decl %ebp		# --num
+	je .L211
+
+	addl $16,%ebx		# a+=4 (4 words)
+	addl $16,%edi		# r+=4 (4 words)
+
+	jmp .L210
+#	.align 4
+.L211:
+	movl %esi,%eax		# return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe2:
+	.size	 _bn_mul_word,.Lfe2-_bn_mul_word
+
+	.align 4
+.globl _bn_sqr_words
+	.type	 _bn_sqr_words,@function
+_bn_sqr_words:
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+	movl 16(%esp),%esi	# r
+	movl 20(%esp),%edi	# a
+	movl 24(%esp),%ebx	# n
+#	.align 4
+	shrl $2,%ebx
+	jz .L99
+.L28:
+	movl (%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,(%esi)	# put low into return addr
+	movl %edx,4(%esi)	# put high into return addr
+
+	movl 4(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,8(%esi)	# put low into return addr
+	movl %edx,12(%esi)	# put high into return addr
+
+	movl 8(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,16(%esi)	# put low into return addr
+	movl %edx,20(%esi)	# put high into return addr
+
+	movl 12(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,24(%esi)	# put low into return addr
+	movl %edx,28(%esi)	# put high into return addr
+
+	addl $16,%edi
+	addl $32,%esi
+	decl %ebx		# n-=4;
+	jz .L99
+	jmp .L28
+#	.align 4
+.L99:
+	movl 24(%esp),%ebx	# n
+	andl $3,%ebx
+	jz .L29
+	movl (%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,(%esi)	# put low into return addr
+	movl %edx,4(%esi)	# put high into return addr
+	decl %ebx		# n--;
+	jz .L29
+	movl 4(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,8(%esi)	# put low into return addr
+	movl %edx,12(%esi)	# put high into return addr
+	decl %ebx		# n--;
+	jz .L29
+	movl 8(%edi),%eax	# get a
+	mull %eax		# a*a
+	movl %eax,16(%esi)	# put low into return addr
+	movl %edx,20(%esi)	# put high into return addr
+
+.L29:
+	popl %ebx
+	popl %esi
+	popl %edi
+	ret
+.Lfe3:
+	.size	 _bn_sqr_words,.Lfe3-_bn_sqr_words
+
+	.align 4
+.globl _bn_div64
+	.type	 _bn_div64,@function
+_bn_div64:
+	movl 4(%esp),%edx	# a
+	movl 8(%esp),%eax	# b
+	divl 12(%esp)		# ab/c
+	ret
+.Lfe4:
+	.size	 _bn_div64,.Lfe4-_bn_div64
+	.ident	"GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86-sol.s b/crypto/bn/asm/x86-sol.s
new file mode 100644
index 0000000000..c961e64fa0
--- /dev/null
+++ b/crypto/bn/asm/x86-sol.s
@@ -0,0 +1,224 @@
+	.file	"bn_mulw.c"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align 16
+.globl bn_mul_add_word
+	.type	 bn_mul_add_word,@function
+bn_mul_add_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	/ ax		L(t)
+	/ dx		H(t)
+	/ bx		a
+	/ cx		w
+	/ di		r
+	/ si		c
+	/ bp		num
+	xorl %esi,%esi		/ c=0
+	movl 20(%esp),%edi	/ r => edi
+	movl 24(%esp),%ebx	/ a => exb
+	movl 28(%esp),%ebp	/ num => ebp
+	movl 32(%esp),%ecx	/ w => ecx
+
+	.align 4
+.L110:
+	movl %ecx,%eax		/ w => eax
+	mull (%ebx)		/ w * *a 
+	addl (%edi),%eax	/ L(t)+= *r
+	adcl $0,%edx		/ H(t)+= carry
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L111
+
+	movl %ecx,%eax		/ w => eax
+	mull 4(%ebx)		/ w * *a 
+	addl 4(%edi),%eax	/ L(t)+= *r
+	adcl $0,%edx		/ H(t)+= carry
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,4(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L111
+
+	movl %ecx,%eax		/ w => eax
+	mull 8(%ebx)		/ w * *a 
+	addl 8(%edi),%eax	/ L(t)+= *r
+	adcl $0,%edx		/ H(t)+= carry
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,8(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L111
+
+	movl %ecx,%eax		/ w => eax
+	mull 12(%ebx)		/ w * *a 
+	addl 12(%edi),%eax	/ L(t)+= *r
+	adcl $0,%edx		/ H(t)+= carry
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,12(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L111
+
+	addl $16,%ebx		/ a+=4 (4 words)
+	addl $16,%edi		/ r+=4 (4 words)
+
+	jmp .L110
+	.align 16
+.L111:
+	movl %esi,%eax		/ return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe1:
+	.size	 bn_mul_add_word,.Lfe1-bn_mul_add_word
+	.align 16
+.globl bn_mul_word
+	.type	 bn_mul_word,@function
+bn_mul_word:
+	pushl %ebp
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+
+	/ ax		L(t)
+	/ dx		H(t)
+	/ bx		a
+	/ cx		w
+	/ di		r
+	/ num		bp
+	/ si		c
+	xorl %esi,%esi		/ c=0
+	movl 20(%esp),%edi	/ r => edi
+	movl 24(%esp),%ebx	/ a => exb
+	movl 28(%esp),%ebp	/ num => ebp
+	movl 32(%esp),%ecx	/ w => ecx
+
+	.align 4
+.L210:
+	movl %ecx,%eax		/ w => eax
+	mull (%ebx)		/ w * *a 
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L211
+
+	movl %ecx,%eax		/ w => eax
+	mull 4(%ebx)		/ w * *a 
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,4(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L211
+
+	movl %ecx,%eax		/ w => eax
+	mull 8(%ebx)		/ w * *a 
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,8(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L211
+
+	movl %ecx,%eax		/ w => eax
+	mull 12(%ebx)		/ w * *a 
+	addl %esi,%eax		/ L(t)+=c
+	adcl $0,%edx		/ H(t)+=carry
+	movl %eax,12(%edi)	/ *r=L(t)
+	movl %edx,%esi		/ c=H(t)
+	decl %ebp		/ --num
+	je .L211
+
+	addl $16,%ebx		/ a+=4 (4 words)
+	addl $16,%edi		/ r+=4 (4 words)
+
+	jmp .L210
+	.align 16
+.L211:
+	movl %esi,%eax		/ return(c)
+	popl %ebx
+	popl %esi
+	popl %edi
+	popl %ebp
+	ret
+.Lfe2:
+	.size	 bn_mul_word,.Lfe2-bn_mul_word
+
+	.align 16
+.globl bn_sqr_words
+	.type	 bn_sqr_words,@function
+bn_sqr_words:
+	pushl %edi
+	pushl %esi
+	pushl %ebx
+	movl 16(%esp),%esi	/ r
+	movl 20(%esp),%edi	/ a
+	movl 24(%esp),%ebx	/ n
+	.align 4
+.L28:
+	movl (%edi),%eax	/ get a
+	mull %eax		/ a*a
+	movl %eax,(%esi)	/ put low into return addr
+	movl %edx,4(%esi)	/ put high into return addr
+	decl %ebx		/ n--;
+	je .L29
+
+	movl 4(%edi),%eax	/ get a
+	mull %eax		/ a*a
+	movl %eax,8(%esi)	/ put low into return addr
+	movl %edx,12(%esi)	/ put high into return addr
+	decl %ebx		/ n--;
+	je .L29
+
+	movl 8(%edi),%eax	/ get a
+	mull %eax		/ a*a
+	movl %eax,16(%esi)	/ put low into return addr
+	movl %edx,20(%esi)	/ put high into return addr
+	decl %ebx		/ n--;
+	je .L29
+
+	movl 12(%edi),%eax	/ get a
+	mull %eax		/ a*a
+	movl %eax,24(%esi)	/ put low into return addr
+	movl %edx,28(%esi)	/ put high into return addr
+	decl %ebx		/ n--;
+	je .L29
+
+	addl $16,%edi
+	addl $32,%esi
+	jmp .L28
+	.align 16
+.L29:
+	popl %ebx
+	popl %esi
+	popl %edi
+	ret
+.Lfe3:
+	.size	 bn_sqr_words,.Lfe3-bn_sqr_words
+
+	.align 16
+.globl bn_div64
+	.type	 bn_div64,@function
+bn_div64:
+	movl 4(%esp),%edx	/ a
+	movl 8(%esp),%eax	/ b
+	divl 12(%esp)		/ ab/c
+	ret
+.Lfe4:
+	.size	 bn_div64,.Lfe4-bn_div64
+	.ident	"GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86nt32.asm b/crypto/bn/asm/x86nt32.asm
new file mode 100644
index 0000000000..0198c2c583
--- /dev/null
+++ b/crypto/bn/asm/x86nt32.asm
@@ -0,0 +1,288 @@
+	TITLE	bn_mulw.c
+	.386P
+.model FLAT
+PUBLIC	_bn_mul_add_word
+_TEXT	SEGMENT
+; File bn_mulw.c
+_bn_mul_add_word PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	edi,DWORD PTR 20[esp]   ; r
+	mov	ebx,DWORD PTR 24[esp]	; a
+	mov	ecx,DWORD PTR 32[esp]	; w
+	xor	esi,esi			; c=0
+
+	mov	ebp,DWORD PTR 28[esp]	; num
+	shr	ebp,2			; num/4
+	jz	$L666
+
+$L546:
+	; Round one
+	mov	eax,DWORD PTR [ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR [edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR [edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+
+	; Round two
+	mov	eax,DWORD PTR 4[ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR 4[edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR 4[edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+
+	; Round three
+	mov	eax,DWORD PTR 8[ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR 8[edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR 8[edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+
+	; Round four
+	mov	eax,DWORD PTR 12[ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR 12[edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR 12[edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+
+	add	ebx,16
+	add	edi,16
+
+	dec	ebp
+	jz	$L666
+	jmp	$L546
+$L666:
+	mov	ebp,DWORD PTR 28[esp]	; num
+	and	ebp,3			; num%4
+	jz	$L547
+
+	; Round one
+	mov	eax,DWORD PTR [ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR [edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR [edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+	dec	ebp
+	jz	$L547
+	; Round two
+	mov	eax,DWORD PTR 4[ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR 4[edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR 4[edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+	dec	ebp
+	jz	$L547
+	; Round three
+	mov	eax,DWORD PTR 8[ebx]	; edx:eax = *a * w
+	mul	ecx
+	add	eax,DWORD PTR 8[edi]	; *r+=ax
+	adc	edx,0
+	add	eax,esi			; edx:eax += c
+	adc	edx,0
+	mov	DWORD PTR 8[edi],eax	; *r+=ax
+	mov	esi,edx			; c = overflow
+
+$L547:
+	mov	eax,esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_mul_add_word ENDP
+_TEXT	ENDS
+PUBLIC	_bn_mul_word
+_TEXT	SEGMENT
+_bn_mul_word PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+
+	mov	edi,DWORD PTR 20[esp]	; r
+	mov	ebx,DWORD PTR 24[esp]	; a
+	mov	ebp,DWORD PTR 28[esp]	; num
+	mov	ecx,DWORD PTR 32[esp]	; w
+	xor	esi,esi			; c=0
+
+	shr	ebp,2			; num/4
+	jz	$L266
+
+$L593:
+	; Round one
+	mov	eax,DWORD PTR [ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR [edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+	; Round two
+	mov	eax,DWORD PTR 4[ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR 4[edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+	; Round three
+	mov	eax,DWORD PTR 8[ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR 8[edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+	; Round four
+	mov	eax,DWORD PTR 12[ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR 12[edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+
+	add	ebx,16
+	add	edi,16
+
+	dec	ebp
+	jz	$L266
+	jmp	$L593
+$L266:
+	mov	ebp,DWORD PTR 28[esp]	; num
+	and	ebp,3	
+	jz	$L601
+
+	; Round one
+	mov	eax,DWORD PTR [ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR [edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+	dec	ebp
+	jz	$L601
+	; Round two
+	mov	eax,DWORD PTR 4[ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR 4[edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+	dec	ebp
+	jz	$L601
+	; Round three
+	mov	eax,DWORD PTR 8[ebx]	; edx:eax= w * *a 
+	mul	ecx
+	add	eax,esi			; edx:eax+=c
+	adc	edx,0
+	mov	DWORD PTR 8[edi],eax	; *r=eax
+	mov	esi,edx			; c=edx
+
+$L601:
+	mov	eax,esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_bn_mul_word ENDP
+_TEXT	ENDS
+PUBLIC	_bn_sqr_words
+_TEXT	SEGMENT
+_bn_sqr_words PROC NEAR
+	push	ebx
+	push	esi
+	push	edi
+	mov	esi,DWORD PTR 16[esp]	; r
+	mov	edi,DWORD PTR 20[esp]	; a
+	mov	ebx,DWORD PTR 24[esp]	; num
+	
+	shr	ebx,2			; num/4
+	jz	$L111
+$L640:
+	; Round 1
+	mov	eax, DWORD PTR [edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR [esi],eax
+	mov	DWORD PTR 4[esi],edx
+	; Round 2
+	mov	eax, DWORD PTR 4[edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR 8[esi],eax
+	mov	DWORD PTR 12[esi],edx
+	; Round 3
+	mov	eax, DWORD PTR 8[edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR 16[esi],eax
+	mov	DWORD PTR 20[esi],edx
+	; Round 4
+	mov	eax, DWORD PTR 12[edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR 24[esi],eax
+	mov	DWORD PTR 28[esi],edx
+
+	add	edi,16
+	add	esi,32
+
+	dec	ebx
+	jz	$L111
+	jmp	$L640
+$L111:
+	mov	ebx,DWORD PTR 24[esp]	; num
+	and	ebx,3			; num%3
+	jz	$L645
+
+	; Round 1
+	mov	eax, DWORD PTR [edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR [esi],eax
+	mov	DWORD PTR 4[esi],edx
+	dec	ebx
+	jz	$L645
+	; Round 2
+	mov	eax, DWORD PTR 4[edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR 8[esi],eax
+	mov	DWORD PTR 12[esi],edx
+	dec	ebx
+	jz	$L645
+	; Round 3
+	mov	eax, DWORD PTR 8[edi]
+	mul	eax			; *a * *a
+	mov	DWORD PTR 16[esi],eax
+	mov	DWORD PTR 20[esi],edx
+
+$L645:
+	pop	edi
+	pop	esi
+	pop	ebx
+	ret
+_bn_sqr_words ENDP
+_TEXT	ENDS
+PUBLIC	_bn_div64
+_TEXT	SEGMENT
+_bn_div64 PROC NEAR
+	mov	edx, DWORD PTR 4[esp]
+	mov	eax, DWORD PTR 8[esp]
+	div	DWORD PTR 12[esp]
+	ret
+_bn_div64 ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/bn/asm/x86nt32.uu b/crypto/bn/asm/x86nt32.uu
new file mode 100644
index 0000000000..99207987c1
--- /dev/null
+++ b/crypto/bn/asm/x86nt32.uu
@@ -0,0 +1,22 @@
+begin 640 x86nt32.obj
+M3`$"`/H&DC-6`@``"P`````````N=&5X=```````````````\@$``&0`````
+M```````````````@`#!@+F1A=&$```#R`0````````````!6`@``````````
+M````````0``PP%535E>+?"04BUPD&(M,)"`S]HML)!S![0)T7(L#]^$#!X/2
+M``/&@](`B0>+\HM#!/?A`T<$@](``\:#T@")1P2+\HM#"/?A`T<(@](``\:#
+MT@")1PB+\HM##/?A`T<,@](``\:#T@")1PR+\H/#$(/'$$UT`NNDBVPD'(/E
+M`W1"BP/WX0,'@](``\:#T@")!XOR370MBT,$]^$#1P2#T@`#QH/2`(E'!(OR
+M3705BT,(]^$#1PB#T@`#QH/2`(E'"(ORB\9?7EM=PU535E>+?"04BUPD&(ML
+M)!R+3"0@,_;![0)T18L#]^$#QH/2`(D'B_*+0P3WX0/&@](`B4<$B_*+0PCW
+MX0/&@](`B4<(B_*+0PSWX0/&@](`B4<,B_*#PQ"#QQ!-=`+KNXML)!R#Y0-T
+M,8L#]^$#QH/2`(D'B_)-="&+0P3WX0/&@](`B4<$B_)-=`^+0PCWX0/&@](`
+MB4<(B_*+QE]>6UW#4U97BW0D$(M\)!2+7"08P>L"=#6+!_?@B0:)5@2+1P3W
+MX(E&"(E6#(M'"/?@B480B584BT<,]^")1AB)5AR#QQ"#QB!+=`+KRXM<)!B#
+MXP-T)8L']^")!HE6!$MT&8M'!/?@B48(B58,2W0+BT<(]^")1A")5A1?7EO#
+MBU0D!(M$)`CW="0,PRYF:6QE`````````/[_``!G`BY<8W)Y<'1O7&)N7&%S
+M;5QX.#9N=#,R+F%S;0```````````"YT97AT``````````$````#`?(!````
+M`````````````````"YD871A``````````(````#`0``````````````````
+M```````````$``````````$`(``"```````5````R0````$`(``"```````B
+M````:@$```$`(``"```````P````Y0$```$`(``"`#H```!?8FY?;75L7V%D
+L9%]W;W)D`%]B;E]M=6Q?=V]R9`!?8FY?<W%R7W=O<F1S`%]B;E]D:78V-```
+`
+end
diff --git a/crypto/bn/asm/x86w16.asm b/crypto/bn/asm/x86w16.asm
new file mode 100644
index 0000000000..66874913e9
--- /dev/null
+++ b/crypto/bn/asm/x86w16.asm
@@ -0,0 +1,297 @@
+;	Static Name Aliases
+;
+	TITLE   bn_mulw.c
+	.8087
+F_TEXT	SEGMENT  WORD PUBLIC 'CODE'
+F_TEXT	ENDS
+_DATA	SEGMENT  WORD PUBLIC 'DATA'
+_DATA	ENDS
+CONST	SEGMENT  WORD PUBLIC 'CONST'
+CONST	ENDS
+_BSS	SEGMENT  WORD PUBLIC 'BSS'
+_BSS	ENDS
+DGROUP	GROUP	CONST, _BSS, _DATA
+	ASSUME DS: DGROUP, SS: DGROUP
+F_TEXT      SEGMENT
+	ASSUME	CS: F_TEXT
+	PUBLIC	_bn_mul_add_word
+_bn_mul_add_word	PROC FAR
+; Line 58
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+;	w = 26
+;	num = 24
+;	ap = 20
+;	rp = 16
+	xor	si,si			;c=0;
+	mov	di,WORD PTR [bp+16]	; load r
+	mov	ds,WORD PTR [bp+18]	; load r
+	mov	bx,WORD PTR [bp+20]	; load a
+	mov	es,WORD PTR [bp+22]	; load a
+	mov	cx,WORD PTR [bp+26]	; load w
+	mov	bp,WORD PTR [bp+24]	; load num
+
+	shr	bp,1	; div count by 4 and do groups of 4
+	shr	bp,1
+	je	$L555
+
+$L546:
+	mov	ax,cx
+	mul	WORD PTR es:[bx]	; w* *a
+	add	ax,WORD PTR ds:[di]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di],ax
+	mov	si,dx
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+2]	; w* *a
+	add	ax,WORD PTR ds:[di+2]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+2],ax
+	mov	si,dx
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+4]	; w* *a
+	add	ax,WORD PTR ds:[di+4]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+4],ax
+	mov	si,dx
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+6]	; w* *a
+	add	ax,WORD PTR ds:[di+6]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+6],ax
+	mov	si,dx
+	;
+	add	bx,8
+	add	di,8
+	;
+	dec	bp
+	je	$L555
+	jmp	$L546
+;
+;
+$L555:
+	mov	bp,sp
+	mov	bp,WORD PTR [bp+24]	; load num
+	and	bp,3
+	dec	bp
+	js	$L547
+
+	mov	ax,cx
+	mul	WORD PTR es:[bx]	; w* *a
+	add	ax,WORD PTR ds:[di]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di],ax
+	mov	si,dx
+	dec	bp
+	js	$L547			; Note that we are now testing for -1
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+2]	; w* *a
+	add	ax,WORD PTR ds:[di+2]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+2],ax
+	mov	si,dx
+	dec	bp
+	js	$L547
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+4]	; w* *a
+	add	ax,WORD PTR ds:[di+4]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+4],ax
+	mov	si,dx
+$L547:
+	mov	ax,si
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+
+_bn_mul_add_word	ENDP
+	PUBLIC	_bn_mul_word
+_bn_mul_word	PROC FAR
+; Line 76
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	xor	si,si
+	mov	bp,sp
+	mov	di,WORD PTR [bp+16]	; r
+	mov	ds,WORD PTR [bp+18]
+	mov	bx,WORD PTR [bp+20]	; a
+	mov	es,WORD PTR [bp+22]
+	mov	cx,WORD PTR [bp+26]	; w
+	mov	bp,WORD PTR [bp+24]	; num 
+$FC743:
+	mov	ax,cx
+	mul	WORD PTR es:[bx]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+2]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+2],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+4]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+4],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+6]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+6],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	add	bx,8
+	add	di,8
+	jmp	$FC743
+	nop
+$L764:
+	mov	ax,si
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_mul_word	ENDP
+	PUBLIC	_bn_sqr_words
+_bn_sqr_words	PROC FAR
+; Line 92
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+	mov	si,WORD PTR [bp+16]
+	mov	ds,WORD PTR [bp+18]
+	mov	di,WORD PTR [bp+20]
+	mov	es,WORD PTR [bp+22]
+	mov	bx,WORD PTR [bp+24]
+
+	mov	bp,bx	; save a memory lookup later
+	shr	bx,1	; div count by 4 and do groups of 4
+	shr	bx,1
+	je	$L666
+
+$L765:
+	mov	ax,WORD PTR es:[di]
+	mul	ax
+	mov	WORD PTR ds:[si],ax
+	mov	WORD PTR ds:[si+2],dx
+	;
+	mov	ax,WORD PTR es:[di+2]
+	mul	ax
+	mov	WORD PTR ds:[si+4],ax
+	mov	WORD PTR ds:[si+6],dx
+	;
+	mov	ax,WORD PTR es:[di+4]
+	mul	ax
+	mov	WORD PTR ds:[si+8],ax
+	mov	WORD PTR ds:[si+10],dx
+	;
+	mov	ax,WORD PTR es:[di+6]
+	mul	ax
+	mov	WORD PTR ds:[si+12],ax
+	mov	WORD PTR ds:[si+14],dx
+	;
+	add	di,8
+	add	si,16
+	dec	bx
+	je	$L666
+	jmp	$L765
+$L666:
+	and	bp,3
+	dec	bp	; The copied value of bx (num)
+	js	$L645
+	;
+	mov	ax,WORD PTR es:[di]
+	mul	ax
+	mov	WORD PTR ds:[si],ax
+	mov	WORD PTR ds:[si+2],dx
+	dec	bp
+	js	$L645
+	;
+	mov	ax,WORD PTR es:[di+2]
+	mul	ax
+	mov	WORD PTR ds:[si+4],ax
+	mov	WORD PTR ds:[si+6],dx
+	dec	bp
+	js	$L645
+	;
+	mov	ax,WORD PTR es:[di+4]
+	mul	ax
+	mov	WORD PTR ds:[si+8],ax
+	mov	WORD PTR ds:[si+10],dx
+$L645:
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+
+_bn_sqr_words	ENDP
+	PUBLIC	_bn_div64
+_bn_div64	PROC FAR
+	push	bp
+	mov	bp,sp
+	mov	dx, WORD PTR [bp+6]
+	mov	ax, WORD PTR [bp+8]
+	div	WORD PTR [bp+10]
+	pop	bp
+	ret	
+_bn_div64	ENDP
+F_TEXT	ENDS
+END
diff --git a/crypto/bn/asm/x86w16.uu b/crypto/bn/asm/x86w16.uu
new file mode 100644
index 0000000000..89c5e144b7
--- /dev/null
+++ b/crypto/bn/asm/x86w16.uu
@@ -0,0 +1,20 @@
+begin 640 x86w16.obj
+M@!P`&BY<8W)Y<'1O7&)N7&%S;5QX.#9W,38N87-MQY8U```$7T)34P5?1$%4
+M009$1U)/55`&1E]415A4!4-/3E-4`T)34P5#3TY35`1$051!!$-/1$5EF`<`
+M2/`!!0H!&)@'`$@```,)`0R8!P!(```&"`$*F`<`2````@<!#YH(``3_`O\#
+M_P14D$4```$-7V)N7W-Q<E]W;W)D<U4!``E?8FY?9&EV-C3B`0`07V)N7VUU
+M;%]A9&1?=V]R9`````Q?8FY?;75L7W=O<F3<``#`B`0``*(!T:#T`0$``%53
+M5E<>!HOL,_:+?A".7A*+7A2.1A:+3AJ+;AC1[='M=&"+P2;W)P,%@](`$\:#
+MT@")!8ORB\$F]V<"`T4"@](`$\:#T@")10*+\HO!)O=G!`-%!(/2`!/&@](`
+MB44$B_*+P2;W9P8#10:#T@`3QH/2`(E%!HOR@\,(@\<(370"ZZ"+[(MN&(/E
+M`TUX18O!)O<G`P6#T@`3QH/2`(D%B_)->"^+P2;W9P(#10*#T@`3QH/2`(E%
+M`HOR37@6B\$F]V<$`T4$@](`$\:#T@")102+\HO&!Q]?7EM=RY!54U97'@8S
+M]HOLBWX0CEX2BUX4CD86BTX:BVX8B\$F]R<#QH/2`(D%B_)-=$*+P2;W9P(#
+MQH/2`(E%`HOR370OB\$F]V<$`\:#T@")102+\DUT'(O!)O=G!@/&@](`B44&
+MB_)-=`F#PPB#QPCKKI"+Q@<?7UY;7<N055-65QX&B^R+=A".7A*+?A2.1A:+
+M7AB+Z]'KT>MT.2:+!??@B02)5`(FBT4"]^")1`2)5`8FBT4$]^")1`B)5`HF
+MBT4&]^")1`R)5`Z#QPB#QA!+=`+KQX/E`TUX*":+!??@B02)5`)->!LFBT4"
+M]^")1`2)5`9->`PFBT4$]^")1`B)5`H''U]>6UW+58OLBU8&BT8(]W8*7<NZ
+%B@(``'0`
+`
+end
diff --git a/crypto/bn/asm/x86w32.asm b/crypto/bn/asm/x86w32.asm
new file mode 100644
index 0000000000..0e4452dfa9
--- /dev/null
+++ b/crypto/bn/asm/x86w32.asm
@@ -0,0 +1,303 @@
+;	Static Name Aliases
+;
+	TITLE   bn_mulw.c
+	.386
+F_TEXT	SEGMENT  WORD USE16 PUBLIC 'CODE'
+F_TEXT	ENDS
+_DATA	SEGMENT  WORD USE16 PUBLIC 'DATA'
+_DATA	ENDS
+CONST	SEGMENT  WORD USE16 PUBLIC 'CONST'
+CONST	ENDS
+_BSS	SEGMENT  WORD USE16 PUBLIC 'BSS'
+_BSS	ENDS
+DGROUP	GROUP	CONST, _BSS, _DATA
+	ASSUME DS: DGROUP, SS: DGROUP
+F_TEXT      SEGMENT
+	ASSUME	CS: F_TEXT
+	PUBLIC	_bn_mul_add_word
+_bn_mul_add_word	PROC FAR
+; Line 58
+	push	bp
+	push	bx
+	push	esi
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+;	w = 28
+;	num = 26
+;	ap = 22
+;	rp = 18
+	xor	esi,esi			;c=0;
+	mov	di,WORD PTR [bp+18]	; load r
+	mov	ds,WORD PTR [bp+20]	; load r
+	mov	bx,WORD PTR [bp+22]	; load a
+	mov	es,WORD PTR [bp+24]	; load a
+	mov	ecx,DWORD PTR [bp+28]	; load w
+	mov	bp,WORD PTR [bp+26]	; load num
+	shr	bp,1	; div count by 4 and do groups of 4
+	shr	bp,1
+	je	$L555
+
+$L546:
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx]	; w* *a
+	add	eax,DWORD PTR ds:[di]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di],eax
+	mov	esi,edx
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+4]	; w* *a
+	add	eax,DWORD PTR ds:[di+4]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+4],eax
+	mov	esi,edx
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+8]	; w* *a
+	add	eax,DWORD PTR ds:[di+8]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+8],eax
+	mov	esi,edx
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+12]	; w* *a
+	add	eax,DWORD PTR ds:[di+12]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+12],eax
+	mov	esi,edx
+	;
+	add	bx,16
+	add	di,16
+	;
+	dec	bp
+	je	$L555
+	jmp	$L546
+;
+;
+$L555:
+	mov	bp,sp
+	mov	bp,WORD PTR [bp+26]	; load num
+	and	bp,3
+	dec	bp
+	js	$L547
+
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx]	; w* *a
+	add	eax,DWORD PTR ds:[di]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di],eax
+	mov	esi,edx
+	dec	bp
+	js	$L547			; Note that we are now testing for -1
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+4]	; w* *a
+	add	eax,DWORD PTR ds:[di+4]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+4],eax
+	mov	esi,edx
+	dec	bp
+	js	$L547
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+8]	; w* *a
+	add	eax,DWORD PTR ds:[di+8]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+8],eax
+	mov	esi,edx
+$L547:
+	mov	eax,esi
+	mov	edx,esi
+	shr	edx,16
+	pop	es
+	pop	ds
+	pop	di
+	pop	esi
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+
+_bn_mul_add_word	ENDP
+	PUBLIC	_bn_mul_word
+_bn_mul_word	PROC FAR
+; Line 76
+	push	bp
+	push	bx
+	push	esi
+	push	di
+	push	ds
+	push	es
+	xor	esi,esi
+	mov	bp,sp
+	mov	di,WORD PTR [bp+18]	; r
+	mov	ds,WORD PTR [bp+20]
+	mov	bx,WORD PTR [bp+22]	; a
+	mov	es,WORD PTR [bp+24]
+	mov	ecx,DWORD PTR [bp+28]	; w
+	mov	bp,WORD PTR [bp+26]	; num 
+
+$FC743:
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+4]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+4],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+8]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+8],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+12]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+12],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	add	bx,16
+	add	di,16
+	jmp	$FC743
+	nop
+$L764:
+	mov	eax,esi
+	mov	edx,esi
+	shr	edx,16
+	pop	es
+	pop	ds
+	pop	di
+	pop	esi
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_mul_word	ENDP
+	PUBLIC	_bn_sqr_words
+_bn_sqr_words	PROC FAR
+; Line 92
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+	mov	si,WORD PTR [bp+16]
+	mov	ds,WORD PTR [bp+18]
+	mov	di,WORD PTR [bp+20]
+	mov	es,WORD PTR [bp+22]
+	mov	bx,WORD PTR [bp+24]
+
+	mov	bp,bx	; save a memory lookup later
+	shr	bx,1	; div count by 4 and do groups of 4
+	shr	bx,1
+	je	$L666
+
+$L765:
+	mov	eax,DWORD PTR es:[di]
+	mul	eax
+	mov	DWORD PTR ds:[si],eax
+	mov	DWORD PTR ds:[si+4],edx
+	;
+	mov	eax,DWORD PTR es:[di+4]
+	mul	eax
+	mov	DWORD PTR ds:[si+8],eax
+	mov	DWORD PTR ds:[si+12],edx
+	;
+	mov	eax,DWORD PTR es:[di+8]
+	mul	eax
+	mov	DWORD PTR ds:[si+16],eax
+	mov	DWORD PTR ds:[si+20],edx
+	;
+	mov	eax,DWORD PTR es:[di+12]
+	mul	eax
+	mov	DWORD PTR ds:[si+24],eax
+	mov	DWORD PTR ds:[si+28],edx
+	;
+	add	di,16
+	add	si,32
+	dec	bx
+	je	$L666
+	jmp	$L765
+$L666:
+	and	bp,3
+	dec	bp	; The copied value of bx (num)
+	js	$L645
+	;
+	mov	eax,DWORD PTR es:[di]
+	mul	eax
+	mov	DWORD PTR ds:[si],eax
+	mov	DWORD PTR ds:[si+4],edx
+	dec	bp
+	js	$L645
+	;
+	mov	eax,DWORD PTR es:[di+4]
+	mul	eax
+	mov	DWORD PTR ds:[si+8],eax
+	mov	DWORD PTR ds:[si+12],edx
+	dec	bp
+	js	$L645
+	;
+	mov	eax,DWORD PTR es:[di+8]
+	mul	eax
+	mov	DWORD PTR ds:[si+16],eax
+	mov	DWORD PTR ds:[si+20],edx
+$L645:
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+
+_bn_sqr_words	ENDP
+	PUBLIC	_bn_div64
+_bn_div64	PROC FAR
+	push	bp
+	mov	bp,sp
+	mov	edx, DWORD PTR [bp+6]
+	mov	eax, DWORD PTR [bp+10]
+	div	DWORD PTR [bp+14]
+	mov	edx,eax
+	shr	edx,16
+	pop	bp
+	ret	
+_bn_div64	ENDP
+F_TEXT	ENDS
+END
diff --git a/crypto/bn/asm/x86w32.uu b/crypto/bn/asm/x86w32.uu
new file mode 100644
index 0000000000..edcd84e25e
--- /dev/null
+++ b/crypto/bn/asm/x86w32.uu
@@ -0,0 +1,23 @@
+begin 640 x86w32.obj
+M@!P`&BY<8W)Y<'1O7&)N7&%S;5QX.#9W,S(N87-MR98U```$7T)34P5?1$%4
+M009$1U)/55`&1E]415A4!4-/3E-4`T)34P5#3TY35`1$051!!$-/1$5EF`<`
+M2(`"!0H!AY@'`$@```,)`0R8!P!(```&"`$*F`<`2````@<!#YH(``3_`O\#
+M_P14D$4```$-7V)N7W-Q<E]W;W)D<[\!``E?8FY?9&EV-C1H`@`07V)N7VUU
+M;%]A9&1?=V]R9`````Q?8FY?;75L7W=O<F0B`0"(B`0``*(!T:"$`@$``%53
+M9E97'@:+[&8S]HM^$HY>%(M>%HY&&&:+3AR+;AK1[='M#X2``&:+P68F]R=F
+M`P5F@](`9A/&9H/2`&:)!6:+\F:+P68F]V<$9@-%!&:#T@!F$\9F@](`9HE%
+M!&:+\F:+P68F]V<(9@-%"&:#T@!F$\9F@](`9HE%"&:+\F:+P68F]V<,9@-%
+M#&:#T@!F$\9F@](`9HE%#&:+\H/#$(/'$$UT`NN`B^R+;AJ#Y0-->%UFB\%F
+M)O<G9@,%9H/2`&83QF:#T@!FB05FB_)->#]FB\%F)O=G!&8#101F@](`9A/&
+M9H/2`&:)101FB_)->!YFB\%F)O=G"&8#10AF@](`9A/&9H/2`&:)10AFB_)F
+MB\9FB]9FP>H0!Q]?9EY;7<N055-F5E<>!F8S]HOLBWX2CEX4BUX6CD889HM.
+M'(MN&F:+P68F]R=F`\9F@](`9HD%9HOR37149HO!9B;W9P1F`\9F@](`9HE%
+M!&:+\DUT.V:+P68F]V<(9@/&9H/2`&:)10AFB_)-=")FB\%F)O=G#&8#QF:#
+MT@!FB44,9HOR370)@\,0@\<0ZY:09HO&9HO69L'J$`<?7V9>6UW+D%535E<>
+M!HOLBW80CEX2BWX4CD86BUX8B^O1Z]'K=$EF)HL%9O?@9HD$9HE4!&8FBT4$
+M9O?@9HE$"&:)5`QF)HM%"&;WX&:)1!!FB5049B:+10QF]^!FB4089HE4'(/'
+M$(/&($MT`NNW@^4#37@T9B:+!6;WX&:)!&:)5`1->"-F)HM%!&;WX&:)1`AF
+MB50,37@09B:+10AF]^!FB4009HE4%`<?7UY;7<M5B^QFBU8&9HM&"F;W=@YF
+.B]!FP>H07<O`B@(``'0`
+`
+end
diff --git a/crypto/bn/bn.err b/crypto/bn/bn.err
new file mode 100644
index 0000000000..5fe4b6dbf6
--- /dev/null
+++ b/crypto/bn/bn.err
@@ -0,0 +1,20 @@
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+#define BN_F_BN_BL_CTX_INIT				 100
+#define BN_F_BN_BL_CTX_NEW				 101
+#define BN_F_BN_BN2ASCII				 102
+#define BN_F_BN_CTX_NEW					 103
+#define BN_F_BN_DIV					 104
+#define BN_F_BN_EXPAND2					 105
+#define BN_F_BN_MOD_EXP_MONT				 106
+#define BN_F_BN_MOD_INVERSE				 107
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 108
+#define BN_F_BN_NEW					 109
+#define BN_F_BN_RAND					 110
+
+/* Reason codes. */
+#define BN_R_BAD_RECIPROCAL				 100
+#define BN_R_CALLED_WITH_EVEN_MODULUS			 101
+#define BN_R_DIV_BY_ZERO				 102
+#define BN_R_NO_INVERSE					 103
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
new file mode 100644
index 0000000000..9326f4df50
--- /dev/null
+++ b/crypto/bn/bn.h
@@ -0,0 +1,433 @@
+/* crypto/bn/bn.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify bn.org since bn.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_BN_H
+#define HEADER_BN_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#undef BN_LLONG
+
+#ifdef WIN32
+#define BN_LLONG /* This comment stops Configure mutilating things */
+#endif
+
+#define RECP_MUL_MOD
+#define MONT_MUL_MOD
+
+/* This next option uses the C libraries (2 word)/(1 word) function.
+ * If it is not defined, I use my C version (which is slower).
+ * The reason for this flag is that when the particular C compiler
+ * library routine is used, and the library is linked with a different
+ * compiler, the library is missing.  This mostly happens when the
+ * library is built with gcc and then linked using nornal cc.  This would
+ * be a common occurance because gcc normally produces code that is
+ * 2 times faster than system compilers for the big number stuff.
+ * For machines with only one compiler (or shared libraries), this should
+ * be on.  Again this in only really a problem on machines
+ * using "long long's", are 32bit, and are not using my assember code. */
+#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
+#define BN_DIV2W
+#endif
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+
+/* assuming long is 64bit - this is the DEC Alpha
+ * unsigned long long is only 64 bits :-(, don't define
+ * BN_LLONG for the DEC Alpha */
+#ifdef SIXTY_FOUR_BIT_LONG
+#define BN_ULLONG	unsigned long long
+#define BN_ULONG	unsigned long
+#define BN_LONG		long
+#define BN_BITS		128
+#define BN_BYTES	8
+#define BN_BITS2	64
+#define BN_BITS4	32
+#define BN_MASK2	(0xffffffffffffffffL)
+#define BN_MASK2l	(0xffffffffL)
+#define BN_MASK2h	(0xffffffff00000000L)
+#define BN_MASK2h1	(0xffffffff80000000L)
+#define BN_TBIT		(0x8000000000000000L)
+#endif
+
+#ifdef SIXTY_FOUR_BIT
+#undef BN_LLONG
+/* #define BN_ULLONG	unsigned long long */
+#define BN_ULONG	unsigned long long
+#define BN_LONG		long long
+#define BN_BITS		128
+#define BN_BYTES	8
+#define BN_BITS2	64
+#define BN_BITS4	32
+#define BN_MASK2	(0xffffffffffffffffLL)
+#define BN_MASK2l	(0xffffffffL)
+#define BN_MASK2h	(0xffffffff00000000LL)
+#define BN_MASK2h1	(0xffffffff80000000LL)
+#define BN_TBIT		(0x8000000000000000LL)
+#endif
+
+#ifdef THIRTY_TWO_BIT
+#ifdef WIN32
+#define BN_ULLONG	unsigned _int64
+#else
+#define BN_ULLONG	unsigned long long
+#endif
+#define BN_ULONG	unsigned long
+#define BN_LONG		long
+#define BN_BITS		64
+#define BN_BYTES	4
+#define BN_BITS2	32
+#define BN_BITS4	16
+#define BN_MASK2	(0xffffffffL)
+#define BN_MASK2l	(0xffff)
+#define BN_MASK2h1	(0xffff8000L)
+#define BN_MASK2h	(0xffff0000L)
+#define BN_TBIT		(0x80000000L)
+#endif
+
+#ifdef SIXTEEN_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG	unsigned long
+#define BN_ULONG	unsigned short
+#define BN_LONG		short
+#define BN_BITS		32
+#define BN_BYTES	2
+#define BN_BITS2	16
+#define BN_BITS4	8
+#define BN_MASK2	(0xffff)
+#define BN_MASK2l	(0xff)
+#define BN_MASK2h1	(0xff80)
+#define BN_MASK2h	(0xff00)
+#define BN_TBIT		(0x8000)
+#endif
+
+#ifdef EIGHT_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG	unsigned short
+#define BN_ULONG	unsigned char
+#define BN_LONG		char
+#define BN_BITS		16
+#define BN_BYTES	1
+#define BN_BITS2	8
+#define BN_BITS4	4
+#define BN_MASK2	(0xff)
+#define BN_MASK2l	(0xf)
+#define BN_MASK2h1	(0xf8)
+#define BN_MASK2h	(0xf0)
+#define BN_TBIT		(0x80)
+#endif
+
+#define BN_DEFAULT_BITS	1280
+
+#ifdef BIGNUM
+#undef BIGNUM
+#endif
+
+typedef struct bignum_st
+	{
+	BN_ULONG *d;	/* Pointer to an array of 'BN_BITS2' bit chunks. */
+	int top;	/* Index of last used d +1. */
+	/* The next are internal book keeping for bn_expand. */
+	int max;	/* Size of the d array. */
+	int neg;	/* one if the number is negative */
+	} BIGNUM;
+
+/* Used for temp variables */
+#define BN_CTX_NUM	12
+typedef struct bignum_ctx
+	{
+	int tos;
+	BIGNUM *bn[BN_CTX_NUM+1];
+	} BN_CTX;
+
+/* Used for montgomery multiplication */
+typedef struct bn_mont_ctx_st
+        {
+        int ri;         /* number of bits in R */
+        BIGNUM *RR;     /* used to convert to montgomery form */
+        BIGNUM *N;      /* The modulus */
+        BIGNUM *Ni;     /* The inverse of N */
+	BN_ULONG n0;	/* word form of inverse, normally only one of
+			 * Ni or n0 is defined */
+        } BN_MONT_CTX;
+
+#define BN_to_montgomery(r,a,mont,ctx)	BN_mod_mul_montgomery(\
+	r,a,(mont)->RR,(mont),ctx)
+
+#define BN_prime_checks		(5)
+
+#define BN_num_bytes(a)	((BN_num_bits(a)+7)/8)
+#define BN_is_word(a,w)	(((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
+#define BN_is_zero(a)	(((a)->top <= 1) && ((a)->d[0] == (BN_ULONG)0))
+#define BN_is_one(a)	(BN_is_word((a),1))
+#define BN_is_odd(a)	((a)->d[0] & 1)
+#define BN_one(a)	(BN_set_word((a),1))
+#define BN_zero(a)	(BN_set_word((a),0))
+
+#define bn_fix_top(a) \
+	{ \
+	BN_ULONG *fix_top_l; \
+	for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+		if (*(fix_top_l--)) break; \
+	}
+
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+
+
+#ifndef NOPROTO
+BIGNUM *BN_value_one(void);
+char *	BN_options(void);
+BN_CTX *BN_CTX_new(void);
+void	BN_CTX_free(BN_CTX *c);
+int     BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
+int	BN_num_bits(BIGNUM *a);
+int	BN_num_bits_word(BN_ULONG);
+BIGNUM *BN_new(void);
+void	BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret);
+int	BN_bn2bin(BIGNUM *a, unsigned char *to);
+int	BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void	bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void	bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int	BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int	BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int	BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int	BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int	BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
+BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
+BN_ULONG BN_div_word(BIGNUM *a, unsigned long w);
+int	BN_add_word(BIGNUM *a, unsigned long w);
+int	BN_set_word(BIGNUM *a, unsigned long w);
+unsigned long BN_get_word(BIGNUM *a);
+int	BN_cmp(BIGNUM *a, BIGNUM *b);
+void	BN_free(BIGNUM *a);
+int	BN_is_bit_set(BIGNUM *a, int n);
+int	BN_lshift(BIGNUM *r, BIGNUM *a, int n);
+int	BN_lshift1(BIGNUM *r, BIGNUM *a);
+int	BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
+	BIGNUM *m,BN_CTX *ctx);
+int	BN_mask_bits(BIGNUM *a,int n);
+int	BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m, 
+	BIGNUM *i, int nb, BN_CTX *ctx);
+int	BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m,
+	BN_CTX *ctx);
+#ifndef WIN16
+int	BN_print_fp(FILE *fp, BIGNUM *a);
+#endif
+#ifdef HEADER_BIO_H
+int	BN_print(BIO *fp, BIGNUM *a);
+#else
+int	BN_print(char *fp, BIGNUM *a);
+#endif
+int	BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
+int	BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+int	BN_rshift1(BIGNUM *r, BIGNUM *a);
+void	BN_clear(BIGNUM *a);
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+BIGNUM *BN_dup(BIGNUM *a);
+int	BN_ucmp(BIGNUM *a, BIGNUM *b);
+int	BN_set_bit(BIGNUM *a, int n);
+int	BN_clear_bit(BIGNUM *a, int n);
+char *	BN_bn2ascii(BIGNUM *a);
+int 	BN_ascii2bn(BIGNUM **a,char *str);
+int	BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
+BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
+BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
+		BIGNUM *rem,void (*callback)(int,int));
+int	BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
+		BN_CTX *ctx);
+void	ERR_load_BN_strings(void );
+
+BN_ULONG bn_mul_add_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void );
+int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
+	BN_CTX *ctx);
+int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx);
+
+#else
+
+BIGNUM *BN_value_one();
+char *	BN_options();
+BN_CTX *BN_CTX_new();
+void	BN_CTX_free();
+int     BN_rand();
+int	BN_num_bits();
+int	BN_num_bits_word();
+BIGNUM *BN_new();
+void	BN_clear_free();
+BIGNUM *BN_copy();
+BIGNUM *BN_bin2bn();
+int	BN_bn2bin();
+int	BN_sub();
+void	bn_qsub();
+void	bn_qadd();
+int	BN_add();
+int	BN_mod();
+int	BN_div();
+int	BN_mul();
+int	BN_sqr();
+BN_ULONG BN_mod_word();
+BN_ULONG BN_div_word();
+int	BN_add_word();
+int	BN_set_word();
+unsigned long BN_get_word();
+int	BN_cmp();
+void	BN_free();
+int	BN_is_bit_set();
+int	BN_lshift();
+int	BN_lshift1();
+int	BN_mod_exp();
+int	BN_mod_exp_mont();
+int	BN_mod_exp_recp();
+int	BN_mod_exp_simple();
+int	BN_mask_bits();
+int	BN_mod_mul_reciprocal();
+int	BN_mod_mul();
+#ifndef WIN16
+int	BN_print_fp();
+#endif
+int	BN_print();
+int	BN_reciprocal();
+int	BN_rshift();
+int	BN_rshift1();
+void	BN_clear();
+BIGNUM *bn_expand2();
+BIGNUM *BN_dup();
+int	BN_ucmp();
+int	BN_set_bit();
+int	BN_clear_bit();
+char *	BN_bn2ascii();
+int 	BN_ascii2bn();
+int	BN_gcd();
+BIGNUM *BN_mod_inverse();
+BIGNUM *BN_generate_prime();
+int	BN_is_prime();
+void	ERR_load_BN_strings();
+
+BN_ULONG bn_mul_add_word();
+BN_ULONG bn_mul_word();
+void     bn_sqr_words();
+BN_ULONG bn_div64();
+
+int BN_mod_mul_montgomery();
+int BN_from_montgomery();
+BN_MONT_CTX *BN_MONT_CTX_new();
+void BN_MONT_CTX_free();
+int BN_MONT_CTX_set();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+#define BN_F_BN_BL_CTX_INIT				 100
+#define BN_F_BN_BL_CTX_NEW				 101
+#define BN_F_BN_BN2ASCII				 102
+#define BN_F_BN_CTX_NEW					 103
+#define BN_F_BN_DIV					 104
+#define BN_F_BN_EXPAND2					 105
+#define BN_F_BN_MOD_EXP_MONT				 106
+#define BN_F_BN_MOD_INVERSE				 107
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 108
+#define BN_F_BN_NEW					 109
+#define BN_F_BN_RAND					 110
+
+/* Reason codes. */
+#define BN_R_BAD_RECIPROCAL				 100
+#define BN_R_CALLED_WITH_EVEN_MODULUS			 101
+#define BN_R_DIV_BY_ZERO				 102
+#define BN_R_NO_INVERSE					 103
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/bn/bn.org b/crypto/bn/bn.org
new file mode 100644
index 0000000000..9326f4df50
--- /dev/null
+++ b/crypto/bn/bn.org
@@ -0,0 +1,433 @@
+/* crypto/bn/bn.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify bn.org since bn.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_BN_H
+#define HEADER_BN_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#undef BN_LLONG
+
+#ifdef WIN32
+#define BN_LLONG /* This comment stops Configure mutilating things */
+#endif
+
+#define RECP_MUL_MOD
+#define MONT_MUL_MOD
+
+/* This next option uses the C libraries (2 word)/(1 word) function.
+ * If it is not defined, I use my C version (which is slower).
+ * The reason for this flag is that when the particular C compiler
+ * library routine is used, and the library is linked with a different
+ * compiler, the library is missing.  This mostly happens when the
+ * library is built with gcc and then linked using nornal cc.  This would
+ * be a common occurance because gcc normally produces code that is
+ * 2 times faster than system compilers for the big number stuff.
+ * For machines with only one compiler (or shared libraries), this should
+ * be on.  Again this in only really a problem on machines
+ * using "long long's", are 32bit, and are not using my assember code. */
+#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
+#define BN_DIV2W
+#endif
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+
+/* assuming long is 64bit - this is the DEC Alpha
+ * unsigned long long is only 64 bits :-(, don't define
+ * BN_LLONG for the DEC Alpha */
+#ifdef SIXTY_FOUR_BIT_LONG
+#define BN_ULLONG	unsigned long long
+#define BN_ULONG	unsigned long
+#define BN_LONG		long
+#define BN_BITS		128
+#define BN_BYTES	8
+#define BN_BITS2	64
+#define BN_BITS4	32
+#define BN_MASK2	(0xffffffffffffffffL)
+#define BN_MASK2l	(0xffffffffL)
+#define BN_MASK2h	(0xffffffff00000000L)
+#define BN_MASK2h1	(0xffffffff80000000L)
+#define BN_TBIT		(0x8000000000000000L)
+#endif
+
+#ifdef SIXTY_FOUR_BIT
+#undef BN_LLONG
+/* #define BN_ULLONG	unsigned long long */
+#define BN_ULONG	unsigned long long
+#define BN_LONG		long long
+#define BN_BITS		128
+#define BN_BYTES	8
+#define BN_BITS2	64
+#define BN_BITS4	32
+#define BN_MASK2	(0xffffffffffffffffLL)
+#define BN_MASK2l	(0xffffffffL)
+#define BN_MASK2h	(0xffffffff00000000LL)
+#define BN_MASK2h1	(0xffffffff80000000LL)
+#define BN_TBIT		(0x8000000000000000LL)
+#endif
+
+#ifdef THIRTY_TWO_BIT
+#ifdef WIN32
+#define BN_ULLONG	unsigned _int64
+#else
+#define BN_ULLONG	unsigned long long
+#endif
+#define BN_ULONG	unsigned long
+#define BN_LONG		long
+#define BN_BITS		64
+#define BN_BYTES	4
+#define BN_BITS2	32
+#define BN_BITS4	16
+#define BN_MASK2	(0xffffffffL)
+#define BN_MASK2l	(0xffff)
+#define BN_MASK2h1	(0xffff8000L)
+#define BN_MASK2h	(0xffff0000L)
+#define BN_TBIT		(0x80000000L)
+#endif
+
+#ifdef SIXTEEN_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG	unsigned long
+#define BN_ULONG	unsigned short
+#define BN_LONG		short
+#define BN_BITS		32
+#define BN_BYTES	2
+#define BN_BITS2	16
+#define BN_BITS4	8
+#define BN_MASK2	(0xffff)
+#define BN_MASK2l	(0xff)
+#define BN_MASK2h1	(0xff80)
+#define BN_MASK2h	(0xff00)
+#define BN_TBIT		(0x8000)
+#endif
+
+#ifdef EIGHT_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG	unsigned short
+#define BN_ULONG	unsigned char
+#define BN_LONG		char
+#define BN_BITS		16
+#define BN_BYTES	1
+#define BN_BITS2	8
+#define BN_BITS4	4
+#define BN_MASK2	(0xff)
+#define BN_MASK2l	(0xf)
+#define BN_MASK2h1	(0xf8)
+#define BN_MASK2h	(0xf0)
+#define BN_TBIT		(0x80)
+#endif
+
+#define BN_DEFAULT_BITS	1280
+
+#ifdef BIGNUM
+#undef BIGNUM
+#endif
+
+typedef struct bignum_st
+	{
+	BN_ULONG *d;	/* Pointer to an array of 'BN_BITS2' bit chunks. */
+	int top;	/* Index of last used d +1. */
+	/* The next are internal book keeping for bn_expand. */
+	int max;	/* Size of the d array. */
+	int neg;	/* one if the number is negative */
+	} BIGNUM;
+
+/* Used for temp variables */
+#define BN_CTX_NUM	12
+typedef struct bignum_ctx
+	{
+	int tos;
+	BIGNUM *bn[BN_CTX_NUM+1];
+	} BN_CTX;
+
+/* Used for montgomery multiplication */
+typedef struct bn_mont_ctx_st
+        {
+        int ri;         /* number of bits in R */
+        BIGNUM *RR;     /* used to convert to montgomery form */
+        BIGNUM *N;      /* The modulus */
+        BIGNUM *Ni;     /* The inverse of N */
+	BN_ULONG n0;	/* word form of inverse, normally only one of
+			 * Ni or n0 is defined */
+        } BN_MONT_CTX;
+
+#define BN_to_montgomery(r,a,mont,ctx)	BN_mod_mul_montgomery(\
+	r,a,(mont)->RR,(mont),ctx)
+
+#define BN_prime_checks		(5)
+
+#define BN_num_bytes(a)	((BN_num_bits(a)+7)/8)
+#define BN_is_word(a,w)	(((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
+#define BN_is_zero(a)	(((a)->top <= 1) && ((a)->d[0] == (BN_ULONG)0))
+#define BN_is_one(a)	(BN_is_word((a),1))
+#define BN_is_odd(a)	((a)->d[0] & 1)
+#define BN_one(a)	(BN_set_word((a),1))
+#define BN_zero(a)	(BN_set_word((a),0))
+
+#define bn_fix_top(a) \
+	{ \
+	BN_ULONG *fix_top_l; \
+	for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+		if (*(fix_top_l--)) break; \
+	}
+
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+
+
+#ifndef NOPROTO
+BIGNUM *BN_value_one(void);
+char *	BN_options(void);
+BN_CTX *BN_CTX_new(void);
+void	BN_CTX_free(BN_CTX *c);
+int     BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
+int	BN_num_bits(BIGNUM *a);
+int	BN_num_bits_word(BN_ULONG);
+BIGNUM *BN_new(void);
+void	BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret);
+int	BN_bn2bin(BIGNUM *a, unsigned char *to);
+int	BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void	bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void	bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int	BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int	BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int	BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int	BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int	BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
+BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
+BN_ULONG BN_div_word(BIGNUM *a, unsigned long w);
+int	BN_add_word(BIGNUM *a, unsigned long w);
+int	BN_set_word(BIGNUM *a, unsigned long w);
+unsigned long BN_get_word(BIGNUM *a);
+int	BN_cmp(BIGNUM *a, BIGNUM *b);
+void	BN_free(BIGNUM *a);
+int	BN_is_bit_set(BIGNUM *a, int n);
+int	BN_lshift(BIGNUM *r, BIGNUM *a, int n);
+int	BN_lshift1(BIGNUM *r, BIGNUM *a);
+int	BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int	BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
+	BIGNUM *m,BN_CTX *ctx);
+int	BN_mask_bits(BIGNUM *a,int n);
+int	BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m, 
+	BIGNUM *i, int nb, BN_CTX *ctx);
+int	BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m,
+	BN_CTX *ctx);
+#ifndef WIN16
+int	BN_print_fp(FILE *fp, BIGNUM *a);
+#endif
+#ifdef HEADER_BIO_H
+int	BN_print(BIO *fp, BIGNUM *a);
+#else
+int	BN_print(char *fp, BIGNUM *a);
+#endif
+int	BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
+int	BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+int	BN_rshift1(BIGNUM *r, BIGNUM *a);
+void	BN_clear(BIGNUM *a);
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+BIGNUM *BN_dup(BIGNUM *a);
+int	BN_ucmp(BIGNUM *a, BIGNUM *b);
+int	BN_set_bit(BIGNUM *a, int n);
+int	BN_clear_bit(BIGNUM *a, int n);
+char *	BN_bn2ascii(BIGNUM *a);
+int 	BN_ascii2bn(BIGNUM **a,char *str);
+int	BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
+BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
+BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
+		BIGNUM *rem,void (*callback)(int,int));
+int	BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
+		BN_CTX *ctx);
+void	ERR_load_BN_strings(void );
+
+BN_ULONG bn_mul_add_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void );
+int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
+	BN_CTX *ctx);
+int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx);
+
+#else
+
+BIGNUM *BN_value_one();
+char *	BN_options();
+BN_CTX *BN_CTX_new();
+void	BN_CTX_free();
+int     BN_rand();
+int	BN_num_bits();
+int	BN_num_bits_word();
+BIGNUM *BN_new();
+void	BN_clear_free();
+BIGNUM *BN_copy();
+BIGNUM *BN_bin2bn();
+int	BN_bn2bin();
+int	BN_sub();
+void	bn_qsub();
+void	bn_qadd();
+int	BN_add();
+int	BN_mod();
+int	BN_div();
+int	BN_mul();
+int	BN_sqr();
+BN_ULONG BN_mod_word();
+BN_ULONG BN_div_word();
+int	BN_add_word();
+int	BN_set_word();
+unsigned long BN_get_word();
+int	BN_cmp();
+void	BN_free();
+int	BN_is_bit_set();
+int	BN_lshift();
+int	BN_lshift1();
+int	BN_mod_exp();
+int	BN_mod_exp_mont();
+int	BN_mod_exp_recp();
+int	BN_mod_exp_simple();
+int	BN_mask_bits();
+int	BN_mod_mul_reciprocal();
+int	BN_mod_mul();
+#ifndef WIN16
+int	BN_print_fp();
+#endif
+int	BN_print();
+int	BN_reciprocal();
+int	BN_rshift();
+int	BN_rshift1();
+void	BN_clear();
+BIGNUM *bn_expand2();
+BIGNUM *BN_dup();
+int	BN_ucmp();
+int	BN_set_bit();
+int	BN_clear_bit();
+char *	BN_bn2ascii();
+int 	BN_ascii2bn();
+int	BN_gcd();
+BIGNUM *BN_mod_inverse();
+BIGNUM *BN_generate_prime();
+int	BN_is_prime();
+void	ERR_load_BN_strings();
+
+BN_ULONG bn_mul_add_word();
+BN_ULONG bn_mul_word();
+void     bn_sqr_words();
+BN_ULONG bn_div64();
+
+int BN_mod_mul_montgomery();
+int BN_from_montgomery();
+BN_MONT_CTX *BN_MONT_CTX_new();
+void BN_MONT_CTX_free();
+int BN_MONT_CTX_set();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+#define BN_F_BN_BL_CTX_INIT				 100
+#define BN_F_BN_BL_CTX_NEW				 101
+#define BN_F_BN_BN2ASCII				 102
+#define BN_F_BN_CTX_NEW					 103
+#define BN_F_BN_DIV					 104
+#define BN_F_BN_EXPAND2					 105
+#define BN_F_BN_MOD_EXP_MONT				 106
+#define BN_F_BN_MOD_INVERSE				 107
+#define BN_F_BN_MOD_MUL_RECIPROCAL			 108
+#define BN_F_BN_NEW					 109
+#define BN_F_BN_RAND					 110
+
+/* Reason codes. */
+#define BN_R_BAD_RECIPROCAL				 100
+#define BN_R_CALLED_WITH_EVEN_MODULUS			 101
+#define BN_R_DIV_BY_ZERO				 102
+#define BN_R_NO_INVERSE					 103
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
new file mode 100644
index 0000000000..ecdb7453b5
--- /dev/null
+++ b/crypto/bn/bn_add.c
@@ -0,0 +1,170 @@
+/* crypto/bn/bn_add.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r can == a or b */
+int BN_add(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int i;
+	BIGNUM *tmp;
+
+	/*  a +  b	a+b
+	 *  a + -b	a-b
+	 * -a +  b	b-a
+	 * -a + -b	-(a+b)
+	 */
+	if (a->neg ^ b->neg)
+		{
+		/* only one is negative */
+		if (a->neg)
+			{ tmp=a; a=b; b=tmp; }
+
+		/* we are now a - b */
+		if (bn_expand(r,((a->top > b->top)?a->top:b->top)*BN_BITS2)
+			== NULL) return(0);
+
+		if (BN_ucmp(a,b) < 0)
+			{
+			bn_qsub(r,b,a);
+			r->neg=1;
+			}
+		else
+			{
+			bn_qsub(r,a,b);
+			r->neg=0;
+			}
+		return(1);
+		}
+
+	if (a->neg) /* both are neg */
+		r->neg=1;
+	else
+		r->neg=0;
+
+	i=(a->top > b->top);
+	if (bn_expand(r,(((i)?a->top:b->top)+1)*BN_BITS2) == NULL) return(0);
+
+	if (i)
+		bn_qadd(r,a,b);
+	else
+		bn_qadd(r,b,a);
+	return(1);
+	}
+
+/* unsigned add of b to a, r must be large enough */
+void bn_qadd(r,a,b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+	{
+	register int i;
+	int max,min;
+	BN_ULONG *ap,*bp,*rp,carry,t1,t2;
+
+	max=a->top;
+	min=b->top;
+	r->top=max;
+
+	ap=a->d;
+	bp=b->d;
+	rp=r->d;
+	carry=0;
+	for (i=0; i<min; i++)
+		{
+		t1= *(ap++);
+		t2= *(bp++);
+		if (carry)
+			{
+			carry=(t2 >= ((~t1)&BN_MASK2));
+			t2=(t1+t2+1)&BN_MASK2;
+			}
+		else
+			{
+			t2=(t1+t2)&BN_MASK2;
+			carry=(t2 < t1);
+			}
+		*(rp++)=t2;
+		}
+	if (carry)
+		{
+		while (i < max)
+			{
+			t1= *(ap++);
+			t2=(t1+1)&BN_MASK2;
+			*(rp++)=t2;
+			carry=(t2 < t1);
+			i++;
+			if (!carry) break;
+			}
+		if ((i >= max) && carry)
+			{
+			*(rp++)=1;
+			r->top++;
+			}
+		}
+	for (; i<max; i++)
+		*(rp++)= *(ap++);
+	/* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
+	}
+
diff --git a/crypto/bn/bn_bld.c b/crypto/bn/bn_bld.c
new file mode 100644
index 0000000000..966db43962
--- /dev/null
+++ b/crypto/bn/bn_bld.c
@@ -0,0 +1,144 @@
+/* crypto/bn/bn_bld.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_BL_CTX *BN_BL_CTX_new()
+	{
+	BN_BL_CTX *ret;
+
+	if ((ret=(BN_BL_CTX *)Malloc(sizeof(BN_BL_CTX))) == NULL)
+		{
+		BNerr(BN_F_BN_BL_CTX_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	if ((ret->num=BN_new()) == NULL) goto err;
+	if ((ret->mod=BN_new()) == NULL) goto err;
+	ret->inum=NULL;
+	ret->count=16;
+	ret->count=1;
+	return(ret);
+	}
+
+int BN_BL_CTX_Init(a,mod)
+BN_BL_CTX *a;
+BIGNUM *mod;
+	{
+	int i;
+	BN_CTX *ctx;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto m_err;
+
+	if (BN_copy(a->mod,mod) == NULL) goto err;
+	i=BN_num_bits(mod);
+	if (!BN_rand(a->num,i,1,0)) goto err;
+	
+	if (a->inum != NULL) BN_clear_free(a->inum);
+	a->inum=BN_mod_inverse(a->num,a->mod,ctx)
+	ret->count=16;
+	return(1);
+m_err:
+	BNerr(BN_F_BN_BL_CTX_INIT,ERR_R_MALLOC_FAILURE);
+err:
+	return(0);
+	}
+
+BN_BL_CTX *BN_BL_CTX_Update(a)
+BN_BL_CTX *a;
+	{
+	BN_CTX *ctx;
+	BN_BL_CTX *new;
+
+	if (--a->count > 0)
+		return(1);
+
+	new=BN_BL_CTX_new();
+	/* set/get lock */
+	if ((ctx=BN_CTX_new()) == NULL)
+		return(NULL);
+	new->inum=BN_new();
+
+	BN_mod_mul(new->num,a->num,a->num,a->mod,ctx);
+	BN_mod_mul(new->inum,a->inum,a->inum,a->mod,ctx);
+	BN_copy(new->mod,a->mod);
+	BN_BL_CTX_free(a);
+	return(new);
+	}
+
+void BN_BL_CTX_free(a)
+BN_BL_CTX *a;
+	{
+	int i;
+
+	if (a == NULL) return;
+
+	i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_RSA);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"BN_BL_CTX_free, bad reference count\n");
+		abort();
+		}
+#endif
+	if (a->num == NULL) BN_clear_free(a->num);
+	if (a->inum == NULL) BN_clear_free(a->inum);
+	if (a->mod == NULL) BN_clear_free(a->mod);
+	}
diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
new file mode 100644
index 0000000000..0ce4d4182f
--- /dev/null
+++ b/crypto/bn/bn_div.c
@@ -0,0 +1,286 @@
+/* crypto/bn/bn_div.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* The old slow way */
+#if 0
+int BN_div(dv, rem, m, d,ctx)
+BIGNUM *dv;
+BIGNUM *rem;
+BIGNUM *m;
+BIGNUM *d;
+BN_CTX *ctx;
+	{
+	int i,nm,nd;
+	BIGNUM *D;
+
+	if (BN_is_zero(d))
+		{
+		BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+		return(0);
+		}
+
+	if (BN_ucmp(m,d) < 0)
+		{
+		if (rem != NULL)
+			{ if (BN_copy(rem,m) == NULL) return(0); }
+		if (dv != NULL) BN_zero(dv);
+		return(1);
+		}
+
+	D=ctx->bn[ctx->tos];
+	if (dv == NULL) dv=ctx->bn[ctx->tos+1];
+	if (rem == NULL) rem=ctx->bn[ctx->tos+2];
+
+	nd=BN_num_bits(d);
+	nm=BN_num_bits(m);
+	if (BN_copy(D,d) == NULL) return(0);
+	if (BN_copy(rem,m) == NULL) return(0);
+
+	/* The next 2 are needed so we can do a dv->d[0]|=1 later
+	 * since BN_lshift1 will only work once there is a value :-) */
+	BN_zero(dv);
+	dv->top=1;
+
+	if (!BN_lshift(D,D,nm-nd)) return(0);
+	for (i=nm-nd; i>=0; i--)
+		{
+		if (!BN_lshift1(dv,dv)) return(0);
+		if (BN_ucmp(rem,D) >= 0)
+			{
+			dv->d[0]|=1;
+			bn_qsub(rem,rem,D);
+			}
+/* CAN IMPROVE (and have now :=) */
+		if (!BN_rshift1(D,D)) return(0);
+		}
+	rem->neg=BN_is_zero(rem)?0:m->neg;
+	dv->neg=m->neg^d->neg;
+	return(1);
+	}
+
+#else
+
+int BN_div(dv, rm, num, divisor,ctx)
+BIGNUM *dv;
+BIGNUM *rm;
+BIGNUM *num;
+BIGNUM *divisor;
+BN_CTX *ctx;
+	{
+	int norm_shift,i,j,loop;
+	BIGNUM *tmp,wnum,*snum,*sdiv,*res;
+	BN_ULONG *resp,*wnump;
+	BN_ULONG d0,d1;
+	int num_n,div_n;
+
+	if (BN_is_zero(num))
+		{
+		BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+		return(0);
+		}
+
+	if (BN_ucmp(num,divisor) < 0)
+		{
+		if (rm != NULL)
+			{ if (BN_copy(rm,num) == NULL) return(0); }
+		if (dv != NULL) BN_zero(dv);
+		return(1);
+		}
+
+	tmp=ctx->bn[ctx->tos]; 
+	tmp->neg=0;
+	snum=ctx->bn[ctx->tos+1];
+	sdiv=ctx->bn[ctx->tos+2];
+	if (dv == NULL)
+		res=ctx->bn[ctx->tos+3];
+	else	res=dv;
+
+	/* First we normalise the numbers */
+	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
+	BN_lshift(sdiv,divisor,norm_shift);
+	sdiv->neg=0;
+	norm_shift+=BN_BITS2;
+	BN_lshift(snum,num,norm_shift);
+	snum->neg=0;
+	div_n=sdiv->top;
+	num_n=snum->top;
+	loop=num_n-div_n;
+
+	/* Lets setup a 'window' into snum
+	 * This is the part that corresponds to the current
+	 * 'area' being divided */
+	wnum.d=	 &(snum->d[loop]);
+	wnum.top= div_n;
+	wnum.max= snum->max; /* a bit of a lie */
+	wnum.neg= 0;
+
+	/* Get the top 2 words of sdiv */
+	/* i=sdiv->top; */
+	d0=sdiv->d[div_n-1];
+	d1=(div_n == 1)?0:sdiv->d[div_n-2];
+
+	/* pointer to the 'top' of snum */
+	wnump= &(snum->d[num_n-1]);
+
+	/* Setup to 'res' */
+	res->neg= (num->neg^divisor->neg);
+	res->top=loop;
+	if (!bn_expand(res,(loop+1)*BN_BITS2)) goto err;
+	resp= &(res->d[loop-1]);
+
+	/* space for temp */
+	if (!bn_expand(tmp,(div_n+1)*BN_BITS2)) goto err;
+
+	if (BN_ucmp(&wnum,sdiv) >= 0)
+		{
+		bn_qsub(&wnum,&wnum,sdiv);
+		*resp=1;
+		res->d[res->top-1]=1;
+		}
+	else
+		res->top--;
+	resp--;
+
+	for (i=0; i<loop-1; i++)
+		{
+		BN_ULONG q,n0,n1;
+		BN_ULONG l0;
+
+		wnum.d--; wnum.top++;
+		n0=wnump[0];
+		n1=wnump[-1];
+		if (n0 == d0)
+			q=BN_MASK2;
+		else
+			q=bn_div64(n0,n1,d0);
+		{
+#ifdef BN_LLONG
+		BN_ULLONG t1,t2,rem;
+		t1=((BN_ULLONG)n0<<BN_BITS2)|n1;
+		for (;;)
+			{
+			t2=(BN_ULLONG)d1*q;
+			rem=t1-(BN_ULLONG)q*d0;
+			if ((rem>>BN_BITS2) ||
+				(t2 <= ((BN_ULLONG)(rem<<BN_BITS2)+wnump[-2])))
+				break;
+			q--;
+			}
+#else
+		BN_ULONG t1l,t1h,t2l,t2h,t3l,t3h,ql,qh,t3t;
+		t1h=n0;
+		t1l=n1;
+		for (;;)
+			{
+			t2l=LBITS(d1); t2h=HBITS(d1);
+			ql =LBITS(q);  qh =HBITS(q);
+			mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
+
+			t3t=LBITS(d0); t3h=HBITS(d0);
+			mul64(t3t,t3h,ql,qh); /* t3=t1-(BN_ULLONG)q*d0; */
+			t3l=(t1l-t3t);
+			if (t3l > t1l) t3h++;
+			t3h=(t1h-t3h);
+
+			/*if ((t3>>BN_BITS2) ||
+				(t2 <= ((t3<<BN_BITS2)+wnump[-2])))
+				break; */
+			if (t3h) break;
+			if (t2h < t3l) break;
+			if ((t2h == t3l) && (t2l <= wnump[-2])) break;
+
+			q--;
+			}
+#endif
+		}
+		l0=bn_mul_word(tmp->d,sdiv->d,div_n,q);
+		tmp->d[div_n]=l0;
+		for (j=div_n+1; j>0; j--)
+			if (tmp->d[j-1]) break;
+		tmp->top=j;
+
+		j=wnum.top;
+		BN_sub(&wnum,&wnum,tmp);
+
+		snum->top=snum->top+wnum.top-j;
+
+		if (wnum.neg)
+			{
+			q--;
+			j=wnum.top;
+			BN_add(&wnum,&wnum,sdiv);
+			snum->top+=wnum.top-j;
+			}
+		*(resp--)=q;
+		wnump--;
+		}
+	if (rm != NULL)
+		{
+		BN_rshift(rm,snum,norm_shift);
+		rm->neg=num->neg;
+		}
+	return(1);
+err:
+	return(0);
+	}
+
+#endif
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
new file mode 100644
index 0000000000..38818d6e67
--- /dev/null
+++ b/crypto/bn/bn_err.c
@@ -0,0 +1,98 @@
+/* lib/bn/bn_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "bn.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA BN_str_functs[]=
+	{
+{ERR_PACK(0,BN_F_BN_BL_CTX_INIT,0),	"BN_BL_CTX_INIT"},
+{ERR_PACK(0,BN_F_BN_BL_CTX_NEW,0),	"BN_BL_CTX_NEW"},
+{ERR_PACK(0,BN_F_BN_BN2ASCII,0),	"BN_bn2ascii"},
+{ERR_PACK(0,BN_F_BN_CTX_NEW,0),	"BN_CTX_new"},
+{ERR_PACK(0,BN_F_BN_DIV,0),	"BN_div"},
+{ERR_PACK(0,BN_F_BN_EXPAND2,0),	"bn_expand2"},
+{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0),	"BN_mod_exp_mont"},
+{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0),	"BN_mod_inverse"},
+{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0),	"BN_mod_mul_reciprocal"},
+{ERR_PACK(0,BN_F_BN_NEW,0),	"BN_new"},
+{ERR_PACK(0,BN_F_BN_RAND,0),	"BN_rand"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA BN_str_reasons[]=
+	{
+{BN_R_BAD_RECIPROCAL                     ,"bad reciprocal"},
+{BN_R_CALLED_WITH_EVEN_MODULUS           ,"called with even modulus"},
+{BN_R_DIV_BY_ZERO                        ,"div by zero"},
+{BN_R_NO_INVERSE                         ,"no inverse"},
+{0,NULL},
+	};
+
+void ERR_load_BN_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_BN,BN_str_functs);
+		ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
+		}
+	}
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
new file mode 100644
index 0000000000..0a0db370c3
--- /dev/null
+++ b/crypto/bn/bn_exp.c
@@ -0,0 +1,510 @@
+/* crypto/bn/bn_exp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* slow but works */
+int BN_mod_mul(ret, a, b, m, ctx)
+BIGNUM *ret;
+BIGNUM *a;
+BIGNUM *b;
+BIGNUM *m;
+BN_CTX *ctx;
+	{
+	BIGNUM *t;
+	int r=0;
+
+	t=ctx->bn[ctx->tos++];
+	if (a == b)
+		{ if (!BN_sqr(t,a,ctx)) goto err; }
+	else
+		{ if (!BN_mul(t,a,b)) goto err; }
+	if (!BN_mod(ret,t,m,ctx)) goto err;
+	r=1;
+err:
+	ctx->tos--;
+	return(r);
+	}
+
+#if 0
+/* this one works - simple but works */
+int BN_mod_exp(r,a,p,m,ctx)
+BIGNUM *r,*a,*p,*m;
+BN_CTX *ctx;
+	{
+	int i,bits,ret=0;
+	BIGNUM *v,*tmp;
+
+	v=ctx->bn[ctx->tos++];
+	tmp=ctx->bn[ctx->tos++];
+
+	if (BN_copy(v,a) == NULL) goto err;
+	bits=BN_num_bits(p);
+
+	if (BN_is_odd(p))
+		{ if (BN_copy(r,a) == NULL) goto err; }
+	else	{ if (BN_one(r)) goto err; }
+
+	for (i=1; i<bits; i++)
+		{
+		if (!BN_sqr(tmp,v,ctx)) goto err;
+		if (!BN_mod(v,tmp,m,ctx)) goto err;
+		if (BN_is_bit_set(p,i))
+			{
+			if (!BN_mul(tmp,r,v)) goto err;
+			if (!BN_mod(r,tmp,m,ctx)) goto err;
+			}
+		}
+	ret=1;
+err:
+	ctx->tos-=2;
+	return(ret);
+	}
+
+#endif
+
+int BN_mod_exp(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+	{
+	int ret;
+
+#ifdef MONT_MUL_MOD
+	/* I have finally been able to take out this pre-condition of
+	 * the top bit being set.  It was caused by an error in BN_div
+	 * with negatives.  There was also another problem when for a^b%m
+	 * a >= m.  eay 07-May-97 */
+/*	if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
+
+	if (BN_is_odd(m))
+		{ ret=BN_mod_exp_mont(r,a,p,m,ctx); }
+	else
+#endif
+#ifdef RECP_MUL_MOD
+		{ ret=BN_mod_exp_recp(r,a,p,m,ctx); }
+#else
+		{ ret=BN_mod_exp_simple(r,a,p,m,ctx); }
+#endif
+
+	return(ret);
+	}
+
+/* #ifdef RECP_MUL_MOD */
+int BN_mod_exp_recp(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+	{
+	int nb,i,j,bits,ret=0,wstart,wend,window,wvalue;
+	int start=1;
+	BIGNUM *d,*aa;
+	BIGNUM *val[16];
+
+	d=ctx->bn[ctx->tos++];
+	aa=ctx->bn[ctx->tos++];
+	bits=BN_num_bits(p);
+
+	if (bits == 0)
+		{
+		BN_one(r);
+		return(1);
+		}
+	nb=BN_reciprocal(d,m,ctx);
+	if (nb == -1) goto err;
+
+	val[0]=BN_new();
+	if (!BN_mod(val[0],a,m,ctx)) goto err;		/* 1 */
+	if (!BN_mod_mul_reciprocal(aa,val[0],val[0],m,d,nb,ctx))
+		goto err;				/* 2 */
+
+	if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+		window=1;
+	else if (bits >= 256)
+		window=5;	/* max size of window */
+	else if (bits >= 128)
+		window=4;
+	else
+		window=3;
+
+	j=1<<(window-1);
+	for (i=1; i<j; i++)
+		{
+		val[i]=BN_new();
+		if (!BN_mod_mul_reciprocal(val[i],val[i-1],aa,m,d,nb,ctx))
+			goto err;
+		}
+	for (; i<16; i++)
+		val[i]=NULL;
+
+	start=1;	/* This is used to avoid multiplication etc
+			 * when there is only the value '1' in the
+			 * buffer. */
+	wvalue=0;	/* The 'value' of the window */
+	wstart=bits-1;	/* The top bit of the window */
+	wend=0;		/* The bottom bit of the window */
+
+	if (!BN_one(r)) goto err;
+
+	for (;;)
+		{
+		if (BN_is_bit_set(p,wstart) == 0)
+			{
+			if (!start)
+				if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx))
+				goto err;
+			if (wstart == 0) break;
+			wstart--;
+			continue;
+			}
+		/* We now have wstart on a 'set' bit, we now need to work out
+		 * how bit a window to do.  To do this we need to scan
+		 * forward until the last set bit before the end of the
+		 * window */
+		j=wstart;
+		wvalue=1;
+		wend=0;
+		for (i=1; i<window; i++)
+			{
+			if (wstart-i < 0) break;
+			if (BN_is_bit_set(p,wstart-i))
+				{
+				wvalue<<=(i-wend);
+				wvalue|=1;
+				wend=i;
+				}
+			}
+
+		/* wend is the size of the current window */
+		j=wend+1;
+		/* add the 'bytes above' */
+		if (!start)
+			for (i=0; i<j; i++)
+				{
+				if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx))
+					goto err;
+				}
+		
+		/* wvalue will be an odd number < 2^window */
+		if (!BN_mod_mul_reciprocal(r,r,val[wvalue>>1],m,d,nb,ctx))
+			goto err;
+
+		/* move the 'window' down further */
+		wstart-=wend+1;
+		wvalue=0;
+		start=0;
+		if (wstart < 0) break;
+		}
+	ret=1;
+err:
+	ctx->tos-=2;
+	for (i=0; i<16; i++)
+		if (val[i] != NULL) BN_clear_free(val[i]);
+	return(ret);
+	}
+/* #endif */
+
+/* #ifdef MONT_MUL_MOD */
+int BN_mod_exp_mont(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+	{
+	int i,j,bits,ret=0,wstart,wend,window,wvalue;
+	int start=1;
+	BIGNUM *d,*aa;
+	BIGNUM *val[16];
+	BN_MONT_CTX *mont=NULL;
+
+	if (!(m->d[0] & 1))
+		{
+		BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
+		return(0);
+		}
+	d=ctx->bn[ctx->tos++];
+	bits=BN_num_bits(p);
+	if (bits == 0)
+		{
+		BN_one(r);
+		return(1);
+		}
+
+	/* If this is not done, things will break in the montgomery
+	 * part */
+
+	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+	if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
+
+	val[0]=BN_new();
+	if (BN_ucmp(a,m) >= 0)
+		{
+		BN_mod(val[0],a,m,ctx);
+		aa=val[0];
+		}
+	else
+		aa=a;
+	if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */
+	if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */
+
+	if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+		window=1;
+	else if (bits >= 256)
+		window=5;	/* max size of window */
+	else if (bits >= 128)
+		window=4;
+	else
+		window=3;
+
+	j=1<<(window-1);
+	for (i=1; i<j; i++)
+		{
+		val[i]=BN_new();
+		if (!BN_mod_mul_montgomery(val[i],val[i-1],d,mont,ctx))
+			goto err;
+		}
+	for (; i<16; i++)
+		val[i]=NULL;
+
+	start=1;	/* This is used to avoid multiplication etc
+			 * when there is only the value '1' in the
+			 * buffer. */
+	wvalue=0;	/* The 'value' of the window */
+	wstart=bits-1;	/* The top bit of the window */
+	wend=0;		/* The bottom bit of the window */
+
+        if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
+	for (;;)
+		{
+		if (BN_is_bit_set(p,wstart) == 0)
+			{
+			if (!start)
+				if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
+				goto err;
+			if (wstart == 0) break;
+			wstart--;
+			continue;
+			}
+		/* We now have wstart on a 'set' bit, we now need to work out
+		 * how bit a window to do.  To do this we need to scan
+		 * forward until the last set bit before the end of the
+		 * window */
+		j=wstart;
+		wvalue=1;
+		wend=0;
+		for (i=1; i<window; i++)
+			{
+			if (wstart-i < 0) break;
+			if (BN_is_bit_set(p,wstart-i))
+				{
+				wvalue<<=(i-wend);
+				wvalue|=1;
+				wend=i;
+				}
+			}
+
+		/* wend is the size of the current window */
+		j=wend+1;
+		/* add the 'bytes above' */
+		if (!start)
+			for (i=0; i<j; i++)
+				{
+				if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
+					goto err;
+				}
+		
+		/* wvalue will be an odd number < 2^window */
+		if (!BN_mod_mul_montgomery(r,r,val[wvalue>>1],mont,ctx))
+			goto err;
+
+		/* move the 'window' down further */
+		wstart-=wend+1;
+		wvalue=0;
+		start=0;
+		if (wstart < 0) break;
+		}
+	BN_from_montgomery(r,r,mont,ctx);
+	ret=1;
+err:
+	if (mont != NULL) BN_MONT_CTX_free(mont);
+	ctx->tos--;
+	for (i=0; i<16; i++)
+		if (val[i] != NULL) BN_clear_free(val[i]);
+	return(ret);
+	}
+/* #endif */
+
+/* The old fallback, simple version :-) */
+int BN_mod_exp_simple(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+	{
+	int i,j,bits,ret=0,wstart,wend,window,wvalue;
+	int start=1;
+	BIGNUM *d;
+	BIGNUM *val[16];
+
+	d=ctx->bn[ctx->tos++];
+	bits=BN_num_bits(p);
+
+	if (bits == 0)
+		{
+		BN_one(r);
+		return(1);
+		}
+
+	val[0]=BN_new();
+	if (!BN_mod(val[0],a,m,ctx)) goto err;		/* 1 */
+	if (!BN_mod_mul(d,val[0],val[0],m,ctx))
+		goto err;				/* 2 */
+
+	if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+		window=1;
+	else if (bits >= 256)
+		window=5;	/* max size of window */
+	else if (bits >= 128)
+		window=4;
+	else
+		window=3;
+
+	j=1<<(window-1);
+	for (i=1; i<j; i++)
+		{
+		val[i]=BN_new();
+		if (!BN_mod_mul(val[i],val[i-1],d,m,ctx))
+			goto err;
+		}
+	for (; i<16; i++)
+		val[i]=NULL;
+
+	start=1;	/* This is used to avoid multiplication etc
+			 * when there is only the value '1' in the
+			 * buffer. */
+	wvalue=0;	/* The 'value' of the window */
+	wstart=bits-1;	/* The top bit of the window */
+	wend=0;		/* The bottom bit of the window */
+
+	if (!BN_one(r)) goto err;
+
+	for (;;)
+		{
+		if (BN_is_bit_set(p,wstart) == 0)
+			{
+			if (!start)
+				if (!BN_mod_mul(r,r,r,m,ctx))
+				goto err;
+			if (wstart == 0) break;
+			wstart--;
+			continue;
+			}
+		/* We now have wstart on a 'set' bit, we now need to work out
+		 * how bit a window to do.  To do this we need to scan
+		 * forward until the last set bit before the end of the
+		 * window */
+		j=wstart;
+		wvalue=1;
+		wend=0;
+		for (i=1; i<window; i++)
+			{
+			if (wstart-i < 0) break;
+			if (BN_is_bit_set(p,wstart-i))
+				{
+				wvalue<<=(i-wend);
+				wvalue|=1;
+				wend=i;
+				}
+			}
+
+		/* wend is the size of the current window */
+		j=wend+1;
+		/* add the 'bytes above' */
+		if (!start)
+			for (i=0; i<j; i++)
+				{
+				if (!BN_mod_mul(r,r,r,m,ctx))
+					goto err;
+				}
+		
+		/* wvalue will be an odd number < 2^window */
+		if (!BN_mod_mul(r,r,val[wvalue>>1],m,ctx))
+			goto err;
+
+		/* move the 'window' down further */
+		wstart-=wend+1;
+		wvalue=0;
+		start=0;
+		if (wstart < 0) break;
+		}
+	ret=1;
+err:
+	ctx->tos--;
+	for (i=0; i<16; i++)
+		if (val[i] != NULL) BN_clear_free(val[i]);
+	return(ret);
+	}
+
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
new file mode 100644
index 0000000000..9b0bc2b100
--- /dev/null
+++ b/crypto/bn/bn_gcd.c
@@ -0,0 +1,203 @@
+/* crypto/bn/bn_gcd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#ifndef NOPROTO
+static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
+#else
+static BIGNUM *euclid();
+#endif
+
+int BN_gcd(r,in_a,in_b,ctx)
+BIGNUM *r,*in_a,*in_b;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*b,*t;
+	int ret=0;
+
+	a=ctx->bn[ctx->tos];
+	b=ctx->bn[ctx->tos+1];
+
+	if (BN_copy(a,in_a) == NULL) goto err;
+	if (BN_copy(b,in_b) == NULL) goto err;
+
+	if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
+	t=euclid(a,b);
+	if (t == NULL) goto err;
+
+	if (BN_copy(r,t) == NULL) goto err;
+	ret=1;
+err:
+	return(ret);
+	}
+
+static BIGNUM *euclid(a,b)
+BIGNUM *a,*b;
+	{
+	BIGNUM *t;
+	int shifts=0;
+
+	for (;;)
+		{
+		if (BN_is_zero(b))
+			break;
+
+		if (BN_is_odd(a))
+			{
+			if (BN_is_odd(b))
+				{
+				if (!BN_sub(a,a,b)) goto err;
+				if (!BN_rshift1(a,a)) goto err;
+				if (BN_cmp(a,b) < 0)
+					{ t=a; a=b; b=t; }
+				}
+			else		/* a odd - b even */
+				{
+				if (!BN_rshift1(b,b)) goto err;
+				if (BN_cmp(a,b) < 0)
+					{ t=a; a=b; b=t; }
+				}
+			}
+		else			/* a is even */
+			{
+			if (BN_is_odd(b))
+				{
+				if (!BN_rshift1(a,a)) goto err;
+				if (BN_cmp(a,b) < 0)
+					{ t=a; a=b; b=t; }
+				}
+			else		/* a even - b even */
+				{
+				if (!BN_rshift1(a,a)) goto err;
+				if (!BN_rshift1(b,b)) goto err;
+				shifts++;
+				}
+			}
+		}
+	if (shifts)
+		{
+		if (!BN_lshift(a,a,shifts)) goto err;
+		}
+	return(a);
+err:
+	return(NULL);
+	}
+
+/* solves ax == 1 (mod n) */
+BIGNUM *BN_mod_inverse(a, n, ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+	{
+	BIGNUM *A,*B,*X,*Y,*M,*D,*R;
+	BIGNUM *ret=NULL,*T;
+	int sign;
+
+	A=ctx->bn[ctx->tos];
+	B=ctx->bn[ctx->tos+1];
+	X=ctx->bn[ctx->tos+2];
+	D=ctx->bn[ctx->tos+3];
+	M=ctx->bn[ctx->tos+4];
+	Y=ctx->bn[ctx->tos+5];
+	ctx->tos+=6;
+	R=BN_new();
+	if (R == NULL) goto err;
+
+	BN_zero(X);
+	BN_one(Y);
+	if (BN_copy(A,a) == NULL) goto err;
+	if (BN_copy(B,n) == NULL) goto err;
+	sign=1;
+
+	while (!BN_is_zero(B))
+		{
+		if (!BN_div(D,M,A,B,ctx)) goto err;
+		T=A;
+		A=B;
+		B=M;
+		/* T has a struct, M does not */
+
+		if (!BN_mul(T,D,X)) goto err;
+		if (!BN_add(T,T,Y)) goto err;
+		M=Y;
+		Y=X;
+		X=T;
+		sign= -sign;
+		}
+	if (sign < 0)
+		{
+		if (!BN_sub(Y,n,Y)) goto err;
+		}
+
+	if (BN_is_one(A))
+		{ if (!BN_mod(R,Y,n,ctx)) goto err; }
+	else
+		{
+		BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
+		goto err;
+		}
+	ret=R;
+err:
+	if ((ret == NULL) && (R != NULL)) BN_free(R);
+	ctx->tos-=6;
+	return(ret);
+	}
+
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
new file mode 100644
index 0000000000..4d44651df8
--- /dev/null
+++ b/crypto/bn/bn_lcl.h
@@ -0,0 +1,216 @@
+/* crypto/bn/bn_lcl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BN_LCL_H
+#define HEADER_BN_LCL_H
+
+#include "bn.h"
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*************************************************************
+ * Using the long long type
+ */
+#define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
+#define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
+
+#define bn_fix_top(a) \
+        { \
+        BN_ULONG *fix_top_l; \
+        for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+		if (*(fix_top_l--)) break; \
+	}
+
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+
+#ifdef BN_LLONG
+#define mul_add(r,a,w,c) { \
+	BN_ULLONG t; \
+	t=(BN_ULLONG)w * (a) + (r) + (c); \
+	(r)=Lw(t); \
+	(c)= Hw(t); \
+	}
+
+#define mul(r,a,w,c) { \
+	BN_ULLONG t; \
+	t=(BN_ULLONG)w * (a) + (c); \
+	(r)=Lw(t); \
+	(c)= Hw(t); \
+	}
+
+#define bn_mul_words(r1,r2,a,b) \
+	{ \
+	BN_ULLONG t; \
+	t=(BN_ULLONG)(a)*(b); \
+	r1=Lw(t); \
+	r2=Hw(t); \
+	}
+
+#else
+/*************************************************************
+ * No long long type
+ */
+
+#define LBITS(a)	((a)&BN_MASK2l)
+#define HBITS(a)	(((a)>>BN_BITS4)&BN_MASK2l)
+#define	L2HBITS(a)	((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4)
+
+#define LLBITS(a)	((a)&BN_MASKl)
+#define LHBITS(a)	(((a)>>BN_BITS2)&BN_MASKl)
+#define	LL2HBITS(a)	((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
+
+#define mul64(l,h,bl,bh) \
+	{ \
+	BN_ULONG m,m1,lt,ht; \
+ \
+	lt=l; \
+	ht=h; \
+	m =(bh)*(lt); \
+	lt=(bl)*(lt); \
+	m1=(bl)*(ht); \
+	ht =(bh)*(ht); \
+	m+=m1; if ((m&BN_MASK2) < m1) ht+=L2HBITS(1L); \
+	ht+=HBITS(m); \
+	m1=L2HBITS(m); \
+	lt+=m1; if ((lt&BN_MASK2) < m1) ht++; \
+	(l)=lt; \
+	(h)=ht; \
+	}
+
+#define sqr64(lo,ho,in) \
+	{ \
+	BN_ULONG l,h,m; \
+ \
+	h=(in); \
+	l=LBITS(h); \
+	h=HBITS(h); \
+	m =(l)*(h); \
+	l*=l; \
+	h*=h; \
+	h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
+	m =(m&BN_MASK2l)<<(BN_BITS4+1); \
+	l+=m; if ((l&BN_MASK2) < m) h++; \
+	(lo)=l; \
+	(ho)=h; \
+	}
+
+#define mul_add(r,a,bl,bh,c) { \
+	BN_ULONG l,h; \
+ \
+	h= (a); \
+	l=LBITS(h); \
+	h=HBITS(h); \
+	mul64(l,h,(bl),(bh)); \
+ \
+	/* non-multiply part */ \
+	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+	(c)=(r); \
+	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+	(c)=h&BN_MASK2; \
+	(r)=l&BN_MASK2; \
+	}
+
+#define mul(r,a,bl,bh,c) { \
+	BN_ULONG l,h; \
+ \
+	h= (a); \
+	l=LBITS(h); \
+	h=HBITS(h); \
+	mul64(l,h,(bl),(bh)); \
+ \
+	/* non-multiply part */ \
+	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+	(c)=h&BN_MASK2; \
+	(r)=l&BN_MASK2; \
+	}
+
+#define bn_mul_words(r1,r2,a,b) \
+	{ \
+	BN_ULONG l,h,bl,bh; \
+ \
+	h=(a); \
+	l=LBITS(h); \
+	h=HBITS(h); \
+	bh=(b); \
+	bl=LBITS(bh); \
+	bh=HBITS(bh); \
+ \
+	mul64(l,h,bl,bh); \
+ \
+	(r1)=l; \
+	(r2)=h; \
+	}
+#endif
+
+#ifndef NOPROTO
+
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+
+#else
+
+BIGNUM *bn_expand2();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
new file mode 100644
index 0000000000..288ebca68c
--- /dev/null
+++ b/crypto/bn/bn_lib.c
@@ -0,0 +1,565 @@
+/* crypto/bn/bn_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+char *BN_version="Big Number part of SSLeay 0.8.1b 29-Jun-1998";
+
+BIGNUM *BN_value_one()
+	{
+	static BN_ULONG data_one=1L;
+	static BIGNUM const_one={&data_one,1,1,0};
+
+	return(&const_one);
+	}
+
+char *BN_options()
+	{
+	static int init=0;
+	static char data[16];
+
+	if (!init)
+		{
+		init++;
+#ifdef BN_LLONG
+		sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
+			(int)sizeof(BN_ULONG)*8);
+#else
+		sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
+			(int)sizeof(BN_ULONG)*8);
+#endif
+		}
+	return(data);
+	}
+
+int BN_num_bits_word(l)
+BN_ULONG l;
+	{
+	static char bits[256]={
+		0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
+		5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
+		6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
+		6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
+		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+		7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+		};
+
+#ifdef SIXTY_FOUR_BIT_LONG
+	if (l & 0xffffffff00000000L)
+		{
+		if (l & 0xffff000000000000L)
+			{
+			if (l & 0xff00000000000000L)
+				{
+				return(bits[l>>56]+56);
+				}
+			else	return(bits[l>>48]+48);
+			}
+		else
+			{
+			if (l & 0x0000ff0000000000L)
+				{
+				return(bits[l>>40]+40);
+				}
+			else	return(bits[l>>32]+32);
+			}
+		}
+	else
+#else
+#ifdef SIXTY_FOUR_BIT
+	if (l & 0xffffffff00000000LL)
+		{
+		if (l & 0xffff000000000000LL)
+			{
+			if (l & 0xff00000000000000LL)
+				{
+				return(bits[l>>56]+56);
+				}
+			else	return(bits[l>>48]+48);
+			}
+		else
+			{
+			if (l & 0x0000ff0000000000LL)
+				{
+				return(bits[l>>40]+40);
+				}
+			else	return(bits[l>>32]+32);
+			}
+		}
+	else
+#endif
+#endif
+		{
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+		if (l & 0xffff0000L)
+			{
+			if (l & 0xff000000L)
+				return(bits[l>>24L]+24);
+			else	return(bits[l>>16L]+16);
+			}
+		else
+#endif
+			{
+#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+			if (l & 0xff00L)
+				return(bits[l>>8]+8);
+			else	
+#endif
+				return(bits[l   ]  );
+			}
+		}
+	}
+
+int BN_num_bits(a)
+BIGNUM *a;
+	{
+	BN_ULONG l;
+	int i;
+
+	if (a->top == 0) return(0);
+	l=a->d[a->top-1];
+	i=(a->top-1)*BN_BITS2;
+	if (l == 0)
+		{
+#ifndef WIN16
+		fprintf(stderr,"BAD TOP VALUE\n");
+#endif
+		abort();
+		}
+	return(i+BN_num_bits_word(l));
+	}
+
+void BN_clear_free(a)
+BIGNUM *a;
+	{
+	if (a == NULL) return;
+	if (a->d != NULL)
+		{
+		memset(a->d,0,a->max*sizeof(a->d[0]));
+		Free(a->d);
+		}
+	memset(a,0,sizeof(BIGNUM));
+	Free(a);
+	}
+
+void BN_free(a)
+BIGNUM *a;
+	{
+	if (a == NULL) return;
+	if (a->d != NULL) Free(a->d);
+	Free(a);
+	}
+
+BIGNUM *BN_new()
+	{
+	BIGNUM *ret;
+	BN_ULONG *p;
+
+	ret=(BIGNUM *)Malloc(sizeof(BIGNUM));
+	if (ret == NULL) goto err;
+	ret->top=0;
+	ret->neg=0;
+	ret->max=(BN_DEFAULT_BITS/BN_BITS2);
+	p=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(ret->max+1));
+	if (p == NULL) goto err;
+	ret->d=p;
+
+	memset(p,0,(ret->max+1)*sizeof(p[0]));
+	return(ret);
+err:
+	BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
+	return(NULL);
+	}
+
+BN_CTX *BN_CTX_new()
+	{
+	BN_CTX *ret;
+	BIGNUM *n;
+	int i,j;
+
+	ret=(BN_CTX *)Malloc(sizeof(BN_CTX));
+	if (ret == NULL) goto err2;
+
+	for (i=0; i<BN_CTX_NUM; i++)
+		{
+		n=BN_new();
+		if (n == NULL) goto err;
+		ret->bn[i]=n;
+		}
+
+	/* There is actually an extra one, this is for debugging my
+	 * stuff */
+	ret->bn[BN_CTX_NUM]=NULL;
+
+	ret->tos=0;
+	return(ret);
+err:
+	for (j=0; j<i; j++)
+		BN_free(ret->bn[j]);
+	Free(ret);
+err2:
+	BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
+	return(NULL);
+	}
+
+void BN_CTX_free(c)
+BN_CTX *c;
+	{
+	int i;
+
+	for (i=0; i<BN_CTX_NUM; i++)
+		BN_clear_free(c->bn[i]);
+	Free(c);
+	}
+
+BIGNUM *bn_expand2(b, bits)
+BIGNUM *b;
+int bits;
+	{
+	BN_ULONG *p;
+	register int n;
+
+	while (bits > b->max*BN_BITS2)
+		{
+		n=((bits+BN_BITS2-1)/BN_BITS2)*2;
+		p=b->d=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(n+1));
+		if (p == NULL)
+			{
+			BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
+			return(NULL);
+			}
+		memset(&(p[b->max]),0,((n+1)-b->max)*sizeof(BN_ULONG));
+		b->max=n;
+		}
+	return(b);
+	}
+
+BIGNUM *BN_dup(a)
+BIGNUM *a;
+	{
+	BIGNUM *r;
+
+	r=BN_new();
+	if (r == NULL) return(NULL);
+	return((BIGNUM *)BN_copy(r,a));
+	}
+
+BIGNUM *BN_copy(a, b)
+BIGNUM *a;
+BIGNUM *b;
+	{
+	if (bn_expand(a,b->top*BN_BITS2) == NULL) return(NULL);
+	memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
+/*	memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
+	a->top=b->top;
+	a->neg=b->neg;
+	return(a);
+	}
+
+void BN_clear(a)
+BIGNUM *a;
+	{
+	memset(a->d,0,a->max*sizeof(a->d[0]));
+	a->top=0;
+	a->neg=0;
+	}
+
+unsigned long BN_get_word(a)
+BIGNUM *a;
+	{
+	int i,n;
+	unsigned long ret=0;
+
+	n=BN_num_bytes(a);
+	if (n > sizeof(unsigned long))
+#ifdef SIXTY_FOUR_BIT_LONG
+		return(BN_MASK2);
+#else
+		return(0xFFFFFFFFL);
+#endif
+	for (i=a->top-1; i>=0; i--)
+		{
+#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
+		ret<<=BN_BITS4; /* stops the compiler complaining */
+		ret<<=BN_BITS4;
+#endif
+		ret|=a->d[i];
+		}
+	return(ret);
+	}
+
+int BN_set_word(a,w)
+BIGNUM *a;
+unsigned long w;
+	{
+	int i,n;
+	if (bn_expand(a,sizeof(unsigned long)*8) == NULL) return(0);
+
+	n=sizeof(unsigned long)/BN_BYTES;
+	a->neg=0;
+	a->top=0;
+	a->d[0]=(BN_ULONG)w&BN_MASK2;
+	if (a->d[0] != 0) a->top=1;
+	for (i=1; i<n; i++)
+		{
+		/* the following is done instead of
+		 * w>>=BN_BITS2 so compilers don't complain
+		 * on builds where sizeof(long) == BN_TYPES */
+#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
+		w>>=BN_BITS4;
+		w>>=BN_BITS4;
+#endif
+		a->d[i]=(BN_ULONG)w&BN_MASK2;
+		if (a->d[i] != 0) a->top=i+1;
+		}
+	return(1);
+	}
+
+/* ignore negative */
+BIGNUM *BN_bin2bn(s, len, ret)
+unsigned char *s;
+int len;
+BIGNUM *ret;
+	{
+	unsigned int i,m;
+	unsigned int n;
+	BN_ULONG l;
+
+	if (ret == NULL) ret=BN_new();
+	if (ret == NULL) return(NULL);
+	l=0;
+	n=len;
+	if (n == 0)
+		{
+		ret->top=0;
+		return(ret);
+		}
+	if (bn_expand(ret,(int)(n+2)*8) == NULL)
+		return(NULL);
+	i=((n-1)/BN_BYTES)+1;
+	m=((n-1)%(BN_BYTES));
+	ret->top=i;
+	while (n-- > 0)
+		{
+		l=(l<<8L)| *(s++);
+		if (m-- == 0)
+			{
+			ret->d[--i]=l;
+			l=0;
+			m=BN_BYTES-1;
+			}
+		}
+	/* need to call this due to clear byte at top if avoiding
+	 * having the top bit set (-ve number) */
+	bn_fix_top(ret);
+	return(ret);
+	}
+
+/* ignore negative */
+int BN_bn2bin(a, to)
+BIGNUM *a;
+unsigned char *to;
+	{
+	int n,i;
+	BN_ULONG l;
+
+	n=i=BN_num_bytes(a);
+	while (i-- > 0)
+		{
+		l=a->d[i/BN_BYTES];
+		*(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
+		}
+	return(n);
+	}
+
+int BN_ucmp(a, b)
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int i;
+	BN_ULONG t1,t2,*ap,*bp;
+
+	i=a->top-b->top;
+	if (i != 0) return(i);
+	ap=a->d;
+	bp=b->d;
+	for (i=a->top-1; i>=0; i--)
+		{
+		t1= ap[i];
+		t2= bp[i];
+		if (t1 != t2)
+			return(t1 > t2?1:-1);
+		}
+	return(0);
+	}
+
+int BN_cmp(a, b)
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int i;
+	int gt,lt;
+	BN_ULONG t1,t2;
+
+	if ((a == NULL) || (b == NULL))
+		{
+		if (a != NULL)
+			return(-1);
+		else if (b != NULL)
+			return(1);
+		else
+			return(0);
+		}
+	if (a->neg != b->neg)
+		{
+		if (a->neg)
+			return(-1);
+		else	return(1);
+		}
+	if (a->neg == 0)
+		{ gt=1; lt= -1; }
+	else	{ gt= -1; lt=1; }
+
+	if (a->top > b->top) return(gt);
+	if (a->top < b->top) return(lt);
+	for (i=a->top-1; i>=0; i--)
+		{
+		t1=a->d[i];
+		t2=b->d[i];
+		if (t1 > t2) return(gt);
+		if (t1 < t2) return(lt);
+		}
+	return(0);
+	}
+
+int BN_set_bit(a, n)
+BIGNUM *a;
+int n;
+	{
+	int i,j;
+
+	i=n/BN_BITS2;
+	j=n%BN_BITS2;
+	if (a->top <= i) return(0);
+
+	a->d[i]|=(1L<<j);
+	return(1);
+	}
+
+int BN_clear_bit(a, n)
+BIGNUM *a;
+int n;
+	{
+	int i,j;
+
+	i=n/BN_BITS2;
+	j=n%BN_BITS2;
+	if (a->top <= i) return(0);
+
+	a->d[i]&=(~(1L<<j));
+	return(1);
+	}
+
+int BN_is_bit_set(a, n)
+BIGNUM *a;
+int n;
+	{
+	int i,j;
+
+	if (n < 0) return(0);
+	i=n/BN_BITS2;
+	j=n%BN_BITS2;
+	if (a->top <= i) return(0);
+	return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
+	}
+
+int BN_mask_bits(a,n)
+BIGNUM *a;
+int n;
+	{
+	int b,w;
+
+	w=n/BN_BITS2;
+	b=n%BN_BITS2;
+	if (w >= a->top) return(0);
+	if (b == 0)
+		a->top=w;
+	else
+		{
+		a->top=w+1;
+		a->d[w]&= ~(BN_MASK2<<b);
+		while ((w >= 0) && (a->d[w] == 0))
+			{
+			a->top--;
+			w--;
+			}
+		}
+	return(1);
+	}
diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c
new file mode 100644
index 0000000000..c94241f59e
--- /dev/null
+++ b/crypto/bn/bn_mod.c
@@ -0,0 +1,97 @@
+/* crypto/bn/bn_mod.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* rem != m */
+int BN_mod(rem, m, d,ctx)
+BIGNUM *rem;
+BIGNUM *m;
+BIGNUM *d;
+BN_CTX *ctx;
+	{
+#if 0 /* The old slow way */
+	int i,nm,nd;
+	BIGNUM *dv;
+
+	if (BN_ucmp(m,d) < 0)
+		return((BN_copy(rem,m) == NULL)?0:1);
+
+	dv=ctx->bn[ctx->tos];
+
+	if (!BN_copy(rem,m)) return(0);
+
+	nm=BN_num_bits(rem);
+	nd=BN_num_bits(d);
+	if (!BN_lshift(dv,d,nm-nd)) return(0);
+	for (i=nm-nd; i>=0; i--)
+		{
+		if (BN_cmp(rem,dv) >= 0)
+			{
+			if (!BN_sub(rem,rem,dv)) return(0);
+			}
+		if (!BN_rshift1(dv,dv)) return(0);
+		}
+	return(1);
+#else
+	return(BN_div(NULL,rem,m,d,ctx));
+#endif
+	}
+
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
new file mode 100644
index 0000000000..932d10b736
--- /dev/null
+++ b/crypto/bn/bn_mont.c
@@ -0,0 +1,280 @@
+/* crypto/bn/bn_mont.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_mod_mul_montgomery(r,a,b,mont,ctx)
+BIGNUM *r,*a,*b;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+	{
+	BIGNUM *tmp;
+
+        tmp=ctx->bn[ctx->tos++];
+
+	if (a == b)
+		{
+		if (!BN_sqr(tmp,a,ctx)) goto err;
+		}
+	else
+		{
+		if (!BN_mul(tmp,a,b)) goto err;
+		}
+	/* reduce from aRR to aR */
+	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
+	ctx->tos--;
+	return(1);
+err:
+	return(0);
+	}
+
+#define MONT_WORD
+
+#ifdef MONT_WORD
+int BN_from_montgomery(ret,a,mont,ctx)
+BIGNUM *ret;
+BIGNUM *a;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+	{
+	BIGNUM *n,*t1,*r;
+	BN_ULONG *ap,*np,*rp,k,n0,v,v2;
+	int al,nl,max,i,x;
+	int retn=0;
+
+	t1=ctx->bn[ctx->tos];
+	r=ctx->bn[ctx->tos+1];
+
+	if (!BN_copy(r,a)) goto err;
+	n=mont->N;
+
+	if (!BN_copy(t1,a)) goto err;
+	BN_mask_bits(t1,mont->ri);
+
+	a=t1;
+
+	al=a->top;
+	nl=n->top;
+	if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
+
+	max=(nl+al+1); /* allow for overflow (no?) XXX */
+	if (bn_expand(r,(max)*BN_BITS2) == NULL) goto err;
+
+	r->neg=a->neg^n->neg;
+	ap=a->d;
+	np=n->d;
+	rp=r->d;
+
+	/* clear the top bytes of T */
+	for (i=r->top; i<max; i++) /* memset? XXX */
+		r->d[i]=0;
+/*	memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); */
+
+	r->top=max;
+	n0=mont->n0;
+
+	for (i=0; i<nl; i++)
+		{
+		/* This is were part words probably goes wrong */
+		k=(rp[0]*n0)&BN_MASK2;
+		v=bn_mul_add_word(rp,np,nl,k);
+		
+		for (x=nl; v; x++)
+			{
+			v2=rp[x];
+			v2+=v;
+			rp[x]=v2;
+			v=((v2&BN_MASK2) < v)?1:0; /* ever true? XXX */
+			}
+		rp++;
+		}
+	while (r->d[r->top-1] == 0)
+		r->top--;
+
+	BN_rshift(ret,r,mont->ri);
+
+	if (BN_ucmp(ret,mont->N) >= 0)
+		{
+		bn_qsub(ret,ret,mont->N); /* XXX */
+		}
+	retn=1;
+err:
+	return(retn);
+	}
+#else
+int BN_from_montgomery(r,a,mont,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+	{
+	BIGNUM *t1,*t2;
+
+	t1=ctx->bn[ctx->tos];
+	t2=ctx->bn[ctx->tos+1];
+
+	if (!BN_copy(t1,a)) goto err;
+	/* can cheat */
+	BN_mask_bits(t1,mont->ri);
+
+	if (!BN_mul(t2,t1,mont->Ni)) goto err;
+	BN_mask_bits(t2,mont->ri);
+
+	if (!BN_mul(t1,t2,mont->N)) goto err;
+	if (!BN_add(t2,a,t1)) goto err;
+	BN_rshift(r,t2,mont->ri);
+
+	if (BN_ucmp(r,mont->N) >= 0)
+		bn_qsub(r,r,mont->N);
+
+	return(1);
+err:
+	return(0);
+	}
+#endif
+
+BN_MONT_CTX *BN_MONT_CTX_new()
+	{
+	BN_MONT_CTX *ret;
+
+	if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL)
+		return(NULL);
+	ret->ri=0;
+	ret->RR=BN_new();
+	ret->N=BN_new();
+	ret->Ni=NULL;
+	if ((ret->RR == NULL) || (ret->N == NULL))
+		{
+		BN_MONT_CTX_free(ret);
+		return(NULL);
+		}
+	return(ret);
+	}
+
+void BN_MONT_CTX_free(mont)
+BN_MONT_CTX *mont;
+	{
+	if (mont->RR != NULL) BN_free(mont->RR);
+	if (mont->N != NULL) BN_free(mont->N);
+	if (mont->Ni != NULL) BN_free(mont->Ni);
+	Free(mont);
+	}
+
+int BN_MONT_CTX_set(mont,mod,ctx)
+BN_MONT_CTX *mont;
+BIGNUM *mod;
+BN_CTX *ctx;
+	{
+	BIGNUM *Ri=NULL,*R=NULL;
+
+	if (mont->RR == NULL) mont->RR=BN_new();
+	if (mont->N == NULL)  mont->N=BN_new();
+
+	R=mont->RR;					/* grab RR as a temp */
+	BN_copy(mont->N,mod);				/* Set N */
+
+#ifdef MONT_WORD
+{
+	BIGNUM tmod;
+	BN_ULONG buf[2];
+	/* int z; */
+
+	mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
+	BN_lshift(R,BN_value_one(),BN_BITS2);		/* R */
+	/* I was bad, this modification of a passed variable was
+	 * breaking the multithreaded stuff :-(
+	 * z=mod->top;
+	 * mod->top=1; */
+
+	buf[0]=mod->d[0];
+	buf[1]=0;
+	tmod.d=buf;
+	tmod.top=1;
+	tmod.max=mod->max;
+	tmod.neg=mod->neg;
+
+	if ((Ri=BN_mod_inverse(R,&tmod,ctx)) == NULL) goto err; /* Ri */
+	BN_lshift(Ri,Ri,BN_BITS2);			/* R*Ri */
+	bn_qsub(Ri,Ri,BN_value_one());			/* R*Ri - 1 */
+	BN_div(Ri,NULL,Ri,&tmod,ctx);
+	mont->n0=Ri->d[0];
+	BN_free(Ri);
+	/* mod->top=z; */
+}
+#else
+	mont->ri=BN_num_bits(mod);
+	BN_lshift(R,BN_value_one(),mont->ri);			/* R */
+	if ((Ri=BN_mod_inverse(R,mod,ctx)) == NULL) goto err;	/* Ri */
+	BN_lshift(Ri,Ri,mont->ri);				/* R*Ri */
+	bn_qsub(Ri,Ri,BN_value_one());				/* R*Ri - 1 */
+	BN_div(Ri,NULL,Ri,mod,ctx);
+	if (mont->Ni != NULL) BN_free(mont->Ni);
+	mont->Ni=Ri;					/* Ni=(R*Ri-1)/N */
+#endif
+
+	/* setup RR for conversions */
+	BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
+	BN_mod(mont->RR,mont->RR,mont->N,ctx);
+
+	return(1);
+err:
+	return(0);
+	}
+
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
new file mode 100644
index 0000000000..3c8bf23a70
--- /dev/null
+++ b/crypto/bn/bn_mul.c
@@ -0,0 +1,99 @@
+/* crypto/bn/bn_mul.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must be different to a and b */
+int BN_mul(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int i;
+	int max,al,bl;
+	BN_ULONG *ap,*bp,*rp;
+
+	al=a->top;
+	bl=b->top;
+	if ((al == 0) || (bl == 0))
+		{
+		r->top=0;
+		return(1);
+		}
+
+	max=(al+bl);
+	if (bn_expand(r,(max)*BN_BITS2) == NULL) return(0);
+	r->top=max;
+	r->neg=a->neg^b->neg;
+	ap=a->d;
+	bp=b->d;
+	rp=r->d;
+
+	rp[al]=bn_mul_word(rp,ap,al,*(bp++));
+	rp++;
+	for (i=1; i<bl; i++)
+		{
+		rp[al]=bn_mul_add_word(rp,ap,al,*(bp++));
+		rp++;
+		}
+	if (r->d[max-1] == 0) r->top--;
+	return(1);
+	}
+
diff --git a/crypto/bn/bn_mulw.c b/crypto/bn/bn_mulw.c
new file mode 100644
index 0000000000..d903127395
--- /dev/null
+++ b/crypto/bn/bn_mulw.c
@@ -0,0 +1,303 @@
+/* crypto/bn/bn_mulw.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#ifdef BN_LLONG 
+
+BN_ULONG bn_mul_add_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+	{
+	BN_ULONG c1=0;
+
+	for (;;)
+		{
+		mul_add(rp[0],ap[0],w,c1);
+		if (--num == 0) break;
+		mul_add(rp[1],ap[1],w,c1);
+		if (--num == 0) break;
+		mul_add(rp[2],ap[2],w,c1);
+		if (--num == 0) break;
+		mul_add(rp[3],ap[3],w,c1);
+		if (--num == 0) break;
+		ap+=4;
+		rp+=4;
+		}
+	
+	return(c1);
+	} 
+
+BN_ULONG bn_mul_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+	{
+	BN_ULONG c1=0;
+
+	for (;;)
+		{
+		mul(rp[0],ap[0],w,c1);
+		if (--num == 0) break;
+		mul(rp[1],ap[1],w,c1);
+		if (--num == 0) break;
+		mul(rp[2],ap[2],w,c1);
+		if (--num == 0) break;
+		mul(rp[3],ap[3],w,c1);
+		if (--num == 0) break;
+		ap+=4;
+		rp+=4;
+		}
+	return(c1);
+	} 
+
+void bn_sqr_words(r,a,n)
+BN_ULONG *r,*a;
+int n;
+        {
+	for (;;)
+		{
+		BN_ULLONG t;
+
+		t=(BN_ULLONG)(a[0])*(a[0]);
+		r[0]=Lw(t); r[1]=Hw(t);
+		if (--n == 0) break;
+
+		t=(BN_ULLONG)(a[1])*(a[1]);
+		r[2]=Lw(t); r[3]=Hw(t);
+		if (--n == 0) break;
+
+		t=(BN_ULLONG)(a[2])*(a[2]);
+		r[4]=Lw(t); r[5]=Hw(t);
+		if (--n == 0) break;
+
+		t=(BN_ULLONG)(a[3])*(a[3]);
+		r[6]=Lw(t); r[7]=Hw(t);
+		if (--n == 0) break;
+
+		a+=4;
+		r+=8;
+		}
+	}
+
+#else
+
+BN_ULONG bn_mul_add_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+	{
+	BN_ULONG c=0;
+	BN_ULONG bl,bh;
+
+	bl=LBITS(w);
+	bh=HBITS(w);
+
+	for (;;)
+		{
+		mul_add(rp[0],ap[0],bl,bh,c);
+		if (--num == 0) break;
+		mul_add(rp[1],ap[1],bl,bh,c);
+		if (--num == 0) break;
+		mul_add(rp[2],ap[2],bl,bh,c);
+		if (--num == 0) break;
+		mul_add(rp[3],ap[3],bl,bh,c);
+		if (--num == 0) break;
+		ap+=4;
+		rp+=4;
+		}
+	return(c);
+	} 
+
+BN_ULONG bn_mul_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+	{
+	BN_ULONG carry=0;
+	BN_ULONG bl,bh;
+
+	bl=LBITS(w);
+	bh=HBITS(w);
+
+	for (;;)
+		{
+		mul(rp[0],ap[0],bl,bh,carry);
+		if (--num == 0) break;
+		mul(rp[1],ap[1],bl,bh,carry);
+		if (--num == 0) break;
+		mul(rp[2],ap[2],bl,bh,carry);
+		if (--num == 0) break;
+		mul(rp[3],ap[3],bl,bh,carry);
+		if (--num == 0) break;
+		ap+=4;
+		rp+=4;
+		}
+	return(carry);
+	} 
+
+void bn_sqr_words(r,a,n)
+BN_ULONG *r,*a;
+int n;
+        {
+	for (;;)
+		{
+		sqr64(r[0],r[1],a[0]);
+		if (--n == 0) break;
+
+		sqr64(r[2],r[3],a[1]);
+		if (--n == 0) break;
+
+		sqr64(r[4],r[5],a[2]);
+		if (--n == 0) break;
+
+		sqr64(r[6],r[7],a[3]);
+		if (--n == 0) break;
+
+		a+=4;
+		r+=8;
+		}
+	}
+
+#endif
+
+#if defined(BN_LLONG) && defined(BN_DIV2W)
+
+BN_ULONG bn_div64(h,l,d)
+BN_ULONG h,l,d;
+	{
+	return((BN_ULONG)(((((BN_ULLONG)h)<<BN_BITS2)|l)/(BN_ULLONG)d));
+	}
+
+#else
+
+/* Divide h-l by d and return the result. */
+/* I need to test this some more :-( */
+BN_ULONG bn_div64(h,l,d)
+BN_ULONG h,l,d;
+	{
+	BN_ULONG dh,dl,q,ret=0,th,tl,t;
+	int i,count=2;
+
+	if (d == 0) return(BN_MASK2);
+
+	i=BN_num_bits_word(d);
+	if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
+		{
+#ifndef WIN16
+		fprintf(stderr,"Division would overflow (%d)\n",i);
+#endif
+		abort();
+		}
+	i=BN_BITS2-i;
+	if (h >= d) h-=d;
+
+	if (i)
+		{
+		d<<=i;
+		h=(h<<i)|(l>>(BN_BITS2-i));
+		l<<=i;
+		}
+	dh=(d&BN_MASK2h)>>BN_BITS4;
+	dl=(d&BN_MASK2l);
+	for (;;)
+		{
+		if ((h>>BN_BITS4) == dh)
+			q=BN_MASK2l;
+		else
+			q=h/dh;
+
+		for (;;)
+			{
+			t=(h-q*dh);
+			if ((t&BN_MASK2h) ||
+				((dl*q) <= (
+					(t<<BN_BITS4)+
+					((l&BN_MASK2h)>>BN_BITS4))))
+				break;
+			q--;
+			}
+		th=q*dh;
+		tl=q*dl;
+		t=(tl>>BN_BITS4);
+		tl=(tl<<BN_BITS4)&BN_MASK2h;
+		th+=t;
+
+		if (l < tl) th++;
+		l-=tl;
+		if (h < th)
+			{
+			h+=d;
+			q--;
+			}
+		h-=th;
+
+		if (--count == 0) break;
+
+		ret=q<<BN_BITS4;
+		h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
+		l=(l&BN_MASK2l)<<BN_BITS4;
+		}
+	ret|=q;
+	return(ret);
+	}
+#endif
+
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
new file mode 100644
index 0000000000..07a8289492
--- /dev/null
+++ b/crypto/bn/bn_prime.c
@@ -0,0 +1,389 @@
+/* crypto/bn/bn_prime.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "rand.h"
+
+/* The quick seive algorithm approach to weeding out primes is
+ * Philip Zimmermann's, as implemented in PGP.  I have had a read of
+ * his comments and implemented my own version.
+ */
+#include "bn_prime.h"
+
+#ifndef NOPROTO
+static int witness(BIGNUM *a, BIGNUM *n, BN_CTX *ctx);
+static int probable_prime(BIGNUM *rnd, int bits);
+static int probable_prime_dh(BIGNUM *rnd, int bits,
+	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+static int probable_prime_dh_strong(BIGNUM *rnd, int bits,
+	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+#else
+static int witness();
+static int probable_prime();
+static int probable_prime_dh();
+static int probable_prime_dh_strong();
+#endif
+
+BIGNUM *BN_generate_prime(bits,strong,add,rem,callback)
+int bits;
+int strong;
+BIGNUM *add;
+BIGNUM *rem;
+void (*callback)(P_I_I); 
+	{
+	BIGNUM *rnd=NULL;
+	BIGNUM *ret=NULL;
+	BIGNUM *t=NULL;
+	int i,j,c1=0;
+	BN_CTX *ctx;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	if ((rnd=BN_new()) == NULL) goto err;
+	if (strong)
+		if ((t=BN_new()) == NULL) goto err;
+loop: 
+	/* make a random number and set the top and bottom bits */
+	if (add == NULL)
+		{
+		if (!probable_prime(rnd,bits)) goto err;
+		}
+	else
+		{
+		if (strong)
+			{
+			if (!probable_prime_dh_strong(rnd,bits,add,rem,ctx))
+				 goto err;
+			}
+		else
+			{
+			if (!probable_prime_dh(rnd,bits,add,rem,ctx))
+				goto err;
+			}
+		}
+	/* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
+	if (callback != NULL) callback(0,c1++);
+
+	if (!strong)
+		{
+		i=BN_is_prime(rnd,BN_prime_checks,callback,ctx);
+		if (i == -1) goto err;
+		if (i == 0) goto loop;
+		}
+	else
+		{
+		/* for a strong prime generation,
+		 * check that (p-1)/2 is prime.
+		 * Since a prime is odd, We just
+		 * need to divide by 2 */
+		if (!BN_rshift1(t,rnd)) goto err;
+
+		for (i=0; i<BN_prime_checks; i++)
+			{
+			j=BN_is_prime(rnd,1,callback,ctx);
+			if (j == -1) goto err;
+			if (j == 0) goto loop;
+
+			j=BN_is_prime(t,1,callback,ctx);
+			if (j == -1) goto err;
+			if (j == 0) goto loop;
+
+			if (callback != NULL) callback(2,c1-1);
+			/* We have a strong prime test pass */
+			}
+		}
+	/* we have a prime :-) */
+	ret=rnd;
+err:
+	if ((ret == NULL) && (rnd != NULL)) BN_free(rnd);
+	if (t != NULL) BN_free(t);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	return(ret);
+	}
+
+int BN_is_prime(a,checks,callback,ctx_passed)
+BIGNUM *a;
+int checks;
+void (*callback)(P_I_I);
+BN_CTX *ctx_passed;
+	{
+	int i,j,c2=0,ret= -1;
+	BIGNUM *check;
+	BN_CTX *ctx;
+
+	if (ctx_passed != NULL)
+		ctx=ctx_passed;
+	else
+		if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+	check=ctx->bn[ctx->tos++];
+	for (i=0; i<checks; i++)
+		{
+		if (!BN_rand(check,BN_num_bits(a)-1,0,0)) goto err;
+		j=witness(check,a,ctx);
+		if (j == -1) goto err;
+		if (j)
+			{
+			ret=0;
+			goto err;
+			}
+		if (callback != NULL) callback(1,c2++);
+		}
+	ret=1;
+err:
+	ctx->tos--;
+	if ((ctx_passed == NULL) && (ctx != NULL))
+		BN_CTX_free(ctx);
+		
+	return(ret);
+	}
+
+#define RECP_MUL_MOD
+
+static int witness(a, n,ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+	{
+	int k,i,nb,ret= -1;
+	BIGNUM *d,*dd,*tmp;
+	BIGNUM *d1,*d2,*x,*n1,*inv;
+
+	d1=ctx->bn[ctx->tos];
+	d2=ctx->bn[ctx->tos+1];
+	x=ctx->bn[ctx->tos+2];
+	n1=ctx->bn[ctx->tos+3];
+	inv=ctx->bn[ctx->tos+4];
+	ctx->tos+=5;
+
+	d=d1;
+	dd=d2;
+	if (!BN_one(d)) goto err;
+	if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */
+	k=BN_num_bits(n1);
+
+	/* i=BN_num_bits(n); */
+#ifdef RECP_MUL_MOD
+	nb=BN_reciprocal(inv,n,ctx); /**/
+	if (nb == -1) goto err;
+#endif
+
+	for (i=k-1; i>=0; i--)
+		{
+		if (BN_copy(x,d) == NULL) goto err;
+#ifndef RECP_MUL_MOD
+		if (!BN_mod_mul(dd,d,d,n,ctx)) goto err;
+#else
+		if (!BN_mod_mul_reciprocal(dd,d,d,n,inv,nb,ctx)) goto err;
+#endif
+		if (	BN_is_one(dd) &&
+			!BN_is_one(x) &&
+			(BN_cmp(x,n1) != 0))
+			{
+			ret=1;
+			goto err;
+			}
+		if (BN_is_bit_set(n1,i))
+			{
+#ifndef RECP_MUL_MOD
+			if (!BN_mod_mul(d,dd,a,n,ctx)) goto err;
+#else
+			if (!BN_mod_mul_reciprocal(d,dd,a,n,inv,nb,ctx)) goto err; 
+#endif
+			}
+		else
+			{
+			tmp=d;
+			d=dd;
+			dd=tmp;
+			}
+		}
+	if (BN_is_one(d))
+		i=0;
+	else	i=1;
+	ret=i;
+err:
+	ctx->tos-=5;
+	return(ret);
+	}
+
+static int probable_prime(rnd, bits)
+BIGNUM *rnd;
+int bits;
+	{
+	int i;
+	MS_STATIC BN_ULONG mods[NUMPRIMES];
+	BN_ULONG delta;
+
+	if (!BN_rand(rnd,bits,1,1)) return(0);
+	/* we now have a random number 'rand' to test. */
+	for (i=1; i<NUMPRIMES; i++)
+		mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
+	delta=0;
+	loop: for (i=1; i<NUMPRIMES; i++)
+		{
+		/* check that rnd is not a prime and also
+		 * that gcd(rnd-1,primes) == 1 (except for 2) */
+		if (((mods[i]+delta)%primes[i]) <= 1)
+			{
+			delta+=2;
+			/* perhaps need to check for overflow of
+			 * delta (but delta can be upto 2^32) */
+			goto loop;
+			}
+		}
+	if (!BN_add_word(rnd,delta)) return(0);
+	return(1);
+	}
+
+static int probable_prime_dh(rnd, bits, add, rem,ctx)
+BIGNUM *rnd;
+int bits;
+BIGNUM *add;
+BIGNUM *rem;
+BN_CTX *ctx;
+	{
+	int i,ret=0;
+	BIGNUM *t1;
+
+	t1=ctx->bn[ctx->tos++];
+
+	if (!BN_rand(rnd,bits,0,1)) goto err;
+
+	/* we need ((rnd-rem) % add) == 0 */
+
+	if (!BN_mod(t1,rnd,add,ctx)) goto err;
+	if (!BN_sub(rnd,rnd,t1)) goto err;
+	if (rem == NULL)
+		{ if (!BN_add_word(rnd,1)) goto err; }
+	else
+		{ if (!BN_add(rnd,rnd,rem)) goto err; }
+
+	/* we now have a random number 'rand' to test. */
+
+	loop: for (i=1; i<NUMPRIMES; i++)
+		{
+		/* check that rnd is a prime */
+		if (BN_mod_word(rnd,(BN_LONG)primes[i]) <= 1)
+			{
+			if (!BN_add(rnd,rnd,add)) goto err;
+			goto loop;
+			}
+		}
+	ret=1;
+err:
+	ctx->tos--;
+	return(ret);
+	}
+
+static int probable_prime_dh_strong(p, bits, padd, rem,ctx)
+BIGNUM *p;
+int bits;
+BIGNUM *padd;
+BIGNUM *rem;
+BN_CTX *ctx;
+	{
+	int i,ret=0;
+	BIGNUM *t1,*qadd=NULL,*q=NULL;
+
+	bits--;
+	t1=ctx->bn[ctx->tos++];
+	q=ctx->bn[ctx->tos++];
+	qadd=ctx->bn[ctx->tos++];
+
+	if (!BN_rshift1(qadd,padd)) goto err;
+		
+	if (!BN_rand(q,bits,0,1)) goto err;
+
+	/* we need ((rnd-rem) % add) == 0 */
+	if (!BN_mod(t1,q,qadd,ctx)) goto err;
+	if (!BN_sub(q,q,t1)) goto err;
+	if (rem == NULL)
+		{ if (!BN_add_word(q,1)) goto err; }
+	else
+		{
+		if (!BN_rshift1(t1,rem)) goto err;
+		if (!BN_add(q,q,t1)) goto err;
+		}
+
+	/* we now have a random number 'rand' to test. */
+	if (!BN_lshift1(p,q)) goto err;
+	if (!BN_add_word(p,1)) goto err;
+
+	loop: for (i=1; i<NUMPRIMES; i++)
+		{
+		/* check that p and q are prime */
+		/* check that for p and q
+		 * gcd(p-1,primes) == 1 (except for 2) */
+		if (	(BN_mod_word(p,(BN_LONG)primes[i]) == 0) ||
+			(BN_mod_word(q,(BN_LONG)primes[i]) == 0))
+			{
+			if (!BN_add(p,p,padd)) goto err;
+			if (!BN_add(q,q,qadd)) goto err;
+			goto loop;
+			}
+		}
+	ret=1;
+err:
+	ctx->tos-=3;
+	return(ret);
+	}
+
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
new file mode 100644
index 0000000000..1d6df587a8
--- /dev/null
+++ b/crypto/bn/bn_prime.h
@@ -0,0 +1,325 @@
+/* crypto/bn/bn_prime.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef EIGHT_BIT
+#define NUMPRIMES 2048
+#else
+#define NUMPRIMES 54
+#endif
+static unsigned int primes[NUMPRIMES]=
+	{
+	   2,   3,   5,   7,  11,  13,  17,  19,
+	  23,  29,  31,  37,  41,  43,  47,  53,
+	  59,  61,  67,  71,  73,  79,  83,  89,
+	  97, 101, 103, 107, 109, 113, 127, 131,
+	 137, 139, 149, 151, 157, 163, 167, 173,
+	 179, 181, 191, 193, 197, 199, 211, 223,
+	 227, 229, 233, 239, 241, 251,
+#ifndef EIGHT_BIT
+	 257, 263,
+	 269, 271, 277, 281, 283, 293, 307, 311,
+	 313, 317, 331, 337, 347, 349, 353, 359,
+	 367, 373, 379, 383, 389, 397, 401, 409,
+	 419, 421, 431, 433, 439, 443, 449, 457,
+	 461, 463, 467, 479, 487, 491, 499, 503,
+	 509, 521, 523, 541, 547, 557, 563, 569,
+	 571, 577, 587, 593, 599, 601, 607, 613,
+	 617, 619, 631, 641, 643, 647, 653, 659,
+	 661, 673, 677, 683, 691, 701, 709, 719,
+	 727, 733, 739, 743, 751, 757, 761, 769,
+	 773, 787, 797, 809, 811, 821, 823, 827,
+	 829, 839, 853, 857, 859, 863, 877, 881,
+	 883, 887, 907, 911, 919, 929, 937, 941,
+	 947, 953, 967, 971, 977, 983, 991, 997,
+	1009,1013,1019,1021,1031,1033,1039,1049,
+	1051,1061,1063,1069,1087,1091,1093,1097,
+	1103,1109,1117,1123,1129,1151,1153,1163,
+	1171,1181,1187,1193,1201,1213,1217,1223,
+	1229,1231,1237,1249,1259,1277,1279,1283,
+	1289,1291,1297,1301,1303,1307,1319,1321,
+	1327,1361,1367,1373,1381,1399,1409,1423,
+	1427,1429,1433,1439,1447,1451,1453,1459,
+	1471,1481,1483,1487,1489,1493,1499,1511,
+	1523,1531,1543,1549,1553,1559,1567,1571,
+	1579,1583,1597,1601,1607,1609,1613,1619,
+	1621,1627,1637,1657,1663,1667,1669,1693,
+	1697,1699,1709,1721,1723,1733,1741,1747,
+	1753,1759,1777,1783,1787,1789,1801,1811,
+	1823,1831,1847,1861,1867,1871,1873,1877,
+	1879,1889,1901,1907,1913,1931,1933,1949,
+	1951,1973,1979,1987,1993,1997,1999,2003,
+	2011,2017,2027,2029,2039,2053,2063,2069,
+	2081,2083,2087,2089,2099,2111,2113,2129,
+	2131,2137,2141,2143,2153,2161,2179,2203,
+	2207,2213,2221,2237,2239,2243,2251,2267,
+	2269,2273,2281,2287,2293,2297,2309,2311,
+	2333,2339,2341,2347,2351,2357,2371,2377,
+	2381,2383,2389,2393,2399,2411,2417,2423,
+	2437,2441,2447,2459,2467,2473,2477,2503,
+	2521,2531,2539,2543,2549,2551,2557,2579,
+	2591,2593,2609,2617,2621,2633,2647,2657,
+	2659,2663,2671,2677,2683,2687,2689,2693,
+	2699,2707,2711,2713,2719,2729,2731,2741,
+	2749,2753,2767,2777,2789,2791,2797,2801,
+	2803,2819,2833,2837,2843,2851,2857,2861,
+	2879,2887,2897,2903,2909,2917,2927,2939,
+	2953,2957,2963,2969,2971,2999,3001,3011,
+	3019,3023,3037,3041,3049,3061,3067,3079,
+	3083,3089,3109,3119,3121,3137,3163,3167,
+	3169,3181,3187,3191,3203,3209,3217,3221,
+	3229,3251,3253,3257,3259,3271,3299,3301,
+	3307,3313,3319,3323,3329,3331,3343,3347,
+	3359,3361,3371,3373,3389,3391,3407,3413,
+	3433,3449,3457,3461,3463,3467,3469,3491,
+	3499,3511,3517,3527,3529,3533,3539,3541,
+	3547,3557,3559,3571,3581,3583,3593,3607,
+	3613,3617,3623,3631,3637,3643,3659,3671,
+	3673,3677,3691,3697,3701,3709,3719,3727,
+	3733,3739,3761,3767,3769,3779,3793,3797,
+	3803,3821,3823,3833,3847,3851,3853,3863,
+	3877,3881,3889,3907,3911,3917,3919,3923,
+	3929,3931,3943,3947,3967,3989,4001,4003,
+	4007,4013,4019,4021,4027,4049,4051,4057,
+	4073,4079,4091,4093,4099,4111,4127,4129,
+	4133,4139,4153,4157,4159,4177,4201,4211,
+	4217,4219,4229,4231,4241,4243,4253,4259,
+	4261,4271,4273,4283,4289,4297,4327,4337,
+	4339,4349,4357,4363,4373,4391,4397,4409,
+	4421,4423,4441,4447,4451,4457,4463,4481,
+	4483,4493,4507,4513,4517,4519,4523,4547,
+	4549,4561,4567,4583,4591,4597,4603,4621,
+	4637,4639,4643,4649,4651,4657,4663,4673,
+	4679,4691,4703,4721,4723,4729,4733,4751,
+	4759,4783,4787,4789,4793,4799,4801,4813,
+	4817,4831,4861,4871,4877,4889,4903,4909,
+	4919,4931,4933,4937,4943,4951,4957,4967,
+	4969,4973,4987,4993,4999,5003,5009,5011,
+	5021,5023,5039,5051,5059,5077,5081,5087,
+	5099,5101,5107,5113,5119,5147,5153,5167,
+	5171,5179,5189,5197,5209,5227,5231,5233,
+	5237,5261,5273,5279,5281,5297,5303,5309,
+	5323,5333,5347,5351,5381,5387,5393,5399,
+	5407,5413,5417,5419,5431,5437,5441,5443,
+	5449,5471,5477,5479,5483,5501,5503,5507,
+	5519,5521,5527,5531,5557,5563,5569,5573,
+	5581,5591,5623,5639,5641,5647,5651,5653,
+	5657,5659,5669,5683,5689,5693,5701,5711,
+	5717,5737,5741,5743,5749,5779,5783,5791,
+	5801,5807,5813,5821,5827,5839,5843,5849,
+	5851,5857,5861,5867,5869,5879,5881,5897,
+	5903,5923,5927,5939,5953,5981,5987,6007,
+	6011,6029,6037,6043,6047,6053,6067,6073,
+	6079,6089,6091,6101,6113,6121,6131,6133,
+	6143,6151,6163,6173,6197,6199,6203,6211,
+	6217,6221,6229,6247,6257,6263,6269,6271,
+	6277,6287,6299,6301,6311,6317,6323,6329,
+	6337,6343,6353,6359,6361,6367,6373,6379,
+	6389,6397,6421,6427,6449,6451,6469,6473,
+	6481,6491,6521,6529,6547,6551,6553,6563,
+	6569,6571,6577,6581,6599,6607,6619,6637,
+	6653,6659,6661,6673,6679,6689,6691,6701,
+	6703,6709,6719,6733,6737,6761,6763,6779,
+	6781,6791,6793,6803,6823,6827,6829,6833,
+	6841,6857,6863,6869,6871,6883,6899,6907,
+	6911,6917,6947,6949,6959,6961,6967,6971,
+	6977,6983,6991,6997,7001,7013,7019,7027,
+	7039,7043,7057,7069,7079,7103,7109,7121,
+	7127,7129,7151,7159,7177,7187,7193,7207,
+	7211,7213,7219,7229,7237,7243,7247,7253,
+	7283,7297,7307,7309,7321,7331,7333,7349,
+	7351,7369,7393,7411,7417,7433,7451,7457,
+	7459,7477,7481,7487,7489,7499,7507,7517,
+	7523,7529,7537,7541,7547,7549,7559,7561,
+	7573,7577,7583,7589,7591,7603,7607,7621,
+	7639,7643,7649,7669,7673,7681,7687,7691,
+	7699,7703,7717,7723,7727,7741,7753,7757,
+	7759,7789,7793,7817,7823,7829,7841,7853,
+	7867,7873,7877,7879,7883,7901,7907,7919,
+	7927,7933,7937,7949,7951,7963,7993,8009,
+	8011,8017,8039,8053,8059,8069,8081,8087,
+	8089,8093,8101,8111,8117,8123,8147,8161,
+	8167,8171,8179,8191,8209,8219,8221,8231,
+	8233,8237,8243,8263,8269,8273,8287,8291,
+	8293,8297,8311,8317,8329,8353,8363,8369,
+	8377,8387,8389,8419,8423,8429,8431,8443,
+	8447,8461,8467,8501,8513,8521,8527,8537,
+	8539,8543,8563,8573,8581,8597,8599,8609,
+	8623,8627,8629,8641,8647,8663,8669,8677,
+	8681,8689,8693,8699,8707,8713,8719,8731,
+	8737,8741,8747,8753,8761,8779,8783,8803,
+	8807,8819,8821,8831,8837,8839,8849,8861,
+	8863,8867,8887,8893,8923,8929,8933,8941,
+	8951,8963,8969,8971,8999,9001,9007,9011,
+	9013,9029,9041,9043,9049,9059,9067,9091,
+	9103,9109,9127,9133,9137,9151,9157,9161,
+	9173,9181,9187,9199,9203,9209,9221,9227,
+	9239,9241,9257,9277,9281,9283,9293,9311,
+	9319,9323,9337,9341,9343,9349,9371,9377,
+	9391,9397,9403,9413,9419,9421,9431,9433,
+	9437,9439,9461,9463,9467,9473,9479,9491,
+	9497,9511,9521,9533,9539,9547,9551,9587,
+	9601,9613,9619,9623,9629,9631,9643,9649,
+	9661,9677,9679,9689,9697,9719,9721,9733,
+	9739,9743,9749,9767,9769,9781,9787,9791,
+	9803,9811,9817,9829,9833,9839,9851,9857,
+	9859,9871,9883,9887,9901,9907,9923,9929,
+	9931,9941,9949,9967,9973,10007,10009,10037,
+	10039,10061,10067,10069,10079,10091,10093,10099,
+	10103,10111,10133,10139,10141,10151,10159,10163,
+	10169,10177,10181,10193,10211,10223,10243,10247,
+	10253,10259,10267,10271,10273,10289,10301,10303,
+	10313,10321,10331,10333,10337,10343,10357,10369,
+	10391,10399,10427,10429,10433,10453,10457,10459,
+	10463,10477,10487,10499,10501,10513,10529,10531,
+	10559,10567,10589,10597,10601,10607,10613,10627,
+	10631,10639,10651,10657,10663,10667,10687,10691,
+	10709,10711,10723,10729,10733,10739,10753,10771,
+	10781,10789,10799,10831,10837,10847,10853,10859,
+	10861,10867,10883,10889,10891,10903,10909,10937,
+	10939,10949,10957,10973,10979,10987,10993,11003,
+	11027,11047,11057,11059,11069,11071,11083,11087,
+	11093,11113,11117,11119,11131,11149,11159,11161,
+	11171,11173,11177,11197,11213,11239,11243,11251,
+	11257,11261,11273,11279,11287,11299,11311,11317,
+	11321,11329,11351,11353,11369,11383,11393,11399,
+	11411,11423,11437,11443,11447,11467,11471,11483,
+	11489,11491,11497,11503,11519,11527,11549,11551,
+	11579,11587,11593,11597,11617,11621,11633,11657,
+	11677,11681,11689,11699,11701,11717,11719,11731,
+	11743,11777,11779,11783,11789,11801,11807,11813,
+	11821,11827,11831,11833,11839,11863,11867,11887,
+	11897,11903,11909,11923,11927,11933,11939,11941,
+	11953,11959,11969,11971,11981,11987,12007,12011,
+	12037,12041,12043,12049,12071,12073,12097,12101,
+	12107,12109,12113,12119,12143,12149,12157,12161,
+	12163,12197,12203,12211,12227,12239,12241,12251,
+	12253,12263,12269,12277,12281,12289,12301,12323,
+	12329,12343,12347,12373,12377,12379,12391,12401,
+	12409,12413,12421,12433,12437,12451,12457,12473,
+	12479,12487,12491,12497,12503,12511,12517,12527,
+	12539,12541,12547,12553,12569,12577,12583,12589,
+	12601,12611,12613,12619,12637,12641,12647,12653,
+	12659,12671,12689,12697,12703,12713,12721,12739,
+	12743,12757,12763,12781,12791,12799,12809,12821,
+	12823,12829,12841,12853,12889,12893,12899,12907,
+	12911,12917,12919,12923,12941,12953,12959,12967,
+	12973,12979,12983,13001,13003,13007,13009,13033,
+	13037,13043,13049,13063,13093,13099,13103,13109,
+	13121,13127,13147,13151,13159,13163,13171,13177,
+	13183,13187,13217,13219,13229,13241,13249,13259,
+	13267,13291,13297,13309,13313,13327,13331,13337,
+	13339,13367,13381,13397,13399,13411,13417,13421,
+	13441,13451,13457,13463,13469,13477,13487,13499,
+	13513,13523,13537,13553,13567,13577,13591,13597,
+	13613,13619,13627,13633,13649,13669,13679,13681,
+	13687,13691,13693,13697,13709,13711,13721,13723,
+	13729,13751,13757,13759,13763,13781,13789,13799,
+	13807,13829,13831,13841,13859,13873,13877,13879,
+	13883,13901,13903,13907,13913,13921,13931,13933,
+	13963,13967,13997,13999,14009,14011,14029,14033,
+	14051,14057,14071,14081,14083,14087,14107,14143,
+	14149,14153,14159,14173,14177,14197,14207,14221,
+	14243,14249,14251,14281,14293,14303,14321,14323,
+	14327,14341,14347,14369,14387,14389,14401,14407,
+	14411,14419,14423,14431,14437,14447,14449,14461,
+	14479,14489,14503,14519,14533,14537,14543,14549,
+	14551,14557,14561,14563,14591,14593,14621,14627,
+	14629,14633,14639,14653,14657,14669,14683,14699,
+	14713,14717,14723,14731,14737,14741,14747,14753,
+	14759,14767,14771,14779,14783,14797,14813,14821,
+	14827,14831,14843,14851,14867,14869,14879,14887,
+	14891,14897,14923,14929,14939,14947,14951,14957,
+	14969,14983,15013,15017,15031,15053,15061,15073,
+	15077,15083,15091,15101,15107,15121,15131,15137,
+	15139,15149,15161,15173,15187,15193,15199,15217,
+	15227,15233,15241,15259,15263,15269,15271,15277,
+	15287,15289,15299,15307,15313,15319,15329,15331,
+	15349,15359,15361,15373,15377,15383,15391,15401,
+	15413,15427,15439,15443,15451,15461,15467,15473,
+	15493,15497,15511,15527,15541,15551,15559,15569,
+	15581,15583,15601,15607,15619,15629,15641,15643,
+	15647,15649,15661,15667,15671,15679,15683,15727,
+	15731,15733,15737,15739,15749,15761,15767,15773,
+	15787,15791,15797,15803,15809,15817,15823,15859,
+	15877,15881,15887,15889,15901,15907,15913,15919,
+	15923,15937,15959,15971,15973,15991,16001,16007,
+	16033,16057,16061,16063,16067,16069,16073,16087,
+	16091,16097,16103,16111,16127,16139,16141,16183,
+	16187,16189,16193,16217,16223,16229,16231,16249,
+	16253,16267,16273,16301,16319,16333,16339,16349,
+	16361,16363,16369,16381,16411,16417,16421,16427,
+	16433,16447,16451,16453,16477,16481,16487,16493,
+	16519,16529,16547,16553,16561,16567,16573,16603,
+	16607,16619,16631,16633,16649,16651,16657,16661,
+	16673,16691,16693,16699,16703,16729,16741,16747,
+	16759,16763,16787,16811,16823,16829,16831,16843,
+	16871,16879,16883,16889,16901,16903,16921,16927,
+	16931,16937,16943,16963,16979,16981,16987,16993,
+	17011,17021,17027,17029,17033,17041,17047,17053,
+	17077,17093,17099,17107,17117,17123,17137,17159,
+	17167,17183,17189,17191,17203,17207,17209,17231,
+	17239,17257,17291,17293,17299,17317,17321,17327,
+	17333,17341,17351,17359,17377,17383,17387,17389,
+	17393,17401,17417,17419,17431,17443,17449,17467,
+	17471,17477,17483,17489,17491,17497,17509,17519,
+	17539,17551,17569,17573,17579,17581,17597,17599,
+	17609,17623,17627,17657,17659,17669,17681,17683,
+	17707,17713,17729,17737,17747,17749,17761,17783,
+	17789,17791,17807,17827,17837,17839,17851,17863,
+#endif
+	};
diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl
new file mode 100644
index 0000000000..979385a334
--- /dev/null
+++ b/crypto/bn/bn_prime.pl
@@ -0,0 +1,56 @@
+#!/usr/local/bin/perl
+# bn_prime.pl
+
+$num=2048;
+$num=$ARGV[0] if ($#ARGV >= 0);
+
+push(@primes,2);
+$p=1;
+loop: while ($#primes < $num-1)
+	{
+	$p+=2;
+	$s=int(sqrt($p));
+
+	for ($i=0; $primes[$i]<=$s; $i++)
+		{
+		next loop if (($p%$primes[$i]) == 0);
+		}
+	push(@primes,$p);
+	}
+
+print <<"EOF";
+/* Auto generated by bn_prime.pl */
+/* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
+ * All rights reserved.
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * See the COPYRIGHT file in the SSLeay distribution for more details.
+ */
+
+EOF
+
+for ($i=0; $i <= $#primes; $i++)
+	{
+	if ($primes[$i] > 256)
+		{
+		$eight=$i;
+		last;
+		}
+	}
+
+printf "#ifndef EIGHT_BIT\n";
+printf "#define NUMPRIMES %d\n",$num;
+printf "#else\n";
+printf "#define NUMPRIMES %d\n",$eight;
+printf "#endif\n";
+print "static unsigned int primes[NUMPRIMES]=\n\t{\n\t";
+$init=0;
+for ($i=0; $i <= $#primes; $i++)
+	{
+	printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
+	printf("\n\t") if (($i%8) == 0) && ($i != 0);
+	printf("%4d,",$primes[$i]);
+	}
+print "\n#endif\n\t};\n";
+
+
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
new file mode 100644
index 0000000000..36bc0d1430
--- /dev/null
+++ b/crypto/bn/bn_print.c
@@ -0,0 +1,218 @@
+/* crypto/bn/bn_print.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn_lcl.h"
+
+static char *Hex="0123456789ABCDEF";
+
+/* Must 'Free' the returned data */
+char *BN_bn2ascii(a)
+BIGNUM *a;
+	{
+	int i,j,v,z=0;
+	char *buf;
+	char *p;
+
+	buf=(char *)Malloc(a->top*BN_BYTES*2+2);
+	if (buf == NULL)
+		{
+		BNerr(BN_F_BN_BN2ASCII,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p=buf;
+	if (a->neg) *(p++)='-';
+	if (a->top == 0) *(p++)='0';
+	for (i=a->top-1; i >=0; i--)
+		{
+		for (j=BN_BITS2-8; j >= 0; j-=8)
+			{
+			/* strip leading zeros */
+			v=((int)(a->d[i]>>(long)j))&0xff;
+			if (z || (v != 0))
+				{
+				*(p++)=Hex[v>>4];
+				*(p++)=Hex[v&0x0f];
+				z=1;
+				}
+			}
+		}
+	*p='\0';
+err:
+	return(buf);
+	}
+
+int BN_ascii2bn(bn,a)
+BIGNUM **bn;
+char *a;
+	{
+	BIGNUM *ret=NULL;
+	BN_ULONG l=0;
+	int neg=0,h,m,i,j,k,c;
+	int num;
+
+	if ((a == NULL) || (*a == '\0')) return(0);
+
+	if (*a == '-') { neg=1; a++; }
+
+	for (i=0; isxdigit(a[i]); i++)
+		;
+
+	num=i+neg;
+	if (bn == NULL) return(num);
+
+	/* a is the start of the hex digets, and it is 'i' long */
+	if (*bn == NULL)
+		{
+		if ((ret=BN_new()) == NULL) return(0);
+		}
+	else
+		{
+		ret= *bn;
+		BN_zero(ret);
+		}
+
+	/* i is the number of hex digests; */
+	if (bn_expand(ret,i*4) == NULL) goto err;
+
+	j=i; /* least significate 'hex' */
+	m=0;
+	h=0;
+	while (j > 0)
+		{
+		m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
+		l=0;
+		for (;;)
+			{
+			c=a[j-m];
+			if ((c >= '0') && (c <= '9')) k=c-'0';
+			else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
+			else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
+			else k=0; /* paranoia */
+			l=(l<<4)|k;
+
+			if (--m <= 0)
+				{
+				ret->d[h++]=l;
+				break;
+				}
+			}
+		j-=(BN_BYTES*2);
+		}
+	ret->top=h;
+	bn_fix_top(ret);
+	ret->neg=neg;
+
+	*bn=ret;
+	return(num);
+err:
+	if (*bn == NULL) BN_free(ret);
+	return(0);
+	}
+
+#ifndef NO_BIO
+
+#ifndef WIN16
+int BN_print_fp(fp, a)
+FILE *fp;
+BIGNUM *a;
+	{
+	BIO *b;
+	int ret;
+
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		return(0);
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=BN_print(b,a);
+	BIO_free(b);
+	return(ret);
+	}
+#endif
+
+int BN_print(bp, a)
+BIO *bp;
+BIGNUM *a;
+	{
+	int i,j,v,z=0;
+	int ret=0;
+
+	if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
+	if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
+	for (i=a->top-1; i >=0; i--)
+		{
+		for (j=BN_BITS2-4; j >= 0; j-=4)
+			{
+			/* strip leading zeros */
+			v=((int)(a->d[i]>>(long)j))&0x0f;
+			if (z || (v != 0))
+				{
+				if (BIO_write(bp,&(Hex[v]),1) != 1)
+					goto end;
+				z=1;
+				}
+			}
+		}
+	ret=1;
+end:
+	return(ret);
+	}
+
+#endif
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
new file mode 100644
index 0000000000..e3530a5bf2
--- /dev/null
+++ b/crypto/bn/bn_rand.c
@@ -0,0 +1,121 @@
+/* crypto/bn/bn_rand.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "rand.h"
+
+int BN_rand(rnd, bits, top, bottom)
+BIGNUM *rnd;
+int bits;
+int top;
+int bottom;
+	{
+	unsigned char *buf=NULL;
+	int ret=0,bit,bytes,mask;
+	time_t tim;
+
+	bytes=(bits+7)/8;
+	bit=(bits-1)%8;
+	mask=0xff<<bit;
+
+	buf=(unsigned char *)Malloc(bytes);
+	if (buf == NULL)
+		{
+		BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* make a random number and set the top and bottom bits */
+	time(&tim);
+	RAND_seed((unsigned char *)&tim,sizeof(tim));
+
+	RAND_bytes(buf,(int)bytes);
+	if (top)
+		{
+		if (bit == 0)
+			{
+			buf[0]=1;
+			buf[1]|=0x80;
+			}
+		else
+			{
+			buf[0]|=(3<<(bit-1));
+			buf[0]&= ~(mask<<1);
+			}
+		}
+	else
+		{
+		buf[0]|=(1<<bit);
+		buf[0]&= ~(mask<<1);
+		}
+	if (bottom) /* set bottom bits to whatever odd is */
+		buf[bytes-1]|=1;
+	if (!BN_bin2bn(buf,bytes,rnd)) goto err;
+	ret=1;
+err:
+	if (buf != NULL)
+		{
+		memset(buf,0,bytes);
+		Free(buf);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
new file mode 100644
index 0000000000..fd9ca4dbf6
--- /dev/null
+++ b/crypto/bn/bn_recp.c
@@ -0,0 +1,125 @@
+/* crypto/bn/bn_recp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_mod_mul_reciprocal(r, x, y, m, i, nb, ctx)
+BIGNUM *r;
+BIGNUM *x;
+BIGNUM *y;
+BIGNUM *m;
+BIGNUM *i;
+int nb;
+BN_CTX *ctx;
+	{
+	int ret=0,j;
+	BIGNUM *a,*b,*c,*d;
+
+	a=ctx->bn[ctx->tos++];
+	b=ctx->bn[ctx->tos++];
+	c=ctx->bn[ctx->tos++];
+	d=ctx->bn[ctx->tos++];
+
+	if (x == y)
+		{ if (!BN_sqr(a,x,ctx)) goto err; }
+	else
+		{ if (!BN_mul(a,x,y)) goto err; }
+	if (!BN_rshift(d,a,nb)) goto err;
+	if (!BN_mul(b,d,i)) goto err;
+	if (!BN_rshift(c,b,nb)) goto err;
+	if (!BN_mul(b,m,c)) goto err;
+	if (!BN_sub(r,a,b)) goto err;
+	j=0;
+	while (BN_cmp(r,m) >= 0)
+		{
+		if (j++ > 2)
+			{
+			BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
+			goto err;
+			}
+		if (!BN_sub(r,r,m)) goto err;
+		}
+
+	ret=1;
+err:
+	ctx->tos-=4;
+	return(ret);
+	}
+
+int BN_reciprocal(r, m,ctx)
+BIGNUM *r;
+BIGNUM *m;
+BN_CTX *ctx;
+	{
+	int nm,ret= -1;
+	BIGNUM *t;
+
+	t=ctx->bn[ctx->tos++];
+
+	nm=BN_num_bits(m);
+	if (!BN_lshift(t,BN_value_one(),nm*2)) goto err;
+
+	if (!BN_div(r,NULL,t,m,ctx)) goto err;
+	ret=nm;
+err:
+	ctx->tos--;
+	return(ret);
+	}
+
diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c
new file mode 100644
index 0000000000..d711887373
--- /dev/null
+++ b/crypto/bn/bn_shift.c
@@ -0,0 +1,210 @@
+/* crypto/bn/bn_shift.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_lshift1(r, a)
+BIGNUM *r;
+BIGNUM *a;
+	{
+	register BN_ULONG *ap,*rp,t,c;
+	int i;
+
+	if (r != a)
+		{
+		r->neg=a->neg;
+		if (bn_expand(r,(a->top+1)*BN_BITS2) == NULL) return(0);
+		r->top=a->top;
+		}
+	else
+		{
+		if (bn_expand(r,(a->top+1)*BN_BITS2) == NULL) return(0);
+		}
+	ap=a->d;
+	rp=r->d;
+	c=0;
+	for (i=0; i<a->top; i++)
+		{
+		t= *(ap++);
+		*(rp++)=((t<<1)|c)&BN_MASK2;
+		c=(t & BN_TBIT)?1:0;
+		}
+	if (c)
+		{
+		*rp=1;
+		r->top++;
+		}
+	return(1);
+	}
+
+int BN_rshift1(r, a)
+BIGNUM *r;
+BIGNUM *a;
+	{
+	BN_ULONG *ap,*rp,t,c;
+	int i;
+
+	if (BN_is_zero(a))
+		{
+		BN_zero(r);
+		return(1);
+		}
+	if (a != r)
+		{
+		if (bn_expand(r,a->top*BN_BITS2) == NULL) return(0);
+		r->top=a->top;
+		r->neg=a->neg;
+		}
+	ap=a->d;
+	rp=r->d;
+	c=0;
+	for (i=a->top-1; i>=0; i--)
+		{
+		t=ap[i];
+		rp[i]=((t>>1)&BN_MASK2)|c;
+		c=(t&1)?BN_TBIT:0;
+		}
+	bn_fix_top(r);
+	return(1);
+	}
+
+int BN_lshift(r, a, n)
+BIGNUM *r;
+BIGNUM *a;
+int n;
+	{
+	int i,nw,lb,rb;
+	BN_ULONG *t,*f;
+	BN_ULONG l;
+
+	r->neg=a->neg;
+	if (bn_expand(r,(a->top*BN_BITS2)+n) == NULL) return(0);
+	nw=n/BN_BITS2;
+	lb=n%BN_BITS2;
+	rb=BN_BITS2-lb;
+	f=a->d;
+	t=r->d;
+	t[a->top+nw]=0;
+	if (lb == 0)
+		for (i=a->top-1; i>=0; i--)
+			t[nw+i]=f[i];
+	else
+		for (i=a->top-1; i>=0; i--)
+			{
+			l=f[i];
+			t[nw+i+1]|=(l>>rb)&BN_MASK2;
+			t[nw+i]=(l<<lb)&BN_MASK2;
+			}
+	memset(t,0,nw*sizeof(t[0]));
+/*	for (i=0; i<nw; i++)
+		t[i]=0;*/
+	r->top=a->top+nw+1;
+	bn_fix_top(r);
+	return(1);
+	}
+
+int BN_rshift(r, a, n)
+BIGNUM *r;
+BIGNUM *a;
+int n;
+	{
+	int i,j,nw,lb,rb;
+	BN_ULONG *t,*f;
+	BN_ULONG l,tmp;
+
+	nw=n/BN_BITS2;
+	rb=n%BN_BITS2;
+	lb=BN_BITS2-rb;
+	if (nw > a->top)
+		{
+		BN_zero(r);
+		return(1);
+		}
+	if (r != a)
+		{
+		r->neg=a->neg;
+		if (bn_expand(r,(a->top-nw+1)*BN_BITS2) == NULL) return(0);
+		}
+
+	f= &(a->d[nw]);
+	t=r->d;
+	j=a->top-nw;
+	r->top=j;
+
+	if (rb == 0)
+		{
+		for (i=j+1; i > 0; i--)
+			*(t++)= *(f++);
+		}
+	else
+		{
+		l= *(f++);
+		for (i=1; i<j; i++)
+			{
+			tmp =(l>>rb)&BN_MASK2;
+			l= *(f++);
+			*(t++) =(tmp|(l<<lb))&BN_MASK2;
+			}
+		*(t++) =(l>>rb)&BN_MASK2;
+		}
+	*t=0;
+	bn_fix_top(r);
+	return(1);
+	}
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
new file mode 100644
index 0000000000..4c3f0a0986
--- /dev/null
+++ b/crypto/bn/bn_sqr.c
@@ -0,0 +1,161 @@
+/* crypto/bn/bn_sqr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must not be a */
+/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
+int BN_sqr(r, a, ctx)
+BIGNUM *r;
+BIGNUM *a;
+BN_CTX *ctx;
+	{
+	int i,j,max,al;
+	BIGNUM *tmp;
+	BN_ULONG *ap,*rp,c;
+
+	tmp=ctx->bn[ctx->tos];
+
+	al=a->top;
+	if (al == 0)
+		{
+		r->top=0;
+		return(1);
+		}
+
+	max=(al*2);
+	if (bn_expand(r,max*BN_BITS2) == NULL) return(0);
+	if (bn_expand(tmp,max*BN_BITS2) == NULL) return(0);
+
+	r->neg=0;
+
+	ap=a->d;
+	rp=r->d;
+	rp[0]=rp[max-1]=0;
+	rp++;
+	j=al;
+
+	if (--j > 0)
+		{
+		ap++;
+		rp[j]=bn_mul_word(rp,ap,j,ap[-1]);
+		rp+=2;
+		}
+
+	for (i=2; i<al; i++)
+		{
+		j--;
+		ap++;
+		rp[j]=bn_mul_add_word(rp,ap,j,ap[-1]);
+		rp+=2;
+		}
+
+	/* inlined shift, 2 words at once */
+	j=max;
+	rp=r->d;
+	c=0;
+	for (i=0; i<j; i++)
+		{
+		BN_ULONG t;
+
+		t= *rp;
+		*(rp++)=((t<<1)|c)&BN_MASK2;
+		c=(t & BN_TBIT)?1:0;
+
+#if 0
+		t= *rp;
+		*(rp++)=((t<<1)|c)&BN_MASK2;
+		c=(t & BN_TBIT)?1:0;
+#endif
+		}
+	/* there will not be a carry */
+
+	bn_sqr_words(tmp->d,a->d,al);
+
+	/* inlined add */
+	ap=tmp->d;
+	rp=r->d;
+	c=0;
+	j=max;
+	for (i=0; i<j; i++)
+		{
+		BN_ULONG t1,t2;
+
+		t1= *(ap++);
+		t2= *rp;
+		if (c)
+			{
+			c=(t2 >= ((~t1)&BN_MASK2));
+			t2=(t1+t2+1)&BN_MASK2;
+			}
+		else
+			{
+			t2=(t1+t2)&BN_MASK2;
+			c=(t2<t1);
+			}
+		*(rp++)=t2;
+		}
+	/* there will be no carry */
+
+	r->top=max;
+	if (r->d[max-1] == 0) r->top--;
+	return(1);
+	}
+
diff --git a/crypto/bn/bn_sub.c b/crypto/bn/bn_sub.c
new file mode 100644
index 0000000000..b0febc3421
--- /dev/null
+++ b/crypto/bn/bn_sub.c
@@ -0,0 +1,176 @@
+/* crypto/bn/bn_sub.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* unsigned subtraction of b from a, a must be larger than b. */
+void bn_qsub(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int max,min;
+	register BN_ULONG t1,t2,*ap,*bp,*rp;
+	int i,carry;
+#if defined(IRIX_CC_BUG) && !defined(LINT)
+	int dummy;
+#endif
+
+	max=a->top;
+	min=b->top;
+	ap=a->d;
+	bp=b->d;
+	rp=r->d;
+
+	carry=0;
+	for (i=0; i<min; i++)
+		{
+		t1= *(ap++);
+		t2= *(bp++);
+		if (carry)
+			{
+			carry=(t1 <= t2);
+			t1=(t1-t2-1);
+			}
+		else
+			{
+			carry=(t1 < t2);
+			t1=(t1-t2);
+			}
+#if defined(IRIX_CC_BUG) && !defined(LINT)
+		dummy=t1;
+#endif
+		*(rp++)=t1&BN_MASK2;
+		}
+	if (carry) /* subtracted */
+		{
+		while (i < max)
+			{
+			i++;
+			t1= *(ap++);
+			t2=(t1-1)&BN_MASK2;
+			*(rp++)=t2;
+			if (t1 > t2) break;
+			}
+		}
+	memcpy(rp,ap,sizeof(*rp)*(max-i));
+/*	for (; i<max; i++)
+		*(rp++)= *(ap++);*/
+
+	r->top=max;
+	bn_fix_top(r);
+	}
+
+int BN_sub(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int max,i;
+	int add=0,neg=0;
+	BIGNUM *tmp;
+
+	/*  a -  b	a-b
+	 *  a - -b	a+b
+	 * -a -  b	-(a+b)
+	 * -a - -b	b-a
+	 */
+	if (a->neg)
+		{
+		if (b->neg)
+			{ tmp=a; a=b; b=tmp; }
+		else
+			{ add=1; neg=1; }
+		}
+	else
+		{
+		if (b->neg) { add=1; neg=0; }
+		}
+
+	if (add)
+		{
+		i=(a->top > b->top);
+	        if (bn_expand(r,(((i)?a->top:b->top)+1)*BN_BITS2) == NULL)
+			return(0);
+		if (i)
+			bn_qadd(r,a,b);
+		else
+			bn_qadd(r,b,a);
+		r->neg=neg;
+		return(1);
+		}
+
+	/* We are actually doing a - b :-) */
+
+	max=(a->top > b->top)?a->top:b->top;
+	if (bn_expand(r,max*BN_BITS2) == NULL) return(0);
+	if (BN_ucmp(a,b) < 0)
+		{
+		bn_qsub(r,b,a);
+		r->neg=1;
+		}
+	else
+		{
+		bn_qsub(r,a,b);
+		r->neg=0;
+		}
+	return(1);
+	}
+
diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c
new file mode 100644
index 0000000000..b61ddd95ce
--- /dev/null
+++ b/crypto/bn/bn_word.c
@@ -0,0 +1,155 @@
+/* crypto/bn/bn_word.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_ULONG BN_mod_word(a, w)
+BIGNUM *a;
+unsigned long w;
+	{
+#ifndef BN_LLONG
+	BN_ULONG ret=0;
+#else
+	BN_ULLONG ret=0;
+#endif
+	int i;
+
+	for (i=a->top-1; i>=0; i--)
+		{
+#ifndef BN_LLONG
+		ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(int)w;
+		ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(int)w;
+#else
+		ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
+			(BN_ULLONG)w);
+#endif
+		}
+	return((BN_ULONG)ret);
+	}
+
+BN_ULONG BN_div_word(a, w)
+BIGNUM *a;
+unsigned long w;
+	{
+	BN_ULONG ret;
+	int i;
+
+	if (a->top == 0) return(0);
+	ret=0;
+	for (i=a->top-1; i>=0; i--)
+		{
+#ifndef BN_LLONG
+		ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(int)w;
+		ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(int)w;
+#else
+		BN_ULLONG ll;
+
+		ll=((BN_ULLONG)ret<<(BN_ULONG)BN_BITS2)|a->d[i];
+		a->d[i]=(BN_ULONG)(ll/w);
+		ret=(BN_ULONG)(ll%w);
+#endif
+		}
+	if (a->d[a->top-1] == 0)
+		a->top--;
+	return(ret);
+	}
+
+int BN_add_word(a, w)
+BIGNUM *a;
+unsigned long w;
+	{
+	BN_ULONG l;
+	int i;
+
+	if (bn_expand(a,a->top*BN_BITS2+1) == NULL) return(0);
+	i=0;
+	for (;;)
+		{
+		l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
+		a->d[i]=l;
+		if (w > l)
+			w=1;
+		else
+			break;
+		i++;
+		}
+	if (i >= a->top)
+		a->top++;
+	return(1);
+	}
+
+#ifdef undef
+BN_ULONG *BN_mod_inverse_word(a)
+BN_ULONG a;
+	{
+	BN_ULONG A,B,X,Y,M,D,R,RET,T;
+	int sign,hight=1;
+
+	X=0;
+	Y=1;
+	A=0;
+	B=a;
+	sign=1;
+
+	while (B != 0)
+		{
+
+#endif
+
diff --git a/crypto/bn/bnspeed.c b/crypto/bn/bnspeed.c
new file mode 100644
index 0000000000..3b83a26dea
--- /dev/null
+++ b/crypto/bn/bnspeed.c
@@ -0,0 +1,240 @@
+/* crypto/bn/bnspeed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE	((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START	0
+#define STOP	1
+
+static double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret < 1e-3)?1e-3:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+		return((ret < 0.001)?0.001:ret);
+		}
+#endif
+	}
+
+#define NUM_SIZES	5
+/*static int sizes[NUM_SIZES]={256,512,1024,2048};*/
+static int sizes[NUM_SIZES]={59,179,299,419,539};
+
+void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx); 
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	BN_CTX *ctx;
+	BIGNUM *a,*b,*c,*r;
+
+	ctx=BN_CTX_new();
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	r=BN_new();
+
+	do_mul(a,b,c,ctx);
+	}
+
+void do_mul(r,a,b,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BN_CTX *ctx;
+	{
+	int i,j,k;
+	double tm;
+
+	for (i=0; i<NUM_SIZES; i++)
+		{
+		BN_rand(a,sizes[i],1,0);
+		for (j=i; j<NUM_SIZES; j++)
+			{
+			BN_rand(b,sizes[j],1,0);
+			Time_F(START);
+			for (k=0; k<100000; k++)
+				BN_mul(r,b,a);
+			tm=Time_F(STOP);
+			printf("mul %3d x %3d -> %7.4f\n",sizes[i],sizes[j],tm/10.0);
+			}
+		}
+
+	for (i=0; i<NUM_SIZES; i++)
+		{
+		BN_rand(a,sizes[i],1,0);
+		Time_F(START);
+		for (k=0; k<100000; k++)
+			BN_sqr(r,a,ctx);
+		tm=Time_F(STOP);
+		printf("sqr %3d x %3d -> %7.4f\n",sizes[i],sizes[i],tm/10.0);
+		}
+
+	for (i=0; i<NUM_SIZES; i++)
+		{
+		BN_rand(a,sizes[i],1,0);
+		for (j=i; j<NUM_SIZES; j++)
+			{
+			BN_rand(b,sizes[j],1,0);
+			Time_F(START);
+			for (k=0; k<100000; k++)
+				BN_div(r, NULL, b, a,ctx);
+			tm=Time_F(STOP);
+			printf("div %3d / %3d -> %7.4f\n",sizes[j],sizes[i],tm/10.0);
+			}
+		}
+	}
+
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
new file mode 100644
index 0000000000..7a2f0b8d6d
--- /dev/null
+++ b/crypto/bn/bntest.c
@@ -0,0 +1,775 @@
+/* crypto/bn/bntest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "x509.h"
+#include "err.h"
+
+#ifndef NOPROTO
+int test_add (BIO *bp);
+int test_sub (BIO *bp);
+int test_lshift1 (BIO *bp);
+int test_lshift (BIO *bp);
+int test_rshift1 (BIO *bp);
+int test_rshift (BIO *bp);
+int test_div (BIO *bp,BN_CTX *ctx);
+int test_mul (BIO *bp);
+int test_sqr (BIO *bp,BN_CTX *ctx);
+int test_mont (BIO *bp,BN_CTX *ctx);
+int test_mod (BIO *bp,BN_CTX *ctx);
+int test_mod_mul (BIO *bp,BN_CTX *ctx);
+int test_mod_exp (BIO *bp,BN_CTX *ctx);
+int rand_neg(void);
+#else
+int test_add ();
+int test_sub ();
+int test_lshift1 ();
+int test_lshift ();
+int test_rshift1 ();
+int test_rshift ();
+int test_div ();
+int test_mul ();
+int test_sqr ();
+int test_mont ();
+int test_mod ();
+int test_mod_mul ();
+int test_mod_exp ();
+int rand_neg();
+#endif
+
+static int results=0;
+
+#ifdef WIN16
+#define APPS_WIN16
+#include "../bio/bss_file.c"
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	BN_CTX *ctx;
+	BIO *out;
+	char *outfile=NULL;
+
+	srand((unsigned int)time(NULL));
+
+	argc--;
+	argv++;
+	while (argc >= 1)
+		{
+		if (strcmp(*argv,"-results") == 0)
+			results=1;
+		else if (strcmp(*argv,"-out") == 0)
+			{
+			if (--argc < 1) break;
+			outfile= *(++argv);
+			}
+		argc--;
+		argv++;
+		}
+
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) exit(1);
+
+	out=BIO_new(BIO_s_file());
+	if (out == NULL) exit(1);
+	if (outfile == NULL)
+		{
+		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+		}
+	else
+		{
+		if (!BIO_write_filename(out,outfile))
+			{
+			perror(outfile);
+			exit(1);
+			}
+		}
+
+	if (!results)
+		BIO_puts(out,"obase=16\nibase=16\n");
+
+	fprintf(stderr,"test BN_add\n");
+	if (!test_add(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_sub\n");
+	if (!test_sub(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_lshift1\n");
+	if (!test_lshift1(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_lshift\n");
+	if (!test_lshift(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_rshift1\n");
+	if (!test_rshift1(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_rshift\n");
+	if (!test_rshift(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_div\n");
+	if (!test_div(out,ctx)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_mod\n");
+	if (!test_mod(out,ctx)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_mul\n");
+	if (!test_mul(out)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_sqr\n");
+	if (!test_sqr(out,ctx)) goto err;
+	fflush(stdout);
+
+	fprintf(stderr,"test BN_mod_mul\n");
+	if (!test_mod_mul(out,ctx)) goto err;
+	fflush(stdout);
+
+/*
+	fprintf(stderr,"test BN_mont\n");
+	if (!test_mont(out,ctx)) goto err;
+	fflush(stdout);
+*/
+	fprintf(stderr,"test BN_mod_exp\n");
+	if (!test_mod_exp(out,ctx)) goto err;
+	fflush(stdout);
+
+/**/
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(out);
+	exit(1);
+	return(1);
+	}
+
+int test_add(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b,*c;
+	int i;
+	int j;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+
+	BN_rand(a,512,0,0);
+	for (i=0; i<100; i++)
+		{
+		BN_rand(b,450+i,0,0);
+		a->neg=rand_neg();
+		b->neg=rand_neg();
+		if (bp == NULL)
+			for (j=0; j<10000; j++)
+				BN_add(c,a,b);
+		BN_add(c,a,b);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," + ");
+				BN_print(bp,b);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,c);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_sub(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b,*c;
+	int i;
+	int j;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+
+	BN_rand(a,512,0,0);
+	for (i=0; i<100; i++)
+		{
+		BN_rand(b,400+i,0,0);
+		a->neg=rand_neg();
+		b->neg=rand_neg();
+		if (bp == NULL)
+			for (j=0; j<10000; j++)
+				BN_sub(c,a,b);
+		BN_sub(c,a,b);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," - ");
+				BN_print(bp,b);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,c);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_div(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*b,*c,*d;
+	int i;
+	int j;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	d=BN_new();
+
+	BN_rand(a,400,0,0);
+	for (i=0; i<100; i++)
+		{
+		BN_rand(b,50+i,0,0);
+		a->neg=rand_neg();
+		b->neg=rand_neg();
+		if (bp == NULL)
+			for (j=0; j<100; j++)
+				BN_div(d,c,a,b,ctx);
+		BN_div(d,c,a,b,ctx);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," / ");
+				BN_print(bp,b);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,d);
+			BIO_puts(bp,"\n");
+
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," % ");
+				BN_print(bp,b);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,c);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	BN_free(d);
+	return(1);
+	}
+
+int test_mul(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b,*c;
+	int i;
+	int j;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+
+	BN_rand(a,200,0,0);
+	for (i=0; i<100; i++)
+		{
+		BN_rand(b,250+i,0,0);
+		a->neg=rand_neg();
+		b->neg=rand_neg();
+		if (bp == NULL)
+			for (j=0; j<100; j++)
+				BN_mul(c,a,b);
+		BN_mul(c,a,b);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," * ");
+				BN_print(bp,b);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,c);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_sqr(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*c;
+	int i;
+	int j;
+
+	a=BN_new();
+	c=BN_new();
+
+	for (i=0; i<40; i++)
+		{
+		BN_rand(a,40+i*10,0,0);
+		a->neg=rand_neg();
+		if (bp == NULL)
+			for (j=0; j<100; j++)
+				BN_sqr(c,a,ctx);
+		BN_sqr(c,a,ctx);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," * ");
+				BN_print(bp,a);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,c);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(c);
+	return(1);
+	}
+
+int test_mont(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*b,*c,*A,*B;
+	BIGNUM *n;
+	int i;
+	int j;
+	BN_MONT_CTX *mont;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	A=BN_new();
+	B=BN_new();
+	n=BN_new();
+
+	mont=BN_MONT_CTX_new();
+
+	BN_rand(a,100,0,0); /**/
+	BN_rand(b,100,0,0); /**/
+	for (i=0; i<10; i++)
+		{
+		BN_rand(n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/
+		BN_MONT_CTX_set(mont,n,ctx);
+
+		BN_to_montgomery(A,a,mont,ctx);
+		BN_to_montgomery(B,b,mont,ctx);
+
+		if (bp == NULL)
+			for (j=0; j<100; j++)
+				BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+		BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+		BN_from_montgomery(A,c,mont,ctx);/**/
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+#ifdef undef
+fprintf(stderr,"%d * %d %% %d\n",
+BN_num_bits(a),
+BN_num_bits(b),
+BN_num_bits(mont->N));
+#endif
+				BN_print(bp,a);
+				BIO_puts(bp," * ");
+				BN_print(bp,b);
+				BIO_puts(bp," % ");
+				BN_print(bp,mont->N);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,A);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_MONT_CTX_free(mont);
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_mod(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*b,*c;
+	int i;
+	int j;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+
+	BN_rand(a,1024,0,0); /**/
+	for (i=0; i<20; i++)
+		{
+		BN_rand(b,450+i*10,0,0); /**/
+		a->neg=rand_neg();
+		b->neg=rand_neg();
+		if (bp == NULL)
+			for (j=0; j<100; j++)
+				BN_mod(c,a,b,ctx);/**/
+		BN_mod(c,a,b,ctx);/**/
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," % ");
+				BN_print(bp,b);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,c);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_mod_mul(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*b,*c,*d,*e;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	d=BN_new();
+	e=BN_new();
+
+	BN_rand(c,1024,0,0); /**/
+	for (i=0; i<10; i++)
+		{
+		BN_rand(a,475+i*10,0,0); /**/
+		BN_rand(b,425+i*10,0,0); /**/
+		a->neg=rand_neg();
+		b->neg=rand_neg();
+	/*	if (bp == NULL)
+			for (j=0; j<100; j++)
+				BN_mod_mul(d,a,b,c,ctx);*/ /**/
+
+		if (!BN_mod_mul(e,a,b,c,ctx))
+			{
+			unsigned long l;
+
+			while ((l=ERR_get_error()))
+				fprintf(stderr,"ERROR:%s\n",
+					ERR_error_string(l,NULL));
+			exit(1);
+			}
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," * ");
+				BN_print(bp,b);
+				BIO_puts(bp," % ");
+				BN_print(bp,c);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,e);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	BN_free(d);
+	BN_free(e);
+	return(1);
+	}
+
+int test_mod_exp(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+	{
+	BIGNUM *a,*b,*c,*d,*e;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	d=BN_new();
+	e=BN_new();
+
+	BN_rand(c,30,0,1); /* must be odd for montgomery */
+	for (i=0; i<6; i++)
+		{
+		BN_rand(a,20+i*5,0,0); /**/
+		BN_rand(b,2+i,0,0); /**/
+
+		if (!BN_mod_exp(d,a,b,c,ctx))
+			return(00);
+
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," ^ ");
+				BN_print(bp,b);
+				BIO_puts(bp," % ");
+				BN_print(bp,c);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,d);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	BN_free(d);
+	BN_free(e);
+	return(1);
+	}
+
+int test_lshift(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b,*c;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	BN_one(c);
+
+	BN_rand(a,200,0,0); /**/
+	a->neg=rand_neg();
+	for (i=0; i<70; i++)
+		{
+		BN_lshift(b,a,i+1);
+		BN_add(c,c,c);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," * ");
+				BN_print(bp,c);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,b);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_lshift1(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+
+	BN_rand(a,200,0,0); /**/
+	a->neg=rand_neg();
+	for (i=0; i<70; i++)
+		{
+		BN_lshift1(b,a);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," * 2");
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,b);
+			BIO_puts(bp,"\n");
+			}
+		BN_copy(a,b);
+		}
+	BN_free(a);
+	BN_free(b);
+	return(1);
+	}
+
+int test_rshift(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b,*c;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	BN_one(c);
+
+	BN_rand(a,200,0,0); /**/
+	a->neg=rand_neg();
+	for (i=0; i<70; i++)
+		{
+		BN_rshift(b,a,i+1);
+		BN_add(c,c,c);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," / ");
+				BN_print(bp,c);
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,b);
+			BIO_puts(bp,"\n");
+			}
+		}
+	BN_free(a);
+	BN_free(b);
+	BN_free(c);
+	return(1);
+	}
+
+int test_rshift1(bp)
+BIO *bp;
+	{
+	BIGNUM *a,*b;
+	int i;
+
+	a=BN_new();
+	b=BN_new();
+
+	BN_rand(a,200,0,0); /**/
+	a->neg=rand_neg();
+	for (i=0; i<70; i++)
+		{
+		BN_rshift1(b,a);
+		if (bp != NULL)
+			{
+			if (!results)
+				{
+				BN_print(bp,a);
+				BIO_puts(bp," / 2");
+				BIO_puts(bp," - ");
+				}
+			BN_print(bp,b);
+			BIO_puts(bp,"\n");
+			}
+		BN_copy(a,b);
+		}
+	BN_free(a);
+	BN_free(b);
+	return(1);
+	}
+
+int rand_neg()
+	{
+	static unsigned int neg=0;
+	static int sign[8]={0,0,0,1,1,0,1,1};
+
+	return(sign[(neg++)%8]);
+	}
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
new file mode 100644
index 0000000000..4880df1116
--- /dev/null
+++ b/crypto/bn/exptest.c
@@ -0,0 +1,148 @@
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "err.h"
+
+#define NUM_BITS	(BN_BITS*2)
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	BN_CTX *ctx;
+	BIO *out=NULL;
+	int i,ret;
+	unsigned char c;
+	BIGNUM *r_mont,*r_recp,*a,*b,*m;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) exit(1);
+	r_mont=BN_new();
+	r_recp=BN_new();
+	a=BN_new();
+	b=BN_new();
+	m=BN_new();
+	if (	(r_mont == NULL) || (r_recp == NULL) ||
+		(a == NULL) || (b == NULL))
+		goto err;
+
+#ifdef WIN16
+	out=BIO_new(BIO_s_file_internal_w16());
+#else
+	out=BIO_new(BIO_s_file());
+#endif
+	if (out == NULL) exit(1);
+	BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+	for (i=0; i<200; i++)
+		{
+		RAND_bytes(&c,1);
+		c=(c%BN_BITS)-BN_BITS2;
+		BN_rand(a,NUM_BITS+c,0,0);
+
+		RAND_bytes(&c,1);
+		c=(c%BN_BITS)-BN_BITS2;
+		BN_rand(b,NUM_BITS+c,0,0);
+
+		RAND_bytes(&c,1);
+		c=(c%BN_BITS)-BN_BITS2;
+		BN_rand(m,NUM_BITS+c,0,1);
+
+		BN_mod(a,a,m,ctx);
+		BN_mod(b,b,m,ctx);
+
+		ret=BN_mod_exp_mont(r_mont,a,b,m,ctx);
+		if (ret <= 0)
+			{ printf("BN_mod_exp_mont() problems\n"); exit(1); }
+
+		ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
+		if (ret <= 0)
+			{ printf("BN_mod_exp_recp() problems\n"); exit(1); }
+		
+		if (BN_cmp(r_mont,r_recp) != 0)
+			{
+			printf("\nmont and recp results differ\n");
+			printf("a (%3d) = ",BN_num_bits(a));   BN_print(out,a);
+			printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b);
+			printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m);
+			printf("\nrecp     =");	BN_print(out,r_recp);
+			printf("\nmont     ="); BN_print(out,r_mont);
+			printf("\n");
+			exit(1);
+			}
+		else
+			{
+			printf(".");
+			fflush(stdout);
+			}
+		}
+	printf(" done\n");
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(out);
+	exit(1);
+	return(1);
+	}
+
diff --git a/crypto/bn/stuff/bn_knuth.c b/crypto/bn/stuff/bn_knuth.c
new file mode 100644
index 0000000000..9a3f4130ed
--- /dev/null
+++ b/crypto/bn/stuff/bn_knuth.c
@@ -0,0 +1,378 @@
+/* crypto/bn/bn_knuth.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+
+/* This is just a test implementation, it has not been modified for
+ * speed and it still has memory leaks. */
+
+int BN_mask_bits(BIGNUM *a,int n);
+
+#undef DEBUG
+#define MAIN
+
+/* r must be different to a and b
+ * Toom-Cook multiplication algorithm, taken from
+ * The Art Of Computer Programming, Volume 2, Donald Knuth
+ */
+
+#define	CODE1		((BIGNUM *)0x01)
+#define	CODE2		((BIGNUM *)0x02)
+#define	CODE3		((BIGNUM *)0x03)
+#define MAXK		(30+1)
+
+#define C3	3
+#define C4	4
+#define C5	5
+#define C6	6
+#define C7	7
+#define C8	8
+#define C9	9
+#define C10	10
+#define DONE	11
+
+int new_total=0;
+int Free_total=0;
+int max=0,max_total=0;
+
+BIGNUM *LBN_new(void );
+BIGNUM *LBN_dup(BIGNUM *a);
+void LBN_free(BIGNUM *a);
+
+int BN_mul_knuth(w, a, b)
+BIGNUM *w;
+BIGNUM *a;
+BIGNUM *b;
+	{
+	int ret=1;
+	int i,j,n,an,bn,y,z;
+	BIGNUM *U[MAXK],*V[MAXK],*T[MAXK];
+	BIGNUM *C[(MAXK*2*3)];
+	BIGNUM *W[(MAXK*2)],*t1,*t2,*t3,*t4;
+	int Utos,Vtos,Ctos,Wtos,Ttos;
+	unsigned int k,Q,R;
+	unsigned int q[MAXK];
+	unsigned int r[MAXK];
+	int state;
+
+	/* C1 */
+	Utos=Vtos=Ctos=Wtos=Ttos=0;
+	k=1;
+	q[0]=q[1]=64;
+	r[0]=r[1]=4;
+	Q=6;
+	R=2;
+
+	if (!bn_expand(w,BN_BITS2*2)) goto err;
+	an=BN_num_bits(a);
+	bn=BN_num_bits(b);
+	n=(an > bn)?an:bn;
+	while ((q[k-1]+q[k]) < n)
+		{
+		k++;
+		Q+=R;
+		i=R+1;
+		if ((i*i) <= Q) R=i;
+		q[k]=(1<<Q);
+		r[k]=(1<<R);
+		}
+#ifdef DEBUG
+	printf("k   =");
+	for (i=0; i<=k; i++) printf("%7d",i);
+	printf("\nq[k]=");
+	for (i=0; i<=k; i++) printf("%7d",q[i]);
+	printf("\nr[k]=");
+	for (i=0; i<=k; i++) printf("%7d",r[i]);
+	printf("\n");
+#endif
+
+	/* C2 */
+	C[Ctos++]=CODE1;
+	if ((t1=LBN_dup(a)) == NULL) goto err;
+	C[Ctos++]=t1;
+	if ((t1=LBN_dup(b)) == NULL) goto err;
+	C[Ctos++]=t1;
+
+	state=C3;
+	for (;;)
+		{
+#ifdef DEBUG
+		printf("state=C%d, Ctos=%d Wtos=%d\n",state,Ctos,Wtos);
+#endif
+		switch (state)
+			{
+			int lr,lq,lp;
+		case C3:
+			k--;
+			if (k == 0)
+				{
+				t1=C[--Ctos];
+				t2=C[--Ctos];
+#ifdef DEBUG
+				printf("Ctos=%d poped %d\n",Ctos,2);
+#endif
+				if ((t2->top == 0) || (t1->top == 0))
+					w->top=0;
+				else
+					BN_mul(w,t1,t2);
+
+				LBN_free(t1); /* FREE */
+				LBN_free(t2); /* FREE */
+				state=C10;
+				}
+			else
+				{
+				lr=r[k];
+				lq=q[k];
+				lp=q[k-1]+q[k];
+				state=C4;
+				}
+			break;
+		case C4:
+			for (z=0; z<2; z++) /* do for u and v */
+				{
+				/* break the item at C[Ctos-1] 
+				 * into lr+1 parts of lq bits each
+				 * for j=0; j<=2r; j++
+				 */
+				t1=C[--Ctos]; /* pop off u */
+#ifdef DEBUG
+				printf("Ctos=%d poped %d\n",Ctos,1);
+#endif
+				if ((t2=LBN_dup(t1)) == NULL) goto err;
+				BN_mask_bits(t2,lq);
+				T[Ttos++]=t2;
+#ifdef DEBUG
+				printf("C4 r=0 bits=%d\n",BN_num_bits(t2));
+#endif
+				for (i=1; i<=lr; i++)
+					{
+					if (!BN_rshift(t1,t1,lq)) goto err;
+					if ((t2=LBN_dup(t1)) == NULL) goto err;
+					BN_mask_bits(t2,lq);
+					T[Ttos++]=t2;
+#ifdef DEBUG
+					printf("C4 r=%d bits=%d\n",i,
+						BN_num_bits(t2));
+#endif
+					}
+				LBN_free(t1);
+
+				if ((t2=LBN_new()) == NULL) goto err;
+				if ((t3=LBN_new()) == NULL) goto err;
+				for (j=0; j<=2*lr; j++)
+					{
+					if ((t1=LBN_new()) == NULL) goto err;
+
+					if (!BN_set_word(t3,j)) goto err;
+					for (i=lr; i>=0; i--)
+						{
+						if (!BN_mul(t2,t1,t3)) goto err;
+						if (!BN_add(t1,t2,T[i])) goto err;
+						}
+					/* t1 is U(j) */
+					if (z == 0)
+						U[Utos++]=t1;
+					else
+						V[Vtos++]=t1;
+					}
+				LBN_free(t2);
+				LBN_free(t3);
+				while (Ttos) LBN_free(T[--Ttos]);
+				}
+#ifdef DEBUG
+			for (i=0; i<Utos; i++)
+				printf("U[%2d]=%4d bits\n",i,BN_num_bits(U[i]));
+			for (i=0; i<Vtos; i++)
+				printf("V[%2d]=%4d bits\n",i,BN_num_bits(V[i]));
+#endif
+			/* C5 */
+#ifdef DEBUG
+			printf("PUSH CODE2 and %d CODE3 onto stack\n",2*lr);
+#endif
+			C[Ctos++]=CODE2;
+			for (i=2*lr; i>0; i--)
+				{
+				C[Ctos++]=V[i];
+				C[Ctos++]=U[i];
+				C[Ctos++]=CODE3;
+				}
+			C[Ctos++]=V[0];
+			C[Ctos++]=U[0];
+#ifdef DEBUG
+				printf("Ctos=%d pushed %d\n",Ctos,2*lr*3+3);
+#endif
+			Vtos=Utos=0;
+			state=C3;
+			break;
+		case C6:
+			if ((t1=LBN_dup(w)) == NULL) goto err;
+			W[Wtos++]=t1;
+#ifdef DEBUG
+			printf("put %d bit number onto w\n",BN_num_bits(t1));
+#endif
+			state=C3;
+			break;
+		case C7:
+			lr=r[k];
+			lq=q[k];
+			lp=q[k]+q[k-1];
+			z=Wtos-2*lr-1;
+			for (j=1; j<=2*lr; j++)
+				{
+				for (i=2*lr; i>=j; i--)
+					{
+					if (!BN_sub(W[z+i],W[z+i],W[z+i-1])) goto err;
+					BN_div_word(W[z+i],j);
+					}
+				}
+			state=C8;
+			break;
+		case C8:
+			y=2*lr-1;
+			if ((t1=LBN_new()) == NULL) goto err;
+			if ((t3=LBN_new()) == NULL) goto err;
+
+			for (j=y; j>0; j--)
+				{
+				if (!BN_set_word(t3,j)) goto err;
+				for (i=j; i<=y; i++)
+					{
+					if (!BN_mul(t1,W[z+i+1],t3)) goto err;
+					if (!BN_sub(W[z+i],W[z+i],t1)) goto err;
+					}
+				}
+			LBN_free(t1);
+			LBN_free(t3);
+			state=C9;
+			break;
+		case C9:
+			BN_zero(w);
+#ifdef DEBUG
+			printf("lq=%d\n",lq);
+#endif
+			for (i=lr*2; i>=0; i--)
+				{
+				BN_lshift(w,w,lq);
+				BN_add(w,w,W[z+i]);
+				}
+			for (i=0; i<=lr*2; i++)
+				LBN_free(W[--Wtos]);
+			state=C10;
+			break;
+		case C10:
+			k++;
+			t1=C[--Ctos];
+#ifdef DEBUG
+			printf("Ctos=%d poped %d\n",Ctos,1);
+			printf("code= CODE%d\n",t1);
+#endif
+			if (t1 == CODE3)
+				state=C6;
+			else if (t1 == CODE2)
+				{
+				if ((t2=LBN_dup(w)) == NULL) goto err;
+				W[Wtos++]=t2;
+				state=C7;
+				}
+			else if (t1 == CODE1)
+				{
+				state=DONE;
+				}
+			else
+				{
+				printf("BAD ERROR\n");
+				goto err;
+				}
+			break;
+		default:
+			printf("bad state\n");
+			goto err;
+			break;
+			}
+		if (state == DONE) break;
+		}
+	ret=1;
+err:
+	if (ret == 0) printf("ERROR\n");
+	return(ret);
+	}
+
+#ifdef MAIN
+main()
+	{
+	BIGNUM *a,*b,*r;
+	int i;
+
+	if ((a=LBN_new()) == NULL) goto err;
+	if ((b=LBN_new()) == NULL) goto err;
+	if ((r=LBN_new()) == NULL) goto err;
+
+	if (!BN_rand(a,1024*2,0,0)) goto err;
+	if (!BN_rand(b,1024*2,0,0)) goto err;
+
+	for (i=0; i<10; i++)
+		{
+		if (!BN_mul_knuth(r,a,b)) goto err; /**/
+		/*if (!BN_mul(r,a,b)) goto err; /**/
+		}
+BN_print(stdout,a); printf(" * ");
+BN_print(stdout,b); printf(" =\n");
+BN_print(stdout,r); printf("\n");
+
+printf("BN_new() =%d\nBN_free()=%d max=%d\n",new_total,Free_total,max);
+
+
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors(stderr);
+	exit(1);
+	}
+#endif
+
+int BN_mask_bits(a,n)
+BIGNUM *a;
+int n;
+	{
+	int b,w;
+
+	w=n/BN_BITS2;
+	b=n%BN_BITS2;
+	if (w >= a->top) return(0);
+	if (b == 0)
+		a->top=w;
+	else
+		{
+		a->top=w+1;
+		a->d[w]&= ~(BN_MASK2<<b);
+		}
+	return(1);
+	}
+
+BIGNUM *LBN_dup(a)
+BIGNUM *a;
+	{
+	new_total++;
+	max_total++;
+	if (max_total > max) max=max_total;
+	return(BN_dup(a));
+	}
+
+BIGNUM *LBN_new()
+	{
+	new_total++;
+	max_total++;
+	if (max_total > max) max=max_total;
+	return(BN_new());
+	}
+
+void LBN_free(a)
+BIGNUM *a;
+	{
+	max_total--;
+	if (max_total > max) max=max_total;
+	Free_total++;
+	BN_free(a);
+	}
diff --git a/crypto/bn/stuff/div.c b/crypto/bn/stuff/div.c
new file mode 100644
index 0000000000..3d6e08622d
--- /dev/null
+++ b/crypto/bn/stuff/div.c
@@ -0,0 +1,340 @@
+/* crypto/bn/div.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+
+BN_ULONG bn_div_2word();
+
+int BN_div2(dv, rm, num, div,ctx)
+BIGNUM *dv;
+BIGNUM *rm;
+BIGNUM *num;
+BIGNUM *div;
+BN_CTX *ctx;
+	{
+	int norm_shift,i,j,nm,nd,loop;
+	BIGNUM *tmp,wnum,*snum,*sdiv,*res;
+	BN_ULONG *resp,*wnump;
+	BN_ULONG d0,d1;
+	int num_n,div_n;
+
+#ifdef DEBUG
+BN_print(stdout,num); printf(" number\n");
+BN_print(stdout,div); printf(" divisor\n");
+#endif
+	if (BN_is_zero(num))
+		{
+		BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+		return(0);
+		}
+
+	if (BN_cmp(num,div) < 0)
+		{
+		if (rm != NULL)
+			{ if (BN_copy(rm,num) == NULL) return(0); }
+		if (dv != NULL) BN_zero(dv);
+		return(1);
+		}
+
+	tmp=ctx->bn[ctx->tos]; 
+	snum=ctx->bn[ctx->tos+1];
+	sdiv=ctx->bn[ctx->tos+2];
+	if (dv == NULL)
+		res=ctx->bn[ctx->tos+3];
+	else	res=dv;
+
+	/* First we normalise the numbers */
+	norm_shift=BN_BITS2-((BN_num_bits(div))%BN_BITS2);
+	BN_lshift(sdiv,div,norm_shift);
+	norm_shift+=BN_BITS2;
+	BN_lshift(snum,num,norm_shift);
+	div_n=sdiv->top;
+	num_n=snum->top;
+	loop=num_n-div_n;
+#ifdef DEBUG
+BN_print(stdout,snum); printf(" shifted num, forget last word\n");
+BN_print(stdout,sdiv); printf(" shifted div\n");
+#endif
+
+	/* Lets setup a 'win'dow into snum
+	 * This is the part that corresponds to the current
+	 * 'area' being divided */
+	wnum.d=	 &(snum->d[loop]);
+	wnum.top= div_n;
+	wnum.max= snum->max; /* a bit of a lie */
+	wnum.neg= 0;
+
+	/* Get the top 2 words of sdiv */
+	i=sdiv->top;
+	d0=sdiv->d[div_n-1];
+	d1=sdiv->d[div_n-2];
+
+	/* pointer to the 'top' of snum */
+	wnump= &(snum->d[num_n-1]);
+
+	/* Setup to 'res' */
+	res->neg=0;
+	res->top=loop;
+	resp= &(res->d[loop-1]);
+	bn_expand(res,(loop+1)*BN_BITS2);
+
+	/* space for temp */
+	bn_expand(tmp,(div_n+1)*BN_BITS2);
+
+#ifdef DEBUG
+printf("wnum="); BN_print(stdout,&wnum); printf(" initial sub check\n");
+printf("div ="); BN_print(stdout,sdiv); printf(" loop=%d\n",loop);
+#endif
+	if (BN_cmp(&wnum,sdiv) >= 0)
+		{
+		BN_sub(&wnum,&wnum,sdiv);
+		*resp=1;
+		res->d[res->top-1]=1;
+		}
+	else
+		res->top--;
+	resp--;
+#ifdef DEBUG
+BN_print(stdout,res); printf(" initial result\n");
+BN_print(stdout,&wnum); printf(" wnum\n");
+#endif
+
+	for (i=0; i<loop-1; i++)
+		{
+		BN_ULONG q,n0;
+		BN_ULLONG t1,t2,t3;
+		BN_ULONG l0;
+
+		wnum.d--;
+		wnum.top++;
+
+#ifdef DEBUG
+BN_print(stderr,&wnum); printf(" to divide\n");
+#endif
+
+		q=0;
+		n0=wnump[0];
+		t1=((BN_ULLONG)n0<<BN_BITS2)|wnump[-1];
+		if (n0 == d0)
+			q=BN_MASK2;
+		else
+			{
+			t2=(t1/d0);
+			q=(t2&BN_MASK2);
+#ifdef DEBUG
+printf("t1=%08X / d0=%08X = %X (%X)\n",t1,d0,q,t2);
+#endif
+			}
+		for (;;)
+			{
+			t2=(BN_ULLONG)d1*q;
+			t3=t1-(BN_ULLONG)q*d0;
+#ifdef DEBUG
+printf("d1*q= %X    n01-q*d0 = %X\n",t2,t3);
+#endif
+			if ((t3>>BN_BITS2) ||
+				(t2 <= ((t3<<BN_BITS2)+wnump[-2])))
+				break;
+#ifdef DEBUG
+printf("reduce q\n");
+#endif
+			q--;
+			}
+		l0=bn_mul_word(tmp->d,sdiv->d,div_n,q);
+		if (l0)
+			tmp->d[div_n]=l0;
+		else
+			tmp->d[div_n]=0;
+		for (j=div_n+1; j>0; j--)
+			if (tmp->d[j-1]) break;
+		tmp->top=j;
+
+#ifdef DEBUG
+printf("q=%08X\n",q);
+BN_print(stdout,&wnum); printf(" number\n");
+BN_print(stdout,tmp); printf(" subtract\n");
+
+BN_print(stdout,snum); printf(" shifted number before\n");
+BN_print(stdout,&wnum); printf(" wnum before\n");
+#endif
+		j=wnum.top;
+		BN_sub(&wnum,&wnum,tmp);
+		snum->top=snum->top+wnum.top-j;
+
+#ifdef DEBUG
+BN_print(stdout,&wnum); printf(" wnum after\n");
+BN_print(stdout,snum); printf(" shifted number after\n");
+#endif
+
+		if (wnum.neg)
+			{
+			q--;
+			j=wnum.top;
+			BN_add(&wnum,&wnum,sdiv);
+			snum->top+=wnum.top-j;
+			fprintf(stderr,"addback\n");
+#ifdef DEBUG
+BN_print(stdout,snum); printf("after addback************************:\n");
+#endif
+			}
+		*(resp--)=q;
+#ifdef DEBUG
+BN_print(stdout,res); printf(" result\n");
+#endif
+		wnump--;
+		}
+	if (rm != NULL)
+		BN_rshift(rm,snum,norm_shift);
+	return(1);
+	}
+
+main()
+	{
+	BIGNUM *a,*b,*c,*d;
+	BIGNUM *cc,*dd;
+	BN_CTX *ctx;
+	int i,x;
+
+	a=BN_new();
+	b=BN_new();
+	c=BN_new();
+	d=BN_new();
+	cc=BN_new();
+	dd=BN_new();
+	ctx=BN_CTX_new();
+
+for (i=0; i<10240; i++)
+	{
+	BN_rand(a,80,0,0);
+	BN_rand(b,60,0,0);
+	
+	BN_div2(d,c,a,b,ctx);
+	BN_div(dd,cc,a,b,ctx);
+	if ((BN_cmp(d,dd) != 0) || (BN_cmp(c,cc) != 0))
+		{
+		BN_print(stderr,a); fprintf(stderr," / ");
+		BN_print(stderr,b); fprintf(stderr," d=");
+		BN_print(stderr,d); fprintf(stderr," r= ");
+		BN_print(stderr,c); fprintf(stderr,"\nd=");
+		BN_print(stderr,dd); fprintf(stderr," r= ");
+		BN_print(stderr,cc); fprintf(stderr,"\n");
+		}
+
+	}
+
+#ifdef undef
+/*
+	BN_rand(a,600,0,0);
+	BN_rand(b,400,0,0);
+	for (i=0; i<2000000; i++)
+		{
+		BN_div2(d,c,a,b,ctx);
+		}
+*/
+/*	for (i=0;;) */
+/*	for (i=0; i<0xffffffff; i++)
+		{
+		BN_ULONG rr,r,a,b,c;
+		BN_ULLONG l;
+
+		a=rand()&BN_MASK2;
+		b=rand()&BN_MASK2;
+		for (;;)
+			{
+			c=rand()&BN_MASK2;
+			if (c) break;
+			}
+/*		for (x=1; x<256*256; x++) */
+			{
+			c=x;
+			a=i>>8;
+			b=i&0xff;
+			a&= ~(0xFFFFFF<<(BN_num_bits_word(c)));
+
+			r=bn_div_2word(a,b,c);
+
+			rr=(BN_ULONG)((((BN_ULLONG)a<<BN_BITS2)|b)/c);
+
+			if ((i & 0xfffff) == 0) fprintf(stderr,"%d\n",i,r,rr); 
+/*if (x == 255)
+	fprintf(stderr,"%6d/%3d = %4d %4d\n",(a<<8)|b,c,r,rr); */
+			if (rr != r)
+				{
+				fprintf(stderr,"%8d %02X%02X / %02X = %02X %02X\n",
+					i,a,b,c,rr,r);
+				abort();
+				}
+			}
+		}
+#endif
+	}
+
+/* Divide h-l by d and return the result. */
+BN_ULONG bn_div_2word(l,h,d)
+BN_ULONG l,h,d;
+	{
+	BN_ULONG dh,dl,q,ret=0,th,tl,t,top;
+	int i,count=2;
+
+	if (d == 0) return(-1);
+
+	i=BN_num_bits_word(d);
+	if ((i != BN_BITS2) && (h > 1<<i))
+		{
+		fprintf(stderr,"Division would overflow\n");
+		abort();
+		}
+	i=BN_BITS2-i;
+	if (h >= d) h-=d;
+
+	if (i)
+		{
+		d<<=i;
+		h=(h<<i)|(l>>(BN_BITS2-i));
+		l<<=i;
+		}
+	dh=(d&BN_MASK2h)>>BN_BITS4;
+	dl=(d&BN_MASK2l);
+	for (;;)
+		{
+		if ((h>>BN_BITS4) == dh)
+			q=BN_MASK2l;
+		else
+			q=h/dh;
+
+		for (;;)
+			{
+			t=(h-q*dh);
+			if ((t&BN_MASK2h) ||
+				((dl*q) <= (
+					(t<<BN_BITS4)+
+					((l&BN_MASK2h)>>BN_BITS4))))
+				break;
+			q--;
+			}
+		th=q*dh;
+		tl=q*dl;
+		t=(tl>>BN_BITS4);
+		tl=(tl<<BN_BITS4)&BN_MASK2h;
+		th+=t;
+
+		if (l < tl) th++;
+		l-=tl;
+		if (h < th)
+			{
+			fprintf(stderr,"add back\n");
+			h+=d;
+			q--;
+			}
+		h-=th;
+
+		if (--count == 0) break;
+
+		ret=q<<BN_BITS4;
+		h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
+		l=(l&BN_MASK2l)<<BN_BITS4;
+		}
+	ret|=q;
+	return(ret);
+	}
diff --git a/crypto/bn/stuff/mont.doc b/crypto/bn/stuff/mont.doc
new file mode 100644
index 0000000000..55d1d79312
--- /dev/null
+++ b/crypto/bn/stuff/mont.doc
@@ -0,0 +1,17 @@
+All numbers (a) are stored aR mod N (except abRR)
+
+RR = REDC(R*R)	/* RR mod N */
+
+
+convert a -> aR
+convert b -> bR
+
+	{
+	abRR = aR * bR
+	abR = REDC(abRR); /* mod N */
+	}
+
+ab = REDC(abR);   /* mod N */
+
+
+REDC strips off a multiplicaion by R mod N
diff --git a/crypto/bn/stuff/wei_mulw.c b/crypto/bn/stuff/wei_mulw.c
new file mode 100644
index 0000000000..7f8a1e58fe
--- /dev/null
+++ b/crypto/bn/stuff/wei_mulw.c
@@ -0,0 +1,410 @@
+/* crypto/bn/wei_mulw.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "bn_lcl.h"
+
+BN_ULONG bn_add_word(BN_ULONG *a,BN_ULONG c,int num);
+BN_ULONG bn_add_words(BN_ULONG *ret,BN_ULONG *a,BN_ULONG *b,int num);
+BN_ULONG bn_sub_words(BN_ULONG *ret,BN_ULONG *a,BN_ULONG *b,int num);
+
+void BN_mul_4words(BN_ULONG *ret,BN_ULONG a0,BN_ULONG a1,
+	BN_ULONG b0,BN_ULONG b1);
+
+void pr(a,n,s)
+BN_ULONG *a;
+int n;
+	{
+	while (n--)
+		fprintf(stdout,"%02X",a[n]);
+	fprintf(stdout,"%s",s);
+	}
+
+
+BN_ULONG bn_add_word(a,w,num)
+BN_ULONG *a;
+BN_ULONG w;
+int num;
+	{
+	BN_ULONG t;
+
+#ifdef DEBUG
+{ BN_ULONG *aa=a; int i; for (i=num; i>0; i--) fprintf(stdout,"%02X",aa[i-1]);
+fprintf(stdout," + %X - ",w); i=num;
+#endif
+	
+loop:
+	t= *a;
+	t=(t+w)&BN_MASK2;
+	*(a++)=t;
+	w=(t < w);
+	if (w && --num) goto loop;
+
+#ifdef DEBUG
+for (; i>0; i--) fprintf(stdout,"%02X",aa[i-1]);
+fprintf(stdout,"\n");
+}
+#endif
+
+	return(w);
+	}
+
+BN_ULONG bn_add_words(r,a,b,num)
+BN_ULONG *r;
+BN_ULONG *a;
+BN_ULONG *b;
+int num;
+	{
+#if defined(BN_LLONG)
+	BN_ULLONG t;
+	BN_ULONG c=0;
+	int i;
+
+	if (num&1) abort();
+
+	for (i=0; i<num; i+=2)
+		{
+		t=(BN_ULLONG)a[i]+b[i]+c;
+		r[i+0]=L(t);
+		t=(BN_ULLONG) H(t)+a[i+1]+b[i+1];
+		r[i+1]=L(t);
+		c=H(t);
+		}
+	return(c);
+#else
+	BN_ULONG c=0,t1,t2;
+
+	for ( ; num; num--)
+		{
+		t1= *(a++);
+		t2= *(b++);
+
+		if (c)
+			{
+			c=(t2 >= ((~t1)&BN_MASK2));
+			(*r++)=(t1+t2+1)&BN_MASK2;
+			}
+		else
+			{
+			t2=(t1+t2)&BN_MASK2;
+			c=(t2 < t1);
+			(*r++)=t2;
+			}
+		}
+	return(c);
+#endif
+	}
+
+BN_ULONG bn_sub_words(r,a,b,num)
+BN_ULONG *r;
+BN_ULONG *a;
+BN_ULONG *b;
+int num;
+	{
+#if defined(BN_LLONG)
+	BN_ULLONG t;
+	BN_ULONG c=0;
+	int i;
+
+	if (num&1) abort();
+
+	for (i=0; i<num; i+=2)
+		{
+		t=(BN_ULLONG)a[i]-b[i]-c;
+		r[i+0]=L(t);
+		t=(BN_ULLONG)a[i+1]-b[i+1]-(0-H(t))&BN_MASK2;
+		r[i+1]=L(t);
+		c=H(t);
+		}
+	return(c);
+#else
+	BN_ULONG c=0,t1,t2;
+
+	for ( ; num; num--)
+		{
+		t1= *(a++);
+		t2= *(b++);
+
+		if (c)
+			{
+			c=(t1 <= t2);
+			t1=(t1-t2-1);
+			}
+		else
+			{
+			c=(t1 < t2);
+			t1=(t1-t2);
+			}
+		(*r++)=t1&BN_MASK2;
+		}
+	return(c);
+#endif
+	}
+
+
+/* ret[3,2,1,0] = a1,a0 * b1,b0 */
+void BN_mul_4words(ret,a0,a1,b0,b1)
+BN_ULONG *ret;
+BN_ULONG a0,a1,b0,b1;
+	{
+	BN_ULONG s,u;
+	BN_ULLONG fix,a0b0,a1b1,tmp;
+
+	if (a1 >= a0)
+		{
+		s=(a1-a0);
+		u=(b0-b1);
+		fix=(BN_ULLONG)s*u;
+		if (b0 >= b1) s=0;
+		}
+	else
+		{
+		BN_ULONG u;
+
+		if (b0 > b1)
+			{
+			s=(b0-b1);
+			u=(a1-a0);
+			fix=(BN_ULLONG)s*u;
+			}
+		else
+			{
+			u=(a0-a1);
+			s=(b1-b0);
+			fix=(BN_ULLONG)s*u;
+			s=0;
+			}
+		}
+	
+	a0b0=(BN_ULLONG)a0*b0;
+	ret[0]=L(a0b0);
+
+	a1b1=(BN_ULLONG)a1*b1;
+	tmp=(BN_ULLONG) H(a0b0) + L(a0b0) + L(fix) + L(a1b1);
+	ret[1]=L(tmp);
+
+	tmp=(BN_ULLONG) a1b1 + H(tmp) + H(a0b0) + H(fix) + H(a1b1) - s;
+	ret[2]=L(tmp);
+	ret[3]=H(tmp);
+	}
+
+/* ret[3,2,1,0] += a1,a0 * b1,b0 */
+BN_ULONG BN_mul_add_4words(ret,a0,a1,b0,b1)
+BN_ULONG *ret;
+BN_ULONG a0,a1,b0,b1;
+	{
+	BN_ULONG s,u;
+	BN_ULLONG fix,a0b0,a1b1,tmp;
+
+#ifdef DEBUG
+fprintf(stdout,"%02X%02X%02X%02X",ret[3],ret[2],ret[1],ret[0]);
+fprintf(stdout," + ( %02X%02X * %02X%02X ) - ",a1,a0,b1,b0);
+#endif
+	if (a1 >= a0)
+		{
+		s=(a1-a0);
+		u=(b0-b1);
+		fix=(BN_ULLONG)s*u;
+		if (b0 >= b1) s=0;
+		}
+	else
+		{
+		if (b0 > b1)
+			{
+			s=(b0-b1);
+			u=(a1-a0);
+			fix=(BN_ULLONG)s*u;
+			}
+		else
+			{
+			u=(a0-a1);
+			s=(b1-b0);
+			fix=(BN_ULLONG)s*u;
+			s=0;
+			}
+		}
+	
+	a0b0=(BN_ULLONG)a0*b0;
+	tmp=a0b0+ret[0];
+	ret[0]=L(tmp);
+
+	a1b1=(BN_ULLONG)a1*b1;
+	tmp=(BN_ULLONG) H(tmp) + L(a0b0) + L(fix) + L(a1b1) + ret[1];
+	ret[1]=L(tmp);
+
+	tmp=(BN_ULLONG) H(tmp) + L(a1b1) + H(a0b0) +
+		H(fix) + H(a1b1) -s + ret[2];
+	ret[2]=L(tmp);
+
+	tmp=(BN_ULLONG) H(tmp) + H(a1b1) + ret[3];
+	ret[3]=L(tmp);
+#ifdef DEBUG
+fprintf(stdout,"%02X%02X%02X%02X%02X\n",H(tmp),ret[3],ret[2],ret[1],ret[0]);
+#endif
+	return(H(tmp));
+	}
+
+/* ret[3,2,1,0] += a1,a0 * a1,a0 */
+void BN_sqr_4words(ret,a0,a1)
+BN_ULONG *ret;
+BN_ULONG a0,a1;
+	{
+	BN_ULONG s,u;
+	BN_ULLONG tmp,tmp2;
+
+	tmp=(BN_ULLONG)a0*a0;
+	ret[0]=L(tmp);
+
+	tmp2=(BN_ULLONG)a0*a1;
+	tmp=(BN_ULLONG)H(tmp)+L(tmp2)*2;
+	ret[1]=L(tmp);
+
+	tmp=(BN_ULLONG)a1*a1+H(tmp)+H(tmp2)*2;
+	ret[2]=L(tmp);
+	ret[3]=L(tmp);
+	}
+
+#define N0	(0)
+#define N1	(half)
+#define N2	(num)
+#define N3	(num+half)
+
+#define word_cmp(r,a,b,num) \
+	{ \
+	int n=num; \
+\
+	(r)=0; \
+	while (n--) \
+		{ \
+		if ((a)[(n)] > (b)[(n)]) \
+			{ (r)=1; break; } \
+		else if ((a)[(n)] < (b)[(n)]) \
+			{ (r)= -1; break; } \
+		} \
+	}
+
+
+/* (a->top == b->top) && (a->top >= 2) && !(a->top & 1) */
+void bn_recursize_mul(r,t,a,b,num)
+BN_ULONG *r,*t,*a,*b;
+int num;
+	{
+	if ((num < 2) || (num&1))
+		abort();
+
+/* fprintf(stderr,"num=%d half=%d\n",num,num/2);*/
+	if (num == 2)
+		BN_mul_4words(r,a[0],a[1],b[0],b[1]);
+	else if (num == 4)
+		{
+		BN_ULONG c,tmp;
+
+		BN_mul_4words(&(r[0]),a[0],a[1],b[0],b[1]);
+		BN_mul_4words(&(r[4]),a[2],a[3],b[2],b[3]);
+
+		c =BN_mul_add_4words(&(r[2]),a[0],a[1],b[2],b[3]);
+		c+=BN_mul_add_4words(&(r[2]),a[2],a[3],b[0],b[1]);
+
+		bn_add_word(&(r[6]),c,2);
+		}
+	else
+		{
+		int half=num/2;
+		int carry,cmp_a,cmp_b;
+
+		word_cmp(cmp_a,&(a[0]),&(a[half]),half);
+		word_cmp(cmp_b,&(b[0]),&(b[half]),half);
+
+		switch (cmp_a*2+cmp_a+cmp_b)
+			{
+		case -4:
+			bn_sub_words(&(t[N0]),&(a[N1]),&(a[N0]),half);
+			bn_sub_words(&(t[N1]),&(b[N0]),&(b[N1]),half);
+			bn_recursize_mul(&(r[N1]),&(t[N2]),
+				&(t[N0]),&(t[N1]),half);
+			bn_sub_words(&(r[N2]),&(r[N2]),&(t[N0]),half);
+			carry= -1;
+			break;
+		case -2:
+			bn_sub_words(&(t[N0]),&(a[N1]),&(a[N0]),half);
+			bn_sub_words(&(t[N1]),&(b[N0]),&(b[N1]),half);
+			bn_recursize_mul(&(r[N1]),&(t[N2]),
+				&(t[N0]),&(t[N1]),half);
+			carry=0;
+			break;
+		case 2:
+			bn_sub_words(&(t[N0]),&(a[N0]),&(a[N1]),half);
+			bn_sub_words(&(t[N1]),&(b[N1]),&(b[N0]),half);
+			bn_recursize_mul(&(r[N1]),&(t[N2]),
+				&(t[N0]),&(t[N1]),half);
+			carry=0;
+			break;
+		case 4:
+			bn_sub_words(&(t[N0]),&(a[N1]),&(a[N0]),half);
+			bn_sub_words(&(t[N1]),&(b[N0]),&(b[N1]),half);
+			bn_recursize_mul(&(r[N1]),&(t[N2]),
+				&(t[N0]),&(t[N1]),half);
+			bn_sub_words(&(r[N2]),&(r[N2]),&(t[N1]),half);
+			carry= -1;
+			break;
+		default:
+			memset(&(r[N1]),0,sizeof(BN_ULONG)*num);
+			break;
+			}
+		
+		bn_recursize_mul(&(t[N0]),&(t[N2]),&(a[N0]),&(b[N0]),half);
+#ifdef DEBUG
+	pr(a,half," * ");
+	pr(b,half," - ");
+	pr(t,num," - 0\n");
+#endif
+		memcpy(&(r[N0]),&(t[N0]),half*sizeof(BN_ULONG));
+		if (bn_add_words(&(r[N1]),&(r[N1]),&(t[N1]),half))
+			{ bn_add_word(&(t[N1]),1,half); }
+
+		carry+=bn_add_words(&(r[N1]),&(r[N1]),&(t[N0]),num);
+
+		bn_recursize_mul(&(t[N0]),&(t[N2]),&(a[N1]),&(b[N1]),half);
+
+		carry+=bn_add_words(&(r[N1]),&(r[N1]),&(t[N0]),num);
+		carry+=bn_add_words(&(r[N2]),&(r[N2]),&(t[N0]),half);
+		memcpy(&(r[N3]),&(t[N1]),half*sizeof(BN_ULONG));
+
+		bn_add_word(&(r[N3]),carry,half);
+		}
+	}
+
+main()
+	{
+	BIGNUM *a,*b,*r,*t;
+	int i,j;
+
+	a=BN_new();
+	b=BN_new();
+	r=BN_new();
+	t=BN_new();
+
+#define BITS 1024
+	bn_expand(r,BITS*2);
+	bn_expand(t,BITS*2);
+	fprintf(stdout,"obase=16\n");
+	fprintf(stdout,"ibase=16\n");
+	for (i=0; i<10; i++)
+		{
+		BN_rand(a,BITS,0,0);
+		BN_rand(b,BITS,0,0);
+		r->top=(BITS*2)/BN_BITS2;
+		memset(r->d,0,sizeof(r->top)*sizeof(BN_ULONG));
+		memset(t->d,0,sizeof(r->top)*sizeof(BN_ULONG));
+		for (j=0; j<1000; j++)
+			{
+
+/*			BN_mul(r,a,b); /**/
+			bn_recursize_mul(r->d,t->d,a->d,b->d,a->top); /**/
+			}
+		BN_print(stdout,a); fprintf(stdout," * ");
+		BN_print(stdout,b); fprintf(stdout," - ");
+		BN_print(stdout,r); fprintf(stdout,"\n");
+		}
+	}
diff --git a/crypto/buffer/Makefile.ssl b/crypto/buffer/Makefile.ssl
new file mode 100644
index 0000000000..35367933b3
--- /dev/null
+++ b/crypto/buffer/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/buffer/Makefile
+#
+
+DIR=	buffer
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=buffer
+ERRC=buf_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= buffer.c $(ERRC).c
+LIBOBJ= buffer.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= buffer.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
new file mode 100644
index 0000000000..8cb9f33056
--- /dev/null
+++ b/crypto/buffer/buf_err.c
@@ -0,0 +1,81 @@
+/* lib/buf/buf_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "buffer.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA BUF_str_functs[]=
+	{
+{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0),	"BUF_MEM_grow"},
+{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0),	"BUF_MEM_new"},
+{ERR_PACK(0,BUF_F_BUF_STRDUP,0),	"BUF_strdup"},
+{ERR_PACK(0,BUF_F_PXYCLNT_READ,0),	"PXYCLNT_READ"},
+{0,NULL},
+	};
+
+void ERR_load_BUF_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
+		}
+	}
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
new file mode 100644
index 0000000000..df7e2fad2b
--- /dev/null
+++ b/crypto/buffer/buffer.c
@@ -0,0 +1,139 @@
+/* crypto/buffer/buffer.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+
+BUF_MEM *BUF_MEM_new()
+	{
+	BUF_MEM *ret;
+
+	ret=(BUF_MEM *)Malloc(sizeof(BUF_MEM));
+	if (ret == NULL)
+		{
+		BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->length=0;
+	ret->max=0;
+	ret->data=NULL;
+	return(ret);
+	}
+
+void BUF_MEM_free(a)
+BUF_MEM *a;
+	{
+	if (a->data != NULL)
+		{
+		memset(a->data,0,(unsigned int)a->max);
+		Free(a->data);
+		}
+	Free(a);
+	}
+
+int BUF_MEM_grow(str, len)
+BUF_MEM *str;
+int len;
+	{
+	char *ret;
+	unsigned int n;
+
+	if (str->length >= len) return(len);
+	if (str->max >= len)
+		{
+		memset(&(str->data[str->length]),0,len-str->length);
+		str->length=len;
+		return(len);
+		}
+	n=(len+3)/3*4;
+	if (str->data == NULL)
+		ret=(char *)Malloc(n);
+	else
+		ret=(char *)Realloc(str->data,n);
+	if (ret == NULL)
+		{
+		BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
+		len=0;
+		}
+	else
+		{
+		str->data=ret;
+		str->length=len;
+		str->max=n;
+		}
+	return(len);
+	}
+
+char *BUF_strdup(str)
+char *str;
+	{
+	char *ret;
+	int n;
+
+	n=strlen(str);
+	ret=Malloc(n+1);
+	if (ret == NULL) 
+		{
+		BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	memcpy(ret,str,n+1);
+	return(ret);
+	}
+
diff --git a/crypto/buffer/buffer.err b/crypto/buffer/buffer.err
new file mode 100644
index 0000000000..62b775e637
--- /dev/null
+++ b/crypto/buffer/buffer.err
@@ -0,0 +1,9 @@
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+#define BUF_F_BUF_MEM_GROW				 100
+#define BUF_F_BUF_MEM_NEW				 101
+#define BUF_F_BUF_STRDUP				 102
+#define BUF_F_PXYCLNT_READ				 103
+
+/* Reason codes. */
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
new file mode 100644
index 0000000000..87c9071e49
--- /dev/null
+++ b/crypto/buffer/buffer.h
@@ -0,0 +1,107 @@
+/* crypto/buffer/buffer.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BUFFER_H
+#define HEADER_BUFFER_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct buf_mem_st
+	{
+	int length;
+	char *data;
+	int max;
+	} BUF_MEM;
+
+#ifndef NOPROTO
+BUF_MEM *BUF_MEM_new(void);
+void	BUF_MEM_free(BUF_MEM *a);
+int	BUF_MEM_grow(BUF_MEM *str, int len);
+char *	BUF_strdup(char *str);
+
+void ERR_load_BUF_strings(void );
+
+#else
+
+BUF_MEM *BUF_MEM_new();
+void	BUF_MEM_free();
+int	BUF_MEM_grow();
+char *	BUF_strdup();
+
+void ERR_load_BUF_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+#define BUF_F_BUF_MEM_GROW				 100
+#define BUF_F_BUF_MEM_NEW				 101
+#define BUF_F_BUF_STRDUP				 102
+#define BUF_F_PXYCLNT_READ				 103
+
+/* Reason codes. */
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl
new file mode 100644
index 0000000000..878ac70b14
--- /dev/null
+++ b/crypto/conf/Makefile.ssl
@@ -0,0 +1,85 @@
+#
+# SSLeay/crypto/conf/Makefile
+#
+
+DIR=	conf
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=conf
+ERRC=conf_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= conf.c $(ERRC).c
+
+LIBOBJ=	conf.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= conf.h
+HEADER=	conf_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/conf/cnf_save.c b/crypto/conf/cnf_save.c
new file mode 100644
index 0000000000..8524802e18
--- /dev/null
+++ b/crypto/conf/cnf_save.c
@@ -0,0 +1,106 @@
+/* crypto/conf/cnf_save.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "conf.h"
+
+void print_conf(CONF_VALUE *cv);
+
+main()
+	{
+	LHASH *conf;
+	long l;
+
+	conf=CONF_load(NULL,"../../apps/ssleay.cnf",&l);
+	if (conf == NULL)
+		{
+		fprintf(stderr,"error loading config, line %ld\n",l);
+		exit(1);
+		}
+
+	lh_doall(conf,print_conf);
+	}
+
+
+void print_conf(cv)
+CONF_VALUE *cv;
+	{
+	int i;
+	CONF_VALUE *v;
+	char *section;
+	char *name;
+	char *value;
+	STACK *s;
+
+	/* If it is a single entry, return */
+
+	if (cv->name != NULL) return;
+
+	printf("[ %s ]\n",cv->section);
+	s=(STACK *)cv->value;
+
+	for (i=0; i<sk_num(s); i++)
+		{
+		v=(CONF_VALUE *)sk_value(s,i);
+		section=(v->section == NULL)?"None":v->section;
+		name=(v->name == NULL)?"None":v->name;
+		value=(v->value == NULL)?"None":v->value;
+		printf("%s=%s\n",name,value);
+		}
+	printf("\n");
+	}
diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
new file mode 100644
index 0000000000..68243e9f01
--- /dev/null
+++ b/crypto/conf/conf.c
@@ -0,0 +1,725 @@
+/* crypto/conf/conf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "stack.h"
+#include "lhash.h"
+#include "conf.h"
+#include "buffer.h"
+#include "err.h"
+
+#include "conf_lcl.h"
+
+#ifndef NOPROTO
+static void value_free_hash(CONF_VALUE *a, LHASH *conf);
+static void value_free_stack(CONF_VALUE *a,LHASH *conf);
+static unsigned long hash(CONF_VALUE *v);
+static int cmp(CONF_VALUE *a,CONF_VALUE *b);
+static char *eat_ws(char *p);
+static char *eat_alpha_numeric(char *p);
+static void clear_comments(char *p);
+static int str_copy(LHASH *conf,char *section,char **to, char *from);
+static char *scan_quote(char *p);
+static CONF_VALUE *new_section(LHASH *conf,char *section);
+static CONF_VALUE *get_section(LHASH *conf,char *section);
+#else
+static void value_free_hash();
+static void value_free_stack();
+static unsigned long hash();
+static int cmp();
+static char *eat_ws();
+static char *eat_alpha_numeric();
+static void clear_comments();
+static int str_copy();
+static char *scan_quote();
+static CONF_VALUE *new_section();
+static CONF_VALUE *get_section();
+#endif
+
+#define scan_esc(p)	((*(++p) == '\0')?(p):(++p))
+
+char *CONF_version="CONF part of SSLeay 0.8.1b 29-Jun-1998";
+
+LHASH *CONF_load(h,file,line)
+LHASH *h;
+char *file;
+long *line;
+	{
+	LHASH *ret=NULL;
+	FILE *in=NULL;
+#define BUFSIZE	512
+	int bufnum=0,i,ii;
+	BUF_MEM *buff=NULL;
+	char *s,*p,*end;
+	int again,n,eline=0;
+	CONF_VALUE *v=NULL,*vv,*tv;
+	CONF_VALUE *sv=NULL;
+	char *section=NULL,*buf;
+	STACK *section_sk=NULL,*ts;
+	char *start,*psection,*pname;
+
+	if ((buff=BUF_MEM_new()) == NULL)
+		{
+		CONFerr(CONF_F_CONF_LOAD,ERR_R_BUF_LIB);
+		goto err;
+		}
+
+	in=fopen(file,"rb");
+	if (in == NULL)
+		{
+		SYSerr(SYS_F_FOPEN,errno);
+		CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
+		goto err;
+		}
+
+	section=(char *)Malloc(10);
+	if (section == NULL)
+		{
+		CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	strcpy(section,"default");
+
+	if (h == NULL)
+		{
+		if ((ret=lh_new(hash,cmp)) == NULL)
+			{
+			CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		}
+	else
+		ret=h;
+
+	sv=new_section(ret,section);
+	if (sv == NULL)
+		{
+		CONFerr(CONF_F_CONF_LOAD,CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+		goto err;
+		}
+	section_sk=(STACK *)sv->value;
+
+	bufnum=0;
+	for (;;)
+		{
+		again=0;
+		if (!BUF_MEM_grow(buff,bufnum+BUFSIZE))
+			{
+			CONFerr(CONF_F_CONF_LOAD,ERR_R_BUF_LIB);
+			goto err;
+			}
+		p= &(buff->data[bufnum]);
+		*p='\0';
+		fgets(p,BUFSIZE-1,in);
+		p[BUFSIZE-1]='\0';
+		ii=i=strlen(p);
+		if (i == 0) break;
+		while (i > 0)
+			{
+			if ((p[i-1] != '\r') && (p[i-1] != '\n'))
+				break;
+			else
+				i--;
+			}
+		/* we removed some trailing stuff so there is a new
+		 * line on the end. */
+		if (i == ii)
+			again=1; /* long line */
+		else
+			{
+			p[i]='\0';
+			eline++; /* another input line */
+			}
+
+		/* we now have a line with trailing \r\n removed */
+
+		/* i is the number of bytes */
+		bufnum+=i;
+
+		v=NULL;
+		/* check for line continuation */
+		if (bufnum >= 1)
+			{
+			/* If we have bytes and the last char '\\' and
+			 * second last char is not '\\' */
+			p= &(buff->data[bufnum-1]);
+			if (	IS_ESC(p[0]) &&
+				((bufnum <= 1) || !IS_ESC(p[-1])))
+				{
+				bufnum--;
+				again=1;
+				}
+			}
+		if (again) continue;
+		bufnum=0;
+		buf=buff->data;
+
+		clear_comments(buf);
+		n=strlen(buf);
+		s=eat_ws(buf);
+		if (IS_EOF(*s)) continue; /* blank line */
+		if (*s == '[')
+			{
+			s++;
+			start=eat_ws(s);
+			end=eat_alpha_numeric(start);
+			p=eat_ws(end);
+			if (*p != ']')
+				{
+				CONFerr(CONF_F_CONF_LOAD,CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
+				goto err;
+				}
+			*end='\0';
+			if (!str_copy(ret,NULL,&section,start)) goto err;
+			if ((sv=get_section(ret,section)) == NULL)
+				sv=new_section(ret,section);
+			if (sv == NULL)
+				{
+				CONFerr(CONF_F_CONF_LOAD,CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+				goto err;
+				}
+			section_sk=(STACK *)sv->value;
+			continue;
+			}
+		else
+			{
+			pname=s;
+			psection=NULL;
+			end=eat_alpha_numeric(s);
+			if ((end[0] == ':') && (end[1] == ':'))
+				{
+				*end='\0';
+				end+=2;
+				psection=pname;
+				pname=end;
+				end=eat_alpha_numeric(end);
+				}
+			p=eat_ws(end);
+			if (*p != '=')
+				{
+				CONFerr(CONF_F_CONF_LOAD,CONF_R_MISSING_EQUAL_SIGN);
+				goto err;
+				}
+			*end='\0';
+			p++;
+			start=eat_ws(p);
+			while (!IS_EOF(*p))
+				p++;
+			p--;
+			while ((p != start) && (IS_WS(*p)))
+				p--;
+			p++;
+			*p='\0';
+
+			if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL)
+				{
+				CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			if (psection == NULL) psection=section;
+			v->name=(char *)Malloc(strlen(pname)+1);
+			v->value=NULL;
+			if (v->name == NULL)
+				{
+				CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			strcpy(v->name,pname);
+			if (!str_copy(ret,psection,&(v->value),start)) goto err;
+
+			if (strcmp(psection,section) != 0)
+				{
+				if ((tv=get_section(ret,psection))
+					== NULL)
+					tv=new_section(ret,psection);
+				if (tv == NULL)
+					{
+					CONFerr(CONF_F_CONF_LOAD,CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+					goto err;
+					}
+				ts=(STACK *)tv->value;
+				}
+			else
+				{
+				tv=sv;
+				ts=section_sk;
+				}
+			v->section=tv->section;	
+			if (!sk_push(ts,(char *)v))
+				{
+				CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			vv=(CONF_VALUE *)lh_insert(ret,(char *)v);
+			if (vv != NULL)
+				{
+				sk_delete_ptr(ts,(char *)vv);
+				Free(vv->name);
+				Free(vv->value);
+				Free(vv);
+				}
+			v=NULL;
+			}
+		}
+	if (buff != NULL) BUF_MEM_free(buff);
+	if (section != NULL) Free(section);
+	if (in != NULL) fclose(in);
+	return(ret);
+err:
+	if (buff != NULL) BUF_MEM_free(buff);
+	if (section != NULL) Free(section);
+	if (line != NULL) *line=eline;
+	if (in != NULL) fclose(in);
+	if ((h != ret) && (ret != NULL)) CONF_free(ret);
+	if (v != NULL)
+		{
+		if (v->name != NULL) Free(v->name);
+		if (v->value != NULL) Free(v->value);
+		if (v != NULL) Free(v);
+		}
+	return(NULL);
+	}
+		
+char *CONF_get_string(conf,section,name)
+LHASH *conf;
+char *section;
+char *name;
+	{
+	CONF_VALUE *v,vv;
+	char *p;
+
+	if (name == NULL) return(NULL);
+	if (conf != NULL)
+		{
+		if (section != NULL)
+			{
+			vv.name=name;
+			vv.section=section;
+			v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
+			if (v != NULL) return(v->value);
+			if (strcmp(section,"ENV") == 0)
+				{
+				p=Getenv(name);
+				if (p != NULL) return(p);
+				}
+			}
+		vv.section="default";
+		vv.name=name;
+		v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
+		if (v != NULL)
+			return(v->value);
+		else
+			return(NULL);
+		}
+	else
+		return(Getenv(name));
+	}
+
+static CONF_VALUE *get_section(conf,section)
+LHASH *conf;
+char *section;
+	{
+	CONF_VALUE *v,vv;
+
+	if ((conf == NULL) || (section == NULL)) return(NULL);
+	vv.name=NULL;
+	vv.section=section;
+	v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
+	return(v);
+	}
+
+STACK *CONF_get_section(conf,section)
+LHASH *conf;
+char *section;
+	{
+	CONF_VALUE *v;
+
+	v=get_section(conf,section);
+	if (v != NULL)
+		return((STACK *)v->value);
+	else
+		return(NULL);
+	}
+
+long CONF_get_number(conf,section,name)
+LHASH *conf;
+char *section;
+char *name;
+	{
+	char *str;
+	long ret=0;
+
+	str=CONF_get_string(conf,section,name);
+	if (str == NULL) return(0);
+	for (;;)
+		{
+		if (IS_NUMER(*str))
+			ret=ret*10+(*str -'0');
+		else
+			return(ret);
+		str++;
+		}
+	}
+
+void CONF_free(conf)
+LHASH *conf;
+	{
+	if (conf == NULL) return;
+
+	conf->down_load=0; 	/* evil thing to make sure the 'Free()'
+				 * works as expected */
+	lh_doall_arg(conf,(void (*)())value_free_hash,(char *)conf);
+
+	/* We now have only 'section' entries in the hash table.
+	 * Due to problems with */
+
+	lh_doall_arg(conf,(void (*)())value_free_stack,(char *)conf);
+	lh_free(conf);
+	}
+
+static void value_free_hash(a,conf)
+CONF_VALUE *a;
+LHASH *conf;
+	{
+	if (a->name != NULL)
+		{
+		a=(CONF_VALUE *)lh_delete(conf,(char *)a);
+		}
+	}
+
+static void value_free_stack(a,conf)
+CONF_VALUE *a;
+LHASH *conf;
+	{
+	CONF_VALUE *vv;
+	STACK *sk;
+	int i;
+
+	if (a->name != NULL) return;
+
+	sk=(STACK *)a->value;
+	for (i=sk_num(sk)-1; i>=0; i--)
+		{
+		vv=(CONF_VALUE *)sk_value(sk,i);
+		Free(vv->value);
+		Free(vv->name);
+		Free(vv);
+		}
+	if (sk != NULL) sk_free(sk);
+	Free(a->section);
+	Free(a);
+	}
+
+static void clear_comments(p)
+char *p;
+	{
+	char *to;
+
+	to=p;
+	for (;;)
+		{
+		if (IS_COMMENT(*p))
+			{
+			*p='\0';
+			return;
+			}
+		if (IS_QUOTE(*p))
+			{
+			p=scan_quote(p);
+			continue;
+			}
+		if (IS_ESC(*p))
+			{
+			p=scan_esc(p);
+			continue;
+			}
+		if (IS_EOF(*p))
+			return;
+		else
+			p++;
+		}
+	}
+
+static int str_copy(conf,section,pto,from)
+LHASH *conf;
+char *section;
+char **pto,*from;
+	{
+	int q,r,rr=0,to=0,len=0;
+	char *s,*e,*rp,*p,*rrp,*np,*cp,v;
+	BUF_MEM *buf;
+
+	if ((buf=BUF_MEM_new()) == NULL) return(0);
+
+	len=strlen(from)+1;
+	if (!BUF_MEM_grow(buf,len)) goto err;
+
+	for (;;)
+		{
+		if (IS_QUOTE(*from))
+			{
+			q= *from;
+			from++;
+			while ((*from != '\0') && (*from != q))
+				{
+				if (*from == '\\')
+					{
+					from++;
+					if (*from == '\0') break;
+					}
+				buf->data[to++]= *(from++);
+				}
+			}
+		else if (*from == '\\')
+			{
+			from++;
+			v= *(from++);
+			if (v == '\0') break;
+			else if (v == 'r') v='\r';
+			else if (v == 'n') v='\n';
+			else if (v == 'b') v='\b';
+			else if (v == 't') v='\t';
+			buf->data[to++]= v;
+			}
+		else if (*from == '\0')
+			break;
+		else if (*from == '$')
+			{
+			/* try to expand it */
+			rrp=NULL;
+			s= &(from[1]);
+			if (*s == '{')
+				q='}';
+			else if (*s == '(')
+				q=')';
+			else q=0;
+
+			if (q) s++;
+			cp=section;
+			e=np=s;
+			while (IS_ALPHA_NUMERIC(*e))
+				e++;
+			if ((e[0] == ':') && (e[1] == ':'))
+				{
+				cp=np;
+				rrp=e;
+				rr= *e;
+				*rrp='\0';
+				e+=2;
+				np=e;
+				while (IS_ALPHA_NUMERIC(*e))
+					e++;
+				}
+			r= *e;
+			*e='\0';
+			rp=e;
+			if (q)
+				{
+				if (r != q)
+					{
+					CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
+					goto err;
+					}
+				e++;
+				}
+			/* So at this point we have
+			 * ns which is the start of the name string which is
+			 *   '\0' terminated. 
+			 * cs which is the start of the section string which is
+			 *   '\0' terminated.
+			 * e is the 'next point after'.
+			 * r and s are the chars replaced by the '\0'
+			 * rp and sp is where 'r' and 's' came from.
+			 */
+			p=CONF_get_string(conf,cp,np);
+			if (rrp != NULL) *rrp=rr;
+			*rp=r;
+			if (p == NULL)
+				{
+				CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
+				goto err;
+				}
+			BUF_MEM_grow(buf,(strlen(p)+len-(e-from)));
+			while (*p)
+				buf->data[to++]= *(p++);
+			from=e;
+			}
+		else
+			buf->data[to++]= *(from++);
+		}
+	buf->data[to]='\0';
+	if (*pto != NULL) Free(*pto);
+	*pto=buf->data;
+	Free(buf);
+	return(1);
+err:
+	if (buf != NULL) BUF_MEM_free(buf);
+	return(0);
+	}
+
+static char *eat_ws(p)
+char *p;
+	{
+	while (IS_WS(*p) && (!IS_EOF(*p)))
+		p++;
+	return(p);
+	}
+
+static char *eat_alpha_numeric(p)
+char *p;
+	{
+	for (;;)
+		{
+		if (IS_ESC(*p))
+			{
+			p=scan_esc(p);
+			continue;
+			}
+		if (!IS_ALPHA_NUMERIC_PUNCT(*p))
+			return(p);
+		p++;
+		}
+	}
+
+static unsigned long hash(v)
+CONF_VALUE *v;
+	{
+	return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
+	}
+
+static int cmp(a,b)
+CONF_VALUE *a,*b;
+	{
+	int i;
+
+	if (a->section != b->section)
+		{
+		i=strcmp(a->section,b->section);
+		if (i) return(i);
+		}
+
+	if ((a->name != NULL) && (b->name != NULL))
+		{
+		i=strcmp(a->name,b->name);
+		return(i);
+		}
+	else if (a->name == b->name)
+		return(0);
+	else
+		return((a->name == NULL)?-1:1);
+	}
+
+static char *scan_quote(p)
+char *p;
+	{
+	int q= *p;
+
+	p++;
+	while (!(IS_EOF(*p)) && (*p != q))
+		{
+		if (IS_ESC(*p))
+			{
+			p++;
+			if (IS_EOF(*p)) return(p);
+			}
+		p++;
+		}
+	if (*p == q) p++;
+	return(p);
+	}
+
+static CONF_VALUE *new_section(conf,section)
+LHASH *conf;
+char *section;
+	{
+	STACK *sk=NULL;
+	int ok=0,i;
+	CONF_VALUE *v=NULL,*vv;
+
+	if ((sk=sk_new_null()) == NULL)
+		goto err;
+	if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL)
+		goto err;
+	i=strlen(section)+1;
+	if ((v->section=(char *)Malloc(i)) == NULL)
+		goto err;
+
+	memcpy(v->section,section,i);
+	v->name=NULL;
+	v->value=(char *)sk;
+	
+	vv=(CONF_VALUE *)lh_insert(conf,(char *)v);
+#ifndef WIN16
+	if (vv != NULL)
+		{
+		fprintf(stderr,"internal fault\n");
+		abort();
+		}
+#endif
+	ok=1;
+err:
+	if (!ok)
+		{
+		if (sk != NULL) sk_free(sk);
+		if (v != NULL) Free(v);
+		v=NULL;
+		}
+	return(v);
+	}
diff --git a/crypto/conf/conf.err b/crypto/conf/conf.err
new file mode 100644
index 0000000000..933d3d692a
--- /dev/null
+++ b/crypto/conf/conf.err
@@ -0,0 +1,12 @@
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+#define CONF_F_CONF_LOAD				 100
+#define CONF_F_STR_COPY					 101
+
+/* Reason codes. */
+#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET		 100
+#define CONF_R_MISSING_EQUAL_SIGN			 101
+#define CONF_R_NO_CLOSE_BRACE				 102
+#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
+#define CONF_R_VARIABLE_HAS_NO_VALUE			 104
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
new file mode 100644
index 0000000000..a23ec95427
--- /dev/null
+++ b/crypto/conf/conf.h
@@ -0,0 +1,114 @@
+/* crypto/conf/conf.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef  HEADER_CONF_H
+#define HEADER_CONF_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "lhash.h"
+
+typedef struct
+	{
+	char *section;
+	char *name;
+	char *value;
+	} CONF_VALUE;
+
+#ifndef NOPROTO
+
+LHASH *CONF_load(LHASH *conf,char *file,long *eline);
+STACK *CONF_get_section(LHASH *conf,char *section);
+char *CONF_get_string(LHASH *conf,char *group,char *name);
+long CONF_get_number(LHASH *conf,char *group,char *name);
+void CONF_free(LHASH *conf);
+void ERR_load_CONF_strings(void );
+
+#else
+
+LHASH *CONF_load();
+STACK *CONF_get_section();
+char *CONF_get_string();
+long CONF_get_number();
+void CONF_free();
+void ERR_load_CONF_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+#define CONF_F_CONF_LOAD				 100
+#define CONF_F_STR_COPY					 101
+
+/* Reason codes. */
+#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET		 100
+#define CONF_R_MISSING_EQUAL_SIGN			 101
+#define CONF_R_NO_CLOSE_BRACE				 102
+#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
+#define CONF_R_VARIABLE_HAS_NO_VALUE			 104
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
new file mode 100644
index 0000000000..b88c5b760b
--- /dev/null
+++ b/crypto/conf/conf_err.c
@@ -0,0 +1,90 @@
+/* lib/conf/conf_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "conf.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA CONF_str_functs[]=
+	{
+{ERR_PACK(0,CONF_F_CONF_LOAD,0),	"CONF_load"},
+{ERR_PACK(0,CONF_F_STR_COPY,0),	"STR_COPY"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA CONF_str_reasons[]=
+	{
+{CONF_R_MISSING_CLOSE_SQUARE_BRACKET     ,"missing close square bracket"},
+{CONF_R_MISSING_EQUAL_SIGN               ,"missing equal sign"},
+{CONF_R_NO_CLOSE_BRACE                   ,"no close brace"},
+{CONF_R_UNABLE_TO_CREATE_NEW_SECTION     ,"unable to create new section"},
+{CONF_R_VARIABLE_HAS_NO_VALUE            ,"variable has no value"},
+{0,NULL},
+	};
+
+void ERR_load_CONF_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
+		ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
+		}
+	}
diff --git a/crypto/conf/conf_lcl.h b/crypto/conf/conf_lcl.h
new file mode 100644
index 0000000000..8ae7ce0735
--- /dev/null
+++ b/crypto/conf/conf_lcl.h
@@ -0,0 +1,102 @@
+/* crypto/conf/conf_lcl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define CONF_NUMBER		1
+#define CONF_UPPER		2
+#define CONF_LOWER		4
+#define CONF_UNDER		256
+#define CONF_PUNCTUATION	512
+#define CONF_WS			16
+#define CONF_ESC		32
+#define CONF_QUOTE		64
+#define CONF_COMMENT		128
+#define CONF_EOF		8
+#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
+					CONF_PUNCTUATION)
+
+#define IS_COMMENT(a)		(CONF_COMMENT&(CONF_type[(a)&0x7f]))
+#define IS_EOF(a)		((a) == '\0')
+#define IS_ESC(a)		((a) == '\\')
+#define IS_NUMER(a)		(CONF_type[(a)&0x7f]&CONF_NUMBER)
+#define IS_WS(a)		(CONF_type[(a)&0x7f]&CONF_WS)
+#define IS_ALPHA_NUMERIC(a)	(CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC)
+#define IS_ALPHA_NUMERIC_PUNCT(a) \
+				(CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
+#define IS_QUOTE(a)		(CONF_type[(a)&0x7f]&CONF_QUOTE)
+
+static unsigned short CONF_type[128]={
+	0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
+	0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
+	0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
+	0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
+	0x010,0x200,0x040,0x080,0x000,0x200,0x200,0x040,
+	0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
+	0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
+	0x001,0x001,0x000,0x200,0x000,0x000,0x000,0x200,
+	0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
+	0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
+	0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
+	0x002,0x002,0x002,0x000,0x020,0x000,0x200,0x100,
+	0x040,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
+	0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
+	0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
+	0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
+	};
+
diff --git a/crypto/conf/keysets.pl b/crypto/conf/keysets.pl
new file mode 100644
index 0000000000..1aed0c80c4
--- /dev/null
+++ b/crypto/conf/keysets.pl
@@ -0,0 +1,61 @@
+#!/usr/local/bin/perl
+
+$NUMBER=0x01;
+$UPPER=0x02;
+$LOWER=0x04;
+$EOF=0x08;
+$WS=0x10;
+$ESC=0x20;
+$QUOTE=0x40;
+$COMMENT=0x80;
+$UNDER=0x100;
+
+foreach (0 .. 127)
+	{
+	$v=0;
+	$c=sprintf("%c",$_);
+	$v|=$NUMBER	if ($c =~ /[0-9]/);
+	$v|=$UPPER	if ($c =~ /[A-Z]/);
+	$v|=$LOWER	if ($c =~ /[a-z]/);
+	$v|=$UNDER	if ($c =~ /_/);
+	$v|=$WS		if ($c =~ / \t\r\n/);
+	$v|=$ESC	if ($c =~ /\\/);
+	$v|=$QUOTE	if ($c =~ /['`"]/);
+	$v|=$COMMENT	if ($c =~ /\#/);
+	$v|=$EOF	if ($c =~ /\0/);
+
+	push(@V,$v);
+	}
+
+print <<"EOF";
+#define CONF_NUMBER		$NUMBER
+#define CONF_UPPER		$UPPER
+#define CONF_LOWER		$LOWER
+#define CONF_EOF		$EOF
+#define CONF_WS			$WS
+#define CONF_ESC		$ESC
+#define CONF_QUOTE		$QUOTE
+#define CONF_COMMENT		$COMMENT
+#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_UNDER		$UNDER
+
+#define IS_COMMENT(a)		(CONF_COMMENT&(CONF_type[(a)&0x7f]))
+#define IS_EOF(a)		((a) == '\\0')
+#define IS_ESC(a)		((a) == '\\\\')
+#define IS_NUMER(a)		(CONF_type[(a)&0x7f]&CONF_NUMBER)
+#define IS_WS(a)		(CONF_type[(a)&0x7f]&CONF_WS)
+#define IS_ALPHA_NUMERIC(a)	(CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC)
+#define IS_QUOTE(a)		(CONF_type[(a)&0x7f]&CONF_QUOTE)
+
+EOF
+
+print "static unsigned short CONF_type[128]={";
+
+for ($i=0; $i<128; $i++)
+	{
+	print "\n\t" if ($i % 8) == 0;
+	printf "0x%03X,",$V[$i];
+	}
+
+print "\n\t};\n";
diff --git a/crypto/conf/ssleay.cnf b/crypto/conf/ssleay.cnf
new file mode 100644
index 0000000000..ed33af601e
--- /dev/null
+++ b/crypto/conf/ssleay.cnf
@@ -0,0 +1,78 @@
+#
+# This is a test configuration file for use in SSLeay etc...
+#
+
+init = 5
+in\#it1 =10
+init2='10'
+init3='10\''
+init4="10'"
+init5='='10\'' again'
+
+SSLeay::version = 0.5.0
+
+[genrsa]
+default_bits	= 512
+SSLEAY::version = 0.5.0
+
+[gendh]
+default_bits	= 512
+def_generator	= 2
+
+[s_client]
+cipher1		= DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
+cipher2		= 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
+cipher3		= "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
+cipher4		= DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
+
+[ default ]
+cert_dir	= $ENV::HOME/.ca_certs
+
+HOME		= /tmp/eay
+
+tmp_cert_dir	= $HOME/.ca_certs
+tmp2_cert_dir	= thisis$(HOME)stuff
+
+LOGNAME	= Eric Young (home=$HOME)
+
+[ special ]
+
+H=$HOME
+H=$default::HOME
+H=$ENV::HOME
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= $HOME/.rand
+
+[ req ]
+default_bits		= 512
+default_keyfile 	= privkey.pem
+
+Attribute_type_1	= countryName
+Attribute_text_1	= Country Name (2 letter code)
+Attribute_default_1	= AU
+
+Attribute_type_2	= stateOrProvinceName
+Attribute_text_2	= State or Province Name (full name)
+Attribute_default_2	= Queensland
+
+Attribute_type_3	= localityName
+Attribute_text_3	= Locality Name (eg, city)
+
+Attribute_type_4	= organizationName
+Attribute_text_4	= Organization Name (eg, company)
+Attribute_default_4	= Mincom Pty Ltd
+
+Attribute_type_5	= organizationalUnitName
+Attribute_text_5	= Organizational Unit Name (eg, section)
+Attribute_default_5	= TR
+
+Attribute_type_6	= commonName
+Attribute_text_6	= Common Name (eg, YOUR name)
+
+Attribute_type_7	= emailAddress
+Attribute_text_7	= Email Address
+
diff --git a/crypto/conf/test.c b/crypto/conf/test.c
new file mode 100644
index 0000000000..17185926ac
--- /dev/null
+++ b/crypto/conf/test.c
@@ -0,0 +1,91 @@
+/* crypto/conf/test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "conf.h"
+
+main()
+	{
+	LHASH *conf;
+	long eline;
+	char *s,*s2;
+
+	conf=CONF_load(NULL,"ssleay.conf",&eline);
+	if (conf == NULL)
+		{
+		ERR_load_crypto_strings();
+		printf("unable to load configuration, line %ld\n",eline);
+		ERR_print_errors_fp(stderr);
+		exit(1);
+		}
+	lh_stats(conf,stdout);
+	lh_node_stats(conf,stdout);
+	lh_node_usage_stats(conf,stdout);
+
+	s=CONF_get_string(conf,NULL,"init2");
+	printf("init2=%s\n",(s == NULL)?"NULL":s);
+
+	s=CONF_get_string(conf,NULL,"cipher1");
+	printf("cipher1=%s\n",(s == NULL)?"NULL":s);
+
+	s=CONF_get_string(conf,"s_client","cipher1");
+	printf("s_client:cipher1=%s\n",(s == NULL)?"NULL":s);
+
+	exit(0);
+	}
diff --git a/crypto/cryptall.h b/crypto/cryptall.h
new file mode 100644
index 0000000000..8eb0855408
--- /dev/null
+++ b/crypto/cryptall.h
@@ -0,0 +1,110 @@
+/* crypto/cryptall.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTOALL_H
+#define HEADER_CRYPTOALL_H
+
+#include "buffer.h"
+#include "stack.h"
+#include "lhash.h"
+
+#include "err.h"
+
+#ifdef NO_MD2
+#include <md2.h>
+#else
+#include "md2.h"
+#endif
+#ifdef NO_MD5
+#include <md5.h>
+#else
+#include "md5.h"
+#endif
+#include "sha.h"
+
+#ifdef NO_DES
+#include <des.h>
+#else
+#include "des.h"
+#endif
+#include "rc2.h"
+#include "rc4.h"
+#include "idea.h"
+
+#include "bn.h"
+#include "dh.h"
+#include "rsa.h"
+#include "dsa.h"
+
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"
+
+#include "err.h"
+#include "evp.h"
+
+#include "meth.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"
+
+#include "crypto.h"
+
+#endif
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
new file mode 100644
index 0000000000..12cf0733ec
--- /dev/null
+++ b/crypto/cryptlib.c
@@ -0,0 +1,267 @@
+/* crypto/cryptlib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "date.h"
+
+/* real #defines in crypto.h, keep these upto date */
+static char* lock_names[CRYPTO_NUM_LOCKS] =
+	{
+	"<<ERROR>>",
+	"err",
+	"err_hash",
+	"x509",
+	"x509_info",
+	"x509_pkey",
+	"x509_crl",
+	"x509_req",
+	"dsa",
+	"rsa",
+	"evp_pkey",
+	"x509_store",
+	"ssl_ctx",
+	"ssl_cert",
+	"ssl_session",
+	"ssl",
+	"rand",
+	"debug_malloc",
+	"bio_gethostbyname",
+	"BIO",
+	};
+
+#ifndef NOPROTO
+static void (MS_FAR *locking_callback)(int mode,int type,
+	char *file,int line)=NULL;
+static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
+	int type,char *file,int line)=NULL;
+static unsigned long (MS_FAR *id_callback)(void)=NULL;
+#else
+static void (MS_FAR *locking_callback)()=NULL;
+static int (MS_FAR *add_lock_callback)()=NULL;
+static unsigned long (MS_FAR *id_callback)()=NULL;
+#endif
+
+void (*CRYPTO_get_locking_callback(P_V))(P_I_I_P_I)
+	{
+	return(locking_callback);
+	}
+
+int (*CRYPTO_get_add_lock_callback(P_V))(P_IP_I_I_P_I)
+	{
+	return(add_lock_callback);
+	}
+
+void CRYPTO_set_locking_callback(func)
+void (*func)(P_I_I_P_I);
+	{
+	locking_callback=func;
+	}
+
+void CRYPTO_set_add_lock_callback(func)
+int (*func)(P_IP_I_I_P_I);
+	{
+	add_lock_callback=func;
+	}
+
+unsigned long (*CRYPTO_get_id_callback(P_V))(P_V)
+	{
+	return(id_callback);
+	}
+
+void CRYPTO_set_id_callback(func)
+unsigned long (*func)(P_V);
+	{
+	id_callback=func;
+	}
+
+unsigned long CRYPTO_thread_id()
+	{
+	unsigned long ret=0;
+
+	if (id_callback == NULL)
+		{
+#ifdef WIN16
+		ret=(unsigned long)GetCurrentTask();
+#elif defined(WIN32)
+		ret=(unsigned long)GetCurrentThreadId();
+#elif defined(MSDOS)
+		ret=1L;
+#else
+		ret=(unsigned long)getpid();
+#endif
+		}
+	else
+		ret=id_callback();
+	return(ret);
+	}
+
+void CRYPTO_lock(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+#ifdef LOCK_DEBUG
+		{
+		char *rw_text,*operation_text;
+
+		if (mode & CRYPTO_LOCK)
+			operation_text="lock  ";
+		else if (mode & CRYPTO_UNLOCK)
+			operation_text="unlock";
+		else
+			operation_text="ERROR ";
+
+		if (mode & CRYPTO_READ)
+			rw_text="r";
+		else if (mode & CRYPTO_WRITE)
+			rw_text="w";
+		else
+			rw_text="ERROR";
+
+		fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
+			CRYPTO_thread_id(), rw_text, operation_text,
+			CRYPTO_get_lock_name(type), file, line);
+		}
+#endif
+	if (locking_callback != NULL)
+		locking_callback(mode,type,file,line);
+	}
+
+int CRYPTO_add_lock(pointer,amount,type,file,line)
+int *pointer;
+int amount;
+int type;
+char *file;
+int line;
+	{
+	int ret;
+
+	if (add_lock_callback != NULL)
+		{
+#ifdef LOCK_DEBUG
+		int before= *pointer;
+#endif
+
+		ret=add_lock_callback(pointer,amount,type,file,line);
+#ifdef LOCK_DEBUG
+		fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+			CRYPTO_thread_id(),
+			before,amount,ret,
+			CRYPTO_get_lock_name(type),
+			file,line);
+#endif
+		*pointer=ret;
+		}
+	else
+		{
+		CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
+
+		ret= *pointer+amount;
+#ifdef LOCK_DEBUG
+		fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+			CRYPTO_thread_id(),
+			*pointer,amount,ret,
+			CRYPTO_get_lock_name(type),
+			file,line);
+#endif
+		*pointer=ret;
+		CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
+		}
+	return(ret);
+	}
+
+char *CRYPTO_get_lock_name(type)
+int type;
+	{
+	if ((type < 0) || (type >= CRYPTO_NUM_LOCKS))
+		return("ERROR");
+	return(lock_names[type]);
+	}
+
+#ifdef _DLL
+#ifdef WIN32
+
+/* All we really need to do is remove the 'error' state when a thread
+ * detaches */
+
+BOOL WINAPI DLLEntryPoint(hinstDLL,fdwReason,lpvReserved)
+HINSTANCE hinstDLL;
+DWORD fdwReason;
+LPVOID lpvReserved;
+	{
+	switch(fdwReason)
+		{
+	case DLL_PROCESS_ATTACH:
+		break;
+	case DLL_THREAD_ATTACH:
+		break;
+	case DLL_THREAD_DETACH:
+		ERR_remove_state(0);
+		break;
+	case DLL_PROCESS_DETACH:
+		break;
+		}
+	return(TRUE);
+	}
+#endif
+
+#endif
diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h
new file mode 100644
index 0000000000..cce9a999f3
--- /dev/null
+++ b/crypto/cryptlib.h
@@ -0,0 +1,98 @@
+/* crypto/cryptlib.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTLIB_H
+#define HEADER_CRYPTLIB_H
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifdef FLAT_INC
+
+#include "e_os.h"
+#include "crypto.h"
+#include "buffer.h" 
+#include "bio.h" 
+#include "err.h"
+
+#else
+
+#include "../e_os.h"
+#include "crypto.h"
+#include "buffer/buffer.h"
+#include "bio/bio.h"
+#include "err/err.h"
+#endif
+
+#define X509_CERT_AREA		"/usr/local/ssl"
+#define X509_CERT_DIR		"/usr/local/ssl/certs"
+#define X509_CERT_FILE		"/usr/local/ssl/cert.pem"
+#define X509_PRIVATE_DIR        "/usr/local/ssl/private"
+
+#define X509_CERT_DIR_EVP        "SSL_CERT_DIR"
+#define X509_CERT_FILE_EVP       "SSL_CERT_FILE"
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/crypto.c b/crypto/crypto.c
new file mode 100644
index 0000000000..16c4af47de
--- /dev/null
+++ b/crypto/crypto.c
@@ -0,0 +1,512 @@
+/* crypto/crypto.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* If you are happy to use the assmbler version of bn/bn_mulw.c, define
+ * BN_ASM */
+#ifndef BN_ASM
+#undef BN_ASM
+#endif
+
+#ifndef DES_ASM
+#undef DES_ASM
+#endif
+
+#ifndef BF_ASM
+#undef BF_ASM
+#endif
+
+/* The following defines are only to break the compiles into chunks.
+ * If you wish to not compile some sections, use the 'NO_XXX' macros
+ */
+#ifndef CRYPTO_SUBSET
+/* Define all subset symbols. */
+#define CRYPTO_LIB_SUBSET
+#define CRYPTO_ASN1_SUBSET
+#define CRYPTO_BN_SUBSET
+#define CRYPTO_BUFFER_SUBSET
+#define CRYPTO_BIO_SUBSET
+#define CRYPTO_CONF_SUBSET
+#define CRYPTO_DES_SUBSET
+#define CRYPTO_DH_SUBSET
+#define CRYPTO_DSA_SUBSET
+#define CRYPTO_ERROR_SUBSET
+#define CRYPTO_EVP_SUBSET
+#define CRYPTO_IDEA_SUBSET
+#define CRYPTO_LHASH_SUBSET
+#define CRYPTO_MD_SUBSET
+#define CRYPTO_MDC2_SUBSET
+#define CRYPTO_METH_SUBSET
+#define CRYPTO_OBJECTS_SUBSET
+#define CRYPTO_PEM_SUBSET
+#define CRYPTO_RAND_SUBSET
+#define CRYPTO_RC_SUBSET
+#define CRYPTO_BF_SUBSET
+#define CRYPTO_RSA_SUBSET
+#define CRYPTO_SHA_SUBSET
+#define CRYPTO_SHA1_SUBSET
+#define CRYPTO_STACK_SUBSET
+#define CRYPTO_TXT_DB_SUBSET
+#define CRYPTO_X509_SUBSET
+#define CRYPTO_PKCS7_SUBSET
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define USE_SOCKETS
+#include "../e_os.h"
+
+#include "buffer.h"
+#include "bio.h"
+#include "stack.h"
+#include "lhash.h"
+
+#include "err.h"
+
+#include "bn.h"
+#include "evp.h"
+
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"
+
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"
+
+#ifdef CRYPTO_LIB_SUBSET
+#include "cryptlib.c"
+#include "mem.c"
+#include "cversion.c"
+#endif
+
+#ifdef CRYPTO_ASN1_SUBSET
+#include "asn1/a_meth.c"
+#include "asn1/a_bitstr.c"
+#include "asn1/a_d2i_fp.c"
+#include "asn1/a_dup.c"
+#include "asn1/a_hdr.c"
+#include "asn1/a_i2d_fp.c"
+#include "asn1/a_int.c"
+#include "asn1/a_bool.c"
+#include "asn1/a_bytes.c"
+#include "asn1/a_object.c"
+#include "asn1/a_octet.c"
+#include "asn1/a_print.c"
+#include "asn1/a_set.c"
+#include "asn1/a_sign.c"
+#include "asn1/a_type.c"
+#include "asn1/a_utctm.c"
+#include "asn1/a_verify.c"
+#include "asn1/a_digest.c"
+#include "asn1/asn1_err.c"
+#include "asn1/asn1_lib.c"
+#include "asn1/asn1_par.c"
+#ifndef NO_DH
+#include "asn1/d2i_dhp.c"
+#include "asn1/i2d_dhp.c"
+#endif
+#ifndef NO_DSA
+#include "asn1/d2i_dsap.c"
+#include "asn1/i2d_dsap.c"
+#include "asn1/d2i_s_pr.c"
+#include "asn1/i2d_s_pr.c"
+#include "asn1/d2i_s_pu.c"
+#include "asn1/i2d_s_pu.c"
+#endif
+#ifndef NO_RSA
+#include "asn1/d2i_r_pr.c"
+#include "asn1/i2d_r_pr.c"
+#include "asn1/d2i_r_pu.c"
+#include "asn1/i2d_r_pu.c"
+#include "asn1/n_pkey.c"
+#endif
+#include "asn1/d2i_pr.c"
+#include "asn1/d2i_pu.c"
+#include "asn1/i2d_pr.c"
+#include "asn1/i2d_pu.c"
+#include "asn1/f_int.c"
+#include "asn1/f_string.c"
+#include "asn1/p7_dgst.c"
+#include "asn1/p7_enc.c"
+#include "asn1/p7_enc_c.c"
+#include "asn1/p7_evp.c"
+#include "asn1/p7_i_s.c"
+#include "asn1/p7_lib.c"
+#include "asn1/p7_recip.c"
+#include "asn1/p7_s_e.c"
+#include "asn1/p7_signd.c"
+#include "asn1/p7_signi.c"
+#include "asn1/t_pkey.c"
+#include "asn1/t_req.c"
+#include "asn1/t_x509.c"
+#include "asn1/x_algor.c"
+#include "asn1/x_attrib.c"
+#include "asn1/x_exten.c"
+#include "asn1/x_cinf.c"
+#include "asn1/x_crl.c"
+#include "asn1/x_info.c"
+#include "asn1/x_name.c"
+#include "asn1/x_pkey.c"
+#include "asn1/x_pubkey.c"
+#include "asn1/x_req.c"
+#include "asn1/x_sig.c"
+#include "asn1/x_spki.c"
+#include "asn1/x_val.c"
+#include "asn1/x_x509.c"
+#endif
+#ifdef CRYPTO_BN_SUBSET
+#include "bn/bn_add.c"
+#include "bn/bn_div.c"
+#include "bn/bn_exp.c"
+#include "bn/bn_mont.c"
+#include "bn/bn_recp.c"
+#include "bn/bn_gcd.c"
+#include "bn/bn_lib.c"
+#include "bn/bn_mod.c"
+#include "bn/bn_mul.c"
+#ifndef BN_ASM
+#include "bn/bn_mulw.c"
+#endif
+#include "bn/bn_prime.c"
+#include "bn/bn_rand.c"
+#include "bn/bn_shift.c"
+#include "bn/bn_sqr.c"
+#include "bn/bn_sub.c"
+#include "bn/bn_word.c"
+#include "bn/bn_print.c"
+#include "bn/bn_err.c"
+#endif
+#ifdef CRYPTO_BIO_SUBSET
+#include "bio/bf_buff.c"
+#include "bio/bf_null.c"
+#include "bio/bf_nbio.c"
+#include "bio/bio_cb.c"
+#include "bio/bio_lib.c"
+#include "bio/bss_fd.c"
+#include "bio/bss_file.c"
+#include "bio/bss_mem.c"
+#include "bio/bss_null.c"
+#ifdef VMS
+#include "bio/bss_rtcp.c"
+#endif
+#include "bio/bss_sock.c"
+#include "bio/bss_conn.c"
+#include "bio/bss_acpt.c"
+#include "bio/b_sock.c"
+#include "bio/b_print.c"
+#include "bio/b_dump.c"
+#include "bio/bio_err.c"
+#endif
+#ifdef CRYPTO_BUFFER_SUBSET
+#include "buffer/buf_err.c"
+#include "buffer/buffer.c"
+#endif
+#ifdef CRYPTO_CONF_SUBSET
+#include "conf/conf.c"
+#include "conf/conf_err.c"
+#endif
+#ifdef CRYPTO_DES_SUBSET
+#include "des/read_pwd.c"
+#ifndef NO_DES
+#ifndef DES_ASM
+#include "des/fcrypt_b.c"
+#include "des/des_enc.c"
+#endif
+#include "des/ncbc_enc.c"
+#include "des/cbc3_enc.c"
+#include "des/cbc_cksm.c"
+#include "des/xcbc_enc.c"
+#include "des/cbc_enc.c"
+#include "des/ede_enc.c"
+#include "des/cfb64ede.c"
+#include "des/cfb64enc.c"
+#include "des/cfb_enc.c"
+#include "des/ecb3_enc.c"
+#include "des/ecb_enc.c"
+#include "des/enc_read.c"
+#include "des/enc_writ.c"
+#include "des/fcrypt.c"
+#include "des/ofb64ede.c"
+#include "des/ofb64enc.c"
+#include "des/ofb_enc.c"
+#include "des/pcbc_enc.c"
+#include "des/qud_cksm.c"
+#include "des/rand_key.c"
+#include "des/read2pwd.c"
+#include "des/rpc_enc.c"
+#include "des/set_key.c"
+#include "des/str2key.c"
+#include "des/supp.c"
+#endif
+#endif
+#ifdef CRYPTO_DH_SUBSET
+#ifndef NO_DH
+#include "dh/dh_check.c"
+#include "dh/dh_err.c"
+#include "dh/dh_gen.c"
+#include "dh/dh_key.c"
+#include "dh/dh_lib.c"
+#endif
+#endif
+#ifdef CRYPTO_DSA_SUBSET
+#ifndef NO_DSA
+#include "dsa/dsa_gen.c"
+#include "dsa/dsa_key.c"
+#include "dsa/dsa_lib.c"
+#include "dsa/dsa_sign.c"
+#include "dsa/dsa_vrf.c"
+#include "dsa/dsa_err.c"
+#endif
+#endif
+#ifdef CRYPTO_ERROR_SUBSET
+#include "err/err.c"
+#include "err/err_all.c"
+#include "err/err_prn.c"
+#endif
+#ifdef CRYPTO_EVP_SUBSET
+#include "evp/bio_md.c"
+#include "evp/bio_b64.c"
+#include "evp/bio_enc.c"
+#include "evp/c_all.c"
+#include "evp/digest.c"
+#ifndef NO_DES
+#include "evp/e_cbc_3d.c"
+#include "evp/e_cfb_3d.c"
+#include "evp/e_ecb_3d.c"
+#include "evp/e_ofb_3d.c"
+#include "evp/e_cbc_d.c"
+#include "evp/e_cfb_d.c"
+#include "evp/e_xcbc_d.c"
+#include "evp/e_ecb_d.c"
+#include "evp/e_ofb_d.c"
+#endif
+#ifndef NO_IDEA
+#include "evp/e_cbc_i.c"
+#include "evp/e_cfb_i.c"
+#include "evp/e_ecb_i.c"
+#include "evp/e_ofb_i.c"
+#endif
+#ifndef NO_RC2
+#include "evp/e_cbc_r2.c"
+#include "evp/e_cfb_r2.c"
+#include "evp/e_ecb_r2.c"
+#include "evp/e_ofb_r2.c"
+#endif
+#ifndef NO_BLOWFISH
+#include "evp/e_cbc_bf.c"
+#include "evp/e_cfb_bf.c"
+#include "evp/e_ecb_bf.c"
+#include "evp/e_ofb_bf.c"
+#endif
+#ifndef NO_RC4
+#include "evp/e_rc4.c"
+#endif
+#include "evp/names.c"
+#include "evp/e_null.c"
+#include "evp/encode.c"
+#include "evp/evp_enc.c"
+#include "evp/evp_err.c"
+#include "evp/evp_key.c"
+#include "evp/m_null.c"
+#include "evp/p_lib.c"
+#ifndef NO_RSA
+#include "evp/p_open.c"
+#include "evp/p_seal.c"
+#endif
+#include "evp/p_sign.c"
+#include "evp/p_verify.c"
+#endif
+#ifdef CRYPTO_IDEA_SUBSET
+#ifndef NO_IDEA
+#include "idea/i_cbc.c"
+#include "idea/i_cfb64.c"
+#include "idea/i_ecb.c"
+#include "idea/i_ofb64.c"
+#include "idea/i_skey.c"
+#endif
+#endif
+#ifdef CRYPTO_BF_SUBSET
+#ifndef NO_BLOWFISH
+#include "bf/bf_cfb64.c"
+#include "bf/bf_ecb.c"
+#ifndef BF_ASM
+#include "bf/bf_enc.c"
+#endif
+#include "bf/bf_cbc.c"
+#include "bf/bf_ofb64.c"
+#include "bf/bf_skey.c"
+#endif
+#endif
+#ifdef CRYPTO_LHASH_SUBSET
+#include "lhash/lh_stats.c"
+#include "lhash/lhash.c"
+#endif
+#ifdef CRYPTO_MD_SUBSET
+#ifndef NO_MD2
+#include "md/md2_dgst.c"
+#include "md/md2_one.c"
+#include "evp/m_md2.c"
+#endif
+#ifndef NO_MD5
+#include "md/md5_dgst.c"
+#include "md/md5_one.c"
+#include "evp/m_md5.c"
+#endif
+#endif
+#ifdef CRYPTO_MDC2_SUBSET
+#ifndef NO_MDC2
+#include "mdc2/mdc2dgst.c"
+#include "mdc2/mdc2_one.c"
+#include "evp/m_mdc2.c"
+#endif
+#endif
+#ifdef CRYPTO_OBJECTS_SUBSET
+#include "objects/obj_dat.c"
+#include "objects/obj_err.c"
+#include "objects/obj_lib.c"
+#endif
+#ifdef CRYPTO_PEM_SUBSET
+#include "pem/pem_err.c"
+#include "pem/pem_info.c"
+#include "pem/pem_lib.c"
+#include "pem/pem_all.c"
+#ifndef NO_RSA
+#include "pem/pem_seal.c"
+#include "pem/pem_sign.c"
+#endif
+#endif
+#ifdef CRYPTO_RAND_SUBSET
+#include "rand/md_rand.c"
+#include "rand/randfile.c"
+#endif
+#ifdef CRYPTO_RC_SUBSET
+#ifndef NO_RC4
+#include "rc2/rc2_cbc.c"
+#include "rc2/rc2_ecb.c"
+#include "rc2/rc2_skey.c"
+#include "rc2/rc2cfb64.c"
+#include "rc2/rc2ofb64.c"
+#include "rc4/rc4_enc.c"
+#endif
+#endif
+#ifdef CRYPTO_RSA_SUBSET
+#ifndef NO_RSA
+#include "rsa/rsa_enc.c"
+#include "rsa/rsa_err.c"
+#include "rsa/rsa_gen.c"
+#include "rsa/rsa_lib.c"
+#include "rsa/rsa_sign.c"
+#include "rsa/rsa_saos.c"
+#endif
+#endif
+#ifdef CRYPTO_SHA1_SUBSET
+#ifndef NO_SHA1
+#include "sha/sha1_one.c"
+#include "sha/sha1dgst.c"
+#include "evp/m_dss1.c"
+#include "evp/m_sha1.c"
+#endif
+#endif
+#ifdef CRYPTO_SHA_SUBSET
+#ifndef NO_SHA
+#include "evp/m_dss.c"
+#include "sha/sha_dgst.c"
+#include "sha/sha_one.c"
+#include "evp/m_sha.c"
+#endif
+#endif
+#ifdef CRYPTO_STACK_SUBSET
+#include "stack/stack.c"
+#endif
+#ifdef CRYPTO_TXT_DB_SUBSET
+#include "txt_db/txt_db.c"
+#endif
+#ifdef CRYPTO_X509_SUBSET
+#include "x509/x509_cmp.c"
+#include "x509/x509_d2.c"
+#include "x509/x509_def.c"
+#include "x509/x509_err.c"
+#include "x509/x509_ext.c"
+#include "x509/x509_lu.c"
+#include "x509/x509_obj.c"
+#include "x509/x509_r2x.c"
+#include "x509/x509_req.c"
+#include "x509/x509_set.c"
+#include "x509/x509_v3.c"
+#include "x509/x509_vfy.c"
+#include "x509/x509name.c"
+#include "x509/x509pack.c"
+#include "x509/x509rset.c"
+#include "x509/x509type.c"
+#include "x509/x_all.c"
+#include "x509/x509_txt.c"
+#include "x509/by_dir.c"
+#include "x509/by_file.c"
+#include "x509/v3_net.c"
+#include "x509/v3_x509.c"
+#endif
+#endif
+#ifdef CRYPTO_PKCS7_SUBSET /* I have an excplicit removal of 7 lines */
+#include "pkcs7/pk7_lib.c"
+#include "pkcs7/pkcs7err.c"
+#endif
+
diff --git a/crypto/crypto.h b/crypto/crypto.h
new file mode 100644
index 0000000000..fd7ff6a77d
--- /dev/null
+++ b/crypto/crypto.h
@@ -0,0 +1,247 @@
+/* crypto/crypto.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTO_H
+#define HEADER_CRYPTO_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* This is more to be used to check the correct DLL is being used
+ * in the MS world. */
+#define SSLEAY_VERSION_NUMBER	0x0800	/* Version 0.5.1c would be 0513 */
+
+#define SSLEAY_VERSION		0
+/* #define SSLEAY_OPTIONS	1 no longer supported */
+#define SSLEAY_CFLAGS		2
+#define SSLEAY_BUILT_ON		3
+
+/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
+ * names in cryptlib.c
+ */
+
+#define	CRYPTO_LOCK_ERR			1
+#define	CRYPTO_LOCK_ERR_HASH		2
+#define	CRYPTO_LOCK_X509		3
+#define	CRYPTO_LOCK_X509_INFO		4
+#define	CRYPTO_LOCK_X509_PKEY		5
+#define CRYPTO_LOCK_X509_CRL		6
+#define CRYPTO_LOCK_X509_REQ		7
+#define CRYPTO_LOCK_DSA			8
+#define CRYPTO_LOCK_RSA			9
+#define CRYPTO_LOCK_EVP_PKEY		10
+#define	CRYPTO_LOCK_X509_STORE		11
+#define	CRYPTO_LOCK_SSL_CTX		12
+#define	CRYPTO_LOCK_SSL_CERT		13
+#define	CRYPTO_LOCK_SSL_SESSION		14
+#define	CRYPTO_LOCK_SSL			15
+#define	CRYPTO_LOCK_RAND		16
+#define	CRYPTO_LOCK_MALLOC		17
+#define	CRYPTO_LOCK_BIO			18
+#define	CRYPTO_LOCK_BIO_GETHOSTBYNAME	19
+#define	CRYPTO_NUM_LOCKS		20
+
+#define CRYPTO_LOCK		1
+#define CRYPTO_UNLOCK		2
+#define CRYPTO_READ		4
+#define CRYPTO_WRITE		8
+
+/* The following stuff is not being used, it was not finished for
+ * SSLeay 0.6.0 */
+#ifndef CRYPTO_w_lock
+#define CRYPTO_w_lock(type)	\
+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#define CRYPTO_w_unlock(type)	\
+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#define CRYPTO_r_lock(type)	\
+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#define CRYPTO_r_unlock(type)	\
+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#define CRYPTO_add(addr,amount,type)	\
+	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+
+#endif
+
+/* The following can be used to detect memory leaks in the SSLeay library.
+ * It used, it turns on malloc checking */
+
+#define CRYPTO_MEM_CHECK_OFF	0x0
+#define CRYPTO_MEM_CHECK_ON	0x1
+
+/*
+typedef struct crypto_mem_st
+	{
+	char *(*malloc_func)();
+	char *(*realloc_func)();
+	void (*free_func)();
+	} CRYPTO_MEM_FUNC;
+*/
+
+
+/* Use this for win32 DLL's */
+#define CRYPTO_malloc_init()	CRYPTO_set_mem_functions(\
+	(char *(*)())malloc,\
+	(char *(*)())realloc,\
+	(void (*)())free)
+
+#ifdef CRYPTO_MDEBUG
+#define Malloc(num)	CRYPTO_dbg_malloc((int)num,__FILE__,__LINE__)
+#define Realloc(addr,num) \
+	CRYPTO_dbg_realloc((char *)addr,(int)num,__FILE__,__LINE__)
+#define Remalloc(addr,num) \
+	CRYPTO_dbg_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
+#define FreeFunc	CRYPTO_dbg_free
+#define Free(addr)	CRYPTO_dbg_free((char *)(addr))
+#else
+#define Remalloc	CRYPTO_remalloc
+#if defined(WIN32) || defined(MFUNC)
+#define Malloc		CRYPTO_malloc
+#define Realloc(a,n)	CRYPTO_realloc((char *)(a),(n))
+#define FreeFunc	CRYPTO_free
+#define Free(addr)	CRYPTO_free((char *)(addr))
+#else
+#define Malloc		malloc
+#define Realloc		realloc
+#define FreeFunc	free
+#define Free(addr)	free((char *)(addr))
+#endif /* WIN32 || MFUNC */
+#endif /* MDEBUG */
+
+#ifndef NOPROTO
+
+char *SSLeay_version(int type);
+unsigned long SSLeay(void);
+
+int CRYPTO_mem_ctrl(int mode);
+void CRYPTO_lock(int mode, int type,char *file,int line);
+void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
+		int line));
+void (*CRYPTO_get_locking_callback(void))(int mode,int type,char *file,
+		int line);
+void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,
+		int type,char *file, int line));
+int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,
+		int type,char *file,int line);
+void CRYPTO_set_id_callback(unsigned long (*func)(void));
+unsigned long (*CRYPTO_get_id_callback(void))(void);
+unsigned long CRYPTO_thread_id(void);
+char *CRYPTO_get_lock_name(int type);
+int CRYPTO_add_lock(int *pointer,int amount,int type, char *file,int line);
+
+void CRYPTO_set_mem_functions(char *(*m)(),char *(*r)(), void (*free_func)());
+void CRYPTO_get_mem_functions(char *(**m)(),char *(**r)(), void (**f)());
+
+char *CRYPTO_malloc(int num);
+char *CRYPTO_realloc(char *addr,int num);
+void CRYPTO_free(char *);
+char *CRYPTO_remalloc(char *addr,int num);
+
+char *CRYPTO_dbg_malloc(int num,char *file,int line);
+char *CRYPTO_dbg_realloc(char *addr,int num,char *file,int line);
+void CRYPTO_dbg_free(char *);
+char *CRYPTO_dbg_remalloc(char *addr,int num,char *file,int line);
+#ifndef WIN16
+void CRYPTO_mem_leaks_fp(FILE *);
+#endif
+#ifdef HEADER_BIO_H
+void CRYPTO_mem_leaks(BIO *);
+#endif
+/* unsigned long order, char *file, int line, int num_bytes, char *addr */
+void CRYPTO_mem_leaks_cb(void (*cb)());
+
+#else 
+
+int CRYPTO_mem_ctrl();
+char *SSLeay_version();
+unsigned long SSLeay();
+
+void CRYPTO_lock();
+void CRYPTO_set_locking_callback();
+void (*CRYPTO_get_locking_callback())();
+void CRYPTO_set_add_lock_callback();
+int (*CRYPTO_get_add_lock_callback())();
+void CRYPTO_set_id_callback();
+unsigned long (*CRYPTO_get_id_callback())();
+unsigned long CRYPTO_thread_id();
+char *CRYPTO_get_lock_name();
+int CRYPTO_add_lock();
+
+void CRYPTO_set_mem_functions();
+void CRYPTO_get_mem_functions();
+char *CRYPTO_malloc();
+char *CRYPTO_realloc();
+void CRYPTO_free();
+char *CRYPTO_remalloc();
+char *CRYPTO_dbg_remalloc();
+char *CRYPTO_dbg_malloc();
+char *CRYPTO_dbg_realloc();
+void CRYPTO_dbg_free();
+#ifndef WIN16
+void CRYPTO_mem_leaks_fp();
+#endif
+void CRYPTO_mem_leaks();
+void CRYPTO_mem_leaks_cb();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/cversion.c b/crypto/cversion.c
new file mode 100644
index 0000000000..d36496dcc5
--- /dev/null
+++ b/crypto/cversion.c
@@ -0,0 +1,99 @@
+/* crypto/cversion.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "date.h"
+
+char *SSLeay_version(t)
+int t;
+	{
+	if (t == SSLEAY_VERSION)
+		return("SSLeay 0.8.1b 29-Jun-1998");
+	if (t == SSLEAY_BUILT_ON)
+		{
+#ifdef DATE
+		static char buf[sizeof(DATE)+10];
+
+		sprintf(buf,"built on %s",DATE);
+        	return(buf);
+#else
+		return("build date not available");
+#endif
+		}
+	if (t == SSLEAY_CFLAGS)
+		{
+#ifdef CFLAGS
+		static char buf[sizeof(CFLAGS)+10];
+
+		sprintf(buf,"C flags:%s",CFLAGS);
+		return(buf);
+#else
+		return("C flags not available");
+#endif
+		}
+	return("not available");
+	}
+
+unsigned long SSLeay()
+	{
+	return(SSLEAY_VERSION_NUMBER);
+	}
+
diff --git a/crypto/date.h b/crypto/date.h
new file mode 100644
index 0000000000..ac96ada60f
--- /dev/null
+++ b/crypto/date.h
@@ -0,0 +1 @@
+#define DATE	"Sat Jul 19 04:59:06 EST 1997"
diff --git a/crypto/des/COPYRIGHT b/crypto/des/COPYRIGHT
new file mode 100644
index 0000000000..5469e1e469
--- /dev/null
+++ b/crypto/des/COPYRIGHT
@@ -0,0 +1,50 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with MIT's libdes.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of that the SSL library.  This can be in the form of a textual
+message at program startup or in documentation (online or textual) provided
+with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed.  i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/crypto/des/DES.pm b/crypto/des/DES.pm
new file mode 100644
index 0000000000..6a175b6ca4
--- /dev/null
+++ b/crypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here.  Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/crypto/des/DES.pod b/crypto/des/DES.pod
new file mode 100644
index 0000000000..8a739e7ca0
--- /dev/null
+++ b/crypto/des/DES.pod
@@ -0,0 +1,16 @@
+crypt	<= 	crypt(buf,salt)
+key	<=	set_odd_parity(key)
+int	<=	is_weak_key(key)
+keysched<=	set_key(key)
+key	<=	ecb_encrypt(string8,ks,enc)
+key	<=	ecb3_encrypt(input,ks1,ks2,enc)
+string	<=	cbc_encrypt(input,ks,ivec,enc)			=> ivec 
+string	<=	cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,enc)	=> ivec1&ivec2 
+ck1,ck2	<=	cbc_cksum(input,ks,ivec)			=> ivec
+string	<=	pcbc_encrypt(input,ks,ivec,enc)			=> ivec 
+string	<=	ofb_encrypt(input,numbits,ks,ivec)		=> ivec
+string	<=	cfb_encrypt(input,numbits,ks,ivec,enc)		=> ivec
+key	<=	random_key()
+key	<=	string_to_key(string)
+key1,key2<=	string_to_2keys(string)
+
diff --git a/crypto/des/DES.xs b/crypto/des/DES.xs
new file mode 100644
index 0000000000..b8050b9edf
--- /dev/null
+++ b/crypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar	char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+    croak("%s not implemented on this architecture", s);
+    return -1;
+}
+
+MODULE = DES	PACKAGE = DES	PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+	char *	buf
+	char *	salt
+
+void
+des_set_odd_parity(key)
+	des_cblock *	key
+PPCODE:
+	{
+	SV *s;
+
+	s=sv_newmortal();
+	sv_setpvn(s,(char *)key,8);
+	des_set_odd_parity((des_cblock *)SvPV(s,na));
+	PUSHs(s);
+	}
+
+int
+des_is_weak_key(key)
+	des_cblock *	key
+
+des_key_schedule
+des_set_key(key)
+	des_cblock *	key
+CODE:
+	des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+	des_cblock *	input
+	des_key_schedule *	ks
+	int	encrypt
+CODE:
+	des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+	char *	input
+	des_key_schedule *	ks
+	des_cblock *	ivec
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+	char *c;
+
+	l=SvCUR(ST(0));
+	len=((((unsigned long)l)+7)/8)*8;
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(char *)SvPV(s,na);
+	des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+		l,*ks,ivec,encrypt);
+	sv_setpvn(ST(2),(char *)c[len-8],8);
+	PUSHs(s);
+	}
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+	char *	input
+	des_key_schedule *	ks1
+	des_key_schedule *	ks2
+	des_cblock *	ivec1
+	des_cblock *	ivec2
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+
+	l=SvCUR(ST(0));
+	len=((((unsigned long)l)+7)/8)*8;
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+		l,*ks1,*ks2,ivec1,ivec2,encrypt);
+	sv_setpvn(ST(3),(char *)ivec1,8);
+	sv_setpvn(ST(4),(char *)ivec2,8);
+	PUSHs(s);
+	}
+
+void
+des_cbc_cksum(input,ks,ivec)
+	char *	input
+	des_key_schedule *	ks
+	des_cblock *	ivec
+PPCODE:
+	{
+	SV *s1,*s2;
+	STRLEN len,l;
+	des_cblock c;
+	unsigned long i1,i2;
+
+	s1=sv_newmortal();
+	s2=sv_newmortal();
+	l=SvCUR(ST(0));
+	des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+		l,*ks,ivec);
+	i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+	i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+	sv_setiv(s1,i1);
+	sv_setiv(s2,i2);
+	sv_setpvn(ST(2),(char *)c,8);
+	PUSHs(s1);
+	PUSHs(s2);
+	}
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+	char *	input
+	int	numbits
+	des_key_schedule *	ks
+	des_cblock *	ivec
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len;
+	char *c;
+
+	len=SvCUR(ST(0));
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(char *)SvPV(s,na);
+	des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+		(int)numbits,(long)len,*ks,ivec,encrypt);
+	sv_setpvn(ST(3),(char *)ivec,8);
+	PUSHs(s);
+	}
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+	des_cblock *	input
+	des_key_schedule *	ks1
+	des_key_schedule *	ks2
+	int	encrypt
+CODE:
+	{
+	des_cblock c;
+
+	des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+		*ks1,*ks2,encrypt);
+	RETVAL= &c;
+	}
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+	unsigned char *	input
+	int	numbits
+	des_key_schedule *	ks
+	des_cblock *	ivec
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+	unsigned char *c;
+
+	len=SvCUR(ST(0));
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(unsigned char *)SvPV(s,na);
+	des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+		numbits,len,*ks,ivec);
+	sv_setpvn(ST(3),(char *)ivec,8);
+	PUSHs(s);
+	}
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+	char *	input
+	des_key_schedule *	ks
+	des_cblock *	ivec
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+	char *c;
+
+	l=SvCUR(ST(0));
+	len=((((unsigned long)l)+7)/8)*8;
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(char *)SvPV(s,na);
+	des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+		l,*ks,ivec,encrypt);
+	sv_setpvn(ST(2),(char *)c[len-8],8);
+	PUSHs(s);
+	}
+
+des_cblock *
+des_random_key()
+CODE:
+	{
+	des_cblock c;
+
+	des_random_key(c);
+	RETVAL=&c;
+	}
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char *	str
+CODE:
+	{
+	des_cblock c;
+
+	des_string_to_key(str,&c);
+	RETVAL=&c;
+	}
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char *	str
+PPCODE:
+	{
+	des_cblock c1,c2;
+	SV *s1,*s2;
+
+	des_string_to_2keys(str,&c1,&c2);
+	EXTEND(sp,2);
+	s1=sv_newmortal();
+	sv_setpvn(s1,(char *)c1,8);
+	s2=sv_newmortal();
+	sv_setpvn(s2,(char *)c2,8);
+	PUSHs(s1);
+	PUSHs(s2);
+	}
diff --git a/crypto/des/FILES b/crypto/des/FILES
new file mode 100644
index 0000000000..4c7ea2de7a
--- /dev/null
+++ b/crypto/des/FILES
@@ -0,0 +1,96 @@
+/* General stuff */
+COPYRIGHT	- Copyright info.
+MODES.DES	- A description of the features of the different modes of DES.
+FILES		- This file.
+INSTALL		- How to make things compile.
+Imakefile	- For use with kerberos.
+README		- What this package is.
+VERSION		- Which version this is and what was changed.
+KERBEROS	- Kerberos version 4 notes.
+Makefile.PL	- An old makefile to build with perl5, not current.
+Makefile.ssl	- The SSLeay makefile
+Makefile.uni	- The normal unix makefile.
+GNUmakefile	- The makefile for use with glibc.
+makefile.bc	- A Borland C makefile
+times		- Some outputs from 'speed' on some machines.
+vms.com		- For use when compiling under VMS
+
+/* My SunOS des(1) replacement */
+des.c		- des(1) source code.
+des.man		- des(1) manual.
+
+/* Testing and timing programs. */
+destest.c	- Source for libdes.a test program.
+speed.c		- Source for libdes.a timing program.
+rpw.c		- Source for libdes.a testing password reading routines.
+
+/* libdes.a source code */
+des_crypt.man	- libdes.a manual page.
+des.h		- Public libdes.a header file.
+ecb_enc.c	- des_ecb_encrypt() source, this contains the basic DES code.
+ecb3_enc.c	- des_ecb3_encrypt() source.
+cbc_ckm.c	- des_cbc_cksum() source.
+cbc_enc.c	- des_cbc_encrypt() source.
+ncbc_enc.c	- des_cbc_encrypt() that is 'normal' in that it copies
+		  the new iv values back in the passed iv vector.
+ede_enc.c	- des_ede3_cbc_encrypt() cbc mode des using triple DES.
+cbc3_enc.c	- des_3cbc_encrypt() source, don't use this function.
+cfb_enc.c	- des_cfb_encrypt() source.
+cfb64enc.c	- des_cfb64_encrypt() cfb in 64 bit mode but setup to be
+		  used as a stream cipher.
+cfb64ede.c	- des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
+		  used as a stream cipher and using triple DES.
+ofb_enc.c	- des_cfb_encrypt() source.
+ofb64_enc.c	- des_ofb_encrypt() ofb in 64 bit mode but setup to be
+		  used as a stream cipher.
+ofb64ede.c	- des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
+		  used as a stream cipher and using triple DES.
+enc_read.c	- des_enc_read() source.
+enc_writ.c	- des_enc_write() source.
+pcbc_enc.c	- des_pcbc_encrypt() source.
+qud_cksm.c	- quad_cksum() source.
+rand_key.c	- des_random_key() source.
+read_pwd.c	- Source for des_read_password() plus related functions.
+set_key.c	- Source for des_set_key().
+str2key.c	- Covert a string of any length into a key.
+fcrypt.c	- A small, fast version of crypt(3).
+des_locl.h	- Internal libdes.a header file.
+podd.h		- Odd parity tables - used in des_set_key().
+sk.h		- Lookup tables used in des_set_key().
+spr.h		- What is left of the S tables - used in ecb_encrypt().
+des_ver.h	- header file for the external definition of the
+		  version string.
+des.doc		- SSLeay documentation for the library.
+
+/* The perl scripts - you can ignore these files they are only
+ * included for the curious */
+des.pl		- des in perl anyone? des_set_key and des_ecb_encrypt
+		  both done in a perl library.
+testdes.pl	- Testing program for des.pl
+doIP		- Perl script used to develop IP xor/shift code.
+doPC1		- Perl script used to develop PC1 xor/shift code.
+doPC2		- Generates sk.h.
+PC1		- Output of doPC1 should be the same as output from PC1.
+PC2		- used in development of doPC2.
+shifts.pl	- Perl library used by my perl scripts.
+
+/* I started making a perl5 dynamic library for libdes
+ * but did not fully finish, these files are part of that effort. */
+DES.pm
+DES.pod
+DES.xs
+t
+typemap
+
+/* The following are for use with sun RPC implementaions. */
+rpc_des.h
+rpc_enc.c
+
+/* The following are contibuted by Mark Murray <mark@grondar.za>.  They
+ * are not normally built into libdes due to machine specific routines
+ * contained in them.  They are for use in the most recent incarnation of
+ * export kerberos v 4 (eBones). */
+supp.c
+new_rkey.c
+
+
diff --git a/crypto/des/INSTALL b/crypto/des/INSTALL
new file mode 100644
index 0000000000..3b8dae6b5f
--- /dev/null
+++ b/crypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt.  For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevent option in the Makefile
+
+There are some special Makefile targets that make life easier.
+make cc		- standard cc build
+make gcc	- standard gcc build
+make x86-elf	- x86 assember (elf), linux-elf.
+make x86-out	- x86 assember (a.out), FreeBSD
+make x86-solaris- x86 assember
+make x86-bsdi	- x86 assember (a.out with primative assember).
+
+If at all possible use the assember (for Windows NT/95, use
+asm/win32.obj to link with).  The x86 assember is very very fast.
+
+A make install will by default install
+libdes.a      in /usr/local/lib/libdes.a
+des           in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man       in /usr/local/man/man1/des.1
+des.h         in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace.  Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order.  It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/crypto/des/Imakefile b/crypto/des/Imakefile
new file mode 100644
index 0000000000..1b9b5629e1
--- /dev/null
+++ b/crypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS=   cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+        qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+        enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+	ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS=   cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+	qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+	ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+	vms.com KERBEROS
+DES=    des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL=   des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE=    $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/crypto/des/KERBEROS b/crypto/des/KERBEROS
new file mode 100644
index 0000000000..f401b10014
--- /dev/null
+++ b/crypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+   but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones.  It can be found on
+   gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+   and
+   nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+   3.00 or greater (libdes.tar.93-10-07.Z).  This versions differences
+   from the version in comp.sources.misc volume 29 patchlevel2.
+   The primarily difference is that it should compile under kerberos :-).
+   It can be found at.
+   ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig	Fri Jul  3 04:18:35 1987
+--- make_commands.c	Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+       if (!rename(o_file, z_file)) {
+  	  if (!vfork()) {
+  	       chdir("/tmp");
+! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+  		     z_file+5, 0);
+  	       perror("/bin/ld");
+  	       _exit(1);
+--- 98,104 ----
+       if (!rename(o_file, z_file)) {
+  	  if (!vfork()) {
+  	       chdir("/tmp");
+! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+  		     z_file+5, 0);
+  	       perror("/bin/ld");
+  	       _exit(1);
diff --git a/crypto/des/MODES.DES b/crypto/des/MODES.DES
new file mode 100644
index 0000000000..0cbc44f51d
--- /dev/null
+++ b/crypto/des/MODES.DES
@@ -0,0 +1,84 @@
+Modes of DES
+Quite a bit of the following information has been taken from
+	AS 2805.5.2
+	Australian Standard
+	Electronic funds transfer - Requirements for interfaces,
+	Part 5.2: Modes of operation for an n-bit block cipher algorithm
+	Appendix A
+
+There are several different modes in which DES can be used, they are
+as follows.
+
+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
+- 64 bits are enciphered at a time.
+- The order of the blocks can be rearranged without detection.
+- The same plaintext block always produces the same ciphertext block
+  (for the same key) making it vulnerable to a 'dictionary attack'.
+- An error will only affect one ciphertext block.
+
+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
+- a multiple of 64 bits are enciphered at a time.
+- The CBC mode produces the same ciphertext whenever the same
+  plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext blocks dependent on the
+  current and all preceding plaintext blocks and therefore blocks can not
+  be rearranged.
+- The use of different starting variables prevents the same plaintext
+  enciphering to the same ciphertext.
+- An error will affect the current and the following ciphertext blocks.
+
+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The CFB mode produces the same ciphertext whenever the same
+  plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext variables dependent on the
+  current and all preceding variables and therefore j-bit variables are
+  chained together and con not be rearranged.
+- The use of different starting variables prevents the same plaintext
+  enciphering to the same ciphertext.
+- The strength of the CFB mode depends on the size of k (maximal if
+  j == k).  In my implementation this is always the case.
+- Selection of a small value for j will require more cycles through
+  the encipherment algorithm per unit of plaintext and thus cause
+  greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- An error will affect the current and the following ciphertext variables.
+
+Output Feedback Mode (OFB) (des_ofb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The OFB mode produces the same ciphertext whenever the same
+  plaintext enciphered using the same key and starting variable.  More
+  over, in the OFB mode the same key stream is produced when the same
+  key and start variable are used.  Consequently, for security reasons
+  a specific start variable should be used only once for a given key.
+- The absence of chaining makes the OFB more vulnerable to specific attacks.
+- The use of different start variables values prevents the same
+  plaintext enciphering to the same ciphertext, by producing different
+  key streams.
+- Selection of a small value for j will require more cycles through
+  the encipherment algorithm per unit of plaintext and thus cause
+  greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- OFB mode of operation does not extend ciphertext errors in the
+  resultant plaintext output.  Every bit error in the ciphertext causes
+  only one bit to be in error in the deciphered plaintext.
+- OFB mode is not self-synchronising.  If the two operation of
+  encipherment and decipherment get out of synchronism, the system needs
+  to be re-initialised.
+- Each re-initialisation should use a value of the start variable
+different from the start variable values used before with the same
+key.  The reason for this is that an identical bit stream would be
+produced each time from the same parameters.  This would be
+susceptible to a 'known plaintext' attack.
+
+Triple ECB Mode (des_ecb3_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
+- As for ECB encryption but increases the effective key length to 112 bits.
+- If both keys are the same it is equivalent to encrypting once with
+  just one key.
+
+Triple CBC Mode (des_3cbc_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
+- As for CBC encryption but increases the effective key length to 112 bits.
+- If both keys are the same it is equivalent to encrypting once with
+  just one key.
diff --git a/crypto/des/Makefile.PL b/crypto/des/Makefile.PL
new file mode 100644
index 0000000000..b54a24387c
--- /dev/null
+++ b/crypto/des/Makefile.PL
@@ -0,0 +1,14 @@
+use ExtUtils::MakeMaker;
+# See lib/ExtUtils/MakeMaker.pm for details of how to influence
+# the contents of the Makefile being created.
+&writeMakefile(
+	'potential_libs' => '',   # e.g., '-lm' 
+	'INC' => '',     # e.g., '-I/usr/include/other' 
+	'DISTNAME' => 'DES',
+	'VERSION' => '0.1',
+	'DEFINE' => '-DPERL5',
+	'OBJECT' => 'DES.o cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+	rand_key.o set_key.o str2key.o \
+	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+	ecb3_enc.o ofb_enc.o cbc3_enc.o des_enc.o',
+	);
diff --git a/crypto/des/Makefile.lit b/crypto/des/Makefile.lit
new file mode 100644
index 0000000000..cfd1b40e46
--- /dev/null
+++ b/crypto/des/Makefile.lit
@@ -0,0 +1,249 @@
+# You must select the correct terminal control system to be used to
+# turn character echo off when reading passwords.  There a 5 systems
+# SGTTY   - the old BSD system
+# TERMIO  - most system V boxes
+# TERMIOS - SGI (ala IRIX).
+# VMS     - the DEC operating system
+# MSDOS   - we all know what it is :-)
+# read_pwd.c makes a reasonable guess at what is correct.
+
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# If you are on a DEC Alpha, edit des.h and change the DES_LONG
+# define to 'unsigned int'.  I have seen this give a %20 speedup.
+
+OPTS0= -DLIBDES_LIT -DRAND -DTERMIO #-DNOCONST
+
+# Version 1.94 has changed the strings_to_key function so that it is
+# now compatible with MITs when the string is longer than 8 characters.
+# If you wish to keep the old version, uncomment the following line.
+# This will affect the -E/-D options on des(1).
+#OPTS1= -DOLD_STR_TO_KEY
+
+# There are 4 possible performance options
+# -DDES_PTR
+# -DDES_RISC1
+# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
+# -DDES_UNROLL
+# after the initial build, run 'des_opts' to see which options are best
+# for your platform.  There are some listed in options.txt
+#OPTS2= -DDES_PTR 
+#OPTS3= -DDES_RISC1 # or DES_RISC2
+#OPTS4= -DDES_UNROLL
+
+OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of des_encrypt*().
+DES_ENC=des_enc.o fcrypt_b.o		# normal C version
+#DES_ENC=asm/dx86-elf.o	asm/cx86-elf.o	# elf format x86
+#DES_ENC=asm/dx86-out.o	asm/cx86-out.o	# a.out format x86
+#DES_ENC=asm/dx86-sol.o	asm/cx86-sol.o	# solaris format x86 
+#DES_ENC=asm/dx86bsdi.o	asm/cx86basi.o	# bsdi format x86 
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+OBJ_LIT=ede_enc.o cbc_enc.o ncbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+	xcbc_enc.o qud_cksm.o \
+	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
+	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
+	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
+
+GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
+	des.doc options.txt asm
+GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
+	GNUmakefile des.man DES.pm DES.pod DES.xs Makefile.PL \
+	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
+	des.org des_locl.org
+TESTING_LIT=	destest speed des_opts
+TESTING_FULL=	destest speed des_opts $(TESTING_LIT)
+TESTING_SRC_LIT=destest.c speed.c des_opts.c
+TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
+HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
+HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
+LIBDES_LIT=ede_enc.c cbc_enc.c ncbc_enc.c ecb_enc.c fcrypt.c set_key.c \
+	des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
+	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c  cbc3_enc.c  \
+	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
+	rand_key.c rpc_enc.c  str2key.c  supp.c \
+	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c 
+
+PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+OBJ=	$(OBJ_LIT)
+GENERAL=$(GENERAL_LIT)
+TESTING=$(TESTING_LIT)
+TESTING_SRC=$(TESTING_SRC_LIT)
+HEADERS=$(HEADERS_LIT)
+LIBDES=	$(LIBDES_LIT)
+
+ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
+
+DLIB=	libdes.a
+
+all: $(DLIB) $(TESTING)
+
+cc:
+	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+	$(MAKE) DES_ENC='asm/dx86-elf.o asm/cx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+	$(MAKE) DES_ENC='asm/dx86-out.o asm/cx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+	$(MAKE) DES_ENC='asm/dx86-sol.o asm/cx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/cx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
+
+asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DELF asm/cx86unix.cpp | $(AS) -o asm/cx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+	as -o asm/dx86-sol.o asm/dx86-sol.s
+	rm -f asm/dx86-sol.s
+
+asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+	as -o asm/cx86-sol.o asm/cx86-sol.s
+	rm -f asm/cx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
+
+asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DOUT asm/cx86unix.cpp | $(AS) -o asm/cx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
+
+asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DBSDI asm/cx86unix.cpp | $(AS) -o asm/cx86bsdi.o
+
+test:	all
+	./destest
+
+$(DLIB): $(OBJ)
+	/bin/rm -f $(DLIB)
+	ar cr $(DLIB) $(OBJ)
+	-if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
+	else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
+	else exit 0; fi; fi
+
+des_opts: des_opts.o $(DLIB)
+	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
+
+destest: destest.o $(DLIB)
+	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
+
+rpw: rpw.o $(DLIB)
+	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
+
+speed: speed.o $(DLIB)
+	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
+
+des: des.o $(DLIB)
+	$(CC) $(CFLAGS) -o des des.o $(DLIB)
+
+tags:
+	ctags $(TESTING_SRC) $(LIBDES)
+
+tar_lit:
+	/bin/mv Makefile Makefile.tmp
+	/bin/cp Makefile.lit Makefile
+	tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
+		$(GENERAL_LIT) $(TESTING_SRC_LIT)
+	/bin/rm -f Makefile
+	/bin/mv Makefile.tmp Makefile
+
+tar:
+	tar chf libdes.tar $(ALL)
+
+shar:
+	shar $(ALL) >libdes.shar
+
+depend:
+	makedepend $(LIBDES) $(TESTING_SRC)
+
+clean:
+	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
+
+dclean:
+	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+	mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(DLIB) des
+	if test $(INSTALLTOP); then \
+	    echo SSL style install; \
+	    cp $(DLIB) $(INSTALLTOP)/lib; \
+	    if test -s /bin/ranlib; then \
+	        /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+	    else \
+		if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+	    fi; fi; \
+	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
+	    cp des.h $(INSTALLTOP)/include; \
+	    chmod 644 $(INSTALLTOP)/include/des.h; \
+	    cp des $(INSTALLTOP)/bin; \
+	    chmod 755 $(INSTALLTOP)/bin/des; \
+	else \
+	    echo Standalone install; \
+	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
+	    if test -s /bin/ranlib; then \
+	      /bin/ranlib $(LIBDIR)/$(DLIB); \
+	    else \
+	      if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(LIBDIR)/$(DLIB); \
+	      fi; \
+	    fi; \
+	    chmod 644 $(LIBDIR)/$(DLIB); \
+	    cp des $(BINDIR)/des; \
+	    chmod 711 $(BINDIR)/des; \
+	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    cp des.h $(INCDIR)/des.h; \
+	    chmod 644 $(INCDIR)/des.h; \
+	fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl
new file mode 100644
index 0000000000..51bfe7cf37
--- /dev/null
+++ b/crypto/des/Makefile.ssl
@@ -0,0 +1,135 @@
+#
+# SSLeay/crypto/des/Makefile
+#
+
+DIR=	des
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+DES_ENC=	des_enc.o fcrypt_b.o
+# or use
+#DES_ENC=	dx86-elf.o cx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile des.org des_locl.org
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	cbc3_enc.c cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+	ecb3_enc.c ecb_enc.c  ede_enc.c  enc_read.c enc_writ.c \
+	fcrypt.c   ncbc_enc.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+	qud_cksm.c rand_key.c read_pwd.c rpc_enc.c  set_key.c  \
+	des_enc.c fcrypt_b.c read2pwd.c \
+	fcrypt.c xcbc_enc.c \
+	str2key.c  cfb64ede.c ofb64ede.c supp.c
+
+LIBOBJ= set_key.o  ecb_enc.o  ede_enc.o  cbc_enc.o  cbc3_enc.o \
+	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+	enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o \
+	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+	${DES_ENC} read2pwd.o \
+	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o supp.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h
+HEADER=	des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+# elf
+asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+
+asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+	as -o asm/dx86-sol.o asm/dx86-sol.s
+	rm -f asm/dx86-sol.s
+
+asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+	as -o asm/cx86-sol.o asm/cx86-sol.s
+	rm -f asm/cx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+
+asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+
+asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile
+	/bin/rm -f des.doc
+	$(TOP)/util/point.sh ../../doc/des.doc des.doc
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+	/bin/rm -f asm/x86ms.pl asm/x86unix.pl
+	$(TOP)/util/point.sh ../../perlasm/x86ms.pl asm/x86ms.pl
+	$(TOP)/util/point.sh ../../perlasm/x86unix.pl asm/x86unix.pl
+
+install: installs
+
+installs:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/des/Makefile.uni b/crypto/des/Makefile.uni
new file mode 100644
index 0000000000..4e29805cf2
--- /dev/null
+++ b/crypto/des/Makefile.uni
@@ -0,0 +1,249 @@
+# You must select the correct terminal control system to be used to
+# turn character echo off when reading passwords.  There a 5 systems
+# SGTTY   - the old BSD system
+# TERMIO  - most system V boxes
+# TERMIOS - SGI (ala IRIX).
+# VMS     - the DEC operating system
+# MSDOS   - we all know what it is :-)
+# read_pwd.c makes a reasonable guess at what is correct.
+
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# If you are on a DEC Alpha, edit des.h and change the DES_LONG
+# define to 'unsigned int'.  I have seen this give a %20 speedup.
+
+OPTS0= -DRAND -DTERMIO #-DNOCONST
+
+# Version 1.94 has changed the strings_to_key function so that it is
+# now compatible with MITs when the string is longer than 8 characters.
+# If you wish to keep the old version, uncomment the following line.
+# This will affect the -E/-D options on des(1).
+#OPTS1= -DOLD_STR_TO_KEY
+
+# There are 4 possible performance options
+# -DDES_PTR
+# -DDES_RISC1
+# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
+# -DDES_UNROLL
+# after the initial build, run 'des_opts' to see which options are best
+# for your platform.  There are some listed in options.txt
+#OPTS2= -DDES_PTR 
+#OPTS3= -DDES_RISC1 # or DES_RISC2
+#OPTS4= -DDES_UNROLL
+
+OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of des_encrypt*().
+DES_ENC=des_enc.o fcrypt_b.o		# normal C version
+#DES_ENC=asm/dx86-elf.o	asm/cx86-elf.o	# elf format x86
+#DES_ENC=asm/dx86-out.o	asm/cx86-out.o	# a.out format x86
+#DES_ENC=asm/dx86-sol.o	asm/cx86-sol.o	# solaris format x86 
+#DES_ENC=asm/dx86bsdi.o	asm/cx86basi.o	# bsdi format x86 
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+OBJ_LIT=ede_enc.o cbc_enc.o ncbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+	xcbc_enc.o qud_cksm.o \
+	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
+	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
+	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
+
+GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
+	des.doc options.txt asm
+GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
+	GNUmakefile des.man DES.pm DES.pod DES.xs Makefile.PL \
+	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
+	des.org des_locl.org
+TESTING_LIT=	destest speed des_opts
+TESTING_FULL=	destest speed des_opts $(TESTING_LIT)
+TESTING_SRC_LIT=destest.c speed.c des_opts.c
+TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
+HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
+HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
+LIBDES_LIT=ede_enc.c cbc_enc.c ncbc_enc.c ecb_enc.c fcrypt.c set_key.c \
+	des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
+	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c  cbc3_enc.c  \
+	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
+	rand_key.c rpc_enc.c  str2key.c  supp.c \
+	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
+
+PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+OBJ=	$(OBJ_FULL)
+GENERAL=$(GENERAL_FULL)
+TESTING=$(TESTING_FULL)
+TESTING_SRC=$(TESTING_SRC_FULL)
+HEADERS=$(HEADERS_FULL)
+LIBDES=	$(LIBDES_FULL)
+
+ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
+
+DLIB=	libdes.a
+
+all: $(DLIB) $(TESTING)
+
+cc:
+	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+	$(MAKE) DES_ENC='asm/dx86-elf.o asm/cx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+	$(MAKE) DES_ENC='asm/dx86-out.o asm/cx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+	$(MAKE) DES_ENC='asm/dx86-sol.o asm/cx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/cx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
+
+asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DELF asm/cx86unix.cpp | $(AS) -o asm/cx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+	as -o asm/dx86-sol.o asm/dx86-sol.s
+	rm -f asm/dx86-sol.s
+
+asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+	as -o asm/cx86-sol.o asm/cx86-sol.s
+	rm -f asm/cx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
+
+asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DOUT asm/cx86unix.cpp | $(AS) -o asm/cx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
+
+asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
+	$(CPP) -DBSDI asm/cx86unix.cpp | $(AS) -o asm/cx86bsdi.o
+
+test:	all
+	./destest
+
+$(DLIB): $(OBJ)
+	/bin/rm -f $(DLIB)
+	ar cr $(DLIB) $(OBJ)
+	-if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
+	else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
+	else exit 0; fi; fi
+
+des_opts: des_opts.o $(DLIB)
+	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
+
+destest: destest.o $(DLIB)
+	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
+
+rpw: rpw.o $(DLIB)
+	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
+
+speed: speed.o $(DLIB)
+	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
+
+des: des.o $(DLIB)
+	$(CC) $(CFLAGS) -o des des.o $(DLIB)
+
+tags:
+	ctags $(TESTING_SRC) $(LIBDES)
+
+tar_lit:
+	/bin/mv Makefile Makefile.tmp
+	/bin/cp Makefile.lit Makefile
+	tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
+		$(GENERAL_LIT) $(TESTING_SRC_LIT)
+	/bin/rm -f Makefile
+	/bin/mv Makefile.tmp Makefile
+
+tar:
+	tar chf libdes.tar $(ALL)
+
+shar:
+	shar $(ALL) >libdes.shar
+
+depend:
+	makedepend $(LIBDES) $(TESTING_SRC)
+
+clean:
+	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
+
+dclean:
+	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+	mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(DLIB) des
+	if test $(INSTALLTOP); then \
+	    echo SSL style install; \
+	    cp $(DLIB) $(INSTALLTOP)/lib; \
+	    if test -s /bin/ranlib; then \
+	        /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+	    else \
+		if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+	    fi; fi; \
+	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
+	    cp des.h $(INSTALLTOP)/include; \
+	    chmod 644 $(INSTALLTOP)/include/des.h; \
+	    cp des $(INSTALLTOP)/bin; \
+	    chmod 755 $(INSTALLTOP)/bin/des; \
+	else \
+	    echo Standalone install; \
+	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
+	    if test -s /bin/ranlib; then \
+	      /bin/ranlib $(LIBDIR)/$(DLIB); \
+	    else \
+	      if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(LIBDIR)/$(DLIB); \
+	      fi; \
+	    fi; \
+	    chmod 644 $(LIBDIR)/$(DLIB); \
+	    cp des $(BINDIR)/des; \
+	    chmod 711 $(BINDIR)/des; \
+	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    cp des.h $(INCDIR)/des.h; \
+	    chmod 644 $(INCDIR)/des.h; \
+	fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/des/PC1 b/crypto/des/PC1
new file mode 100644
index 0000000000..efb8348b72
--- /dev/null
+++ b/crypto/des/PC1
@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+
+@PC1=(  57,49,41,33,25,17, 9,
+	 1,58,50,42,34,26,18,
+	10, 2,59,51,43,35,27,
+	19,11, 3,60,52,44,36,
+	"-","-","-","-",
+	63,55,47,39,31,23,15,
+	 7,62,54,46,38,30,22,
+	14, 6,61,53,45,37,29,
+	21,13, 5,28,20,12, 4,
+	"-","-","-","-",
+	);
+
+foreach (@PC1)
+	{
+	if ($_ ne "-")
+		{
+		$_--;
+		$_=int($_/8)*8+7-($_%8);
+		printf "%2d  ",$_;
+		}
+	else
+		{ print "--  "; }
+	print "\n" if (((++$i) % 8) == 0);
+	print "\n" if ((($i) % 32) == 0);
+	}
+
diff --git a/crypto/des/PC2 b/crypto/des/PC2
new file mode 100644
index 0000000000..2d560270ec
--- /dev/null
+++ b/crypto/des/PC2
@@ -0,0 +1,57 @@
+#!/usr/local/bin/perl
+
+@PC2_C=(14,17,11,24, 1, 5,
+	 3,28,15, 6,21,10,
+	23,19,12, 4,26, 8,
+	16, 7,27,20,13, 2,
+	);
+
+@PC2_D=(41,52,31,37,47,55,
+	30,40,51,45,33,48,
+	44,49,39,56,34,53,
+	46,42,50,36,29,32,
+	);
+
+foreach (@PC2_C) {
+	if ($_ ne "-")
+		{
+		$_--;
+		printf "%2d  ",$_; }
+	else { print "--  "; }
+	$C{$_}=1;
+	print "\n" if (((++$i) % 8) == 0);
+	}
+$i=0;
+print "\n";
+foreach (@PC2_D) {
+	if ($_ ne "-")
+		{
+		$_-=29;
+		printf "%2d  ",$_; }
+	else { print "--  "; }
+	$D{$_}=1;
+	print "\n" if (((++$i) % 8) == 0); }
+
+print "\n";
+foreach $i (0 .. 27)
+	{
+	$_=$C{$i};
+	if ($_ ne "-") {printf "%2d ",$_;}
+	else { print "--  "; }
+	print "\n" if (((++$i) % 8) == 0);
+	}
+print "\n";
+
+print "\n";
+foreach $i (0 .. 27)
+	{
+	$_=$D{$i};
+	if ($_ ne "-") {printf "%2d  ",$_;}
+	else { print "--  "; }
+	print "\n" if (((++$i) % 8) == 0);
+	}
+print "\n";
+sub numsort
+	{
+	$a-$b;
+	}
diff --git a/crypto/des/README b/crypto/des/README
new file mode 100644
index 0000000000..621a5ab467
--- /dev/null
+++ b/crypto/des/README
@@ -0,0 +1,54 @@
+
+		libdes, Version 4.01 10-Jan-97
+
+		Copyright (c) 1997, Eric Young
+			  All rights reserved.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms specified in COPYRIGHT.
+    
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay.  Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command.  I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336).  It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+  ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/crypto/des/VERSION b/crypto/des/VERSION
new file mode 100644
index 0000000000..b5a2fb7ed9
--- /dev/null
+++ b/crypto/des/VERSION
@@ -0,0 +1,387 @@
+Version 4.02
+	I was doing if (memcmp(weak_keys[i],key,sizeof(key)) == 0)
+	when checking for weak keys which is wrong :-(, pointed out by
+	rkus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+	Even faster inner loop in the DES assember for x86 and a modification
+	for IP/FP which is faster on x86.  Both of these changes are
+	from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
+	changes make the assember run %40 faster on a pentium.  This is just
+	a case of getting the instruction sequence 'just right'.
+	All credit to 'Svend' :-)
+	Quite a few special x86 'make' targets.
+	A libdes-l (lite) distribution.
+
+Version 4.00
+	After a bit of a pause, I'll up the major version number since this
+	is mostly a performace release.  I've added x86 assember and
+	added more options for performance.  A %28 speedup for gcc 
+	on a pentium and the assember is a %50 speedup.
+	MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+	Run des_opts to work out which options should be used.
+	DES_RISC1/DES_RISC2 use alternative inner loops which use
+	more registers but should give speedups on any CPU that does
+	dual issue (pentium).  DES_UNROLL unrolls the inner loop,
+	which costs in code size.
+
+Version 3.26
+	I've finally removed one of the shifts in D_ENCRYPT.  This
+	meant I've changed the des_SPtrans table (spr.h), the set_key()
+	function and some things in des_enc.c.  This has definitly
+	made things faster :-).  I've known about this one for some
+	time but I've been too lazy to follow it up :-).
+	Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+	instead of L^=((..)|(..)|(..)..  This should save a register at
+	least.
+	Assember for x86.  The file to replace is des_enc.c, which is replaced
+	by one of the assember files found in asm.  Look at des/asm/readme
+	for more info.
+
+	/* Modification to fcrypt so it can be compiled to support
+	HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+	Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+	SIGWINCH case put in des_read_passwd() so the function does not
+	'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+	Modified read_pwd.c so that stdin can be read if not a tty.
+	Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+	des_init_random_number_generator() shortened due to VMS linker
+	limits.
+	Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
+	8 byte quantites xored before and after encryption.
+	des_xcbc_encryption() - the name is funny to preserve the des_
+	prefix on all functions.
+
+Version 3.24 20/04/96
+	The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+	Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
+	it gives a %20 speedup :-)
+	Fixed the problem with des.pl under perl5.  The patches were
+	sent by Ed Kubaitis (ejk@uiuc.edu).
+	if fcrypt.c, changed values to handle illegal salt values the way
+	normal crypt() implementations do.  Some programs apparently use
+	them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+	Bug in des(1), an error with the uuencoding stuff when the
+	'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+	for the patch.
+
+Version 3.21 22/11/95
+	After some emailing back and forth with 
+	Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+	and in a future version I will probably put in some of the
+	optimisation he suggested for use with the DES_USE_PTR option.
+	Extra routines from Mark Murray <mark@grondar.za> for use in
+	freeBSD.  They mostly involve random number generation for use
+	with kerberos.  They involve evil machine specific system calls
+	etc so I would normally suggest pushing this stuff into the
+	application and/or using RAND_seed()/RAND_bytes() if you are
+	using this DES library as part of SSLeay.
+	Redone the read_pw() function so that it is cleaner and
+	supports termios, thanks to Sameer Parekh <sameer@c2.org>
+	for the initial patches for this.
+	Renamed 3ecb_encrypt() to ecb3_encrypt().  This has been
+	 done just to make things more consistent.
+	I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+	Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+	my des_random_seed() function was only copying 4 bytes of the
+	passed seed into the init structure.  It is now fixed to copy 8.
+	My own suggestion is to used something like MD5 :-)
+
+Version 3.19 
+	While looking at my code one day, I though, why do I keep on
+	calling des_encrypt(in,out,ks,enc) when every function that
+	calls it has in and out the same.  So I dropped the 'out'
+	parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+	Fixed a few bit with the distribution and the filenames.
+	3.17 had been munged via a move to DOS and back again.
+	NO CODE CHANGES
+
+Version 3.17 14/07/95
+	Fixed ede3 cbc which I had broken in 3.16.  I have also
+	removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+	Added des_encrypt2() which does not use IP/FP, used by triple
+	des routines.  Tweaked things a bit elsewhere. %13 speedup on
+	sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+	Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+	'normal' and copies the new iv value back over the top of the
+	passed parameter.
+	CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+	the iv.  THIS WILL BREAK EXISTING CODE, but since this function
+	only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+	I need to update the documentation.
+
+Version 3.14 31/05/95
+	New release upon the world, as part of my SSL implementation.
+	New copyright and usage stuff.  Basically free for all to use
+	as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+	A fix in speed.c, if HZ is not defined, I set it to 100.0
+	which is reasonable for most unixes except SunOS 4.x.
+	I now have a #ifdef sun but timing for SunOS 4.x looked very
+	good :-(.  At my last job where I used SunOS 4.x, it was
+	defined to be 60.0 (look at the old INSTALL documentation), at
+	the last release had it changed to 100.0 since I now work with
+	Solaris2 and SVR4 boxes.
+	Thanks to  Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+	one out.
+
+Version 3.12 08/05/95
+	As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+	my D_ENCRYPT macro in crypt() had an un-necessary variable.
+	It has been removed.
+
+Version 3.11 03/05/95
+	Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+	and one iv.  It is a standard and I needed it for my SSL code.
+	It makes more sense to use this for triple DES than
+	3cbc_encrypt().  I have also added (or should I say tested :-)
+	cfb64_encrypt() which is cfb64 but it will encrypt a partial
+	number of bytes - 3 bytes in 3 bytes out.  Again this is for
+	my SSL library, as a form of encryption to use with SSL
+	telnet.
+
+Version 3.10 22/03/95
+	Fixed a bug in 3cbc_encrypt() :-(.  When making repeated calls
+	to cbc3_encrypt, the 2 iv values that were being returned to
+	be used in the next call were reversed :-(.
+	Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+	this error.
+
+Version 3.09 01/02/95
+	Fixed des_random_key to far more random, it was rather feeble
+	with regards to picking the initial seed.  The problem was
+	pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+	Added Makefile.PL so libdes can be built into perl5.
+	Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+	Added GNUmake and stuff so the library can be build with
+	glibc.
+
+Version 3.06 30/08/94
+	Added rpc_enc.c which contains _des_crypt.  This is for use in
+	secure_rpc v 4.0
+	Finally fixed the cfb_enc problems.
+	Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+	to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+	for unsigned long l; gcc does not produce ((l>>34) == 0)
+	This causes bugs in cfb_enc.
+	Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+	Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+	Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+	I now work in a place where there are 6+ architectures and 14+
+	OS versions :-).
+	Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+	Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+	Fixed up documentation.
+	quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+	Triple DES now defaults to triple cbc but can do triple ecb
+	 with the -b flag.
+	Fixed some MSDOS uuen/uudecoding problems, thanks to
+	Added prototypes.
+	
+Version 2.22 29/06/93
+	Fixed a bug in des_is_weak_key() which stopped it working :-(
+	thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+	des(1) with no arguments gives quite a bit of help.
+	Added -c (generate ckecksum) flag to des(1).
+	Added -3 (triple DES) flag to des(1).
+	Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+	Added -u (uuencode) flag to des(1).
+	I have been playing with byte order in quad_cksum to make it
+	 compatible with MIT's version.  All I can say is avid this
+	 function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+	Added MSDOS specific macro in ecb_encrypt which gives a %70
+	 speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+	Speedup in set_key (recoding of PC-1)
+	 I now do it in 47 simple operations, down from 60.
+	 Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+	 for motivating me to look for a faster system :-)
+	 The speedup is probably less that 1% but it is still 13
+	 instructions less :-).
+
+Version 2.10 06/10/92
+	The code now works on the 64bit ETA10 and CRAY without modifications or
+	 #defines.  I believe the code should work on any machine that
+	 defines long, int or short to be 8 bytes long.
+	Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+	 for helping me fix the code to run on 64bit machines (he had
+	 access to an ETA10).
+	Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+	 for testing the routines on a CRAY.
+	read_password.c has been renamed to read_passwd.c
+	string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+	Made mods so that the library should work on 64bit CPU's.
+	Removed all my uchar and ulong defs.  To many different
+	 versions of unix define them in their header files in too many
+	 different combinations :-)
+	IRIX - Sillicon Graphics mods (mostly in read_password.c).
+	 Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+	Fixed a bug or 2 in enc_read.c
+	Fixed a bug in enc_write.c
+	Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+	Support for the ETA10.  This is a strange machine that defines
+	longs and ints as 8 bytes and shorts as 4 bytes.
+	Since I do evil things with long * that assume that they are 4
+	bytes.  Look in the Makefile for the option to compile for
+	this machine.  quad_cksum appears to have problems but I
+	will don't have the time to fix it right now, and this is not
+	a function that uses DES and so will not effect the main uses
+	of the library.
+
+Version 1.97 20/05/92 eay
+	Fixed the Imakefile and made some changes to des.h to fix some
+	problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+	Fixed a small bug in string_to_key() where problems could
+	occur if des_check_key was set to true and the string
+	generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+	Added an alternative version of the D_ENCRYPT macro in
+	ecb_encrypt and fcrypt.  Depending on the compiler, one version or the
+	other will be faster.  This was inspired by 
+	Dana How <how@isl.stanford.edu>, and her pointers about doing the
+	*(ulong *)((uchar *)ptr+(value&0xfc))
+	vs
+	ptr[value&0x3f]
+	to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+	Fixed an incompatibility between my string_to_key and the MIT
+	 version.  When the key is longer than 8 chars, I was wrapping
+	 with a different method.  To use the old version, define
+	 OLD_STR_TO_KEY in the makefile.  Thanks to
+	 viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+	Fixed the VMS mods so that echo is now turned off in
+	 read_password.  Thanks again to brennan@coco.cchs.su.oz.AU.
+	MSDOS support added.  The routines can be compiled with
+	 Turbo C (v2.0) and MSC (v5.1).  Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+	Changed D_ENCRYPT so that the rotation of R occurs outside of
+	 the loop.  This required rotating all the longs in sp.h (now
+	 called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	speed.c has been changed so it will work without SIGALRM.  If
+	 times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+	Added -E/-D options to des(1) so it can use string_to_key.
+	Added SVR4 mods suggested by witr@rwwa.COM
+	Added VMS mods suggested by brennan@coco.cchs.su.oz.AU.  If
+	anyone knows how to turn of tty echo in VMS please tell me or
+	implement it yourself :-).
+	Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+	does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+	Now contains a fast small crypt replacement.
+	Added des(1) command.
+	Added des_rw_mode so people can use cbc encryption with
+	enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+	Bug in cbc_cksum.
+	Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+	one out.
+
+Version 1.7 24/09/91 eay
+	Fixed set_key :-)
+	set_key is 4 times faster and takes less space.
+	There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+	Finally go IP and FP finished.
+	Now I need to fix set_key.
+	This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+	20% speedup in ecb_encrypt by changing the E bit selection
+	to use 2 32bit words.  This also required modification of the
+	sp table.  There is still a way to speedup the IP and IP-1
+	(hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+	Faster des_encrypt by loop unrolling
+	Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+	Optimised the code a bit more for the sparc.  I have improved the
+	speed of the inner des_encrypt by speeding up the initial and
+	final permutations.
+
+Version 1.40 23/10/1990 eay
+	Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30  2/10/1990 eay
+	Have made des_quad_cksum the same as MIT's, the full package
+	should be compatible with MIT's
+	Have tested on a DECstation 3100
+	Still need to fix des_set_key (make it faster).
+	Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+	Fixed byte order dependencies.
+	Fixed (I hope) all the word alignment problems.
+	Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+	Added des_enc_read and des_enc_write.
+	Still need to fix des_quad_cksum.
+	Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/crypto/des/asm/c-win32.asm b/crypto/des/asm/c-win32.asm
new file mode 100644
index 0000000000..b7460b8ef7
--- /dev/null
+++ b/crypto/des/asm/c-win32.asm
@@ -0,0 +1,929 @@
+	; Don't even think of reading this code
+	; It was automatically generated by crypt.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, Win32, or Solaris
+	; It can be found in SSLeay 0.6.5+ or in libdes 3.26+
+	; eric <eay@cryptsoft.com>
+	; The inner loop instruction sequence and the IP/FP modifications
+	; are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+	; 
+	TITLE	dx86xxxx.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_fcrypt_body
+EXTRN	_des_SPtrans:DWORD
+_fcrypt_body PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the 2 words
+	xor	edi,		edi
+	xor	esi,		esi
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	DWORD PTR 36[esp],25
+L000start:
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR [ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 4[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 8[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 16[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 20[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 24[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 28[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 32[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 40[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 44[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 48[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 52[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 56[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 64[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 68[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 72[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 76[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 80[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 88[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 92[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 96[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 100[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 104[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 112[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 116[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 28[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 32[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 120[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 124[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	mov	eax,		edi
+	dec	DWORD PTR 36[esp]
+	mov	edi,		esi
+	mov	esi,		eax
+	jnz	L000start
+	; 
+	; FP
+	mov	edx,		DWORD PTR 20[esp]
+	ror	edi,		1
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		0aaaaaaaah
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	eax,		23
+	mov	esi,		eax
+	xor	eax,		edi
+	and	eax,		003fc03fch
+	xor	esi,		eax
+	xor	edi,		eax
+	; 
+	rol	esi,		10
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		033333333h
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	edi,		18
+	mov	esi,		edi
+	xor	edi,		eax
+	and	edi,		0fff0000fh
+	xor	esi,		edi
+	xor	eax,		edi
+	; 
+	rol	esi,		12
+	mov	edi,		esi
+	xor	esi,		eax
+	and	esi,		0f0f0f0f0h
+	xor	edi,		esi
+	xor	eax,		esi
+	; 
+	ror	eax,		4
+	mov	DWORD PTR [edx],eax
+	mov	DWORD PTR 4[edx],edi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_fcrypt_body ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/des/asm/c-win32.uu b/crypto/des/asm/c-win32.uu
new file mode 100644
index 0000000000..09d5d7dd33
--- /dev/null
+++ b/crypto/des/asm/c-win32.uu
@@ -0,0 +1,99 @@
+begin 640 c-win32.obj
+M3`$"`/4&DC,,$```"0`````````N=&5X=```````````````J`H``&0````,
+M"P```````(`````@`#!@+F1A=&$```"H"@`````````````,$```````````
+M````````0``PP%535E<S_S/VBVPD&,=$)"09````BT0D'(O6P>H0BTPD(#/6
+M(\(CT8O8P>,0B\K!X1`SPS/1BUT`,\.+300SQC/6,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0
+MBZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$
+M```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1
+MBUT(,\.+30PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS
+M]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P``
+M`('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6
+MP>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUT0,\.+310SQC/6,]$E_/S\
+M_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!
+M```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`
+M!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0
+MB\K!X1`SPS/1BUT8,\.+31PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$
+MBZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+
+M;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4`
+M`#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUT@,\.+320S
+MQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]
+MBL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;
+M``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7
+M(\(CT8O8P>,0B\K!X1`SPS/1BUTH,\.+32PSQS/7,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0
+MBZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$
+M```S\XN:``4``#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1
+MBUTP,\.+330SQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS
+M_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P``
+M`('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7
+MP>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1BUTX,\.+33PSQS/7,]$E_/S\
+M_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!
+M```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`
+M!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0
+MB\K!X1`SPS/1BUU`,\.+340SQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$
+MBZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+
+M;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4`
+M`#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1BUU(,\.+34PS
+MQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/U
+MBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;
+M``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6P>H0BTPD(#/6
+M(\(CT8O8P>,0B\K!X1`SPS/1BUU0,\.+350SQC/6,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0
+MBZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$
+M```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1
+MBUU8,\.+35PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS
+M]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P``
+M`('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6
+MP>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUU@,\.+360SQC/6,]$E_/S\
+M_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!
+M```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`
+M!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0
+MB\K!X1`SPS/1BUUH,\.+36PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$
+MBZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+
+M;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4`
+M`#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUUP,\.+370S
+MQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]
+MBL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;
+M``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7
+M(\(CT8O8P>,0B\K!X1`SPS/1BUUX,\.+37PSQS/7,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0
+MBZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$
+M```S\XN:``4``#/SB\?_3"0DB_Z+\`^%T/7__XM4)!31SXO&,_>!YJJJJJHS
+MQC/^P<`7B_`SQR7\`_P#,_`S^,'&"HO&,_>!YC,S,S,SQC/^P<<2B_<S^('G
+M#P#P_S/W,\?!Q@R+_C/P@>;P\/#P,_XSQL'(!(D"B7H$7UY;7<-;````!P``
+M``8`90````<````&`'(````'````!@!_````!P````8`F`````<````&`*``
+M```'````!@"H````!P````8`L`````<````&`/T````'````!@`'`0``!P``
+M``8`%`$```<````&`"$!```'````!@`Z`0``!P````8`0@$```<````&`$H!
+M```'````!@!2`0``!P````8`GP$```<````&`*D!```'````!@"V`0``!P``
+M``8`PP$```<````&`-P!```'````!@#D`0``!P````8`[`$```<````&`/0!
+M```'````!@!!`@``!P````8`2P(```<````&`%@"```'````!@!E`@``!P``
+M``8`?@(```<````&`(8"```'````!@".`@``!P````8`E@(```<````&`.,"
+M```'````!@#M`@``!P````8`^@(```<````&``<#```'````!@`@`P``!P``
+M``8`*`,```<````&`#`#```'````!@`X`P``!P````8`A0,```<````&`(\#
+M```'````!@"<`P``!P````8`J0,```<````&`,(#```'````!@#*`P``!P``
+M``8`T@,```<````&`-H#```'````!@`G!```!P````8`,00```<````&`#X$
+M```'````!@!+!```!P````8`9`0```<````&`&P$```'````!@!T!```!P``
+M``8`?`0```<````&`,D$```'````!@#3!```!P````8`X`0```<````&`.T$
+M```'````!@`&!0``!P````8`#@4```<````&`!8%```'````!@`>!0``!P``
+M``8`:P4```<````&`'4%```'````!@""!0``!P````8`CP4```<````&`*@%
+M```'````!@"P!0``!P````8`N`4```<````&`,`%```'````!@`-!@``!P``
+M``8`%P8```<````&`"0&```'````!@`Q!@``!P````8`2@8```<````&`%(&
+M```'````!@!:!@``!P````8`8@8```<````&`*\&```'````!@"Y!@``!P``
+M``8`Q@8```<````&`-,&```'````!@#L!@``!P````8`]`8```<````&`/P&
+M```'````!@`$!P``!P````8`40<```<````&`%L'```'````!@!H!P``!P``
+M``8`=0<```<````&`(X'```'````!@"6!P``!P````8`G@<```<````&`*8'
+M```'````!@#S!P``!P````8`_0<```<````&``H(```'````!@`7"```!P``
+M``8`,`@```<````&`#@(```'````!@!`"```!P````8`2`@```<````&`)4(
+M```'````!@"?"```!P````8`K`@```<````&`+D(```'````!@#2"```!P``
+M``8`V@@```<````&`.((```'````!@#J"```!P````8`-PD```<````&`$$)
+M```'````!@!."0``!P````8`6PD```<````&`'0)```'````!@!\"0``!P``
+M``8`A`D```<````&`(P)```'````!@#9"0``!P````8`XPD```<````&`/`)
+M```'````!@#]"0``!P````8`%@H```<````&`!X*```'````!@`F"@``!P``
+M``8`+@H```<````&`"YF:6QE`````````/[_``!G`BY<8W)Y<'1O7&1E<UQA
+M<VU<8RUW:6XS,BYA<VT``````````"YT97AT``````````$````#`:@*``"`
+M`````````````````"YD871A``````````(````#`0``````````````````
+M```````````$```````````````"```````1``````````$`(``"`!X```!?
+99&5S7U-0=')A;G,`7V9C<GEP=%]B;V1Y````
+`
+end
diff --git a/crypto/des/asm/crypt.pl b/crypto/des/asm/crypt.pl
new file mode 100644
index 0000000000..0a7dce00b4
--- /dev/null
+++ b/crypto/des/asm/crypt.pl
@@ -0,0 +1,240 @@
+#!/usr/local/bin/perl
+#

+# The inner loop instruction sequence and the IP/FP modifications are from

+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>

+# I've added the stuff needed for crypt() but I've not worried about making

+# things perfect.

+#

+

+$prog="crypt.pl";

+

+# base code is in microsft

+# op dest, source

+# format.

+#

+

+require "desboth.pl";

+

+if (	($ARGV[0] eq "elf"))

+	{ require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "a.out"))

+	{ $aout=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "sol"))

+	{ $sol=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "cpp"))

+	{ $cpp=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "win32"))

+	{ require "x86ms.pl"; }

+else

+	{

+	print STDERR <<"EOF";

+Pick one target type from

+	elf	- linux, FreeBSD etc

+	a.out	- old linux

+	sol	- x86 solaris

+	cpp	- format so x86unix.cpp can be used

+	win32	- Windows 95/Windows NT

+EOF

+	exit(1);

+	}

+

+&comment("Don't even think of reading this code");

+&comment("It was automatically generated by $prog");

+&comment("Which is a perl program used to generate the x86 assember for");

+&comment("any of elf, a.out, Win32, or Solaris");

+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");

+&comment("eric <eay\@cryptsoft.com>");

+&comment("The inner loop instruction sequence and the IP/FP modifications");

+&comment("are from Svend Olaf Mikkelsen <svolaf\@inet.uni-c.dk>");

+

+&comment("");

+

+&file("dx86xxxx");

+

+$L="edi";

+$R="esi";

+

+&fcrypt_body("fcrypt_body");

+

+&file_end();

+

+sub fcrypt_body

+	{

+	local($name,$do_ip)=@_;

+

+	&function_begin($name,3,"EXTRN   _des_SPtrans:DWORD");

+

+	&comment("");

+	&comment("Load the 2 words");

+	$ks="ebp";

+

+	&xor(	$L,	$L);

+	&xor(	$R,	$R);

+	&mov($ks,&wparam(1));

+

+	&mov(&wtmp(1),	25);

+

+	&set_label("start");

+	for ($i=0; $i<16; $i+=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+

+		&comment("");

+		&comment("Round ".sprintf("%d",$i+1));

+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+	&mov("eax",	$L);

+	&dec(&wtmp(1));

+	&mov($L,	$R);

+	&mov($R,	"eax");

+	&jnz(&label("start"));

+

+	&comment("");

+	&comment("FP");

+	&mov("edx",&wparam(0));

+

+	&FP_new($R,$L,"eax",3);

+	&mov(&DWP(0,"edx","",0),"eax");

+	&mov(&DWP(4,"edx","",0),$L);

+

+	&function_end($name);

+	}

+

+sub D_ENCRYPT

+	{

+	local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;

+

+	&mov(	$u,		&wparam(2));			# 2

+	&mov(	$t,		$R);

+	&shr(	$t,		16);				# 1

+	&mov(	$tmp2,		&wparam(3));			# 2

+	&xor(	$t,		$R);				# 1

+

+	&and(	$u,		$t);				# 2

+	&and(	$t,		$tmp2);				# 2

+

+	&mov(	$tmp1,		$u);

+	&shl(	$tmp1,		16); 				# 1

+	&mov(	$tmp2,		$t);

+	&shl(	$tmp2,		16); 				# 1

+	&xor(	$u,		$tmp1);				# 2

+	&xor(	$t,		$tmp2);				# 2

+	&mov(	$tmp1,		&DWP(&n2a($S*4),$ks,"",0));	# 2

+	&xor(	$u,		$tmp1);

+	&mov(	$tmp2,		&DWP(&n2a(($S+1)*4),$ks,"",0));	# 2

+	&xor(	$u,		$R);

+	&xor(	$t,		$R);

+	&xor(	$t,		$tmp2);

+

+	&and(	$u,		"0xfcfcfcfc"	);		# 2

+	&xor(	$tmp1,		$tmp1);				# 1

+	&and(	$t,		"0xcfcfcfcf"	);		# 2

+	&xor(	$tmp2,		$tmp2);	

+	&movb(	&LB($tmp1),	&LB($u)	);

+	&movb(	&LB($tmp2),	&HB($u)	);

+	&rotr(	$t,		4		);

+	&mov(	$ks,		&DWP("      $desSP",$tmp1,"",0));

+	&movb(	&LB($tmp1),	&LB($t)	);

+	&xor(	$L,		$ks);

+	&mov(	$ks,		&DWP("0x200+$desSP",$tmp2,"",0));

+	&xor(	$L,		$ks);

+	&movb(	&LB($tmp2),	&HB($t)	);

+	&shr(	$u,		16);

+	&mov(	$ks,		&DWP("0x100+$desSP",$tmp1,"",0));

+	&xor(	$L,		$ks); 

+	&movb(	&LB($tmp1),	&HB($u)	);

+	&shr(	$t,		16);

+	&mov(	$ks,		&DWP("0x300+$desSP",$tmp2,"",0));

+	&xor(	$L,		$ks);

+	&mov(	$ks,		&DWP(24,"esp","",0));

+	&movb(	&LB($tmp2),	&HB($t)	);

+	&and(	$u,		"0xff"	);

+	&and(	$t,		"0xff"	);

+	&mov(	$tmp1,		&DWP("0x600+$desSP",$tmp1,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x700+$desSP",$tmp2,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x400+$desSP",$u,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x500+$desSP",$t,"",0));

+	&xor(	$L,		$tmp1);

+	}

+

+sub n2a

+	{

+	sprintf("%d",$_[0]);

+	}

+

+# now has a side affect of rotating $a by $shift

+sub R_PERM_OP

+	{

+	local($a,$b,$tt,$shift,$mask,$last)=@_;

+

+	&rotl(	$a,		$shift		) if ($shift != 0);

+	&mov(	$tt,		$a		);

+	&xor(	$a,		$b		);

+	&and(	$a,		$mask		);

+	if ($notlast eq $b)

+		{

+		&xor(	$b,		$a		);

+		&xor(	$tt,		$a		);

+		}

+	else

+		{

+		&xor(	$tt,		$a		);

+		&xor(	$b,		$a		);

+		}

+	&comment("");

+	}

+

+sub IP_new

+	{

+	local($l,$r,$tt,$lr)=@_;

+

+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);

+	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);

+	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);

+	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);

+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);

+	

+	if ($lr != 3)

+		{

+		if (($lr-3) < 0)

+			{ &rotr($tt,	3-$lr); }

+		else	{ &rotl($tt,	$lr-3); }

+		}

+	if ($lr != 2)

+		{

+		if (($lr-2) < 0)

+			{ &rotr($r,	2-$lr); }

+		else	{ &rotl($r,	$lr-2); }

+		}

+	}

+

+sub FP_new

+	{

+	local($l,$r,$tt,$lr)=@_;

+

+	if ($lr != 2)

+		{

+		if (($lr-2) < 0)

+			{ &rotl($r,	2-$lr); }

+		else	{ &rotr($r,	$lr-2); }

+		}

+	if ($lr != 3)

+		{

+		if (($lr-3) < 0)

+			{ &rotl($l,	3-$lr); }

+		else	{ &rotr($l,	$lr-3); }

+		}

+

+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);

+	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);

+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);

+	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);

+	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);

+	&rotr($tt	, 4);

+	}

+

diff --git a/crypto/des/asm/cx86-cpp.s b/crypto/des/asm/cx86-cpp.s
new file mode 100644
index 0000000000..e5165fadf9
--- /dev/null
+++ b/crypto/des/asm/cx86-cpp.s
@@ -0,0 +1,932 @@
+	/* Don't even think of reading this code */
+	/* It was automatically generated by crypt.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, Win32, or Solaris */
+	/* It can be found in SSLeay 0.6.5+ or in libdes 3.26+ */
+	/* eric <eay@cryptsoft.com> */
+	/* The inner loop instruction sequence and the IP/FP modifications */
+	/* are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> */
+
+	.file	"dx86xxxx.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl fcrypt_body
+	TYPE(fcrypt_body,@function)
+fcrypt_body:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the 2 words */
+	xorl	%edi,		%edi
+	xorl	%esi,		%esi
+	movl	24(%esp),	%ebp
+	movl	$25,		-8(%esp)
+.align ALIGN
+.L000start:
+
+	/* Round 0 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	(%ebp),		%ebx
+	xorl	%ebx,		%eax
+	movl	4(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 1 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	8(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	12(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 2 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	16(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	20(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 3 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	24(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	28(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 4 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	32(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	36(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 5 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	40(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	44(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 6 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	48(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	52(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 7 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	56(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	60(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 8 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	64(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	68(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 9 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	72(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	76(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 10 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	80(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	84(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 11 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	88(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	92(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 12 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	96(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	100(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 13 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	104(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	108(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 14 */
+	movl	28(%esp),	%eax
+	movl	%esi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%esi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	112(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	116(%ebp),	%ecx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 15 */
+	movl	28(%esp),	%eax
+	movl	%edi,		%edx
+	shrl	$16,		%edx
+	movl	32(%esp),	%ecx
+	xorl	%edi,		%edx
+	andl	%edx,		%eax
+	andl	%ecx,		%edx
+	movl	%eax,		%ebx
+	sall	$16,		%ebx
+	movl	%edx,		%ecx
+	sall	$16,		%ecx
+	xorl	%ebx,		%eax
+	xorl	%ecx,		%edx
+	movl	120(%ebp),	%ebx
+	xorl	%ebx,		%eax
+	movl	124(%ebp),	%ecx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	xorl	%ecx,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	xorl	%ebx,		%ebx
+	andl	$0xcfcfcfcf,	%edx
+	xorl	%ecx,		%ecx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+	movl	%edi,		%eax
+	decl	-8(%esp)
+	movl	%esi,		%edi
+	movl	%eax,		%esi
+	jnz	.L000start
+
+	/* FP */
+	movl	20(%esp),	%edx
+	rorl	$1,		%edi
+	movl	%esi,		%eax
+	xorl	%edi,		%esi
+	andl	$0xaaaaaaaa,	%esi
+	xorl	%esi,		%eax
+	xorl	%esi,		%edi
+
+	roll	$23,		%eax
+	movl	%eax,		%esi
+	xorl	%edi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%esi
+	xorl	%eax,		%edi
+
+	roll	$10,		%esi
+	movl	%esi,		%eax
+	xorl	%edi,		%esi
+	andl	$0x33333333,	%esi
+	xorl	%esi,		%eax
+	xorl	%esi,		%edi
+
+	roll	$18,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xfff0000f,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	roll	$12,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xf0f0f0f0,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%edx)
+	movl	%edi,		4(%edx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.fcrypt_body_end:
+	SIZE(fcrypt_body,.fcrypt_body_end-fcrypt_body)
+.ident	"desasm.pl"
diff --git a/crypto/des/asm/cx86unix.cpp b/crypto/des/asm/cx86unix.cpp
new file mode 100644
index 0000000000..90f87c95ef
--- /dev/null
+++ b/crypto/des/asm/cx86unix.cpp
@@ -0,0 +1,35 @@
+
+#define TYPE(a,b)	.type	a,b
+#define SIZE(a,b)	.size	a,b
+
+#ifdef OUT
+#define OK		1
+#define des_SPtrans	_des_SPtrans
+#define fcrypt_body	_fcrypt_body
+#define ALIGN		4
+#endif
+
+#ifdef BSDI
+#define OK		1
+#define des_SPtrans	_des_SPtrans
+#define fcrypt_body	_fcrypt_body
+#define ALIGN		4
+#undef SIZE
+#undef TYPE
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK		1
+#define ALIGN		16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+#include "cx86-cpp.s" 
+
diff --git a/crypto/des/asm/d-win32.asm b/crypto/des/asm/d-win32.asm
new file mode 100644
index 0000000000..fc62e3b785
--- /dev/null
+++ b/crypto/des/asm/d-win32.asm
@@ -0,0 +1,2765 @@
+	; Don't even think of reading this code
+	; It was automatically generated by des-som3.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, Win32, or Solaris
+	; It can be found in SSLeay 0.6.5+ or in libdes 3.26+
+	; eric <eay@cryptsoft.com>
+	; The inner loop instruction sequence and the IP/FP modifications
+	; are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+	; 
+	TITLE	dx86xxxx.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_des_encrypt
+EXTRN	_des_SPtrans:DWORD
+_des_encrypt PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the 2 words
+	mov	esi,		DWORD PTR 20[esp]
+	xor	ecx,		ecx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 28[esp]
+	mov	edi,		DWORD PTR 4[esi]
+	; 
+	; IP
+	rol	eax,		4
+	mov	esi,		eax
+	xor	eax,		edi
+	and	eax,		0f0f0f0f0h
+	xor	esi,		eax
+	xor	edi,		eax
+	; 
+	rol	edi,		20
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		0fff0000fh
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	eax,		14
+	mov	edi,		eax
+	xor	eax,		esi
+	and	eax,		033333333h
+	xor	edi,		eax
+	xor	esi,		eax
+	; 
+	rol	esi,		22
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		003fc03fch
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	eax,		9
+	mov	esi,		eax
+	xor	eax,		edi
+	and	eax,		0aaaaaaaah
+	xor	esi,		eax
+	xor	edi,		eax
+	; 
+	rol	edi,		1
+	cmp	ebx,		0
+	mov	ebp,		DWORD PTR 24[esp]
+	je	$L000start_decrypt
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR [ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 4[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 8[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 12[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 16[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 20[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 24[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 28[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 32[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 36[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 40[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 44[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 48[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 52[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 56[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 60[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 64[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 68[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 72[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 76[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 80[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 84[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 88[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 92[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 96[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 100[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 104[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 108[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 112[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 116[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 120[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 124[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	jmp	$L001end
+$L000start_decrypt:
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 120[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 124[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 112[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 116[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 104[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 108[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 96[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 100[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 88[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 92[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 80[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 84[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 72[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 76[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 64[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 68[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 56[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 60[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 48[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 52[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 40[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 44[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 32[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 36[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 24[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 28[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 16[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 20[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 8[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 12[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR [ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 4[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+$L001end:
+	; 
+	; FP
+	mov	edx,		DWORD PTR 20[esp]
+	ror	esi,		1
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		0aaaaaaaah
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	eax,		23
+	mov	edi,		eax
+	xor	eax,		esi
+	and	eax,		003fc03fch
+	xor	edi,		eax
+	xor	esi,		eax
+	; 
+	rol	edi,		10
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		033333333h
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	esi,		18
+	mov	edi,		esi
+	xor	esi,		eax
+	and	esi,		0fff0000fh
+	xor	edi,		esi
+	xor	eax,		esi
+	; 
+	rol	edi,		12
+	mov	esi,		edi
+	xor	edi,		eax
+	and	edi,		0f0f0f0f0h
+	xor	esi,		edi
+	xor	eax,		edi
+	; 
+	ror	eax,		4
+	mov	DWORD PTR [edx],eax
+	mov	DWORD PTR 4[edx],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_des_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_des_encrypt2
+EXTRN	_des_SPtrans:DWORD
+_des_encrypt2 PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the 2 words
+	mov	eax,		DWORD PTR 20[esp]
+	xor	ecx,		ecx
+	mov	esi,		DWORD PTR [eax]
+	mov	ebx,		DWORD PTR 28[esp]
+	rol	esi,		3
+	mov	edi,		DWORD PTR 4[eax]
+	rol	edi,		3
+	cmp	ebx,		0
+	mov	ebp,		DWORD PTR 24[esp]
+	je	$L002start_decrypt
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR [ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 4[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 8[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 12[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 16[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 20[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 24[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 28[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 32[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 36[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 40[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 44[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 48[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 52[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 56[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 60[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 64[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 68[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 72[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 76[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 80[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 84[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 88[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 92[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 96[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 100[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 104[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 108[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 112[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 116[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 120[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 124[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	jmp	$L003end
+$L002start_decrypt:
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 120[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 124[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 112[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 116[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 104[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 108[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 96[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 100[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 88[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 92[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 80[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 84[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 72[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 76[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 64[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 68[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 56[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 60[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 48[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 52[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 40[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 44[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 32[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 36[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 24[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 28[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 16[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 20[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 8[ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 12[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR [ebp]
+	xor	ebx,		ebx
+	mov	edx,		DWORD PTR 4[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	and	eax,		0fcfcfcfch
+	and	edx,		0cfcfcfcfh
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 24[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+$L003end:
+	; 
+	; Fixup
+	ror	edi,		3
+	mov	eax,		DWORD PTR 20[esp]
+	ror	esi,		3
+	mov	DWORD PTR [eax],edi
+	mov	DWORD PTR 4[eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_des_encrypt2 ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_des_encrypt3
+EXTRN	_des_SPtrans:DWORD
+_des_encrypt3 PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the data words
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	; 
+	; IP
+	rol	edi,		4
+	mov	edx,		edi
+	xor	edi,		esi
+	and	edi,		0f0f0f0f0h
+	xor	edx,		edi
+	xor	esi,		edi
+	; 
+	rol	esi,		20
+	mov	edi,		esi
+	xor	esi,		edx
+	and	esi,		0fff0000fh
+	xor	edi,		esi
+	xor	edx,		esi
+	; 
+	rol	edi,		14
+	mov	esi,		edi
+	xor	edi,		edx
+	and	edi,		033333333h
+	xor	esi,		edi
+	xor	edx,		edi
+	; 
+	rol	edx,		22
+	mov	edi,		edx
+	xor	edx,		esi
+	and	edx,		003fc03fch
+	xor	edi,		edx
+	xor	esi,		edx
+	; 
+	rol	edi,		9
+	mov	edx,		edi
+	xor	edi,		esi
+	and	edi,		0aaaaaaaah
+	xor	edx,		edi
+	xor	esi,		edi
+	; 
+	ror	edx,		3
+	ror	esi,		2
+	mov	DWORD PTR 4[ebx],esi
+	mov	eax,		DWORD PTR 24[esp]
+	mov	DWORD PTR [ebx],edx
+	mov	edi,		DWORD PTR 28[esp]
+	mov	esi,		DWORD PTR 32[esp]
+	push	1
+	push	eax
+	push	ebx
+	call	_des_encrypt2
+	push	0
+	push	edi
+	push	ebx
+	call	_des_encrypt2
+	push	1
+	push	esi
+	push	ebx
+	call	_des_encrypt2
+	mov	edi,		DWORD PTR [ebx]
+	add	esp,		36
+	mov	esi,		DWORD PTR 4[ebx]
+	; 
+	; FP
+	rol	esi,		2
+	rol	edi,		3
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		0aaaaaaaah
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	eax,		23
+	mov	edi,		eax
+	xor	eax,		esi
+	and	eax,		003fc03fch
+	xor	edi,		eax
+	xor	esi,		eax
+	; 
+	rol	edi,		10
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		033333333h
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	esi,		18
+	mov	edi,		esi
+	xor	esi,		eax
+	and	esi,		0fff0000fh
+	xor	edi,		esi
+	xor	eax,		esi
+	; 
+	rol	edi,		12
+	mov	esi,		edi
+	xor	edi,		eax
+	and	edi,		0f0f0f0f0h
+	xor	esi,		edi
+	xor	eax,		edi
+	; 
+	ror	eax,		4
+	mov	DWORD PTR [ebx],eax
+	mov	DWORD PTR 4[ebx],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_des_encrypt3 ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_des_decrypt3
+EXTRN	_des_SPtrans:DWORD
+_des_decrypt3 PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the data words
+	mov	ebx,		DWORD PTR 20[esp]
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	; 
+	; IP
+	rol	edi,		4
+	mov	edx,		edi
+	xor	edi,		esi
+	and	edi,		0f0f0f0f0h
+	xor	edx,		edi
+	xor	esi,		edi
+	; 
+	rol	esi,		20
+	mov	edi,		esi
+	xor	esi,		edx
+	and	esi,		0fff0000fh
+	xor	edi,		esi
+	xor	edx,		esi
+	; 
+	rol	edi,		14
+	mov	esi,		edi
+	xor	edi,		edx
+	and	edi,		033333333h
+	xor	esi,		edi
+	xor	edx,		edi
+	; 
+	rol	edx,		22
+	mov	edi,		edx
+	xor	edx,		esi
+	and	edx,		003fc03fch
+	xor	edi,		edx
+	xor	esi,		edx
+	; 
+	rol	edi,		9
+	mov	edx,		edi
+	xor	edi,		esi
+	and	edi,		0aaaaaaaah
+	xor	edx,		edi
+	xor	esi,		edi
+	; 
+	ror	edx,		3
+	ror	esi,		2
+	mov	DWORD PTR 4[ebx],esi
+	mov	esi,		DWORD PTR 24[esp]
+	mov	DWORD PTR [ebx],edx
+	mov	edi,		DWORD PTR 28[esp]
+	mov	eax,		DWORD PTR 32[esp]
+	push	0
+	push	eax
+	push	ebx
+	call	_des_encrypt2
+	push	1
+	push	edi
+	push	ebx
+	call	_des_encrypt2
+	push	0
+	push	esi
+	push	ebx
+	call	_des_encrypt2
+	mov	edi,		DWORD PTR [ebx]
+	add	esp,		36
+	mov	esi,		DWORD PTR 4[ebx]
+	; 
+	; FP
+	rol	esi,		2
+	rol	edi,		3
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		0aaaaaaaah
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	eax,		23
+	mov	edi,		eax
+	xor	eax,		esi
+	and	eax,		003fc03fch
+	xor	edi,		eax
+	xor	esi,		eax
+	; 
+	rol	edi,		10
+	mov	eax,		edi
+	xor	edi,		esi
+	and	edi,		033333333h
+	xor	eax,		edi
+	xor	esi,		edi
+	; 
+	rol	esi,		18
+	mov	edi,		esi
+	xor	esi,		eax
+	and	esi,		0fff0000fh
+	xor	edi,		esi
+	xor	eax,		esi
+	; 
+	rol	edi,		12
+	mov	esi,		edi
+	xor	edi,		eax
+	and	edi,		0f0f0f0f0h
+	xor	esi,		edi
+	xor	eax,		edi
+	; 
+	ror	eax,		4
+	mov	DWORD PTR [ebx],eax
+	mov	DWORD PTR 4[ebx],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_des_decrypt3 ENDP
+_TEXT	ENDS
+END
diff --git a/crypto/des/asm/d-win32.uu b/crypto/des/asm/d-win32.uu
new file mode 100644
index 0000000000..70d63838f1
--- /dev/null
+++ b/crypto/des/asm/d-win32.uu
@@ -0,0 +1,319 @@
+begin 640 d-win32.obj
+M3`$"`/4&DC-`-@``#``````````N=&5X=```````````````W"$``&0```!`
+M(@`````````"```@`#!@+F1A=&$```#<(0````````````!`-@``````````
+M````````0``PP%535E>+="04,\F+!HM<)!R+?@3!P`2+\#/')?#P\/`S\#/X
+MP<<4B\<S_H'G#P#P_S/',_?!P`Z+^#/&)3,S,S,S^#/PP<86B\8S]X'F_`/\
+M`S/&,_[!P`F+\#/'):JJJJHS\#/XT<>#^P"+;"08#X2U!P``BT4`,]N+500S
+MQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+
+MJP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[
+MBYD`!P``,_N+F``$```S^XN:``4``#/[BT4(,]N+50PSQS/7)?S\_/R!XL_/
+MS\^*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0
+MBZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$
+M```S\XN:``4``#/SBT40,]N+510SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`
+M````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08
+MBLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[
+MBT48,]N+51PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(`
+M`#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P``
+M`(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT4@,]N+520SQC/6
+M)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!
+M```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`
+M!P``,_N+F``$```S^XN:``4``#/[BT4H,]N+52PSQS/7)?S\_/R!XL_/S\^*
+MV(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD`
+M`P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S
+M\XN:``4``#/SBT4P,]N+530SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````
+MBMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE
+M_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT4X
+M,]N+53PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(``#/U
+MBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;
+M``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT5`,]N+540SQC/6)?S\
+M_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S
+M_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``
+M,_N+F``$```S^XN:``4``#/[BT5(,]N+54PSQS/7)?S\_/R!XL_/S\^*V(K,
+MP<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``
+M,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:
+M``4``#/SBT50,]N+550SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS
+M_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P``
+M`('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT58,]N+
+M55PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!
+MZ!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;``8`
+M`#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT5@,]N+560SQC/6)?S\_/R!
+MXL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<
+MP>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+
+MF``$```S^XN:``4``#/[BT5H,]N+56PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$
+MBZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+
+M;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4`
+M`#/SBT5P,]N+570SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI
+M``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B
+M_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT5X,]N+57PS
+MQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+
+MJP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/S
+MBYD`!P``,_.+F``$```S\XN:``4``#/SZ;`'``"+17@SVXM5?#/&,]8E_/S\
+M_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]
+MBMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S
+M^XN8``0``#/[BYH`!0``,_N+17`SVXM5=#/',]<E_/S\_('BS\_/SXK8BLS!
+MR@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S
+M]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`
+M!0``,_.+16@SVXM5;#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]
+MBZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````
+M@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+16`SVXM5
+M9#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H
+M$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``
+M,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+15@SVXM57#/&,]8E_/S\_('B
+MS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!
+MZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8
+M``0``#/[BYH`!0``,_N+15`SVXM55#/',]<E_/S\_('BS\_/SXK8BLS!R@2+
+MJP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML
+M)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``
+M,_.+14@SVXM53#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD`
+M`@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_
+M````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+14`SVXM51#/'
+M,]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK
+M``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+
+MF0`'```S\XN8``0``#/SBYH`!0``,_.+13@SVXM5/#/&,]8E_/S\_('BS\_/
+MSXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+
+MJ0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0`
+M`#/[BYH`!0``,_N+13`SVXM5-#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP``
+M``"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*
+MSB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+
+M12@SVXM5+#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``
+M,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````
+MBYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+12`SVXM5)#/',]<E
+M_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$`
+M`#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'
+M```S\XN8``0``#/SBYH`!0``,_.+11@SVXM5'#/&,]8E_/S\_('BS\_/SXK8
+MBLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#
+M```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[
+MBYH`!0``,_N+11`SVXM5%#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*
+MVC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_
+M````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+10@S
+MVXM5##/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*
+MSL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`
+M!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+10`SVXM5!#/',]<E_/S\
+M_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/U
+MBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S
+M\XN8``0``#/SBYH`!0``,_.+5"04T<Z+QS/^@>>JJJJJ,\<S]\'`%XOX,\8E
+M_`/\`S/X,_#!QPJ+QS/^@><S,S,S,\<S]\'&$HO^,_"!Y@\`\/\S_C/&P<<,
+MB_<S^('G\/#P\#/W,\?!R`2)`HER!%]>6UW#55-65XM$)!0SR8LPBUPD','&
+M`XMX!,''`X/[`(ML)!@/A+4'``"+10`SVXM5!#/&,]8E_/S\_('BS\_/SXK8
+MBLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#
+M```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[
+MBYH`!0``,_N+10@SVXM5##/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*
+MVC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_
+M````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+11`S
+MVXM5%#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*
+MSL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`
+M!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+11@SVXM5'#/',]<E_/S\
+M_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/U
+MBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S
+M\XN8``0``#/SBYH`!0``,_.+12`SVXM5)#/&,]8E_/S\_('BS\_/SXK8BLS!
+MR@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S
+M_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`
+M!0``,_N+12@SVXM5+#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/U
+MBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````
+M@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+13`SVXM5
+M-#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H
+M$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``
+M,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+13@SVXM5/#/',]<E_/S\_('B
+MS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!
+MZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8
+M``0``#/SBYH`!0``,_.+14`SVXM51#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+
+MJP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML
+M)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``
+M,_N+14@SVXM53#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD`
+M`@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_
+M````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+15`SVXM55#/&
+M,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK
+M``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+
+MF0`'```S^XN8``0``#/[BYH`!0``,_N+15@SVXM57#/',]<E_/S\_('BS\_/
+MSXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+
+MJ0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0`
+M`#/SBYH`!0``,_.+16`SVXM59#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP``
+M``"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*
+MSB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+
+M16@SVXM5;#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``
+M,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````
+MBYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+17`SVXM5=#/&,]8E
+M_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$`
+M`#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'
+M```S^XN8``0``#/[BYH`!0``,_N+17@SVXM5?#/',]<E_/S\_('BS\_/SXK8
+MBLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#
+M```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/S
+MBYH`!0``,_/IL`<``(M%>#/;BU5\,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK
+M`````(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD
+M&(K.)?\```"!XO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S
+M^XM%<#/;BU5T,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"
+M```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\`
+M``"+FP`&```S\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%:#/;BU5L,\8S
+MUB7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL`
+M`0``,_V*W,'J$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9
+M``<``#/[BY@`!```,_N+F@`%```S^XM%8#/;BU5D,\<SUR7\_/S\@>+/S\_/
+MBMB*S,'*!(NK`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI
+M``,``#/UBVPD&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```
+M,_.+F@`%```S\XM%6#/;BU5<,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK````
+M`(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD&(K.
+M)?\```"!XO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S^XM%
+M4#/;BU54,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"```S
+M]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\```"+
+MFP`&```S\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%2#/;BU5,,\8SUB7\
+M_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL``0``
+M,_V*W,'J$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9``<`
+M`#/[BY@`!```,_N+F@`%```S^XM%0#/;BU5$,\<SUR7\_/S\@>+/S\_/BMB*
+MS,'*!(NK`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,`
+M`#/UBVPD&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```,_.+
+MF@`%```S\XM%.#/;BU4\,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:
+M,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD&(K.)?\`
+M``"!XO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S^XM%,#/;
+MBU4T,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"```S]8K.
+MP>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\```"+FP`&
+M```S\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%*#/;BU4L,\8SUB7\_/S\
+M@>+/S\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*
+MW,'J$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9``<``#/[
+MBY@`!```,_N+F@`%```S^XM%(#/;BU4D,\<SUR7\_/S\@>+/S\_/BMB*S,'*
+M!(NK`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/U
+MBVPD&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```,_.+F@`%
+M```S\XM%&#/;BU4<,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_V+
+MJ0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD&(K.)?\```"!
+MXO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S^XM%$#/;BU44
+M,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"```S]8K.P>@0
+MBZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\```"+FP`&```S
+M\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%"#/;BU4,,\8SUB7\_/S\@>+/
+MS\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J
+M$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9``<``#/[BY@`
+M!```,_N+F@`%```S^XM%`#/;BU4$,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK
+M`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD
+M&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```,_.+F@`%```S
+M\\'/`XM$)!3!S@.).(EP!%]>6UW#55-65XM<)!2+.XMS!,''!(O7,_Z!Y_#P
+M\/`SUS/WP<84B_XS\H'F#P#P_S/^,];!QPZ+]S/Z@><S,S,S,_<SU\'"%HOZ
+M,]:!XOP#_`,S^C/RP<<)B]<S_H'GJJJJJC/7,_?!R@/!S@*)<P2+1"08B1.+
+M?"0<BW0D(&H!4%/HW^___VH`5U/HUN___VH!5E/HS>___XL[@\0DBW,$P<8"
+MP<<#B\<S_H'GJJJJJC/',_?!P!>+^#/&)?P#_`,S^#/PP<<*B\<S_H'G,S,S
+M,S/',_?!QA*+_C/P@>8/`/#_,_XSQL''#(OW,_B!Y_#P\/`S]S/'P<@$B0.)
+M<P1?7EM=PU535E>+7"04BSN+<P3!QP2+US/^@>?P\/#P,]<S]\'&%(O^,_*!
+MY@\`\/\S_C/6P<<.B_<S^H'G,S,S,S/W,]?!PA:+^C/6@>+\`_P#,_HS\L''
+M"8O7,_Z!YZJJJJHSUS/WP<H#P<X"B7,$BW0D&(D3BWPD'(M$)"!J`%!3Z-_N
+M__]J`5=3Z-;N__]J`%93Z,WN__^+.X/$)(MS!,'&`L''`XO',_Z!YZJJJJHS
+MQS/WP<`7B_@SQB7\`_P#,_@S\,''"HO',_Z!YS,S,S,SQS/WP<82B_XS\('F
+M#P#P_S/^,\;!QPR+]S/X@>?P\/#P,_<SQ\'(!(D#B7,$7UY;7<.4````!P``
+M``8`G@````<````&`*L````'````!@"X````!P````8`T0````<````&`-D`
+M```'````!@#A````!P````8`Z0````<````&``\!```'````!@`9`0``!P``
+M``8`)@$```<````&`#,!```'````!@!,`0``!P````8`5`$```<````&`%P!
+M```'````!@!D`0``!P````8`B@$```<````&`)0!```'````!@"A`0``!P``
+M``8`K@$```<````&`,<!```'````!@#/`0``!P````8`UP$```<````&`-\!
+M```'````!@`%`@``!P````8`#P(```<````&`!P"```'````!@`I`@``!P``
+M``8`0@(```<````&`$H"```'````!@!2`@``!P````8`6@(```<````&`(`"
+M```'````!@"*`@``!P````8`EP(```<````&`*0"```'````!@"]`@``!P``
+M``8`Q0(```<````&`,T"```'````!@#5`@``!P````8`^P(```<````&``4#
+M```'````!@`2`P``!P````8`'P,```<````&`#@#```'````!@!``P``!P``
+M``8`2`,```<````&`%`#```'````!@!V`P``!P````8`@`,```<````&`(T#
+M```'````!@":`P``!P````8`LP,```<````&`+L#```'````!@##`P``!P``
+M``8`RP,```<````&`/$#```'````!@#[`P``!P````8`"`0```<````&`!4$
+M```'````!@`N!```!P````8`-@0```<````&`#X$```'````!@!&!```!P``
+M``8`;`0```<````&`'8$```'````!@"#!```!P````8`D`0```<````&`*D$
+M```'````!@"Q!```!P````8`N00```<````&`,$$```'````!@#G!```!P``
+M``8`\00```<````&`/X$```'````!@`+!0``!P````8`)`4```<````&`"P%
+M```'````!@`T!0``!P````8`/`4```<````&`&(%```'````!@!L!0``!P``
+M``8`>04```<````&`(8%```'````!@"?!0``!P````8`IP4```<````&`*\%
+M```'````!@"W!0``!P````8`W04```<````&`.<%```'````!@#T!0``!P``
+M``8``08```<````&`!H&```'````!@`B!@``!P````8`*@8```<````&`#(&
+M```'````!@!8!@``!P````8`8@8```<````&`&\&```'````!@!\!@``!P``
+M``8`E08```<````&`)T&```'````!@"E!@``!P````8`K08```<````&`-,&
+M```'````!@#=!@``!P````8`Z@8```<````&`/<&```'````!@`0!P``!P``
+M``8`&`<```<````&`"`'```'````!@`H!P``!P````8`3@<```<````&`%@'
+M```'````!@!E!P``!P````8`<@<```<````&`(L'```'````!@"3!P``!P``
+M``8`FP<```<````&`*,'```'````!@#)!P``!P````8`TP<```<````&`.`'
+M```'````!@#M!P``!P````8`!@@```<````&``X(```'````!@`6"```!P``
+M``8`'@@```<````&`$D(```'````!@!3"```!P````8`8`@```<````&`&T(
+M```'````!@"&"```!P````8`C@@```<````&`)8(```'````!@">"```!P``
+M``8`Q`@```<````&`,X(```'````!@#;"```!P````8`Z`@```<````&``$)
+M```'````!@`)"0``!P````8`$0D```<````&`!D)```'````!@`_"0``!P``
+M``8`20D```<````&`%8)```'````!@!C"0``!P````8`?`D```<````&`(0)
+M```'````!@","0``!P````8`E`D```<````&`+H)```'````!@#$"0``!P``
+M``8`T0D```<````&`-X)```'````!@#W"0``!P````8`_PD```<````&``<*
+M```'````!@`/"@``!P````8`-0H```<````&`#\*```'````!@!,"@``!P``
+M``8`60H```<````&`'(*```'````!@!Z"@``!P````8`@@H```<````&`(H*
+M```'````!@"P"@``!P````8`N@H```<````&`,<*```'````!@#4"@``!P``
+M``8`[0H```<````&`/4*```'````!@#]"@``!P````8`!0L```<````&`"L+
+M```'````!@`U"P``!P````8`0@L```<````&`$\+```'````!@!H"P``!P``
+M``8`<`L```<````&`'@+```'````!@"`"P``!P````8`I@L```<````&`+`+
+M```'````!@"]"P``!P````8`R@L```<````&`.,+```'````!@#K"P``!P``
+M``8`\PL```<````&`/L+```'````!@`A#```!P````8`*PP```<````&`#@,
+M```'````!@!%#```!P````8`7@P```<````&`&8,```'````!@!N#```!P``
+M``8`=@P```<````&`)P,```'````!@"F#```!P````8`LPP```<````&`,`,
+M```'````!@#9#```!P````8`X0P```<````&`.D,```'````!@#Q#```!P``
+M``8`%PT```<````&`"$-```'````!@`N#0``!P````8`.PT```<````&`%0-
+M```'````!@!<#0``!P````8`9`T```<````&`&P-```'````!@"2#0``!P``
+M``8`G`T```<````&`*D-```'````!@"V#0``!P````8`SPT```<````&`-<-
+M```'````!@#?#0``!P````8`YPT```<````&``T.```'````!@`7#@``!P``
+M``8`)`X```<````&`#$.```'````!@!*#@``!P````8`4@X```<````&`%H.
+M```'````!@!B#@``!P````8`B`X```<````&`)(.```'````!@"?#@``!P``
+M``8`K`X```<````&`,4.```'````!@#-#@``!P````8`U0X```<````&`-T.
+M```'````!@`##P``!P````8`#0\```<````&`!H/```'````!@`G#P``!P``
+M``8`0`\```<````&`$@/```'````!@!0#P``!P````8`6`\```<````&`'X/
+M```'````!@"(#P``!P````8`E0\```<````&`*(/```'````!@"[#P``!P``
+M``8`PP\```<````&`,L/```'````!@#3#P``!P````8`@Q````<````&`(T0
+M```'````!@":$```!P````8`IQ````<````&`,`0```'````!@#($```!P``
+M``8`T!````<````&`-@0```'````!@#^$```!P````8`"!$```<````&`!41
+M```'````!@`B$0``!P````8`.Q$```<````&`$,1```'````!@!+$0``!P``
+M``8`4Q$```<````&`'D1```'````!@"#$0``!P````8`D!$```<````&`)T1
+M```'````!@"V$0``!P````8`OA$```<````&`,81```'````!@#.$0``!P``
+M``8`]!$```<````&`/X1```'````!@`+$@``!P````8`&!(```<````&`#$2
+M```'````!@`Y$@``!P````8`01(```<````&`$D2```'````!@!O$@``!P``
+M``8`>1(```<````&`(82```'````!@"3$@``!P````8`K!(```<````&`+02
+M```'````!@"\$@``!P````8`Q!(```<````&`.H2```'````!@#T$@``!P``
+M``8``1,```<````&``X3```'````!@`G$P``!P````8`+Q,```<````&`#<3
+M```'````!@`_$P``!P````8`91,```<````&`&\3```'````!@!\$P``!P``
+M``8`B1,```<````&`*(3```'````!@"J$P``!P````8`LA,```<````&`+H3
+M```'````!@#@$P``!P````8`ZA,```<````&`/<3```'````!@`$%```!P``
+M``8`'10```<````&`"44```'````!@`M%```!P````8`-10```<````&`%L4
+M```'````!@!E%```!P````8`<A0```<````&`'\4```'````!@"8%```!P``
+M``8`H!0```<````&`*@4```'````!@"P%```!P````8`UA0```<````&`.`4
+M```'````!@#M%```!P````8`^A0```<````&`!,5```'````!@`;%0``!P``
+M``8`(Q4```<````&`"L5```'````!@!1%0``!P````8`6Q4```<````&`&@5
+M```'````!@!U%0``!P````8`CA4```<````&`)85```'````!@">%0``!P``
+M``8`IA4```<````&`,P5```'````!@#6%0``!P````8`XQ4```<````&`/`5
+M```'````!@`)%@``!P````8`$18```<````&`!D6```'````!@`A%@``!P``
+M``8`1Q8```<````&`%$6```'````!@!>%@``!P````8`:Q8```<````&`(06
+M```'````!@",%@``!P````8`E!8```<````&`)P6```'````!@#"%@``!P``
+M``8`S!8```<````&`-D6```'````!@#F%@``!P````8`_Q8```<````&``<7
+M```'````!@`/%P``!P````8`%Q<```<````&`#T7```'````!@!'%P``!P``
+M``8`5!<```<````&`&$7```'````!@!Z%P``!P````8`@A<```<````&`(H7
+M```'````!@"2%P``!P````8`N!<```<````&`,(7```'````!@#/%P``!P``
+M``8`W!<```<````&`/47```'````!@#]%P``!P````8`!1@```<````&``T8
+M```'````!@`X&```!P````8`0A@```<````&`$\8```'````!@!<&```!P``
+M``8`=1@```<````&`'T8```'````!@"%&```!P````8`C1@```<````&`+,8
+M```'````!@"]&```!P````8`RA@```<````&`-<8```'````!@#P&```!P``
+M``8`^!@```<````&```9```'````!@`(&0``!P````8`+AD```<````&`#@9
+M```'````!@!%&0``!P````8`4AD```<````&`&L9```'````!@!S&0``!P``
+M``8`>QD```<````&`(,9```'````!@"I&0``!P````8`LQD```<````&`,`9
+M```'````!@#-&0``!P````8`YAD```<````&`.X9```'````!@#V&0``!P``
+M``8`_AD```<````&`"0:```'````!@`N&@``!P````8`.QH```<````&`$@:
+M```'````!@!A&@``!P````8`:1H```<````&`'$:```'````!@!Y&@``!P``
+M``8`GQH```<````&`*D:```'````!@"V&@``!P````8`PQH```<````&`-P:
+M```'````!@#D&@``!P````8`[!H```<````&`/0:```'````!@`:&P``!P``
+M``8`)!L```<````&`#$;```'````!@`^&P``!P````8`5QL```<````&`%\;
+M```'````!@!G&P``!P````8`;QL```<````&`)4;```'````!@"?&P``!P``
+M``8`K!L```<````&`+D;```'````!@#2&P``!P````8`VAL```<````&`.(;
+M```'````!@#J&P``!P````8`$!P```<````&`!H<```'````!@`G'```!P``
+M``8`-!P```<````&`$T<```'````!@!5'```!P````8`71P```<````&`&4<
+M```'````!@"+'```!P````8`E1P```<````&`*(<```'````!@"O'```!P``
+M``8`R!P```<````&`-`<```'````!@#8'```!P````8`X!P```<````&``8=
+M```'````!@`0'0``!P````8`'1T```<````&`"H=```'````!@!#'0``!P``
+M``8`2QT```<````&`%,=```'````!@!;'0``!P````8`@1T```<````&`(L=
+M```'````!@"8'0``!P````8`I1T```<````&`+X=```'````!@#&'0``!P``
+M``8`SAT```<````&`-8=```'````!@#\'0``!P````8`!AX```<````&`!,>
+M```'````!@`@'@``!P````8`.1X```<````&`$$>```'````!@!)'@``!P``
+M``8`41X```<````&`'<>```'````!@"!'@``!P````8`CAX```<````&`)L>
+M```'````!@"T'@``!P````8`O!X```<````&`,0>```'````!@#,'@``!P``
+M``8`\AX```<````&`/P>```'````!@`)'P``!P````8`%A\```<````&`"\?
+M```'````!@`W'P``!P````8`/Q\```<````&`$<?```'````!@!M'P``!P``
+M``8`=Q\```<````&`(0?```'````!@"1'P``!P````8`JA\```<````&`+(?
+M```'````!@"Z'P``!P````8`PA\```<````&`"YF:6QE`````````/[_``!G
+M`BY<8W)Y<'1O7&1E<UQA<VU<9"UW:6XS,BYA<VT``````````"YT97AT````
+M``````$````#`=PA`````@```````````````"YD871A``````````(````#
+M`0`````````````````````````````$```````````````"```````1````
+M``````$`(``"```````>````/1````$`(``"```````L````W!\```$`(``"
+M```````Z````W"````$`(``"`$@```!?9&5S7U-0=')A;G,`7V1E<U]E;F-R
+M>7!T`%]D97-?96YC<GEP=#(`7V1E<U]E;F-R>7!T,P!?9&5S7V1E8W)Y<'0S
+!````
+`
+end
diff --git a/crypto/des/asm/des-som2.pl b/crypto/des/asm/des-som2.pl
new file mode 100644
index 0000000000..b5dbc9737b
--- /dev/null
+++ b/crypto/des/asm/des-som2.pl
@@ -0,0 +1,308 @@
+#!/usr/local/bin/perl
+#

+# The inner loop instruction sequence and the IP/FP modifications are from

+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>

+#

+

+$prog="des-som2.pl";

+

+# base code is in microsft

+# op dest, source

+# format.

+#

+

+require "desboth.pl";

+

+if (	($ARGV[0] eq "elf"))

+	{ require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "a.out"))

+	{ $aout=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "sol"))

+	{ $sol=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "cpp"))

+	{ $cpp=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "win32"))

+	{ require "x86ms.pl"; }

+else

+	{

+	print STDERR <<"EOF";

+Pick one target type from

+	elf	- linux, FreeBSD etc

+	a.out	- old linux

+	sol	- x86 solaris

+	cpp	- format so x86unix.cpp can be used

+	win32	- Windows 95/Windows NT

+EOF

+	exit(1);

+	}

+

+&comment("Don't even think of reading this code");

+&comment("It was automatically generated by $prog");

+&comment("Which is a perl program used to generate the x86 assember for");

+&comment("any of elf, a.out, Win32, or Solaris");

+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");

+&comment("eric <eay\@cryptsoft.com>");

+&comment("The inner loop instruction sequence and the IP/FP modifications");

+&comment("are from Svend Olaf Mikkelsen <svolaf\@inet.uni-c.dk>");

+

+&comment("");

+

+&file("dx86xxxx");

+

+$L="edi";

+$R="esi";

+

+&des_encrypt("des_encrypt",1);

+&des_encrypt("des_encrypt2",0);

+

+&des_encrypt3("des_encrypt3",1);

+&des_encrypt3("des_decrypt3",0);

+

+&file_end();

+

+sub des_encrypt

+	{

+	local($name,$do_ip)=@_;

+

+	&function_begin($name,3,"EXTRN   _des_SPtrans:DWORD");

+

+	&comment("");

+	&comment("Load the 2 words");

+	&mov("eax",&wparam(0));

+	&mov($R,&DWP(0,"eax","",0));

+	&mov($L,&DWP(4,"eax","",0));

+

+	if ($do_ip)

+		{

+		&comment("");

+		&comment("IP");

+		&IP_new($R,$L,"eax",3);

+#		&comment("");

+#		&comment("fixup rotate");

+#		&rotl($R,3);

+#		&rotl($L,3);

+		}

+	else

+		{

+		&comment("");

+		&comment("fixup rotate");

+		&rotl($R,3);

+		&rotl($L,3);

+		}

+

+	&comment("");

+	&comment("load counter, key_schedule and enc flag");

+

+	# encrypting part

+

+	$ks="ebp";

+#	&xor(	"ebx",		"ebx"		);

+	&mov("eax",&wparam(2));	# get encrypt flag

+	&xor(	"ecx",		"ecx"		);

+	&cmp("eax","0");

+	&mov(	$ks,		&wparam(1)	);

+	&je(&label("start_decrypt"));

+

+	for ($i=0; $i<16; $i+=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+

+		&comment("");

+		&comment("Round ".sprintf("%d",$i+1));

+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+	&jmp(&label("end"));

+

+	&set_label("start_decrypt");

+

+	for ($i=15; $i>0; $i-=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		&comment("");

+		&comment("Round ".sprintf("%d",$i-1));

+		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+

+	&set_label("end");

+

+	if ($do_ip)

+		{

+#		&comment("");

+#		&comment("Fixup");

+#		&rotr($L,3);		# r

+#		&rotr($R,3);		# l

+		&comment("");

+		&comment("FP");

+		&FP_new($R,$L,"eax",3);

+		}

+	else

+		{

+		&comment("");

+		&comment("Fixup");

+		&rotr($L,3);		# r

+		&rotr($R,3);		# l

+		}

+

+	&mov("eax",&wparam(0));

+	&mov(&DWP(0,"eax","",0),$L);

+	&mov(&DWP(4,"eax","",0),$R);

+

+	&function_end($name);

+	}

+

+sub D_ENCRYPT

+	{

+	local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;

+

+	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));

+	&xor(	$tmp1,		$tmp1);

+	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));

+	&xor(	$u,		$R);

+	&xor(	$t,		$R);

+	&and(	$u,		"0xfcfcfcfc"	);

+	&and(	$t,		"0xcfcfcfcf"	);

+	&movb(	&LB($tmp1),	&LB($u)	);

+	&movb(	&LB($tmp2),	&HB($u)	);

+	&rotr(	$t,		4		);

+	&mov(	$ks,		&DWP("      $desSP",$tmp1,"",0));

+	&movb(	&LB($tmp1),	&LB($t)	);

+	&xor(	$L,		$ks);

+	&mov(	$ks,		&DWP("0x200+$desSP",$tmp2,"",0));

+	&xor(	$L,		$ks); ######

+	&movb(	&LB($tmp2),	&HB($t)	);

+	&shr(	$u,		16);

+	&mov(	$ks,		&DWP("0x100+$desSP",$tmp1,"",0));

+	&xor(	$L,		$ks); ######

+	&movb(	&LB($tmp1),	&HB($u)	);

+	&shr(	$t,		16);

+	&mov(	$ks,		&DWP("0x300+$desSP",$tmp2,"",0));

+	&xor(	$L,		$ks);

+	&mov(	$ks,		&DWP(24,"esp","",0)); ####

+	&movb(	&LB($tmp2),	&HB($t)	);

+	&and(	$u,		"0xff"	);

+	&and(	$t,		"0xff"	);

+	&mov(	$tmp1,		&DWP("0x600+$desSP",$tmp1,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x700+$desSP",$tmp2,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x400+$desSP",$u,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x500+$desSP",$t,"",0));

+	&xor(	$L,		$tmp1);

+	}

+

+sub PERM_OP

+	{

+	local($a,$b,$tt,$shift,$mask)=@_;

+

+	&mov(	$tt,		$a		);

+	&shr(	$tt,		$shift		);

+	&xor(	$tt,		$b		);

+	&and(	$tt,		$mask		);

+	&xor(	$b,		$tt		);

+	&shl(	$tt,		$shift		);

+	&xor(	$a,		$tt		);

+	}

+

+sub IP

+	{

+	local($l,$r,$tt)=@_;

+

+	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");

+	&PERM_OP($l,$r,$tt,16,"0x0000ffff");

+	&PERM_OP($r,$l,$tt, 2,"0x33333333");

+	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");

+	&PERM_OP($r,$l,$tt, 1,"0x55555555");

+	}

+

+sub FP

+	{

+	local($l,$r,$tt)=@_;

+

+	&PERM_OP($l,$r,$tt, 1,"0x55555555");

+        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");

+        &PERM_OP($l,$r,$tt, 2,"0x33333333");

+        &PERM_OP($r,$l,$tt,16,"0x0000ffff");

+        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");

+	}

+

+sub n2a

+	{

+	sprintf("%d",$_[0]);

+	}

+

+# now has a side affect of rotating $a by $shift

+sub R_PERM_OP

+	{

+	local($a,$b,$tt,$shift,$mask,$last)=@_;

+

+	&rotl(	$a,		$shift		) if ($shift != 0);

+	&mov(	$tt,		$b		);

+	&xor(	$tt,		$a		);

+	&and(	$tt,		$mask		);

+	if ($last eq $b)

+		{

+		&xor(	$a,		$tt		);

+		&xor(	$b,		$tt		);

+		}

+	else

+		{

+		&xor(	$b,		$tt		);

+		&xor(	$a,		$tt		);

+		}

+	&comment("");

+	}

+

+sub IP_new

+	{

+	local($l,$r,$tt,$lr)=@_;

+

+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);

+	&R_PERM_OP($r,$l,$tt,20,"0xfff0000f",$l);

+	&R_PERM_OP($r,$l,$tt,14,"0x33333333",$r);

+	&R_PERM_OP($l,$r,$tt,22,"0x03fc03fc",$r);

+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);

+	

+	if ($lr != 3)

+		{

+		if (($lr-3) < 0)

+			{ &rotr($l,	3-$lr); }

+		else	{ &rotl($l,	$lr-3); }

+		}

+	if ($lr != 2)

+		{

+		if (($lr-2) < 0)

+			{ &rotr($r,	2-$lr); }

+		else	{ &rotl($r,	$lr-2); }

+		}

+	}

+

+sub FP_new

+	{

+	local($r,$l,$tt,$lr)=@_;

+

+	if ($lr != 2)

+		{

+		if (($lr-2) < 0)

+			{ &rotl($r,	2-$lr); }

+		else	{ &rotr($r,	$lr-2); }

+		}

+	if ($lr != 3)

+		{

+		if (($lr-3) < 0)

+			{ &rotl($l,	3-$lr); }

+		else	{ &rotr($l,	$lr-3); }

+		}

+

+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);

+	&R_PERM_OP($l,$r,$tt,23,"0x03fc03fc",$r);

+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);

+	&R_PERM_OP($r,$l,$tt,18,"0xfff0000f",$l);

+	&R_PERM_OP($r,$l,$tt,12,"0xf0f0f0f0",$r);

+	&rotr($l	, 4);

+	}

+

diff --git a/crypto/des/asm/des-som3.pl b/crypto/des/asm/des-som3.pl
new file mode 100644
index 0000000000..3f353955da
--- /dev/null
+++ b/crypto/des/asm/des-som3.pl
@@ -0,0 +1,266 @@
+#!/usr/local/bin/perl
+#

+# The inner loop instruction sequence and the IP/FP modifications are from

+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>

+#

+

+$prog="des-som3.pl";

+

+# base code is in microsft

+# op dest, source

+# format.

+#

+

+require "desboth.pl";

+

+if (	($ARGV[0] eq "elf"))

+	{ require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "a.out"))

+	{ $aout=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "sol"))

+	{ $sol=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "cpp"))

+	{ $cpp=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "win32"))

+	{ require "x86ms.pl"; }

+else

+	{

+	print STDERR <<"EOF";

+Pick one target type from

+	elf	- linux, FreeBSD etc

+	a.out	- old linux

+	sol	- x86 solaris

+	cpp	- format so x86unix.cpp can be used

+	win32	- Windows 95/Windows NT

+EOF

+	exit(1);

+	}

+

+&comment("Don't even think of reading this code");

+&comment("It was automatically generated by $prog");

+&comment("Which is a perl program used to generate the x86 assember for");

+&comment("any of elf, a.out, Win32, or Solaris");

+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");

+&comment("eric <eay\@cryptsoft.com>");

+&comment("The inner loop instruction sequence and the IP/FP modifications");

+&comment("are from Svend Olaf Mikkelsen <svolaf\@inet.uni-c.dk>");

+

+&comment("");

+

+&file("dx86xxxx");

+

+$L="edi";

+$R="esi";

+

+&des_encrypt("des_encrypt",1);

+&des_encrypt("des_encrypt2",0);

+

+&des_encrypt3("des_encrypt3",1);

+&des_encrypt3("des_decrypt3",0);

+

+&file_end();

+

+sub des_encrypt

+	{

+	local($name,$do_ip)=@_;

+

+	&function_begin($name,3,EXTRN   _des_SPtrans:DWORD");

+

+	&comment("");

+	&comment("Load the 2 words");

+	$ks="ebp";

+

+	if ($do_ip)

+		{

+		&mov($R,&wparam(0));

+		 &xor(	"ecx",		"ecx"		);

+		&mov("eax",&DWP(0,$R,"",0));

+		 &mov("ebx",&wparam(2));	# get encrypt flag

+		&mov($L,&DWP(4,$R,"",0));

+		&comment("");

+		&comment("IP");

+		&IP_new("eax",$L,$R,3);

+		}

+	else

+		{

+		&mov("eax",&wparam(0));

+		 &xor(	"ecx",		"ecx"		);

+		&mov($R,&DWP(0,"eax","",0));

+		 &mov("ebx",&wparam(2));	# get encrypt flag

+		&rotl($R,3);

+		&mov($L,&DWP(4,"eax","",0));

+		&rotl($L,3);

+		}

+

+	&cmp("ebx","0");

+	&mov(	$ks,		&wparam(1)	);

+	&je(&label("start_decrypt"));

+

+	for ($i=0; $i<16; $i+=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+

+		&comment("");

+		&comment("Round ".sprintf("%d",$i+1));

+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+	&jmp(&label("end"));

+

+	&set_label("start_decrypt");

+

+	for ($i=15; $i>0; $i-=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		&comment("");

+		&comment("Round ".sprintf("%d",$i-1));

+		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+

+	&set_label("end");

+

+	if ($do_ip)

+		{

+		&comment("");

+		&comment("FP");

+		&mov("edx",&wparam(0));

+		&FP_new($L,$R,"eax",3);

+

+		&mov(&DWP(0,"edx","",0),"eax");

+		&mov(&DWP(4,"edx","",0),$R);

+		}

+	else

+		{

+		&comment("");

+		&comment("Fixup");

+		&rotr($L,3);		# r

+		 &mov("eax",&wparam(0));

+		&rotr($R,3);		# l

+		 &mov(&DWP(0,"eax","",0),$L);

+		 &mov(&DWP(4,"eax","",0),$R);

+		}

+

+

+	&function_end($name);

+	}

+

+sub D_ENCRYPT

+	{

+	local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;

+

+	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));

+	&xor(	$tmp1,		$tmp1);

+	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));

+	&xor(	$u,		$R);

+	&xor(	$t,		$R);

+	&and(	$u,		"0xfcfcfcfc"	);

+	&and(	$t,		"0xcfcfcfcf"	);

+	&movb(	&LB($tmp1),	&LB($u)	);

+	&movb(	&LB($tmp2),	&HB($u)	);

+	&rotr(	$t,		4		);

+	&mov(	$ks,		&DWP("      $desSP",$tmp1,"",0));

+	&movb(	&LB($tmp1),	&LB($t)	);

+	&xor(	$L,		$ks);

+	&mov(	$ks,		&DWP("0x200+$desSP",$tmp2,"",0));

+	&xor(	$L,		$ks); ######

+	&movb(	&LB($tmp2),	&HB($t)	);

+	&shr(	$u,		16);

+	&mov(	$ks,		&DWP("0x100+$desSP",$tmp1,"",0));

+	&xor(	$L,		$ks); ######

+	&movb(	&LB($tmp1),	&HB($u)	);

+	&shr(	$t,		16);

+	&mov(	$ks,		&DWP("0x300+$desSP",$tmp2,"",0));

+	&xor(	$L,		$ks);

+	&mov(	$ks,		&DWP(24,"esp","",0)); ####

+	&movb(	&LB($tmp2),	&HB($t)	);

+	&and(	$u,		"0xff"	);

+	&and(	$t,		"0xff"	);

+	&mov(	$tmp1,		&DWP("0x600+$desSP",$tmp1,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x700+$desSP",$tmp2,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x400+$desSP",$u,"",0));

+	&xor(	$L,		$tmp1);

+	&mov(	$tmp1,		&DWP("0x500+$desSP",$t,"",0));

+	&xor(	$L,		$tmp1);

+	}

+

+sub n2a

+	{

+	sprintf("%d",$_[0]);

+	}

+

+# now has a side affect of rotating $a by $shift

+sub R_PERM_OP

+	{

+	local($a,$b,$tt,$shift,$mask,$last)=@_;

+

+	&rotl(	$a,		$shift		) if ($shift != 0);

+	&mov(	$tt,		$a		);

+	&xor(	$a,		$b		);

+	&and(	$a,		$mask		);

+	if ($notlast eq $b)

+		{

+		&xor(	$b,		$a		);

+		&xor(	$tt,		$a		);

+		}

+	else

+		{

+		&xor(	$tt,		$a		);

+		&xor(	$b,		$a		);

+		}

+	&comment("");

+	}

+

+sub IP_new

+	{

+	local($l,$r,$tt,$lr)=@_;

+

+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);

+	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);

+	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);

+	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);

+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);

+	

+	if ($lr != 3)

+		{

+		if (($lr-3) < 0)

+			{ &rotr($tt,	3-$lr); }

+		else	{ &rotl($tt,	$lr-3); }

+		}

+	if ($lr != 2)

+		{

+		if (($lr-2) < 0)

+			{ &rotr($r,	2-$lr); }

+		else	{ &rotl($r,	$lr-2); }

+		}

+	}

+

+sub FP_new

+	{

+	local($l,$r,$tt,$lr)=@_;

+

+	if ($lr != 2)

+		{

+		if (($lr-2) < 0)

+			{ &rotl($r,	2-$lr); }

+		else	{ &rotr($r,	$lr-2); }

+		}

+	if ($lr != 3)

+		{

+		if (($lr-3) < 0)

+			{ &rotl($l,	3-$lr); }

+		else	{ &rotr($l,	$lr-3); }

+		}

+

+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);

+	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);

+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);

+	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);

+	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);

+	&rotr($tt	, 4);

+	}

+

diff --git a/crypto/des/asm/des586.pl b/crypto/des/asm/des586.pl
new file mode 100644
index 0000000000..59c42d1394
--- /dev/null
+++ b/crypto/des/asm/des586.pl
@@ -0,0 +1,210 @@
+#!/usr/local/bin/perl
+

+$prog="des586.pl";

+

+# base code is in microsft

+# op dest, source

+# format.

+#

+

+# WILL NOT WORK ANYMORE WITH desboth.pl

+require "desboth.pl";

+

+if (	($ARGV[0] eq "elf"))

+	{ require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "a.out"))

+	{ $aout=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "sol"))

+	{ $sol=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "cpp"))

+	{ $cpp=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "win32"))

+	{ require "x86ms.pl"; }

+else

+	{

+	print STDERR <<"EOF";

+Pick one target type from

+	elf	- linux, FreeBSD etc

+	a.out	- old linux

+	sol	- x86 solaris

+	cpp	- format so x86unix.cpp can be used

+	win32	- Windows 95/Windows NT

+EOF

+	exit(1);

+	}

+

+&comment("Don't even think of reading this code");

+&comment("It was automatically generated by $prog");

+&comment("Which is a perl program used to generate the x86 assember for");

+&comment("any of elf, a.out, Win32, or Solaris");

+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");

+&comment("eric <eay\@cryptsoft.com>");

+&comment("");

+

+&file("dx86xxxx");

+

+$L="edi";

+$R="esi";

+

+&des_encrypt("des_encrypt",1);

+&des_encrypt("des_encrypt2",0);

+

+&des_encrypt3("des_encrypt3",1);

+&des_encrypt3("des_decrypt3",0);

+

+&file_end();

+

+sub des_encrypt

+	{

+	local($name,$do_ip)=@_;

+

+	&function_begin($name,3,"EXTRN   _des_SPtrans:DWORD");

+

+	&comment("");

+	&comment("Load the 2 words");

+	&mov("eax",&wparam(0));

+	&mov($R,&DWP(0,"eax","",0));

+	&mov($L,&DWP(4,"eax","",0));

+

+	if ($do_ip)

+		{

+		&comment("");

+		&comment("IP");

+		&IP($R,$L,"eax");

+		}

+

+	&comment("");

+	&comment("fixup rotate");

+	&rotl($R,3);

+	&rotl($L,3);

+

+	&comment("");

+	&comment("load counter, key_schedule and enc flag");

+

+	# encrypting part

+

+	$ks="ebp";

+	&xor(	"ebx",		"ebx"		);

+	&mov("eax",&wparam(2));	# get encrypt flag

+	&xor(	"ecx",		"ecx"		);

+	&cmp("eax","0");

+	&mov(	$ks,		&wparam(1)	);

+	&je(&label("start_decrypt"));

+

+	for ($i=0; $i<16; $i+=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+

+		&comment("");

+		&comment("Round ".sprintf("%d",$i+1));

+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+	&jmp(&label("end"));

+

+	&set_label("start_decrypt");

+

+	for ($i=15; $i>0; $i-=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		&comment("");

+		&comment("Round ".sprintf("%d",$i-1));

+		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");

+		}

+

+	&set_label("end");

+

+	&comment("");

+	&comment("Fixup");

+	&rotr($L,3);		# r

+	&rotr($R,3);		# l

+

+	if ($do_ip)

+		{

+		&comment("");

+		&comment("FP");

+		&FP($R,$L,"eax");

+		}

+

+	&mov("eax",&wparam(0));

+	&mov(&DWP(0,"eax","",0),$L);

+	&mov(&DWP(4,"eax","",0),$R);

+

+	&function_end($name);

+	}

+

+sub D_ENCRYPT

+	{

+	local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;

+

+	 &mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));

+	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));

+	 &xor(	$t,		$R);

+	&xor(	$u,		$R);

+	 &rotr(	$t,		4		);

+	&and(	$u,		"0xfcfcfcfc"	);

+	 &and(	$t,		"0xfcfcfcfc"	);

+	&movb(	&LB($tmp1),	&LB($u)	);

+	&movb(	&LB($tmp2),	&HB($u)	);

+	&xor(	$L,		&DWP("      $desSP",$tmp1,"",0));

+	&shr(	$u,		16);

+	&xor(	$L,		&DWP("0x200+$desSP",$tmp2,"",0));

+	&movb(	&LB($tmp1),	&LB($u)	);

+	&movb(	&LB($tmp2),	&HB($u)	);

+	&xor(	$L,		&DWP("0x400+$desSP",$tmp1,"",0));

+	&mov(	$u,		&DWP("0x600+$desSP",$tmp2,"",0));

+

+	 &movb(	&LB($tmp1),	&LB($t)	);

+	 &movb(	&LB($tmp2),	&HB($t)	);

+	 &xor(	$L,		&DWP("0x100+$desSP",$tmp1,"",0));

+	 &shr(	$t,		16);

+	 &xor(	$u,		&DWP("0x300+$desSP",$tmp2,"",0));

+	 &movb(	&LB($tmp1),	&LB($t)	);

+	 &movb(	&LB($tmp2),	&HB($t)	);

+	 &xor(	$L,		&DWP("0x500+$desSP",$tmp1,"",0));

+	 &xor(	$u,		&DWP("0x700+$desSP",$tmp2,"",0));

+	 &xor(  $L,	$u);

+	}

+

+sub PERM_OP

+	{

+	local($a,$b,$tt,$shift,$mask)=@_;

+

+	&mov(	$tt,		$a		);

+	&shr(	$tt,		$shift		);

+	&xor(	$tt,		$b		);

+	&and(	$tt,		$mask		);

+	&xor(	$b,		$tt		);

+	&shl(	$tt,		$shift		);

+	&xor(	$a,		$tt		);

+	}

+

+sub IP

+	{

+	local($l,$r,$tt)=@_;

+

+	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");

+	&PERM_OP($l,$r,$tt,16,"0x0000ffff");

+	&PERM_OP($r,$l,$tt, 2,"0x33333333");

+	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");

+	&PERM_OP($r,$l,$tt, 1,"0x55555555");

+	}

+

+sub FP

+	{

+	local($l,$r,$tt)=@_;

+

+	&PERM_OP($l,$r,$tt, 1,"0x55555555");

+        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");

+        &PERM_OP($l,$r,$tt, 2,"0x33333333");

+        &PERM_OP($r,$l,$tt,16,"0x0000ffff");

+        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");

+	}

+

+sub n2a

+	{

+	sprintf("%d",$_[0]);

+	}

diff --git a/crypto/des/asm/des686.pl b/crypto/des/asm/des686.pl
new file mode 100644
index 0000000000..efd9f592e9
--- /dev/null
+++ b/crypto/des/asm/des686.pl
@@ -0,0 +1,230 @@
+#!/usr/local/bin/perl
+

+$prog="des686.pl";

+

+# base code is in microsft

+# op dest, source

+# format.

+#

+

+# WILL NOT WORK ANYMORE WITH desboth.pl

+require "desboth.pl";

+

+if (	($ARGV[0] eq "elf"))

+	{ require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "a.out"))

+	{ $aout=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "sol"))

+	{ $sol=1; require "x86unix.pl"; }

+elsif ( ($ARGV[0] eq "cpp"))

+	{ $cpp=1; require "x86unix.pl"; }

+elsif (	($ARGV[0] eq "win32"))

+	{ require "x86ms.pl"; }

+else

+	{

+	print STDERR <<"EOF";

+Pick one target type from

+	elf	- linux, FreeBSD etc

+	a.out	- old linux

+	sol	- x86 solaris

+	cpp	- format so x86unix.cpp can be used

+	win32	- Windows 95/Windows NT

+EOF

+	exit(1);

+	}

+

+&comment("Don't even think of reading this code");

+&comment("It was automatically generated by $prog");

+&comment("Which is a perl program used to generate the x86 assember for");

+&comment("any of elf, a.out, Win32, or Solaris");

+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");

+&comment("eric <eay\@cryptsoft.com>");

+&comment("");

+

+&file("dx86xxxx");

+

+$L="edi";

+$R="esi";

+

+&des_encrypt("des_encrypt",1);

+&des_encrypt("des_encrypt2",0);

+

+&des_encrypt3("des_encrypt3",1);

+&des_encrypt3("des_decrypt3",0);

+

+&file_end();

+

+sub des_encrypt

+	{

+	local($name,$do_ip)=@_;

+

+	&function_begin($name,3,"EXTRN   _des_SPtrans:DWORD");

+

+	&comment("");

+	&comment("Load the 2 words");

+	&mov("eax",&wparam(0));

+	&mov($L,&DWP(0,"eax","",0));

+	&mov($R,&DWP(4,"eax","",0));

+

+	$ksp=&wparam(1);

+

+	if ($do_ip)

+		{

+		&comment("");

+		&comment("IP");

+		&IP($L,$R,"eax");

+		}

+

+	&comment("");

+	&comment("fixup rotate");

+	&rotl($R,3);

+	&rotl($L,3);

+	&exch($L,$R);

+

+	&comment("");

+	&comment("load counter, key_schedule and enc flag");

+	&mov("eax",&wparam(2));	# get encrypt flag

+	&mov("ebp",&wparam(1));	# get ks

+	&cmp("eax","0");

+	&je(&label("start_decrypt"));

+

+	# encrypting part

+

+	for ($i=0; $i<16; $i+=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");

+

+		&comment("");

+		&comment("Round ".sprintf("%d",$i+1));

+		&D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");

+		}

+	&jmp(&label("end"));

+

+	&set_label("start_decrypt");

+

+	for ($i=15; $i>0; $i-=2)

+		{

+		&comment("");

+		&comment("Round $i");

+		&D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");

+		&comment("");

+		&comment("Round ".sprintf("%d",$i-1));

+		&D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");

+		}

+

+	&set_label("end");

+

+	&comment("");

+	&comment("Fixup");

+	&rotr($L,3);		# r

+	&rotr($R,3);		# l

+

+	if ($do_ip)

+		{

+		&comment("");

+		&comment("FP");

+		&FP($R,$L,"eax");

+		}

+

+	&mov("eax",&wparam(0));

+	&mov(&DWP(0,"eax","",0),$L);

+	&mov(&DWP(4,"eax","",0),$R);

+

+	&function_end($name);

+	}

+

+

+# The logic is to load R into 2 registers and operate on both at the same time.

+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'

+# while also masking the other copy and doing a lookup.  We then also accumulate the

+# L value in 2 registers then combine them at the end.

+sub D_ENCRYPT

+	{

+	local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;

+

+	&mov(	$u,		&DWP(&n2a($S*4),$ks,"",0));

+	&mov(	$t,		&DWP(&n2a(($S+1)*4),$ks,"",0));

+	&xor(	$u,		$R		);

+	&xor(	$t,		$R		);

+	&rotr(	$t,		4		);

+

+	# the numbers at the end of the line are origional instruction order

+	&mov(	$tmp2,		$u		);			# 1 2

+	&mov(	$tmp1,		$t		);			# 1 1

+	&and(	$tmp2,		"0xfc"		);			# 1 4

+	&and(	$tmp1,		"0xfc"		);			# 1 3

+	&shr(	$t,		8		);			# 1 5

+	&xor(	$L,		&DWP("0x100+$desSP",$tmp1,"",0));	# 1 7

+	&shr(	$u,		8		);			# 1 6

+	&mov(	$tmp1,		&DWP("      $desSP",$tmp2,"",0));	# 1 8

+

+	&mov(	$tmp2,		$u		);			# 2 2

+	&xor(	$L,		$tmp1		);			# 1 9

+	&and(	$tmp2,		"0xfc"		);			# 2 4

+	&mov(	$tmp1,		$t		);			# 2 1

+	&and(	$tmp1,		"0xfc"		);			# 2 3

+	&shr(	$t,		8		);			# 2 5

+	&xor(	$L,		&DWP("0x300+$desSP",$tmp1,"",0));	# 2 7

+	&shr(	$u,		8		);			# 2 6

+	&mov(	$tmp1,		&DWP("0x200+$desSP",$tmp2,"",0));	# 2 8

+	&mov(	$tmp2,		$u		);			# 3 2

+

+	&xor(	$L,		$tmp1		);			# 2 9

+	&and(	$tmp2,		"0xfc"		);			# 3 4

+

+	&mov(	$tmp1,		$t		);			# 3 1 

+	&shr(	$u,		8		);			# 3 6

+	&and(	$tmp1,		"0xfc"		);			# 3 3

+	&shr(	$t,		8		);			# 3 5

+	&xor(	$L,		&DWP("0x500+$desSP",$tmp1,"",0));	# 3 7

+	&mov(	$tmp1,		&DWP("0x400+$desSP",$tmp2,"",0));	# 3 8

+

+	&and(	$t,		"0xfc"		);			# 4 1

+	&xor(	$L,		$tmp1		);			# 3 9

+

+	&and(	$u,		"0xfc"		);			# 4 2

+	&xor(	$L,		&DWP("0x700+$desSP",$t,"",0));		# 4 3

+	&xor(	$L,		&DWP("0x600+$desSP",$u,"",0));		# 4 4

+	}

+

+sub PERM_OP

+	{

+	local($a,$b,$tt,$shift,$mask)=@_;

+

+	&mov(	$tt,		$a		);

+	&shr(	$tt,		$shift		);

+	&xor(	$tt,		$b		);

+	&and(	$tt,		$mask		);

+	&xor(	$b,		$tt		);

+	&shl(	$tt,		$shift		);

+	&xor(	$a,		$tt		);

+	}

+

+sub IP

+	{

+	local($l,$r,$tt)=@_;

+

+	&PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");

+	&PERM_OP($l,$r,$tt,16,"0x0000ffff");

+	&PERM_OP($r,$l,$tt, 2,"0x33333333");

+	&PERM_OP($l,$r,$tt, 8,"0x00ff00ff");

+	&PERM_OP($r,$l,$tt, 1,"0x55555555");

+	}

+

+sub FP

+	{

+	local($l,$r,$tt)=@_;

+

+	&PERM_OP($l,$r,$tt, 1,"0x55555555");

+        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");

+        &PERM_OP($l,$r,$tt, 2,"0x33333333");

+        &PERM_OP($r,$l,$tt,16,"0x0000ffff");

+        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");

+	}

+

+sub n2a

+	{

+	sprintf("%d",$_[0]);

+	}

diff --git a/crypto/des/asm/desboth.pl b/crypto/des/asm/desboth.pl
new file mode 100644
index 0000000000..b94138ce63
--- /dev/null
+++ b/crypto/des/asm/desboth.pl
@@ -0,0 +1,67 @@
+#!/usr/local/bin/perl
+

+$L="edi";

+$R="esi";

+

+sub des_encrypt3

+	{

+	local($name,$enc)=@_;

+

+	&function_begin($name,4,"");

+

+	&comment("");

+	&comment("Load the data words");

+	&mov("ebx",&wparam(0));

+	&mov($L,&DWP(0,"ebx","",0));

+	&mov($R,&DWP(4,"ebx","",0));

+

+	&comment("");

+	&comment("IP");

+	&IP_new($L,$R,"edx",0);

+

+	# put them back

+	

+	if ($enc)

+		{

+		&mov(&DWP(4,"ebx","",0),$R);

+		 &mov("eax",&wparam(1));

+		&mov(&DWP(0,"ebx","",0),"edx");

+		 &mov("edi",&wparam(2));

+		 &mov("esi",&wparam(3));

+		}

+	else

+		{

+		&mov(&DWP(4,"ebx","",0),$R);

+		 &mov("esi",&wparam(1));

+		&mov(&DWP(0,"ebx","",0),"edx");

+		 &mov("edi",&wparam(2));

+		 &mov("eax",&wparam(3));

+		}

+	&push(($enc)?"1":"0");

+	&push("eax");

+	&push("ebx");

+	&call("des_encrypt2");

+	&push(($enc)?"0":"1");

+	&push("edi");

+	&push("ebx");

+	&call("des_encrypt2");

+	&push(($enc)?"1":"0");

+	&push("esi");

+	&push("ebx");

+	&call("des_encrypt2");

+

+	&mov($L,&DWP(0,"ebx","",0));

+	&add("esp",36);

+	&mov($R,&DWP(4,"ebx","",0));

+

+	&comment("");

+	&comment("FP");

+	&FP_new($L,$R,"eax",0);

+

+	&mov(&DWP(0,"ebx","",0),"eax");

+	&mov(&DWP(4,"ebx","",0),$R);

+

+	&function_end($name);

+	}

+

+

diff --git a/crypto/des/asm/dx86-cpp.s b/crypto/des/asm/dx86-cpp.s
new file mode 100644
index 0000000000..675bdeba68
--- /dev/null
+++ b/crypto/des/asm/dx86-cpp.s
@@ -0,0 +1,2780 @@
+	/* Don't even think of reading this code */
+	/* It was automatically generated by des-som2.pl */
+	/* Which is a perl program used to generate the x86 assember for */
+	/* any of elf, a.out, Win32, or Solaris */
+	/* It can be found in SSLeay 0.6.5+ or in libdes 3.26+ */
+	/* eric <eay@cryptsoft.com> */
+	/* The inner loop instruction sequence and the IP/FP modifications */
+	/* are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> */
+
+	.file	"dx86xxxx.s"
+	.version	"01.01"
+gcc2_compiled.:
+.text
+	.align ALIGN
+.globl des_encrypt
+	TYPE(des_encrypt,@function)
+des_encrypt:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the 2 words */
+	movl	20(%esp),	%esi
+	xorl	%ecx,		%ecx
+	movl	(%esi),		%eax
+	movl	28(%esp),	%ebx
+	movl	4(%esi),	%edi
+
+	/* IP */
+	roll	$4,		%eax
+	movl	%eax,		%esi
+	xorl	%edi,		%eax
+	andl	$0xf0f0f0f0,	%eax
+	xorl	%eax,		%esi
+	xorl	%eax,		%edi
+
+	roll	$20,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xfff0000f,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$14,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x33333333,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$22,		%esi
+	movl	%esi,		%eax
+	xorl	%edi,		%esi
+	andl	$0x03fc03fc,	%esi
+	xorl	%esi,		%eax
+	xorl	%esi,		%edi
+
+	roll	$9,		%eax
+	movl	%eax,		%esi
+	xorl	%edi,		%eax
+	andl	$0xaaaaaaaa,	%eax
+	xorl	%eax,		%esi
+	xorl	%eax,		%edi
+
+	roll	$1,		%edi
+	cmpl	$0,		%ebx
+	movl	24(%esp),	%ebp
+	je	.L000start_decrypt
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+	jmp	.L001end
+.align ALIGN
+.L000start_decrypt:
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+.align ALIGN
+.L001end:
+
+	/* FP */
+	movl	20(%esp),	%edx
+	rorl	$1,		%esi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$23,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$10,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$18,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	roll	$12,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%edx)
+	movl	%esi,		4(%edx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.des_encrypt_end:
+	SIZE(des_encrypt,.des_encrypt_end-des_encrypt)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_encrypt2
+	TYPE(des_encrypt2,@function)
+des_encrypt2:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the 2 words */
+	movl	20(%esp),	%eax
+	xorl	%ecx,		%ecx
+	movl	(%eax),		%esi
+	movl	28(%esp),	%ebx
+	roll	$3,		%esi
+	movl	4(%eax),	%edi
+	roll	$3,		%edi
+	cmpl	$0,		%ebx
+	movl	24(%esp),	%ebp
+	je	.L002start_decrypt
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+	jmp	.L003end
+.align ALIGN
+.L002start_decrypt:
+
+	/* Round 15 */
+	movl	120(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	124(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 14 */
+	movl	112(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	116(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 13 */
+	movl	104(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	108(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 12 */
+	movl	96(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	100(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 11 */
+	movl	88(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	92(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 10 */
+	movl	80(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	84(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 9 */
+	movl	72(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	76(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 8 */
+	movl	64(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	68(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 7 */
+	movl	56(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	60(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 6 */
+	movl	48(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	52(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 5 */
+	movl	40(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	44(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 4 */
+	movl	32(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	36(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 3 */
+	movl	24(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	28(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 2 */
+	movl	16(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	20(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+
+	/* Round 1 */
+	movl	8(%ebp),	%eax
+	xorl	%ebx,		%ebx
+	movl	12(%ebp),	%edx
+	xorl	%esi,		%eax
+	xorl	%esi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%edi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%edi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%edi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%edi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%edi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%edi
+
+	/* Round 0 */
+	movl	(%ebp),		%eax
+	xorl	%ebx,		%ebx
+	movl	4(%ebp),	%edx
+	xorl	%edi,		%eax
+	xorl	%edi,		%edx
+	andl	$0xfcfcfcfc,	%eax
+	andl	$0xcfcfcfcf,	%edx
+	movb	%al,		%bl
+	movb	%ah,		%cl
+	rorl	$4,		%edx
+	movl	      des_SPtrans(%ebx),%ebp
+	movb	%dl,		%bl
+	xorl	%ebp,		%esi
+	movl	0x200+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movb	%dh,		%cl
+	shrl	$16,		%eax
+	movl	0x100+des_SPtrans(%ebx),%ebp
+	xorl	%ebp,		%esi
+	movb	%ah,		%bl
+	shrl	$16,		%edx
+	movl	0x300+des_SPtrans(%ecx),%ebp
+	xorl	%ebp,		%esi
+	movl	24(%esp),	%ebp
+	movb	%dh,		%cl
+	andl	$0xff,		%eax
+	andl	$0xff,		%edx
+	movl	0x600+des_SPtrans(%ebx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x700+des_SPtrans(%ecx),%ebx
+	xorl	%ebx,		%esi
+	movl	0x400+des_SPtrans(%eax),%ebx
+	xorl	%ebx,		%esi
+	movl	0x500+des_SPtrans(%edx),%ebx
+	xorl	%ebx,		%esi
+.align ALIGN
+.L003end:
+
+	/* Fixup */
+	rorl	$3,		%edi
+	movl	20(%esp),	%eax
+	rorl	$3,		%esi
+	movl	%edi,		(%eax)
+	movl	%esi,		4(%eax)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.des_encrypt2_end:
+	SIZE(des_encrypt2,.des_encrypt2_end-des_encrypt2)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_encrypt3
+	TYPE(des_encrypt3,@function)
+des_encrypt3:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the data words */
+	movl	20(%esp),	%ebx
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+
+	/* IP */
+	roll	$4,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	roll	$20,		%esi
+	movl	%esi,		%edi
+	xorl	%edx,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%edx
+
+	roll	$14,		%edi
+	movl	%edi,		%esi
+	xorl	%edx,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%edx
+
+	roll	$22,		%edx
+	movl	%edx,		%edi
+	xorl	%esi,		%edx
+	andl	$0x03fc03fc,	%edx
+	xorl	%edx,		%edi
+	xorl	%edx,		%esi
+
+	roll	$9,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	rorl	$3,		%edx
+	rorl	$2,		%esi
+	movl	%esi,		4(%ebx)
+	movl	24(%esp),	%eax
+	movl	%edx,		(%ebx)
+	movl	28(%esp),	%edi
+	movl	32(%esp),	%esi
+	pushl	$1
+	pushl	%eax
+	pushl	%ebx
+	call	des_encrypt2
+	pushl	$0
+	pushl	%edi
+	pushl	%ebx
+	call	des_encrypt2
+	pushl	$1
+	pushl	%esi
+	pushl	%ebx
+	call	des_encrypt2
+	movl	(%ebx),		%edi
+	addl	$36,		%esp
+	movl	4(%ebx),	%esi
+
+	/* FP */
+	roll	$2,		%esi
+	roll	$3,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$23,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$10,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$18,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	roll	$12,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%ebx)
+	movl	%esi,		4(%ebx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.des_encrypt3_end:
+	SIZE(des_encrypt3,.des_encrypt3_end-des_encrypt3)
+.ident	"desasm.pl"
+.text
+	.align ALIGN
+.globl des_decrypt3
+	TYPE(des_decrypt3,@function)
+des_decrypt3:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+
+	/* Load the data words */
+	movl	20(%esp),	%ebx
+	movl	(%ebx),		%edi
+	movl	4(%ebx),	%esi
+
+	/* IP */
+	roll	$4,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	roll	$20,		%esi
+	movl	%esi,		%edi
+	xorl	%edx,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%edx
+
+	roll	$14,		%edi
+	movl	%edi,		%esi
+	xorl	%edx,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%edx
+
+	roll	$22,		%edx
+	movl	%edx,		%edi
+	xorl	%esi,		%edx
+	andl	$0x03fc03fc,	%edx
+	xorl	%edx,		%edi
+	xorl	%edx,		%esi
+
+	roll	$9,		%edi
+	movl	%edi,		%edx
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%edx
+	xorl	%edi,		%esi
+
+	rorl	$3,		%edx
+	rorl	$2,		%esi
+	movl	%esi,		4(%ebx)
+	movl	24(%esp),	%esi
+	movl	%edx,		(%ebx)
+	movl	28(%esp),	%edi
+	movl	32(%esp),	%eax
+	pushl	$0
+	pushl	%eax
+	pushl	%ebx
+	call	des_encrypt2
+	pushl	$1
+	pushl	%edi
+	pushl	%ebx
+	call	des_encrypt2
+	pushl	$0
+	pushl	%esi
+	pushl	%ebx
+	call	des_encrypt2
+	movl	(%ebx),		%edi
+	addl	$36,		%esp
+	movl	4(%ebx),	%esi
+
+	/* FP */
+	roll	$2,		%esi
+	roll	$3,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0xaaaaaaaa,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$23,		%eax
+	movl	%eax,		%edi
+	xorl	%esi,		%eax
+	andl	$0x03fc03fc,	%eax
+	xorl	%eax,		%edi
+	xorl	%eax,		%esi
+
+	roll	$10,		%edi
+	movl	%edi,		%eax
+	xorl	%esi,		%edi
+	andl	$0x33333333,	%edi
+	xorl	%edi,		%eax
+	xorl	%edi,		%esi
+
+	roll	$18,		%esi
+	movl	%esi,		%edi
+	xorl	%eax,		%esi
+	andl	$0xfff0000f,	%esi
+	xorl	%esi,		%edi
+	xorl	%esi,		%eax
+
+	roll	$12,		%edi
+	movl	%edi,		%esi
+	xorl	%eax,		%edi
+	andl	$0xf0f0f0f0,	%edi
+	xorl	%edi,		%esi
+	xorl	%edi,		%eax
+
+	rorl	$4,		%eax
+	movl	%eax,		(%ebx)
+	movl	%esi,		4(%ebx)
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.des_decrypt3_end:
+	SIZE(des_decrypt3,.des_decrypt3_end-des_decrypt3)
+.ident	"desasm.pl"
diff --git a/crypto/des/asm/dx86unix.cpp b/crypto/des/asm/dx86unix.cpp
new file mode 100644
index 0000000000..941cf1f604
--- /dev/null
+++ b/crypto/des/asm/dx86unix.cpp
@@ -0,0 +1,41 @@
+
+#define TYPE(a,b)	.type	a,b
+#define SIZE(a,b)	.size	a,b
+
+#ifdef OUT
+#define OK		1
+#define des_SPtrans	_des_SPtrans
+#define des_encrypt	_des_encrypt
+#define des_encrypt2	_des_encrypt2
+#define des_encrypt3	_des_encrypt3
+#define des_decrypt3	_des_decrypt3
+#define ALIGN		4
+#endif
+
+#ifdef BSDI
+#define OK		1
+#define des_SPtrans	_des_SPtrans
+#define des_encrypt	_des_encrypt
+#define des_encrypt2	_des_encrypt2
+#define des_encrypt3	_des_encrypt3
+#define des_decrypt3	_des_decrypt3
+#define ALIGN		4
+#undef SIZE
+#undef TYPE
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK		1
+#define ALIGN		16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+#include "dx86-cpp.s" 
+
diff --git a/crypto/des/asm/readme b/crypto/des/asm/readme
new file mode 100644
index 0000000000..da2561a6b3
--- /dev/null
+++ b/crypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler.  It is not portable,

+dependant on the particular CPU architecture release and is generally a pig

+to debug and get right.  Having said that, the x86 architecture is probably

+the most important for speed due to number of boxes and since

+it appears to be the worst architecture to to get

+good C compilers for.  So due to this, I have lowered myself to do

+assembler for the inner DES routines in libdes :-).

+

+The file to implement in assembler is des_enc.c.  Replace the following

+4 functions

+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);

+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);

+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);

+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);

+

+They encrypt/decrypt the 64 bits held in 'data' using

+the 'ks' key schedules.   The only difference between the 4 functions is that

+des_encrypt2() does not perform IP() or FP() on the data (this is an

+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()

+perform triple des.  The triple DES routines are in here because it does

+make a big difference to have them located near the des_encrypt2 function

+at link time..

+

+Now as we all know, there are lots of different operating systems running on

+x86 boxes, and unfortunately they normally try to make sure their assembler

+formating is not the same as the other peoples.

+The 4 main formats I know of are

+Microsoft	Windows 95/Windows NT

+Elf		Includes Linux and FreeBSD(?).

+a.out		The older Linux.

+Solaris		Same as Elf but different comments :-(.

+

+Now I was not overly keen to write 4 different copies of the same code,

+so I wrote a few perl routines to output the correct assembler, given

+a target assembler type.  This code is ugly and is just a hack.

+The libraries are x86unix.pl and x86ms.pl.

+des586.pl, des686.pl and des-som[23].pl are the programs to actually

+generate the assembler.

+

+So to generate elf assembler

+perl des-som3.pl elf >dx86-elf.s

+For Windows 95/NT

+perl des-som2.pl win32 >win32.asm

+

+[ update 4 Jan 1996 ]

+I have added another way to do things.

+perl des-som3.pl cpp >dx86-cpp.s

+generates a file that will be included by dx86unix.cpp when it is compiled.

+To build for elf, a.out, solaris, bsdi etc,

+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o

+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o

+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o

+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o

+This was done to cut down the number of files in the distribution.

+

+Now the ugly part.  I acquired my copy of Intels

+"Optimization's For Intel's 32-Bit Processors" and found a few interesting

+things.  First, the aim of the exersize is to 'extract' one byte at a time

+from a word and do an array lookup.  This involves getting the byte from

+the 4 locations in the word and moving it to a new word and doing the lookup.

+The most obvious way to do this is

+xor	eax,	eax				# clear word

+movb	al,	cl				# get low byte

+xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in word

+movb	al,	ch				# get next byte

+xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in word

+shr	ecx	16

+which seems ok.  For the pentium, this system appears to be the best.

+One has to do instruction interleaving to keep both functional units

+operating, but it is basically very efficient.

+

+Now the crunch.  When a full register is used after a partial write, eg.

+mov	al,	cl

+xor	edi,	DWORD PTR 0x100+des_SP[eax]

+386	- 1 cycle stall

+486	- 1 cycle stall

+586	- 0 cycle stall

+686	- at least 7 cycle stall (page 22 of the above mentioned document).

+

+So the technique that produces the best results on a pentium, according to

+the documentation, will produce hideous results on a pentium pro.

+

+To get around this, des686.pl will generate code that is not as fast on

+a pentium, should be very good on a pentium pro.

+mov	eax,	ecx				# copy word 

+shr	ecx,	8				# line up next byte

+and	eax,	0fch				# mask byte

+xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in array lookup

+mov	eax,	ecx				# get word

+shr	ecx	8				# line up next byte

+and	eax,	0fch				# mask byte

+xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in array lookup

+

+Due to the execution units in the pentium, this actually works quite well.

+For a pentium pro it should be very good.  This is the type of output

+Visual C++ generates.

+

+There is a third option.  instead of using

+mov	al,	ch

+which is bad on the pentium pro, one may be able to use

+movzx	eax,	ch

+which may not incur the partial write penalty.  On the pentium,

+this instruction takes 4 cycles so is not worth using but on the

+pentium pro it appears it may be worth while.  I need access to one to

+experiment :-).

+

+eric (20 Oct 1996)

+

+22 Nov 1996 - I have asked people to run the 2 different version on pentium

+pros and it appears that the intel documentation is wrong.  The

+mov al,bh is still faster on a pentium pro, so just use the des586.pl

+install des686.pl

+

+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these

+functions into des_enc.c because it does make a massive performance

+difference on some boxes to have the functions code located close to

+the des_encrypt2() function.

+

+9 Jan 1997 - des-som2.pl is now the correct perl script to use for

+pentiums.  It contains an inner loop from

+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at

+273,000 per second.  He had a previous version at 250,000 and the best

+I was able to get was 203,000.  The content has not changed, this is all

+due to instruction sequencing (and actual instructions choice) which is able

+to keep both functional units of the pentium going.

+We may have lost the ugly register usage restrictions when x86 went 32 bit

+but for the pentium it has been replaced by evil instruction ordering tricks.

+

+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.

+raw DES at 281,000 per second on a pentium 100.

+

diff --git a/crypto/des/cbc3_enc.c b/crypto/des/cbc3_enc.c
new file mode 100644
index 0000000000..e9bf500f44
--- /dev/null
+++ b/crypto/des/cbc3_enc.c
@@ -0,0 +1,99 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS? DON'T USE */
+void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_cblock (*iv1);
+des_cblock (*iv2);
+int enc;
+	{
+	int off=((int)length-1)/8;
+	long l8=((length+7)/8)*8;
+	des_cblock niv1,niv2;
+
+	if (enc == DES_ENCRYPT)
+		{
+		des_cbc_encrypt(input,output,length,ks1,iv1,enc);
+		if (length >= sizeof(des_cblock))
+			memcpy(niv1,output[off],sizeof(des_cblock));
+		des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+		des_cbc_encrypt(output,output,l8,ks1,iv2, enc);
+		if (length >= sizeof(des_cblock))
+			memcpy(niv2,output[off],sizeof(des_cblock));
+		}
+	else
+		{
+		if (length >= sizeof(des_cblock))
+			memcpy(niv2,input[off],sizeof(des_cblock));
+		des_cbc_encrypt(input,output,l8,ks1,iv2,enc);
+		des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+		if (length >= sizeof(des_cblock))
+			memcpy(niv1,output[off],sizeof(des_cblock));
+		des_cbc_encrypt(output,output,length,ks1,iv1, enc);
+		}
+	memcpy(*iv1,niv1,sizeof(des_cblock));
+	memcpy(*iv2,niv2,sizeof(des_cblock));
+	}
+
diff --git a/crypto/des/cbc_cksm.c b/crypto/des/cbc_cksm.c
new file mode 100644
index 0000000000..f6b32744eb
--- /dev/null
+++ b/crypto/des/cbc_cksm.c
@@ -0,0 +1,103 @@
+/* crypto/des/cbc_cksm.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+DES_LONG des_cbc_cksum(input, output, length, schedule, ivec)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+	{
+	register DES_LONG tout0,tout1,tin0,tin1;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *in,*out,*iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	c2l(iv,tout0);
+	c2l(iv,tout1);
+	for (; l>0; l-=8)
+		{
+		if (l >= 8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			}
+		else
+			c2ln(in,tin0,tin1,l);
+			
+		tin0^=tout0; tin[0]=tin0;
+		tin1^=tout1; tin[1]=tin1;
+		des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+		/* fix 15/10/91 eay - thanks to keithr@sco.COM */
+		tout0=tin[0];
+		tout1=tin[1];
+		}
+	if (out != NULL)
+		{
+		l2c(tout0,out);
+		l2c(tout1,out);
+		}
+	tout0=tin0=tin1=tin[0]=tin[1]=0;
+	return(tout1);
+	}
diff --git a/crypto/des/cbc_enc.c b/crypto/des/cbc_enc.c
new file mode 100644
index 0000000000..a06f9f99e3
--- /dev/null
+++ b/crypto/des/cbc_enc.c
@@ -0,0 +1,135 @@
+/* crypto/des/cbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_cbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0; tin[0]=tin0;
+			tin1^=tout1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0; tin[0]=tin0;
+			tin1^=tout1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2cn(tout0,tout1,out,l+8);
+		/*	xor0=tin0;
+			xor1=tin1; */
+			}
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c
new file mode 100644
index 0000000000..f62373792b
--- /dev/null
+++ b/crypto/des/cfb64ede.c
@@ -0,0 +1,151 @@
+/* crypto/des/cfb64ede.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void des_ede3_cfb64_encrypt(in, out, length, ks1,ks2,ks3, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule ks1,ks2,ks3;
+des_cblock (*ivec);
+int *num;
+int enc;
+	{
+	register DES_LONG v0,v1;
+	register long l=length;
+	register int n= *num;
+	DES_LONG ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (enc)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0);
+				c2l(iv,v1);
+
+				ti[0]=v0;
+				ti[1]=v1;
+				des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3);
+				v0=ti[0];
+				v1=ti[1];
+
+				iv=(unsigned char *)ivec;
+				l2c(v0,iv);
+				l2c(v1,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0);
+				c2l(iv,v1);
+
+				ti[0]=v0;
+				ti[1]=v1;
+				des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3);
+				v0=ti[0];
+				v1=ti[1];
+
+				iv=(unsigned char *)ivec;
+				l2c(v0,iv);
+				l2c(v1,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=c=cc=0;
+	*num=n;
+	}
+
+#ifdef undef /* MACRO */
+void des_ede2_cfb64_encrypt(in, out, length, ks1,ks2, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule ks1,ks2;
+des_cblock (*ivec);
+int *num;
+int enc;
+	{
+	des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
+	}
+#endif
diff --git a/crypto/des/cfb64enc.c b/crypto/des/cfb64enc.c
new file mode 100644
index 0000000000..327e489635
--- /dev/null
+++ b/crypto/des/cfb64enc.c
@@ -0,0 +1,128 @@
+/* crypto/des/cfb64enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void des_cfb64_encrypt(in, out, length, schedule, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int *num;
+int enc;
+	{
+	register DES_LONG v0,v1;
+	register long l=length;
+	register int n= *num;
+	DES_LONG ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (enc)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0); ti[0]=v0;
+				c2l(iv,v1); ti[1]=v1;
+				des_encrypt((DES_LONG *)ti,
+					schedule,DES_ENCRYPT);
+				iv=(unsigned char *)ivec;
+				v0=ti[0]; l2c(v0,iv);
+				v0=ti[1]; l2c(v0,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0); ti[0]=v0;
+				c2l(iv,v1); ti[1]=v1;
+				des_encrypt((DES_LONG *)ti,
+					schedule,DES_ENCRYPT);
+				iv=(unsigned char *)ivec;
+				v0=ti[0]; l2c(v0,iv);
+				v0=ti[1]; l2c(v0,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=c=cc=0;
+	*num=n;
+	}
+
diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c
new file mode 100644
index 0000000000..fb328328e6
--- /dev/null
+++ b/crypto/des/cfb_enc.c
@@ -0,0 +1,171 @@
+/* crypto/des/cfb_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second.  The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void des_cfb_encrypt(in, out, numbits, length, schedule, ivec, enc)
+unsigned char *in;
+unsigned char *out;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
+	register DES_LONG mask0,mask1;
+	register unsigned long l=length;
+	register int num=numbits;
+	DES_LONG ti[2];
+	unsigned char *iv;
+
+	if (num > 64) return;
+	if (num > 32)
+		{
+		mask0=0xffffffffL;
+		if (num == 64)
+			mask1=mask0;
+		else	mask1=(1L<<(num-32))-1;
+		}
+	else
+		{
+		if (num == 32)
+			mask0=0xffffffffL;
+		else	mask0=(1L<<num)-1;
+		mask1=0x00000000;
+		}
+
+	iv=(unsigned char *)ivec;
+	c2l(iv,v0);
+	c2l(iv,v1);
+	if (enc)
+		{
+		while (l >= n)
+			{
+			l-=n;
+			ti[0]=v0;
+			ti[1]=v1;
+			des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+			c2ln(in,d0,d1,n);
+			in+=n;
+			d0=(d0^ti[0])&mask0;
+			d1=(d1^ti[1])&mask1;
+			l2cn(d0,d1,out,n);
+			out+=n;
+			/* 30-08-94 - eay - changed because l>>32 and
+			 * l<<32 are bad under gcc :-( */
+			if (num == 32)
+				{ v0=v1; v1=d0; }
+			else if (num == 64)
+				{ v0=d0; v1=d1; }
+			else if (num > 32) /* && num != 64 */
+				{
+				v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
+				v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+				}
+			else /* num < 32 */
+				{
+				v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+				v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+				}
+			}
+		}
+	else
+		{
+		while (l >= n)
+			{
+			l-=n;
+			ti[0]=v0;
+			ti[1]=v1;
+			des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+			c2ln(in,d0,d1,n);
+			in+=n;
+			/* 30-08-94 - eay - changed because l>>32 and
+			 * l<<32 are bad under gcc :-( */
+			if (num == 32)
+				{ v0=v1; v1=d0; }
+			else if (num == 64)
+				{ v0=d0; v1=d1; }
+			else if (num > 32) /* && num != 64 */
+				{
+				v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
+				v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+				}
+			else /* num < 32 */
+				{
+				v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+				v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+				}
+			d0=(d0^ti[0])&mask0;
+			d1=(d1^ti[1])&mask1;
+			l2cn(d0,d1,out,n);
+			out+=n;
+			}
+		}
+	iv=(unsigned char *)ivec;
+	l2c(v0,iv);
+	l2c(v1,iv);
+	v0=v1=d0=d1=ti[0]=ti[1]=0;
+	}
+
diff --git a/crypto/des/des b/crypto/des/des
new file mode 100644
index 0000000000..7ec53b8060
--- /dev/null
+++ b/crypto/des/des
@@ -0,0 +1,305 @@
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@mincom.oz.au).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@mincom.oz.au)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify des.org since des.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+	{
+	union	{
+		des_cblock _;
+		/* make sure things are correct size on machines with
+		 * 8 byte longs */
+		DES_LONG pad[2];
+		} ks;
+#undef _
+#define _	ks._
+	} des_key_schedule[16];
+
+#define DES_KEY_SZ 	(sizeof(des_cblock))
+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define DES_ENCRYPT	1
+#define DES_DECRYPT	0
+
+#define DES_CBC_MODE	0
+#define DES_PCBC_MODE	1
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#endif
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define set_key des_set_key
+#define key_sched des_key_sched
+#define ecb_encrypt des_ecb_encrypt
+#define cbc_encrypt des_cbc_encrypt
+#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
+
+extern int des_check_key;	/* defaults to false */
+extern int des_rw_mode;		/* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks1,des_key_schedule ks2,
+	des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+	long length,des_key_schedule schedule,des_cblock *ivec);
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,
+	des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule sk1,des_key_schedule sk2,
+	des_cblock *ivec1,des_cblock *ivec2,int enc);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+	des_key_schedule ks2, des_key_schedule ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+	des_key_schedule ks2, des_key_schedule ks3);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output, 
+	long length, des_key_schedule ks1, des_key_schedule ks2, 
+	des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num);
+
+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
+	des_cblock (*out_white));
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+char *des_fcrypt(const char *buf,const char *salt, char *ret);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#ifdef HEADER_DES_LOCL_H
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+	int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+	long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+	char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num);
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_encrypt3();
+void des_decrypt3();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+char *des_fcrypt();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+int des_read_pw();
+void des_xwhite_in2out();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/des/des.c b/crypto/des/des.c
new file mode 100644
index 0000000000..0376163ffd
--- /dev/null
+++ b/crypto/des/des.c
@@ -0,0 +1,960 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#define RAND
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef VMS
+#include <types.h>
+#include <stat.h>
+#else
+#ifndef _IRIX
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+#if defined(NOCONST)
+#define const
+#endif
+#include "des.h"
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifdef RAND
+#define random rand
+#define srandom(s) srand(s)
+#endif
+
+#ifndef NOPROTO
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
+int uuencode(unsigned char *in,int num,unsigned char *out);
+int uudecode(unsigned char *in,int num,unsigned char *out);
+#else
+void usage();
+void doencryption();
+int uufwrite();
+void uufwriteEnd();
+int uufread();
+int uuencode();
+int uudecode();
+#endif
+
+#ifdef VMS
+#define EXIT(a) exit(a&0x10000000)
+#else
+#define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY  1
+#define KEYSIZ	8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB+1];
+int do_encrypt,longk=0;
+FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum=0;
+#define INUUBUFN	(45*100)
+#define OUTUUBUF	(65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+des_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+char cksumname[200]="";
+
+int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	int i;
+	struct stat ins,outs;
+	char *p;
+	char *in=NULL,*out=NULL;
+
+	vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
+	error=0;
+	memset(key,0,sizeof(key));
+
+	for (i=1; i<argc; i++)
+		{
+		p=argv[i];
+		if ((p[0] == '-') && (p[1] != '\0'))
+			{
+			p++;
+			while (*p)
+				{
+				switch (*(p++))
+					{
+				case '3':
+					flag3=1;
+					longk=1;
+					break;
+				case 'c':
+					cflag=1;
+					strncpy(cksumname,p,200);
+					p+=strlen(cksumname);
+					break;
+				case 'C':
+					cflag=1;
+					longk=1;
+					strncpy(cksumname,p,200);
+					p+=strlen(cksumname);
+					break;
+				case 'e':
+					eflag=1;
+					break;
+				case 'v':
+					vflag=1;
+					break;
+				case 'E':
+					eflag=1;
+					longk=1;
+					break;
+				case 'd':
+					dflag=1;
+					break;
+				case 'D':
+					dflag=1;
+					longk=1;
+					break;
+				case 'b':
+					bflag=1;
+					break;
+				case 'f':
+					fflag=1;
+					break;
+				case 's':
+					sflag=1;
+					break;
+				case 'u':
+					uflag=1;
+					strncpy(uuname,p,200);
+					p+=strlen(uuname);
+					break;
+				case 'h':
+					hflag=1;
+					break;
+				case 'k':
+					kflag=1;
+					if ((i+1) == argc)
+						{
+						fputs("must have a key with the -k option\n",stderr);
+						error=1;
+						}
+					else
+						{
+						int j;
+
+						i++;
+						strncpy(key,argv[i],KEYSIZB);
+						for (j=strlen(argv[i])-1; j>=0; j--)
+							argv[i][j]='\0';
+						}
+					break;
+				default:
+					fprintf(stderr,"'%c' unknown flag\n",p[-1]);
+					error=1;
+					break;
+					}
+				}
+			}
+		else
+			{
+			if (in == NULL)
+				in=argv[i];
+			else if (out == NULL)
+				out=argv[i];
+			else
+				error=1;
+			}
+		}
+	if (error) usage();
+	/* We either
+	 * do checksum or
+	 * do encrypt or
+	 * do decrypt or
+	 * do decrypt then ckecksum or
+	 * do checksum then encrypt
+	 */
+	if (((eflag+dflag) == 1) || cflag)
+		{
+		if (eflag) do_encrypt=DES_ENCRYPT;
+		if (dflag) do_encrypt=DES_DECRYPT;
+		}
+	else
+		{
+		if (vflag) 
+			{
+#ifndef _Windows			
+			fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif			
+			EXIT(1);
+			}
+		else usage();
+		}
+
+#ifndef _Windows			
+	if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif			
+	if (	(in != NULL) &&
+		(out != NULL) &&
+#ifndef MSDOS
+		(stat(in,&ins) != -1) &&
+		(stat(out,&outs) != -1) &&
+		(ins.st_dev == outs.st_dev) &&
+		(ins.st_ino == outs.st_ino))
+#else /* MSDOS */
+		(strcmp(in,out) == 0))
+#endif
+			{
+			fputs("input and output file are the same\n",stderr);
+			EXIT(3);
+			}
+
+	if (!kflag)
+		if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
+			{
+			fputs("password error\n",stderr);
+			EXIT(2);
+			}
+
+	if (in == NULL)
+		DES_IN=stdin;
+	else if ((DES_IN=fopen(in,"r")) == NULL)
+		{
+		perror("opening input file");
+		EXIT(4);
+		}
+
+	CKSUM_OUT=stdout;
+	if (out == NULL)
+		{
+		DES_OUT=stdout;
+		CKSUM_OUT=stderr;
+		}
+	else if ((DES_OUT=fopen(out,"w")) == NULL)
+		{
+		perror("opening output file");
+		EXIT(5);
+		}
+
+#ifdef MSDOS
+	/* This should set the file to binary mode. */
+	{
+#include <fcntl.h>
+	if (!(uflag && dflag))
+		setmode(fileno(DES_IN),O_BINARY);
+	if (!(uflag && eflag))
+		setmode(fileno(DES_OUT),O_BINARY);
+	}
+#endif
+
+	doencryption();
+	fclose(DES_IN);
+	fclose(DES_OUT);
+	EXIT(0);
+	}
+
+void usage()
+	{
+	char **u;
+	static const char *Usage[]={
+"des <options> [input-file [output-file]]",
+"options:",
+"-v         : des(1) version number",
+"-e         : encrypt using sunOS compatible user key to DES key conversion.",
+"-E         : encrypt ",
+"-d         : decrypt using sunOS compatible user key to DES key conversion.",
+"-D         : decrypt ",
+"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to",
+"             DES key conversion and output to ckname (stdout default,",
+"             stderr if data being output on stdout).  The checksum is",
+"             generated before encryption and after decryption if used",
+"             in conjunction with -[eEdD].",
+"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+"-k key     : use key 'key'",
+"-h         : the key that is entered will be a hexidecimal number",
+"             that is used directly as the des key",
+"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+"             (uuname is the filename to put in the uuencode header).",
+"-b         : encrypt using DES in ecb encryption mode, the defaut is cbc mode.",
+"-3         : encrypt using tripple DES encryption.  This uses 2 keys",
+"             generated from the input key.  If the input key is less",
+"             than 8 characters long, this is equivelent to normal",
+"             encryption.  Default is tripple cbc, -b makes it tripple ecb.",
+NULL
+};
+	for (u=(char **)Usage; *u; u++)
+		{
+		fputs(*u,stderr);
+		fputc('\n',stderr);
+		}
+
+	EXIT(1);
+	}
+
+void doencryption()
+	{
+#ifdef _LIBC
+	extern int srandom();
+	extern int random();
+	extern unsigned long time();
+#endif
+
+	register int i;
+	des_key_schedule ks,ks2;
+	unsigned char iv[8],iv2[8];
+	char *p;
+	int num=0,j,k,l,rem,ll,len,last,ex=0;
+	des_cblock kk,k2;
+	FILE *O;
+	int Exit=0;
+#ifndef MSDOS
+	static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
+#else
+	static unsigned char *buf=NULL,*obuf=NULL;
+
+	if (buf == NULL)
+		{
+		if (    (( buf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL) ||
+			((obuf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL))
+			{
+			fputs("Not enough memory\n",stderr);
+			Exit=10;
+			goto problems;
+			}
+		}
+#endif
+
+	if (hflag)
+		{
+		j=(flag3?16:8);
+		p=key;
+		for (i=0; i<j; i++)
+			{
+			k=0;
+			if ((*p <= '9') && (*p >= '0'))
+				k=(*p-'0')<<4;
+			else if ((*p <= 'f') && (*p >= 'a'))
+				k=(*p-'a'+10)<<4;
+			else if ((*p <= 'F') && (*p >= 'A'))
+				k=(*p-'A'+10)<<4;
+			else
+				{
+				fputs("Bad hex key\n",stderr);
+				Exit=9;
+				goto problems;
+				}
+			p++;
+			if ((*p <= '9') && (*p >= '0'))
+				k|=(*p-'0');
+			else if ((*p <= 'f') && (*p >= 'a'))
+				k|=(*p-'a'+10);
+			else if ((*p <= 'F') && (*p >= 'A'))
+				k|=(*p-'A'+10);
+			else
+				{
+				fputs("Bad hex key\n",stderr);
+				Exit=9;
+				goto problems;
+				}
+			p++;
+			if (i < 8)
+				kk[i]=k;
+			else
+				k2[i-8]=k;
+			}
+		des_set_key((C_Block *)k2,ks2);
+		memset(k2,0,sizeof(k2));
+		}
+	else if (longk || flag3)
+		{
+		if (flag3)
+			{
+			des_string_to_2keys(key,(C_Block *)kk,(C_Block *)k2);
+			des_set_key((C_Block *)k2,ks2);
+			memset(k2,0,sizeof(k2));
+			}
+		else
+			des_string_to_key(key,(C_Block *)kk);
+		}
+	else
+		for (i=0; i<KEYSIZ; i++)
+			{
+			l=0;
+			k=key[i];
+			for (j=0; j<8; j++)
+				{
+				if (k&1) l++;
+				k>>=1;
+				}
+			if (l & 1)
+				kk[i]=key[i]&0x7f;
+			else
+				kk[i]=key[i]|0x80;
+			}
+
+	des_set_key((C_Block *)kk,ks);
+	memset(key,0,sizeof(key));
+	memset(kk,0,sizeof(kk));
+	/* woops - A bug that does not showup under unix :-( */
+	memset(iv,0,sizeof(iv));
+	memset(iv2,0,sizeof(iv2));
+
+	l=1;
+	rem=0;
+	/* first read */
+	if (eflag || (!dflag && cflag))
+		{
+		for (;;)
+			{
+			num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+			l+=rem;
+			num+=rem;
+			if (l < 0)
+				{
+				perror("read error");
+				Exit=6;
+				goto problems;
+				}
+
+			rem=l%8;
+			len=l-rem;
+			if (feof(DES_IN))
+				{
+				srandom((unsigned int)time(NULL));
+				for (i=7-rem; i>0; i--)
+					buf[l++]=random()&0xff;
+				buf[l++]=rem;
+				ex=1;
+				len+=rem;
+				}
+			else
+				l-=rem;
+
+			if (cflag)
+				{
+				des_cbc_cksum((C_Block *)buf,(C_Block *)cksum,
+					(long)len,ks,(C_Block *)cksum);
+				if (!eflag)
+					{
+					if (feof(DES_IN)) break;
+					else continue;
+					}
+				}
+
+			if (bflag && !flag3)
+				for (i=0; i<l; i+=8)
+					des_ecb_encrypt(
+						(des_cblock *)&(buf[i]),
+						(des_cblock *)&(obuf[i]),
+						ks,do_encrypt);
+			else if (flag3 && bflag)
+				for (i=0; i<l; i+=8)
+					des_ecb2_encrypt(
+						(des_cblock *)&(buf[i]),
+						(des_cblock *)&(obuf[i]),
+						ks,ks2,do_encrypt);
+			else if (flag3 && !bflag)
+				{
+				char tmpbuf[8];
+
+				if (rem) memcpy(tmpbuf,&(buf[l]),
+					(unsigned int)rem);
+				des_3cbc_encrypt(
+					(des_cblock *)buf,(des_cblock *)obuf,
+					(long)l,ks,ks2,(des_cblock *)iv,
+					(des_cblock *)iv2,do_encrypt);
+				if (rem) memcpy(&(buf[l]),tmpbuf,
+					(unsigned int)rem);
+				}
+			else
+				{
+				des_cbc_encrypt(
+					(des_cblock *)buf,(des_cblock *)obuf,
+					(long)l,ks,(des_cblock *)iv,do_encrypt);
+				if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
+				}
+			if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
+
+			i=0;
+			while (i < l)
+				{
+				if (uflag)
+					j=uufwrite(obuf,1,(unsigned int)l-i,
+						DES_OUT);
+				else
+					j=fwrite(obuf,1,(unsigned int)l-i,
+						DES_OUT);
+				if (j == -1)
+					{
+					perror("Write error");
+					Exit=7;
+					goto problems;
+					}
+				i+=j;
+				}
+			if (feof(DES_IN))
+				{
+				if (uflag) uufwriteEnd(DES_OUT);
+				break;
+				}
+			}
+		}
+	else /* decrypt */
+		{
+		ex=1;
+		for (;;)
+			{
+			if (ex) {
+				if (uflag)
+					l=uufread(buf,1,BUFSIZE,DES_IN);
+				else
+					l=fread(buf,1,BUFSIZE,DES_IN);
+				ex=0;
+				rem=l%8;
+				l-=rem;
+				}
+			if (l < 0)
+				{
+				perror("read error");
+				Exit=6;
+				goto problems;
+				}
+
+			if (bflag && !flag3)
+				for (i=0; i<l; i+=8)
+					des_ecb_encrypt(
+						(des_cblock *)&(buf[i]),
+						(des_cblock *)&(obuf[i]),
+						ks,do_encrypt);
+			else if (flag3 && bflag)
+				for (i=0; i<l; i+=8)
+					des_ecb2_encrypt(
+						(des_cblock *)&(buf[i]),
+						(des_cblock *)&(obuf[i]),
+						ks,ks2,do_encrypt);
+			else if (flag3 && !bflag)
+				{
+				des_3cbc_encrypt(
+					(des_cblock *)buf,(des_cblock *)obuf,
+					(long)l,ks,ks2,(des_cblock *)iv,
+					(des_cblock *)iv2,do_encrypt);
+				}
+			else
+				{
+				des_cbc_encrypt(
+					(des_cblock *)buf,(des_cblock *)obuf,
+				 	(long)l,ks,(des_cblock *)iv,do_encrypt);
+				if (l >= 8) memcpy(iv,&(buf[l-8]),8);
+				}
+
+			if (uflag)
+				ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
+			else
+				ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+			ll+=rem;
+			rem=ll%8;
+			ll-=rem;
+			if (feof(DES_IN) && (ll == 0))
+				{
+				last=obuf[l-1];
+
+				if ((last > 7) || (last < 0))
+					{
+					fputs("The file was not decrypted correctly.\n",
+						stderr);
+					Exit=8;
+					last=0;
+					}
+				l=l-8+last;
+				}
+			i=0;
+			if (cflag) des_cbc_cksum((C_Block *)obuf,
+				(C_Block *)cksum,(long)l/8*8,ks,
+				(C_Block *)cksum);
+			while (i != l)
+				{
+				j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
+				if (j == -1)
+					{
+					perror("Write error");
+					Exit=7;
+					goto problems;
+					}
+				i+=j;
+				}
+			l=ll;
+			if ((l == 0) && feof(DES_IN)) break;
+			}
+		}
+	if (cflag)
+		{
+		l=0;
+		if (cksumname[0] != '\0')
+			{
+			if ((O=fopen(cksumname,"w")) != NULL)
+				{
+				CKSUM_OUT=O;
+				l=1;
+				}
+			}
+		for (i=0; i<8; i++)
+			fprintf(CKSUM_OUT,"%02X",cksum[i]);
+		fprintf(CKSUM_OUT,"\n");
+		if (l) fclose(CKSUM_OUT);
+		}
+problems:
+	memset(buf,0,sizeof(buf));
+	memset(obuf,0,sizeof(obuf));
+	memset(ks,0,sizeof(ks));
+	memset(ks2,0,sizeof(ks2));
+	memset(iv,0,sizeof(iv));
+	memset(iv2,0,sizeof(iv2));
+	memset(kk,0,sizeof(kk));
+	memset(k2,0,sizeof(k2));
+	memset(uubuf,0,sizeof(uubuf));
+	memset(b,0,sizeof(b));
+	memset(bb,0,sizeof(bb));
+	memset(cksum,0,sizeof(cksum));
+	if (Exit) EXIT(Exit);
+	}
+
+int uufwrite(data, size, num, fp)
+unsigned char *data;
+int size;
+unsigned int num;
+FILE *fp;
+      
+     /* We ignore this parameter but it should be > ~50 I believe */
+   
+    
+	{
+	int i,j,left,rem,ret=num;
+	static int start=1;
+
+	if (start)
+		{
+		fprintf(fp,"begin 600 %s\n",
+			(uuname[0] == '\0')?"text.d":uuname);
+		start=0;
+		}
+
+	if (uubufnum)
+		{
+		if (uubufnum+num < 45)
+			{
+			memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
+			uubufnum+=num;
+			return(num);
+			}
+		else
+			{
+			i=45-uubufnum;
+			memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
+			j=uuencode((unsigned char *)uubuf,45,b);
+			fwrite(b,1,(unsigned int)j,fp);
+			uubufnum=0;
+			data+=i;
+			num-=i;
+			}
+		}
+
+	for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
+		{
+		j=uuencode(&(data[i]),INUUBUFN,b);
+		fwrite(b,1,(unsigned int)j,fp);
+		}
+	rem=(num-i)%45;
+	left=(num-i-rem);
+	if (left)
+		{
+		j=uuencode(&(data[i]),left,b);
+		fwrite(b,1,(unsigned int)j,fp);
+		i+=left;
+		}
+	if (i != num)
+		{
+		memcpy(uubuf,&(data[i]),(unsigned int)rem);
+		uubufnum=rem;
+		}
+	return(ret);
+	}
+
+void uufwriteEnd(fp)
+FILE *fp;
+	{
+	int j;
+	static const char *end=" \nend\n";
+
+	if (uubufnum != 0)
+		{
+		uubuf[uubufnum]='\0';
+		uubuf[uubufnum+1]='\0';
+		uubuf[uubufnum+2]='\0';
+		j=uuencode(uubuf,uubufnum,b);
+		fwrite(b,1,(unsigned int)j,fp);
+		}
+	fwrite(end,1,strlen(end),fp);
+	}
+
+int uufread(out, size, num, fp)
+unsigned char *out;
+int size; /* should always be > ~ 60; I actually ignore this parameter :-) */
+unsigned int num;
+FILE *fp;
+	{
+	int i,j,tot;
+	static int done=0;
+	static int valid=0;
+	static int start=1;
+
+	if (start)
+		{
+		for (;;)
+			{
+			b[0]='\0';
+			fgets((char *)b,300,fp);
+			if (b[0] == '\0')
+				{
+				fprintf(stderr,"no 'begin' found in uuencoded input\n");
+				return(-1);
+				}
+			if (strncmp((char *)b,"begin ",6) == 0) break;
+			}
+		start=0;
+		}
+	if (done) return(0);
+	tot=0;
+	if (valid)
+		{
+		memcpy(out,bb,(unsigned int)valid);
+		tot=valid;
+		valid=0;
+		}
+	for (;;)
+		{
+		b[0]='\0';
+		fgets((char *)b,300,fp);
+		if (b[0] == '\0') break;
+		i=strlen((char *)b);
+		if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
+			{
+			done=1;
+			while (!feof(fp))
+				{
+				fgets((char *)b,300,fp);
+				}
+			break;
+			}
+		i=uudecode(b,i,bb);
+		if (i < 0) break;
+		if ((i+tot+8) > num)
+			{
+			/* num to copy to make it a multiple of 8 */
+			j=(num/8*8)-tot-8;
+			memcpy(&(out[tot]),bb,(unsigned int)j);
+			tot+=j;
+			memcpy(bb,&(bb[j]),(unsigned int)i-j);
+			valid=i-j;
+			break;
+			}
+		memcpy(&(out[tot]),bb,(unsigned int)i);
+		tot+=i;
+		}
+	return(tot);
+	}
+
+#define ccc2l(c,l)      (l =((DES_LONG)(*((c)++)))<<16, \
+			 l|=((DES_LONG)(*((c)++)))<< 8, \
+		 	 l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c)      (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                    *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                    *((c)++)=(unsigned char)(((l)    )&0xff))
+
+
+int uuencode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+	{
+	int j,i,n,tot=0;
+	DES_LONG l;
+	register unsigned char *p;
+	p=out;
+
+	for (j=0; j<num; j+=45)
+		{
+		if (j+45 > num)
+			i=(num-j);
+		else	i=45;
+		*(p++)=i+' ';
+		for (n=0; n<i; n+=3)
+			{
+			ccc2l(in,l);
+			*(p++)=((l>>18)&0x3f)+' ';
+			*(p++)=((l>>12)&0x3f)+' ';
+			*(p++)=((l>> 6)&0x3f)+' ';
+			*(p++)=((l    )&0x3f)+' ';
+			tot+=4;
+			}
+		*(p++)='\n';
+		tot+=2;
+		}
+	*p='\0';
+	l=0;
+	return(tot);
+	}
+
+int uudecode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+	{
+	int j,i,k;
+	unsigned int n=0,space=0;
+	DES_LONG l;
+	DES_LONG w,x,y,z;
+	unsigned int blank=(unsigned int)'\n'-' ';
+
+	for (j=0; j<num; )
+		{
+		n= *(in++)-' ';
+		if (n == blank)
+			{
+			n=0;
+			in--;
+			}
+		if (n > 60)
+			{
+			fprintf(stderr,"uuencoded line length too long\n");
+			return(-1);
+			}
+		j++;
+
+		for (i=0; i<n; j+=4,i+=3)
+			{
+			/* the following is for cases where spaces are
+			 * removed from lines.
+			 */
+			if (space)
+				{
+				w=x=y=z=0;
+				}
+			else
+				{
+				w= *(in++)-' ';
+				x= *(in++)-' ';
+				y= *(in++)-' ';
+				z= *(in++)-' ';
+				}
+			if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
+				{
+				k=0;
+				if (w == blank) k=1;
+				if (x == blank) k=2;
+				if (y == blank) k=3;
+				if (z == blank) k=4;
+				space=1;
+				switch (k) {
+				case 1:	w=0; in--;
+				case 2: x=0; in--;
+				case 3: y=0; in--;
+				case 4: z=0; in--;
+					break;
+				case 0:
+					space=0;
+					fprintf(stderr,"bad uuencoded data values\n");
+					w=x=y=z=0;
+					return(-1);
+					break;
+					}
+				}
+			l=(w<<18)|(x<<12)|(y<< 6)|(z    );
+			l2ccc(l,out);
+			}
+		if (*(in++) != '\n')
+			{
+			fprintf(stderr,"missing nl in uuencoded line\n");
+			w=x=y=z=0;
+			return(-1);
+			}
+		j++;
+		}
+	*out='\0';
+	w=x=y=z=0;
+	return(n);
+	}
diff --git a/crypto/des/des.h b/crypto/des/des.h
new file mode 100644
index 0000000000..1728fe8889
--- /dev/null
+++ b/crypto/des/des.h
@@ -0,0 +1,305 @@
+/* crypto/des/des.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify des.org since des.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+	{
+	union	{
+		des_cblock _;
+		/* make sure things are correct size on machines with
+		 * 8 byte longs */
+		DES_LONG pad[2];
+		} ks;
+#undef _
+#define _	ks._
+	} des_key_schedule[16];
+
+#define DES_KEY_SZ 	(sizeof(des_cblock))
+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define DES_ENCRYPT	1
+#define DES_DECRYPT	0
+
+#define DES_CBC_MODE	0
+#define DES_PCBC_MODE	1
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#endif
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define set_key des_set_key
+#define key_sched des_key_sched
+#define ecb_encrypt des_ecb_encrypt
+#define cbc_encrypt des_cbc_encrypt
+#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
+
+extern int des_check_key;	/* defaults to false */
+extern int des_rw_mode;		/* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks1,des_key_schedule ks2,
+	des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+	long length,des_key_schedule schedule,des_cblock *ivec);
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,
+	des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule sk1,des_key_schedule sk2,
+	des_cblock *ivec1,des_cblock *ivec2,int enc);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+	des_key_schedule ks2, des_key_schedule ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+	des_key_schedule ks2, des_key_schedule ks3);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output, 
+	long length, des_key_schedule ks1, des_key_schedule ks2, 
+	des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num);
+
+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
+	des_cblock (*out_white));
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+char *des_fcrypt(const char *buf,const char *salt, char *ret);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#ifdef HEADER_DES_LOCL_H
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+	int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+	long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+	char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num);
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_encrypt3();
+void des_decrypt3();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+char *des_fcrypt();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+int des_read_pw();
+void des_xwhite_in2out();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/des/des.man b/crypto/des/des.man
new file mode 100644
index 0000000000..7e06a1851a
--- /dev/null
+++ b/crypto/des/des.man
@@ -0,0 +1,186 @@
+.TH DES 1 
+.SH NAME
+des - encrypt or decrypt data using Data Encryption Standard
+.SH SYNOPSIS
+.B des
+(
+.B \-e
+|
+.B \-E
+) | (
+.B \-d
+|
+.B \-D
+) | (
+.B \-\fR[\fPcC\fR][\fPckname\fR]\fP
+) |
+[
+.B \-b3hfs
+] [
+.B \-k
+.I key
+]
+] [
+.B \-u\fR[\fIuuname\fR]
+[
+.I input-file
+[
+.I output-file
+] ]
+.SH DESCRIPTION
+.B des
+encrypts and decrypts data using the
+Data Encryption Standard algorithm.
+One of
+.B \-e, \-E
+(for encrypt) or
+.B \-d, \-D
+(for decrypt) must be specified.
+It is also possible to use
+.B \-c
+or
+.B \-C
+in conjunction or instead of the a encrypt/decrypt option to generate
+a 16 character hexadecimal checksum, generated via the
+.I des_cbc_cksum.
+.LP
+Two standard encryption modes are supported by the
+.B des
+program, Cipher Block Chaining (the default) and Electronic Code Book
+(specified with
+.B \-b
+).
+.LP
+The key used for the DES
+algorithm is obtained by prompting the user unless the
+.B `\-k
+.I key'
+option is given.
+If the key is an argument to the
+.B des
+command, it is potentially visible to users executing
+.BR ps (1)
+or a derivative.  To minimise this possibility,
+.B des
+takes care to destroy the key argument immediately upon entry.
+If your shell keeps a history file be careful to make sure it is not
+world readable.
+.LP
+Since this program attempts to maintain compatability with sunOS's
+des(1) command, there are 2 different methods used to convert the user
+supplied key to a des key.
+Whenever and one or more of
+.B \-E, \-D, \-C
+or
+.B \-3
+options are used, the key conversion procedure will not be compatible
+with the sunOS des(1) version but will use all the user supplied
+character to generate the des key.
+.B des
+command reads from standard input unless
+.I input-file
+is specified and writes to standard output unless
+.I output-file
+is given.
+.SH OPTIONS
+.TP
+.B \-b
+Select ECB
+(eight bytes at a time) encryption mode.
+.TP
+.B \-3
+Encrypt using triple encryption.
+By default triple cbc encryption is used but if the
+.B \-b
+option is used then triple ecb encryption is performed.
+If the key is less than 8 characters long, the flag has no effect.
+.TP
+.B \-e
+Encrypt data using an 8 byte key in a manner compatible with sunOS
+des(1).
+.TP
+.B \-E
+Encrypt data using a key of nearly unlimited length (1024 bytes).
+This will product a more secure encryption.
+.TP
+.B \-d
+Decrypt data that was encrypted with the \-e option.
+.TP
+.B \-D
+Decrypt data that was encrypted with the \-E option.
+.TP
+.B \-c
+Generate a 16 character hexadecimal cbc checksum and output this to
+stderr.
+If a filename was specified after the
+.B \-c
+option, the checksum is output to that file.
+The checksum is generated using a key generated in a sunOS compatible
+manner.
+.TP
+.B \-C
+A cbc checksum is generated in the same manner as described for the
+.B \-c
+option but the DES key is generated in the same manner as used for the
+.B \-E
+and
+.B \-D
+options
+.TP
+.B \-f
+Does nothing - allowed for compatibility with sunOS des(1) command.
+.TP
+.B \-s
+Does nothing - allowed for compatibility with sunOS des(1) command.
+.TP
+.B "\-k \fIkey\fP"
+Use the encryption 
+.I key
+specified.
+.TP
+.B "\-h"
+The
+.I key
+is assumed to be a 16 character hexadecimal number.
+If the
+.B "\-3"
+option is used the key is assumed to be a 32 character hexadecimal
+number.
+.TP
+.B \-u
+This flag is used to read and write uuencoded files.  If decrypting,
+the input file is assumed to contain uuencoded, DES encrypted data.
+If encrypting, the characters following the -u are used as the name of
+the uuencoded file to embed in the begin line of the uuencoded
+output.  If there is no name specified after the -u, the name text.des
+will be embedded in the header.
+.SH SEE ALSO
+.B ps (1)
+.B des_crypt(3)
+.SH BUGS
+.LP
+The problem with using the
+.B -e
+option is the short key length.
+It would be better to use a real 56-bit key rather than an
+ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
+radically reduces the time necessary for a brute-force cryptographic attack.
+My attempt to remove this problem is to add an alternative text-key to
+DES-key function.  This alternative function (accessed via
+.B -E, -D, -S
+and
+.B -3
+)
+uses DES to help generate the key.
+.LP
+Be carefully when using the -u option.  Doing des -ud <filename> will
+not decrypt filename (the -u option will gobble the d option).
+.LP
+The VMS operating system operates in a world where files are always a
+multiple of 512 bytes.  This causes problems when encrypted data is
+send from unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the -u option
+to uuencode the data before it is send to the VMS system.
+.SH AUTHOR
+.LP
+Eric Young (eay@cryptsoft.com)
diff --git a/crypto/des/des.org b/crypto/des/des.org
new file mode 100644
index 0000000000..1728fe8889
--- /dev/null
+++ b/crypto/des/des.org
@@ -0,0 +1,305 @@
+/* crypto/des/des.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify des.org since des.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+	{
+	union	{
+		des_cblock _;
+		/* make sure things are correct size on machines with
+		 * 8 byte longs */
+		DES_LONG pad[2];
+		} ks;
+#undef _
+#define _	ks._
+	} des_key_schedule[16];
+
+#define DES_KEY_SZ 	(sizeof(des_cblock))
+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define DES_ENCRYPT	1
+#define DES_DECRYPT	0
+
+#define DES_CBC_MODE	0
+#define DES_PCBC_MODE	1
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#endif
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define set_key des_set_key
+#define key_sched des_key_sched
+#define ecb_encrypt des_ecb_encrypt
+#define cbc_encrypt des_cbc_encrypt
+#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
+
+extern int des_check_key;	/* defaults to false */
+extern int des_rw_mode;		/* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks1,des_key_schedule ks2,
+	des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+	long length,des_key_schedule schedule,des_cblock *ivec);
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,
+	des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule sk1,des_key_schedule sk2,
+	des_cblock *ivec1,des_cblock *ivec2,int enc);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+	des_key_schedule ks2, des_key_schedule ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+	des_key_schedule ks2, des_key_schedule ks3);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output, 
+	long length, des_key_schedule ks1, des_key_schedule ks2, 
+	des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num);
+
+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
+	des_cblock (*out_white));
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+char *des_fcrypt(const char *buf,const char *salt, char *ret);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#ifdef HEADER_DES_LOCL_H
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+	int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+	long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+	char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num);
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_encrypt3();
+void des_decrypt3();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+char *des_fcrypt();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+int des_read_pw();
+void des_xwhite_in2out();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/des/des.pl b/crypto/des/des.pl
new file mode 100644
index 0000000000..8a3f7e3ed6
--- /dev/null
+++ b/crypto/des/des.pl
@@ -0,0 +1,552 @@
+#!/usr/local/bin/perl
+# des.pl - eric young 22/11/1991 eay@cryptsoft.com
+#
+# Copyright (C) 1993 Eric Young
+#
+# 11 April 1996 - patched to circumvent Perl 5 (through 5.002) problem
+#                 with sign-extension on right shift operations.
+#                 Ed Kubaitis - ejk@uiuc.edu
+#
+# eay - 92/08/31 - I think I have fixed all problems for 64bit
+# versions of perl but I could be wrong since I have not tested it yet :-).
+#
+# This is an implementation of DES in perl.
+# The two routines (des_set_key and des_ecb_encrypt)
+# take 8 byte objects as arguments.
+#
+# des_set_key takes an 8 byte string as a key and returns a key schedule
+# for use in calls to des_ecb_encrypt.
+# des_ecb_encrypt takes three arguments, the first is a key schedule
+# (make sure to pass it by reference with the *), the second is 1
+# to encrypt, 0 to decrypt.  The third argument is an 8 byte object
+# to encrypt.  The function returns an 8 byte object that has been
+# DES encrypted.
+#
+# example:
+# require 'des.pl'
+#
+# $key =pack("C8",0x12,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
+# @ks=  &des_set_key($key);
+#
+# $outbytes= &des_ecb_encrypt(*ks,1,$data);
+# @enc =unpack("C8",$outbytes);
+#
+                 
+package des;
+
+eval("use integer;") if (int($]) > 4);
+
+# The following 8 arrays are used in des_set_key
+@skb0=(
+# for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 
+0x00000000,0x00000010,0x20000000,0x20000010,
+0x00010000,0x00010010,0x20010000,0x20010010,
+0x00000800,0x00000810,0x20000800,0x20000810,
+0x00010800,0x00010810,0x20010800,0x20010810,
+0x00000020,0x00000030,0x20000020,0x20000030,
+0x00010020,0x00010030,0x20010020,0x20010030,
+0x00000820,0x00000830,0x20000820,0x20000830,
+0x00010820,0x00010830,0x20010820,0x20010830,
+0x00080000,0x00080010,0x20080000,0x20080010,
+0x00090000,0x00090010,0x20090000,0x20090010,
+0x00080800,0x00080810,0x20080800,0x20080810,
+0x00090800,0x00090810,0x20090800,0x20090810,
+0x00080020,0x00080030,0x20080020,0x20080030,
+0x00090020,0x00090030,0x20090020,0x20090030,
+0x00080820,0x00080830,0x20080820,0x20080830,
+0x00090820,0x00090830,0x20090820,0x20090830,
+);
+@skb1=(
+# for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 
+0x00000000,0x02000000,0x00002000,0x02002000,
+0x00200000,0x02200000,0x00202000,0x02202000,
+0x00000004,0x02000004,0x00002004,0x02002004,
+0x00200004,0x02200004,0x00202004,0x02202004,
+0x00000400,0x02000400,0x00002400,0x02002400,
+0x00200400,0x02200400,0x00202400,0x02202400,
+0x00000404,0x02000404,0x00002404,0x02002404,
+0x00200404,0x02200404,0x00202404,0x02202404,
+0x10000000,0x12000000,0x10002000,0x12002000,
+0x10200000,0x12200000,0x10202000,0x12202000,
+0x10000004,0x12000004,0x10002004,0x12002004,
+0x10200004,0x12200004,0x10202004,0x12202004,
+0x10000400,0x12000400,0x10002400,0x12002400,
+0x10200400,0x12200400,0x10202400,0x12202400,
+0x10000404,0x12000404,0x10002404,0x12002404,
+0x10200404,0x12200404,0x10202404,0x12202404,
+);
+@skb2=(
+# for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 
+0x00000000,0x00000001,0x00040000,0x00040001,
+0x01000000,0x01000001,0x01040000,0x01040001,
+0x00000002,0x00000003,0x00040002,0x00040003,
+0x01000002,0x01000003,0x01040002,0x01040003,
+0x00000200,0x00000201,0x00040200,0x00040201,
+0x01000200,0x01000201,0x01040200,0x01040201,
+0x00000202,0x00000203,0x00040202,0x00040203,
+0x01000202,0x01000203,0x01040202,0x01040203,
+0x08000000,0x08000001,0x08040000,0x08040001,
+0x09000000,0x09000001,0x09040000,0x09040001,
+0x08000002,0x08000003,0x08040002,0x08040003,
+0x09000002,0x09000003,0x09040002,0x09040003,
+0x08000200,0x08000201,0x08040200,0x08040201,
+0x09000200,0x09000201,0x09040200,0x09040201,
+0x08000202,0x08000203,0x08040202,0x08040203,
+0x09000202,0x09000203,0x09040202,0x09040203,
+);
+@skb3=(
+# for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 
+0x00000000,0x00100000,0x00000100,0x00100100,
+0x00000008,0x00100008,0x00000108,0x00100108,
+0x00001000,0x00101000,0x00001100,0x00101100,
+0x00001008,0x00101008,0x00001108,0x00101108,
+0x04000000,0x04100000,0x04000100,0x04100100,
+0x04000008,0x04100008,0x04000108,0x04100108,
+0x04001000,0x04101000,0x04001100,0x04101100,
+0x04001008,0x04101008,0x04001108,0x04101108,
+0x00020000,0x00120000,0x00020100,0x00120100,
+0x00020008,0x00120008,0x00020108,0x00120108,
+0x00021000,0x00121000,0x00021100,0x00121100,
+0x00021008,0x00121008,0x00021108,0x00121108,
+0x04020000,0x04120000,0x04020100,0x04120100,
+0x04020008,0x04120008,0x04020108,0x04120108,
+0x04021000,0x04121000,0x04021100,0x04121100,
+0x04021008,0x04121008,0x04021108,0x04121108,
+);
+@skb4=(
+# for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 
+0x00000000,0x10000000,0x00010000,0x10010000,
+0x00000004,0x10000004,0x00010004,0x10010004,
+0x20000000,0x30000000,0x20010000,0x30010000,
+0x20000004,0x30000004,0x20010004,0x30010004,
+0x00100000,0x10100000,0x00110000,0x10110000,
+0x00100004,0x10100004,0x00110004,0x10110004,
+0x20100000,0x30100000,0x20110000,0x30110000,
+0x20100004,0x30100004,0x20110004,0x30110004,
+0x00001000,0x10001000,0x00011000,0x10011000,
+0x00001004,0x10001004,0x00011004,0x10011004,
+0x20001000,0x30001000,0x20011000,0x30011000,
+0x20001004,0x30001004,0x20011004,0x30011004,
+0x00101000,0x10101000,0x00111000,0x10111000,
+0x00101004,0x10101004,0x00111004,0x10111004,
+0x20101000,0x30101000,0x20111000,0x30111000,
+0x20101004,0x30101004,0x20111004,0x30111004,
+);
+@skb5=(
+# for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 
+0x00000000,0x08000000,0x00000008,0x08000008,
+0x00000400,0x08000400,0x00000408,0x08000408,
+0x00020000,0x08020000,0x00020008,0x08020008,
+0x00020400,0x08020400,0x00020408,0x08020408,
+0x00000001,0x08000001,0x00000009,0x08000009,
+0x00000401,0x08000401,0x00000409,0x08000409,
+0x00020001,0x08020001,0x00020009,0x08020009,
+0x00020401,0x08020401,0x00020409,0x08020409,
+0x02000000,0x0A000000,0x02000008,0x0A000008,
+0x02000400,0x0A000400,0x02000408,0x0A000408,
+0x02020000,0x0A020000,0x02020008,0x0A020008,
+0x02020400,0x0A020400,0x02020408,0x0A020408,
+0x02000001,0x0A000001,0x02000009,0x0A000009,
+0x02000401,0x0A000401,0x02000409,0x0A000409,
+0x02020001,0x0A020001,0x02020009,0x0A020009,
+0x02020401,0x0A020401,0x02020409,0x0A020409,
+);
+@skb6=(
+# for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 
+0x00000000,0x00000100,0x00080000,0x00080100,
+0x01000000,0x01000100,0x01080000,0x01080100,
+0x00000010,0x00000110,0x00080010,0x00080110,
+0x01000010,0x01000110,0x01080010,0x01080110,
+0x00200000,0x00200100,0x00280000,0x00280100,
+0x01200000,0x01200100,0x01280000,0x01280100,
+0x00200010,0x00200110,0x00280010,0x00280110,
+0x01200010,0x01200110,0x01280010,0x01280110,
+0x00000200,0x00000300,0x00080200,0x00080300,
+0x01000200,0x01000300,0x01080200,0x01080300,
+0x00000210,0x00000310,0x00080210,0x00080310,
+0x01000210,0x01000310,0x01080210,0x01080310,
+0x00200200,0x00200300,0x00280200,0x00280300,
+0x01200200,0x01200300,0x01280200,0x01280300,
+0x00200210,0x00200310,0x00280210,0x00280310,
+0x01200210,0x01200310,0x01280210,0x01280310,
+);
+@skb7=(
+# for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 
+0x00000000,0x04000000,0x00040000,0x04040000,
+0x00000002,0x04000002,0x00040002,0x04040002,
+0x00002000,0x04002000,0x00042000,0x04042000,
+0x00002002,0x04002002,0x00042002,0x04042002,
+0x00000020,0x04000020,0x00040020,0x04040020,
+0x00000022,0x04000022,0x00040022,0x04040022,
+0x00002020,0x04002020,0x00042020,0x04042020,
+0x00002022,0x04002022,0x00042022,0x04042022,
+0x00000800,0x04000800,0x00040800,0x04040800,
+0x00000802,0x04000802,0x00040802,0x04040802,
+0x00002800,0x04002800,0x00042800,0x04042800,
+0x00002802,0x04002802,0x00042802,0x04042802,
+0x00000820,0x04000820,0x00040820,0x04040820,
+0x00000822,0x04000822,0x00040822,0x04040822,
+0x00002820,0x04002820,0x00042820,0x04042820,
+0x00002822,0x04002822,0x00042822,0x04042822,
+);
+
+@shifts2=(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0);
+
+# used in ecb_encrypt
+@SP0=(
+0x00410100, 0x00010000, 0x40400000, 0x40410100,
+0x00400000, 0x40010100, 0x40010000, 0x40400000,
+0x40010100, 0x00410100, 0x00410000, 0x40000100,
+0x40400100, 0x00400000, 0x00000000, 0x40010000,
+0x00010000, 0x40000000, 0x00400100, 0x00010100,
+0x40410100, 0x00410000, 0x40000100, 0x00400100,
+0x40000000, 0x00000100, 0x00010100, 0x40410000,
+0x00000100, 0x40400100, 0x40410000, 0x00000000,
+0x00000000, 0x40410100, 0x00400100, 0x40010000,
+0x00410100, 0x00010000, 0x40000100, 0x00400100,
+0x40410000, 0x00000100, 0x00010100, 0x40400000,
+0x40010100, 0x40000000, 0x40400000, 0x00410000,
+0x40410100, 0x00010100, 0x00410000, 0x40400100,
+0x00400000, 0x40000100, 0x40010000, 0x00000000,
+0x00010000, 0x00400000, 0x40400100, 0x00410100,
+0x40000000, 0x40410000, 0x00000100, 0x40010100,
+);
+@SP1=(
+0x08021002, 0x00000000, 0x00021000, 0x08020000,
+0x08000002, 0x00001002, 0x08001000, 0x00021000,
+0x00001000, 0x08020002, 0x00000002, 0x08001000,
+0x00020002, 0x08021000, 0x08020000, 0x00000002,
+0x00020000, 0x08001002, 0x08020002, 0x00001000,
+0x00021002, 0x08000000, 0x00000000, 0x00020002,
+0x08001002, 0x00021002, 0x08021000, 0x08000002,
+0x08000000, 0x00020000, 0x00001002, 0x08021002,
+0x00020002, 0x08021000, 0x08001000, 0x00021002,
+0x08021002, 0x00020002, 0x08000002, 0x00000000,
+0x08000000, 0x00001002, 0x00020000, 0x08020002,
+0x00001000, 0x08000000, 0x00021002, 0x08001002,
+0x08021000, 0x00001000, 0x00000000, 0x08000002,
+0x00000002, 0x08021002, 0x00021000, 0x08020000,
+0x08020002, 0x00020000, 0x00001002, 0x08001000,
+0x08001002, 0x00000002, 0x08020000, 0x00021000,
+);
+@SP2=(
+0x20800000, 0x00808020, 0x00000020, 0x20800020,
+0x20008000, 0x00800000, 0x20800020, 0x00008020,
+0x00800020, 0x00008000, 0x00808000, 0x20000000,
+0x20808020, 0x20000020, 0x20000000, 0x20808000,
+0x00000000, 0x20008000, 0x00808020, 0x00000020,
+0x20000020, 0x20808020, 0x00008000, 0x20800000,
+0x20808000, 0x00800020, 0x20008020, 0x00808000,
+0x00008020, 0x00000000, 0x00800000, 0x20008020,
+0x00808020, 0x00000020, 0x20000000, 0x00008000,
+0x20000020, 0x20008000, 0x00808000, 0x20800020,
+0x00000000, 0x00808020, 0x00008020, 0x20808000,
+0x20008000, 0x00800000, 0x20808020, 0x20000000,
+0x20008020, 0x20800000, 0x00800000, 0x20808020,
+0x00008000, 0x00800020, 0x20800020, 0x00008020,
+0x00800020, 0x00000000, 0x20808000, 0x20000020,
+0x20800000, 0x20008020, 0x00000020, 0x00808000,
+);
+@SP3=(
+0x00080201, 0x02000200, 0x00000001, 0x02080201,
+0x00000000, 0x02080000, 0x02000201, 0x00080001,
+0x02080200, 0x02000001, 0x02000000, 0x00000201,
+0x02000001, 0x00080201, 0x00080000, 0x02000000,
+0x02080001, 0x00080200, 0x00000200, 0x00000001,
+0x00080200, 0x02000201, 0x02080000, 0x00000200,
+0x00000201, 0x00000000, 0x00080001, 0x02080200,
+0x02000200, 0x02080001, 0x02080201, 0x00080000,
+0x02080001, 0x00000201, 0x00080000, 0x02000001,
+0x00080200, 0x02000200, 0x00000001, 0x02080000,
+0x02000201, 0x00000000, 0x00000200, 0x00080001,
+0x00000000, 0x02080001, 0x02080200, 0x00000200,
+0x02000000, 0x02080201, 0x00080201, 0x00080000,
+0x02080201, 0x00000001, 0x02000200, 0x00080201,
+0x00080001, 0x00080200, 0x02080000, 0x02000201,
+0x00000201, 0x02000000, 0x02000001, 0x02080200,
+);
+@SP4=(
+0x01000000, 0x00002000, 0x00000080, 0x01002084,
+0x01002004, 0x01000080, 0x00002084, 0x01002000,
+0x00002000, 0x00000004, 0x01000004, 0x00002080,
+0x01000084, 0x01002004, 0x01002080, 0x00000000,
+0x00002080, 0x01000000, 0x00002004, 0x00000084,
+0x01000080, 0x00002084, 0x00000000, 0x01000004,
+0x00000004, 0x01000084, 0x01002084, 0x00002004,
+0x01002000, 0x00000080, 0x00000084, 0x01002080,
+0x01002080, 0x01000084, 0x00002004, 0x01002000,
+0x00002000, 0x00000004, 0x01000004, 0x01000080,
+0x01000000, 0x00002080, 0x01002084, 0x00000000,
+0x00002084, 0x01000000, 0x00000080, 0x00002004,
+0x01000084, 0x00000080, 0x00000000, 0x01002084,
+0x01002004, 0x01002080, 0x00000084, 0x00002000,
+0x00002080, 0x01002004, 0x01000080, 0x00000084,
+0x00000004, 0x00002084, 0x01002000, 0x01000004,
+);
+@SP5=(
+0x10000008, 0x00040008, 0x00000000, 0x10040400,
+0x00040008, 0x00000400, 0x10000408, 0x00040000,
+0x00000408, 0x10040408, 0x00040400, 0x10000000,
+0x10000400, 0x10000008, 0x10040000, 0x00040408,
+0x00040000, 0x10000408, 0x10040008, 0x00000000,
+0x00000400, 0x00000008, 0x10040400, 0x10040008,
+0x10040408, 0x10040000, 0x10000000, 0x00000408,
+0x00000008, 0x00040400, 0x00040408, 0x10000400,
+0x00000408, 0x10000000, 0x10000400, 0x00040408,
+0x10040400, 0x00040008, 0x00000000, 0x10000400,
+0x10000000, 0x00000400, 0x10040008, 0x00040000,
+0x00040008, 0x10040408, 0x00040400, 0x00000008,
+0x10040408, 0x00040400, 0x00040000, 0x10000408,
+0x10000008, 0x10040000, 0x00040408, 0x00000000,
+0x00000400, 0x10000008, 0x10000408, 0x10040400,
+0x10040000, 0x00000408, 0x00000008, 0x10040008,
+);
+@SP6=(
+0x00000800, 0x00000040, 0x00200040, 0x80200000,
+0x80200840, 0x80000800, 0x00000840, 0x00000000,
+0x00200000, 0x80200040, 0x80000040, 0x00200800,
+0x80000000, 0x00200840, 0x00200800, 0x80000040,
+0x80200040, 0x00000800, 0x80000800, 0x80200840,
+0x00000000, 0x00200040, 0x80200000, 0x00000840,
+0x80200800, 0x80000840, 0x00200840, 0x80000000,
+0x80000840, 0x80200800, 0x00000040, 0x00200000,
+0x80000840, 0x00200800, 0x80200800, 0x80000040,
+0x00000800, 0x00000040, 0x00200000, 0x80200800,
+0x80200040, 0x80000840, 0x00000840, 0x00000000,
+0x00000040, 0x80200000, 0x80000000, 0x00200040,
+0x00000000, 0x80200040, 0x00200040, 0x00000840,
+0x80000040, 0x00000800, 0x80200840, 0x00200000,
+0x00200840, 0x80000000, 0x80000800, 0x80200840,
+0x80200000, 0x00200840, 0x00200800, 0x80000800,
+);
+@SP7=(
+0x04100010, 0x04104000, 0x00004010, 0x00000000,
+0x04004000, 0x00100010, 0x04100000, 0x04104010,
+0x00000010, 0x04000000, 0x00104000, 0x00004010,
+0x00104010, 0x04004010, 0x04000010, 0x04100000,
+0x00004000, 0x00104010, 0x00100010, 0x04004000,
+0x04104010, 0x04000010, 0x00000000, 0x00104000,
+0x04000000, 0x00100000, 0x04004010, 0x04100010,
+0x00100000, 0x00004000, 0x04104000, 0x00000010,
+0x00100000, 0x00004000, 0x04000010, 0x04104010,
+0x00004010, 0x04000000, 0x00000000, 0x00104000,
+0x04100010, 0x04004010, 0x04004000, 0x00100010,
+0x04104000, 0x00000010, 0x00100010, 0x04004000,
+0x04104010, 0x00100000, 0x04100000, 0x04000010,
+0x00104000, 0x00004010, 0x04004010, 0x04100000,
+0x00000010, 0x04104000, 0x00104010, 0x00000000,
+0x04000000, 0x04100010, 0x00004000, 0x00104010,
+);
+
+sub main'des_set_key
+	{
+	local($param)=@_;
+	local(@key);
+	local($c,$d,$i,$s,$t);
+	local(@ks)=();
+
+	# Get the bytes in the order we want.
+	@key=unpack("C8",$param);
+
+	$c=	($key[0]    )|
+		($key[1]<< 8)|
+		($key[2]<<16)|
+		($key[3]<<24);
+	$d=	($key[4]    )|
+		($key[5]<< 8)|
+		($key[6]<<16)|
+		($key[7]<<24);
+
+	&doPC1(*c,*d);
+
+	for $i (@shifts2)
+		{
+		if ($i)
+			{
+			$c=($c>>2)|($c<<26);
+			$d=($d>>2)|($d<<26);
+			}
+		else
+			{
+			$c=($c>>1)|($c<<27);
+			$d=($d>>1)|($d<<27);
+			}
+		$c&=0x0fffffff;
+		$d&=0x0fffffff;
+		$s=	$skb0[ ($c    )&0x3f                 ]|
+			$skb1[(($c>> 6)&0x03)|(($c>> 7)&0x3c)]|
+			$skb2[(($c>>13)&0x0f)|(($c>>14)&0x30)]|
+			$skb3[(($c>>20)&0x01)|(($c>>21)&0x06) |
+					     (($c>>22)&0x38)];
+		$t=     $skb4[ ($d    )&0x3f                ]|
+			$skb5[(($d>> 7)&0x03)|(($d>> 8)&0x3c)]|
+			$skb6[ ($d>>15)&0x3f                 ]|
+			$skb7[(($d>>21)&0x0f)|(($d>>22)&0x30)];
+		push(@ks,(($t<<16)|($s&0x0000ffff))&0xffffffff);
+		$s=      (($s>>16)&0x0000ffff)|($t&0xffff0000) ;
+		push(@ks,(($s<<4)|(($s>>28)&0xf))&0xffffffff);
+		}
+	@ks;
+	}
+
+sub doPC1
+	{
+	local(*a,*b)=@_;
+	local($t);
+
+	$t=(($b>>4)^$a)&0x0f0f0f0f;
+	$b^=($t<<4); $a^=$t;
+	# do $a first 
+	$t=(($a<<18)^$a)&0xcccc0000;
+	$a=$a^$t^(($t>>18)&0x00003fff);
+	$t=(($a<<17)^$a)&0xaaaa0000;
+	$a=$a^$t^(($t>>17)&0x00007fff);
+	$t=(($a<< 8)^$a)&0x00ff0000;
+	$a=$a^$t^(($t>> 8)&0x00ffffff);
+	$t=(($a<<17)^$a)&0xaaaa0000;
+	$a=$a^$t^(($t>>17)&0x00007fff);
+
+	# now do $b
+	$t=(($b<<24)^$b)&0xff000000;
+	$b=$b^$t^(($t>>24)&0x000000ff);
+	$t=(($b<< 8)^$b)&0x00ff0000;
+	$b=$b^$t^(($t>> 8)&0x00ffffff);
+	$t=(($b<<14)^$b)&0x33330000;
+	$b=$b^$t^(($t>>14)&0x0003ffff);
+	$b=(($b&0x00aa00aa)<<7)|(($b&0x55005500)>>7)|($b&0xaa55aa55);
+	$b=(($b>>8)&0x00ffffff)|((($a&0xf0000000)>>4)&0x0fffffff);
+	$a&=0x0fffffff;
+	}
+
+sub doIP
+	{
+	local(*a,*b)=@_;
+	local($t);
+
+	$t=(($b>> 4)^$a)&0x0f0f0f0f;
+	$b^=($t<< 4); $a^=$t;
+	$t=(($a>>16)^$b)&0x0000ffff;
+	$a^=($t<<16); $b^=$t;
+	$t=(($b>> 2)^$a)&0x33333333;
+	$b^=($t<< 2); $a^=$t;
+	$t=(($a>> 8)^$b)&0x00ff00ff;
+	$a^=($t<< 8); $b^=$t;
+	$t=(($b>> 1)^$a)&0x55555555;
+	$b^=($t<< 1); $a^=$t;
+	$t=$a;
+	$a=$b&0xffffffff;
+	$b=$t&0xffffffff;
+	}
+
+sub doFP
+	{
+	local(*a,*b)=@_;
+	local($t);
+
+	$t=(($b>> 1)^$a)&0x55555555;
+	$b^=($t<< 1); $a^=$t;
+	$t=(($a>> 8)^$b)&0x00ff00ff;
+	$a^=($t<< 8); $b^=$t;
+	$t=(($b>> 2)^$a)&0x33333333;
+	$b^=($t<< 2); $a^=$t;
+	$t=(($a>>16)^$b)&0x0000ffff;
+	$a^=($t<<16); $b^=$t;
+	$t=(($b>> 4)^$a)&0x0f0f0f0f;
+	$b^=($t<< 4); $a^=$t;
+	$a&=0xffffffff;
+	$b&=0xffffffff;
+	}
+
+sub main'des_ecb_encrypt
+	{
+	local(*ks,$encrypt,$in)=@_;
+	local($l,$r,$i,$t,$u,@input);
+	
+	@input=unpack("C8",$in);
+	# Get the bytes in the order we want.
+	$l=	($input[0]    )|
+		($input[1]<< 8)|
+		($input[2]<<16)|
+		($input[3]<<24);
+	$r=	($input[4]    )|
+		($input[5]<< 8)|
+		($input[6]<<16)|
+		($input[7]<<24);
+
+	$l&=0xffffffff;
+	$r&=0xffffffff;
+	&doIP(*l,*r);
+	if ($encrypt)
+		{
+		for ($i=0; $i<32; $i+=4)
+			{
+			$t=((($r&0x7fffffff)<<1)|(($r>>31)&0x00000001));
+			$u=$t^$ks[$i  ];
+			$t=$t^$ks[$i+1];
+			$t2=(($t&0x0000000f)<<28);
+
+			$t=((($t>>4)&0x0fffffff)|(($t&0x0000000f)<<28));
+			$l^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+
+			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
+			$u=$t^$ks[$i+2];
+			$t=$t^$ks[$i+3];
+			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+			$r^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+			}
+		}
+	else	
+		{
+		for ($i=30; $i>0; $i-=4)
+			{
+			$t=(($r<<1)|(($r>>31)&0x1))&0xffffffff;
+			$u=$t^$ks[$i  ];
+			$t=$t^$ks[$i+1];
+			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+			$l^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+
+			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
+			$u=$t^$ks[$i-2];
+			$t=$t^$ks[$i-1];
+			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+			$r^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+			}
+		}
+	&doFP(*l,*r);
+	pack("C8",$l&0xff, 
+	          ($l>> 8)&0x00ffffff,
+	          ($l>>16)&0x0000ffff,
+		  ($l>>24)&0x000000ff,
+		  $r&0xff,
+	          ($r>> 8)&0x00ffffff,
+	          ($r>>16)&0x0000ffff,
+		  ($r>>24)&0x000000ff);
+	}
diff --git a/crypto/des/des_crypt.man b/crypto/des/des_crypt.man
new file mode 100644
index 0000000000..0ecc416877
--- /dev/null
+++ b/crypto/des/des_crypt.man
@@ -0,0 +1,508 @@
+.TH DES_CRYPT 3 
+.SH NAME
+des_read_password, des_read_2password,
+des_string_to_key, des_string_to_2key, des_read_pw_string,
+des_random_key, des_set_key,
+des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt,
+des_3cbc_encrypt,
+des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
+des_cbc_cksum, des_quad_cksum,
+des_enc_read, des_enc_write, des_set_odd_parity,
+des_is_weak_key, crypt \- (non USA) DES encryption
+.SH SYNOPSIS
+.nf
+.nj
+.ft B
+#include <des.h>
+.PP
+.B int des_read_password(key,prompt,verify)
+des_cblock *key;
+char *prompt;
+int verify;
+.PP
+.B int des_read_2password(key1,key2,prompt,verify)
+des_cblock *key1,*key2;
+char *prompt;
+int verify;
+.PP
+.B int des_string_to_key(str,key)
+char *str;
+des_cblock *key;
+.PP
+.B int des_string_to_2keys(str,key1,key2)
+char *str;
+des_cblock *key1,*key2;
+.PP
+.B int des_read_pw_string(buf,length,prompt,verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+.PP
+.B int des_random_key(key)
+des_cblock *key;
+.PP
+.B int des_set_key(key,schedule)
+des_cblock *key;
+des_key_schedule schedule;
+.PP
+.B int des_key_sched(key,schedule)
+des_cblock *key;
+des_key_schedule schedule;
+.PP
+.B int des_ecb_encrypt(input,output,schedule,encrypt)
+des_cblock *input;
+des_cblock *output;
+des_key_schedule schedule;
+int encrypt;
+.PP
+.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt)
+des_cblock *input;
+des_cblock *output;
+des_key_schedule ks1,ks2;
+int encrypt;
+.PP
+.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule sk1;
+des_key_schedule sk2;
+des_cblock *ivec1;
+des_cblock *ivec2;
+int encrypt;
+.PP
+.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
+unsigned char *input;
+unsigned char *output;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
+unsigned char *input,*output;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+.PP
+.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+.PP
+.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
+des_cblock *input;
+des_cblock *output;
+long length;
+int out_count;
+des_cblock *seed;
+.PP
+.B int des_check_key;
+.PP
+.B int des_enc_read(fd,buf,len,sched,iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock *iv;
+.PP
+.B int des_enc_write(fd,buf,len,sched,iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock *iv;
+.PP
+.B extern int des_rw_mode;
+.PP
+.B void des_set_odd_parity(key)
+des_cblock *key;
+.PP
+.B int des_is_weak_key(key)
+des_cblock *key;
+.PP
+.B char *crypt(passwd,salt)
+char *passwd;
+char *salt;
+.PP
+.fi
+.SH DESCRIPTION
+This library contains a fast implementation of the DES encryption
+algorithm.
+.PP
+There are two phases to the use of DES encryption.
+The first is the generation of a
+.I des_key_schedule
+from a key,
+the second is the actual encryption.
+A des key is of type
+.I des_cblock.
+This type is made from 8 characters with odd parity.
+The least significant bit in the character is the parity bit.
+The key schedule is an expanded form of the key; it is used to speed the
+encryption process.
+.PP
+.I des_read_password
+writes the string specified by prompt to the standard output,
+turns off echo and reads an input string from standard input
+until terminated with a newline.
+If verify is non-zero, it prompts and reads the input again and verifies
+that both entered passwords are the same.
+The entered string is converted into a des key by using the
+.I des_string_to_key
+routine.
+The new key is placed in the
+.I des_cblock
+that was passed (by reference) to the routine.
+If there were no errors,
+.I des_read_password
+returns 0,
+-1 is returned if there was a terminal error and 1 is returned for
+any other error.
+.PP
+.I des_read_2password
+operates in the same way as
+.I des_read_password
+except that it generates 2 keys by using the
+.I des_string_to_2key
+function.
+.PP
+.I des_read_pw_string
+is called by
+.I des_read_password
+to read and verify a string from a terminal device.
+The string is returned in
+.I buf.
+The size of
+.I buf
+is passed to the routine via the
+.I length
+parameter.
+.PP
+.I des_string_to_key
+converts a string into a valid des key.
+.PP
+.I des_string_to_2key
+converts a string into 2 valid des keys.
+This routine is best suited for used to generate keys for use with
+.I des_ecb3_encrypt.
+.PP
+.I des_random_key
+returns a random key that is made of a combination of process id,
+time and an increasing counter.
+.PP
+Before a des key can be used it is converted into a
+.I des_key_schedule
+via the
+.I des_set_key
+routine.
+If the
+.I des_check_key
+flag is non-zero,
+.I des_set_key
+will check that the key passed is of odd parity and is not a week or
+semi-weak key.
+If the parity is wrong,
+then -1 is returned.
+If the key is a weak key,
+then -2 is returned.
+If an error is returned,
+the key schedule is not generated.
+.PP
+.I des_key_sched
+is another name for the
+.I des_set_key
+function.
+.PP
+The following routines mostly operate on an input and output stream of
+.I des_cblock's.
+.PP
+.I des_ecb_encrypt
+is the basic DES encryption routine that encrypts or decrypts a single 8-byte
+.I des_cblock
+in
+.I electronic code book
+mode.
+It always transforms the input data, pointed to by
+.I input,
+into the output data,
+pointed to by the
+.I output
+argument.
+If the
+.I encrypt
+argument is non-zero (DES_ENCRYPT),
+the
+.I input
+(cleartext) is encrypted in to the
+.I output
+(ciphertext) using the key_schedule specified by the
+.I schedule
+argument,
+previously set via
+.I des_set_key.
+If
+.I encrypt
+is zero (DES_DECRYPT),
+the
+.I input
+(now ciphertext)
+is decrypted into the
+.I output
+(now cleartext).
+Input and output may overlap.
+No meaningful value is returned.
+.PP
+.I des_ecb3_encrypt
+encrypts/decrypts the
+.I input
+block by using triple ecb DES encryption.
+This involves encrypting the input with 
+.I ks1,
+decryption with the key schedule
+.I ks2,
+and then encryption with the first again.
+This routine greatly reduces the chances of brute force breaking of
+DES and has the advantage of if
+.I ks1
+and
+.I ks2
+are the same, it is equivalent to just encryption using ecb mode and
+.I ks1
+as the key.
+.PP
+.I des_cbc_encrypt
+encrypts/decrypts using the
+.I cipher-block-chaining
+mode of DES.
+If the
+.I encrypt
+argument is non-zero,
+the routine cipher-block-chain encrypts the cleartext data pointed to by the
+.I input
+argument into the ciphertext pointed to by the
+.I output
+argument,
+using the key schedule provided by the
+.I schedule
+argument,
+and initialisation vector provided by the
+.I ivec
+argument.
+If the
+.I length
+argument is not an integral multiple of eight bytes, 
+the last block is copied to a temporary area and zero filled.
+The output is always
+an integral multiple of eight bytes.
+To make multiple cbc encrypt calls on a large amount of data appear to
+be one 
+.I des_cbc_encrypt
+call, the
+.I ivec
+of subsequent calls should be the last 8 bytes of the output.
+.PP
+.I des_3cbc_encrypt
+encrypts/decrypts the
+.I input
+block by using triple cbc DES encryption.
+This involves encrypting the input with key schedule
+.I ks1,
+decryption with the key schedule
+.I ks2,
+and then encryption with the first again.
+2 initialisation vectors are required,
+.I ivec1
+and
+.I ivec2.
+Unlike
+.I des_cbc_encrypt,
+these initialisation vectors are modified by the subroutine.
+This routine greatly reduces the chances of brute force breaking of
+DES and has the advantage of if
+.I ks1
+and
+.I ks2
+are the same, it is equivalent to just encryption using cbc mode and
+.I ks1
+as the key.
+.PP
+.I des_pcbc_encrypt
+encrypt/decrypts using a modified block chaining mode.
+It provides better error propagation characteristics than cbc
+encryption.
+.PP
+.I des_cfb_encrypt
+encrypt/decrypts using cipher feedback mode.  This method takes an
+array of characters as input and outputs and array of characters.  It
+does not require any padding to 8 character groups.  Note: the ivec
+variable is changed and the new changed value needs to be passed to
+the next call to this function.  Since this function runs a complete
+DES ecb encryption per numbits, this function is only suggested for
+use when sending small numbers of characters.
+.PP
+.I des_ofb_encrypt
+encrypt using output feedback mode.  This method takes an
+array of characters as input and outputs and array of characters.  It
+does not require any padding to 8 character groups.  Note: the ivec
+variable is changed and the new changed value needs to be passed to
+the next call to this function.  Since this function runs a complete
+DES ecb encryption per numbits, this function is only suggested for
+use when sending small numbers of characters.
+.PP
+.I des_cbc_cksum
+produces an 8 byte checksum based on the input stream (via cbc encryption).
+The last 4 bytes of the checksum is returned and the complete 8 bytes is
+placed in
+.I output.
+.PP
+.I des_quad_cksum
+returns a 4 byte checksum from the input bytes.
+The algorithm can be iterated over the input,
+depending on
+.I out_count,
+1, 2, 3 or 4 times.
+If
+.I output
+is non-NULL,
+the 8 bytes generated by each pass are written into
+.I output.
+.PP
+.I des_enc_write
+is used to write
+.I len
+bytes
+to file descriptor
+.I fd
+from buffer
+.I buf.
+The data is encrypted via
+.I pcbc_encrypt
+(default) using
+.I sched
+for the key and
+.I iv
+as a starting vector.
+The actual data send down
+.I fd
+consists of 4 bytes (in network byte order) containing the length of the
+following encrypted data.  The encrypted data then follows, padded with random
+data out to a multiple of 8 bytes.
+.PP
+.I des_enc_read
+is used to read
+.I len
+bytes
+from file descriptor
+.I fd
+into buffer
+.I buf.
+The data being read from
+.I fd
+is assumed to have come from
+.I des_enc_write
+and is decrypted using
+.I sched
+for the key schedule and
+.I iv
+for the initial vector.
+The
+.I des_enc_read/des_enc_write
+pair can be used to read/write to files, pipes and sockets.
+I have used them in implementing a version of rlogin in which all
+data is encrypted.
+.PP
+.I des_rw_mode
+is used to specify the encryption mode to use with 
+.I des_enc_read
+and 
+.I des_end_write.
+If set to
+.I DES_PCBC_MODE
+(the default), des_pcbc_encrypt is used.
+If set to
+.I DES_CBC_MODE
+des_cbc_encrypt is used.
+These two routines and the variable are not part of the normal MIT library.
+.PP
+.I des_set_odd_parity
+sets the parity of the passed
+.I key
+to odd.  This routine is not part of the standard MIT library.
+.PP
+.I des_is_weak_key
+returns 1 is the passed key is a weak key (pick again :-),
+0 if it is ok.
+This routine is not part of the standard MIT library.
+.PP
+.I crypt
+is a replacement for the normal system crypt.
+It is much faster than the system crypt.
+.PP
+.SH FILES
+/usr/include/des.h
+.br
+/usr/lib/libdes.a
+.PP
+The encryption routines have been tested on 16bit, 32bit and 64bit
+machines of various endian and even works under VMS.
+.PP
+.SH BUGS
+.PP
+If you think this manual is sparse,
+read the des_crypt(3) manual from the MIT kerberos (or bones outside
+of the USA) distribution.
+.PP
+.I des_cfb_encrypt
+and
+.I des_ofb_encrypt
+operates on input of 8 bits.  What this means is that if you set
+numbits to 12, and length to 2, the first 12 bits will come from the 1st
+input byte and the low half of the second input byte.  The second 12
+bits will have the low 8 bits taken from the 3rd input byte and the
+top 4 bits taken from the 4th input byte.  The same holds for output.
+This function has been implemented this way because most people will
+be using a multiple of 8 and because once you get into pulling bytes input
+bytes apart things get ugly!
+.PP
+.I des_read_pw_string
+is the most machine/OS dependent function and normally generates the
+most problems when porting this code.
+.PP
+.I des_string_to_key
+is probably different from the MIT version since there are lots
+of fun ways to implement one-way encryption of a text string.
+.PP
+The routines are optimised for 32 bit machines and so are not efficient
+on IBM PCs.
+.PP
+NOTE: extensive work has been done on this library since this document
+was origionally written.  Please try to read des.doc from the libdes
+distribution since it is far more upto date and documents more of the
+functions.  Libdes is now also being shipped as part of SSLeay, a
+general cryptographic library that amonst other things implements
+netscapes SSL protocoll.  The most recent version can be found in
+SSLeay distributions.
+.SH AUTHOR
+Eric Young (eay@cryptsoft.com)
diff --git a/crypto/des/des_enc.c b/crypto/des/des_enc.c
new file mode 100644
index 0000000000..b04e12dc29
--- /dev/null
+++ b/crypto/des/des_enc.c
@@ -0,0 +1,301 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_encrypt(data, ks, enc)
+DES_LONG *data;
+des_key_schedule ks;
+int enc;
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+	register int i;
+#endif
+	register DES_LONG *s;
+
+	r=data[0];
+	l=data[1];
+
+	IP(r,l);
+	/* Things have been modified so that the initial rotate is
+	 * done outside the loop.  This required the
+	 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+	 * One perl script later and things have a 5% speed up on a sparc2.
+	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	 * for pointing this out. */
+	/* clear the top bits on machines with 8byte longs */
+	/* shift left by 2 */
+	r=ROTATE(r,29)&0xffffffffL;
+	l=ROTATE(l,29)&0xffffffffL;
+
+	s=(DES_LONG *)ks;
+	/* I don't know if it is worth the effort of loop unrolling the
+	 * inner loop */
+	if (enc)
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r, 0); /*  1 */
+		D_ENCRYPT(r,l, 2); /*  2 */
+		D_ENCRYPT(l,r, 4); /*  3 */
+		D_ENCRYPT(r,l, 6); /*  4 */
+		D_ENCRYPT(l,r, 8); /*  5 */
+		D_ENCRYPT(r,l,10); /*  6 */
+		D_ENCRYPT(l,r,12); /*  7 */
+		D_ENCRYPT(r,l,14); /*  8 */
+		D_ENCRYPT(l,r,16); /*  9 */
+		D_ENCRYPT(r,l,18); /*  10 */
+		D_ENCRYPT(l,r,20); /*  11 */
+		D_ENCRYPT(r,l,22); /*  12 */
+		D_ENCRYPT(l,r,24); /*  13 */
+		D_ENCRYPT(r,l,26); /*  14 */
+		D_ENCRYPT(l,r,28); /*  15 */
+		D_ENCRYPT(r,l,30); /*  16 */
+#else
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  3 */
+			D_ENCRYPT(r,l,i+6); /*  4 */
+			}
+#endif
+		}
+	else
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r,30); /* 16 */
+		D_ENCRYPT(r,l,28); /* 15 */
+		D_ENCRYPT(l,r,26); /* 14 */
+		D_ENCRYPT(r,l,24); /* 13 */
+		D_ENCRYPT(l,r,22); /* 12 */
+		D_ENCRYPT(r,l,20); /* 11 */
+		D_ENCRYPT(l,r,18); /* 10 */
+		D_ENCRYPT(r,l,16); /*  9 */
+		D_ENCRYPT(l,r,14); /*  8 */
+		D_ENCRYPT(r,l,12); /*  7 */
+		D_ENCRYPT(l,r,10); /*  6 */
+		D_ENCRYPT(r,l, 8); /*  5 */
+		D_ENCRYPT(l,r, 6); /*  4 */
+		D_ENCRYPT(r,l, 4); /*  3 */
+		D_ENCRYPT(l,r, 2); /*  2 */
+		D_ENCRYPT(r,l, 0); /*  1 */
+#else
+		for (i=30; i>0; i-=8)
+			{
+			D_ENCRYPT(l,r,i-0); /* 16 */
+			D_ENCRYPT(r,l,i-2); /* 15 */
+			D_ENCRYPT(l,r,i-4); /* 14 */
+			D_ENCRYPT(r,l,i-6); /* 13 */
+			}
+#endif
+		}
+
+	/* rotate and clear the top bits on machines with 8byte longs */
+	l=ROTATE(l,3)&0xffffffffL;
+	r=ROTATE(r,3)&0xffffffffL;
+
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	l=r=t=u=0;
+	}
+
+void des_encrypt2(data, ks, enc)
+DES_LONG *data;
+des_key_schedule ks;
+int enc;
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+	register int i;
+#endif
+	register DES_LONG *s;
+
+	r=data[0];
+	l=data[1];
+
+	/* Things have been modified so that the initial rotate is
+	 * done outside the loop.  This required the
+	 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+	 * One perl script later and things have a 5% speed up on a sparc2.
+	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	 * for pointing this out. */
+	/* clear the top bits on machines with 8byte longs */
+	r=ROTATE(r,29)&0xffffffff;
+	l=ROTATE(l,29)&0xffffffff;
+
+	s=(DES_LONG *)ks;
+	/* I don't know if it is worth the effort of loop unrolling the
+	 * inner loop */
+	if (enc)
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r, 0); /*  1 */
+		D_ENCRYPT(r,l, 2); /*  2 */
+		D_ENCRYPT(l,r, 4); /*  3 */
+		D_ENCRYPT(r,l, 6); /*  4 */
+		D_ENCRYPT(l,r, 8); /*  5 */
+		D_ENCRYPT(r,l,10); /*  6 */
+		D_ENCRYPT(l,r,12); /*  7 */
+		D_ENCRYPT(r,l,14); /*  8 */
+		D_ENCRYPT(l,r,16); /*  9 */
+		D_ENCRYPT(r,l,18); /*  10 */
+		D_ENCRYPT(l,r,20); /*  11 */
+		D_ENCRYPT(r,l,22); /*  12 */
+		D_ENCRYPT(l,r,24); /*  13 */
+		D_ENCRYPT(r,l,26); /*  14 */
+		D_ENCRYPT(l,r,28); /*  15 */
+		D_ENCRYPT(r,l,30); /*  16 */
+#else
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  3 */
+			D_ENCRYPT(r,l,i+6); /*  4 */
+			}
+#endif
+		}
+	else
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r,30); /* 16 */
+		D_ENCRYPT(r,l,28); /* 15 */
+		D_ENCRYPT(l,r,26); /* 14 */
+		D_ENCRYPT(r,l,24); /* 13 */
+		D_ENCRYPT(l,r,22); /* 12 */
+		D_ENCRYPT(r,l,20); /* 11 */
+		D_ENCRYPT(l,r,18); /* 10 */
+		D_ENCRYPT(r,l,16); /*  9 */
+		D_ENCRYPT(l,r,14); /*  8 */
+		D_ENCRYPT(r,l,12); /*  7 */
+		D_ENCRYPT(l,r,10); /*  6 */
+		D_ENCRYPT(r,l, 8); /*  5 */
+		D_ENCRYPT(l,r, 6); /*  4 */
+		D_ENCRYPT(r,l, 4); /*  3 */
+		D_ENCRYPT(l,r, 2); /*  2 */
+		D_ENCRYPT(r,l, 0); /*  1 */
+#else
+		for (i=30; i>0; i-=8)
+			{
+			D_ENCRYPT(l,r,i-0); /* 16 */
+			D_ENCRYPT(r,l,i-2); /* 15 */
+			D_ENCRYPT(l,r,i-4); /* 14 */
+			D_ENCRYPT(r,l,i-6); /* 13 */
+			}
+#endif
+		}
+	/* rotate and clear the top bits on machines with 8byte longs */
+	data[0]=ROTATE(l,3)&0xffffffff;
+	data[1]=ROTATE(r,3)&0xffffffff;
+	l=r=t=u=0;
+	}
+
+void des_encrypt3(data,ks1,ks2,ks3)
+DES_LONG *data;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+	{
+	register DES_LONG l,r;
+
+	l=data[0];
+	r=data[1];
+	IP(l,r);
+	data[0]=l;
+	data[1]=r;
+	des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+	des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+	des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+	l=data[0];
+	r=data[1];
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	}
+
+void des_decrypt3(data,ks1,ks2,ks3)
+DES_LONG *data;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+	{
+	register DES_LONG l,r;
+
+	l=data[0];
+	r=data[1];
+	IP(l,r);
+	data[0]=l;
+	data[1]=r;
+	des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+	des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+	des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+	l=data[0];
+	r=data[1];
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	}
+
diff --git a/crypto/des/des_locl.h b/crypto/des/des_locl.h
new file mode 100644
index 0000000000..e2e503cbed
--- /dev/null
+++ b/crypto/des/des_locl.h
@@ -0,0 +1,516 @@
+/* crypto/des/des_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des_locl.org since des_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#if defined(WIN32) || defined(WIN16)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#endif
+#include "des.h"
+
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )		/* Newer Sparc's */
+  #define DES_PTR
+  #define DES_RISC1
+  #define DES_UNROLL
+#elif defined( __ultrix )	/* Older MIPS */
+  #define DES_PTR
+  #define DES_RISC2
+  #define DES_UNROLL
+#elif defined( __osf1__ )	/* Alpha */
+  #define DES_PTR
+  #define DES_RISC2
+#elif defined ( _AIX )		/* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )		/* HP-PA */
+  /* Unknown */
+#elif defined( __aux )		/* 68K */
+  /* Unknown */
+#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
+  #define DES_UNROLL
+#elif defined( __sgi )		/* Newer MIPS */
+  #define DES_PTR
+  #define DES_RISC2
+  #define DES_UNROLL
+#elif defined( i386 )		/* x86 boxes, should be gcc */
+  #define DES_PTR
+  #define DES_RISC1
+  #define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+
+#ifdef MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#ifndef RAND
+#define RAND
+#endif
+#undef NOPROTO
+#endif
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifndef RAND
+#define RAND
+#endif
+
+#ifdef linux
+#undef RAND
+#endif
+
+#ifdef MSDOS
+#define getpid() 2
+#define RAND
+#undef NOPROTO
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#ifdef __STDC__
+#undef NOPROTO
+#endif
+
+#ifdef RAND
+#define srandom(s) srand(s)
+#define random rand
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE	(1024*16)
+#define BSIZE		(MAXWRITE+4)
+
+#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 5: l2|=((DES_LONG)(*(--(c))));     \
+			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 1: l1|=((DES_LONG)(*(--(c))));     \
+				} \
+			}
+
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+#if defined(WIN32)
+#define	ROTATE(a,n)	(_lrotr(a,n))
+#else
+#define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+	{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+	t=R^(R>>16L); \
+	u=t&E0; t&=E1; \
+	tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
+	tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+	u=R^s[S  ]; \
+	t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the achitecture.  gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together.  This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+	unsigned int u1,u2,u3; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0xfc; \
+	u2&=0xfc; \
+	t=ROTATE(t,4); \
+	u>>=16L; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP      +u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+	u3=(int)(u>>8L); \
+	u1=(int)u&0xfc; \
+	u3&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
+	u2=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u2&=0xfc; \
+	t>>=16L; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+	u3=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u3&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+	unsigned int u1,u2,s1,s2; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0xfc; \
+	u2&=0xfc; \
+	t=ROTATE(t,4); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP      +u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+	s1=(int)(u>>16L); \
+	s2=(int)(u>>24L); \
+	s1&=0xfc; \
+	s2&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
+	u2=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u2&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+	s1=(int)(t>>16L); \
+	s2=(int)(t>>24L); \
+	s1&=0xfc; \
+	s2&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+	t=ROTATE(t,4); \
+	LL^= \
+	*(DES_LONG *)((unsigned char *)des_SP      +((u     )&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x100+((t     )&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+	unsigned int u1,u2,u3; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u>>=2L; \
+	t=ROTATE(t,6); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u2&=0x3f; \
+	u>>=16L; \
+	LL^=des_SPtrans[0][u1]; \
+	LL^=des_SPtrans[2][u2]; \
+	u3=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u3&=0x3f; \
+	LL^=des_SPtrans[4][u1]; \
+	LL^=des_SPtrans[6][u3]; \
+	u2=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u2&=0x3f; \
+	t>>=16L; \
+	LL^=des_SPtrans[1][u1]; \
+	LL^=des_SPtrans[3][u2]; \
+	u3=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u3&=0x3f; \
+	LL^=des_SPtrans[5][u1]; \
+	LL^=des_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+	unsigned int u1,u2,s1,s2; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u>>=2L; \
+	t=ROTATE(t,6); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u2&=0x3f; \
+	LL^=des_SPtrans[0][u1]; \
+	LL^=des_SPtrans[2][u2]; \
+	s1=(int)u>>16L; \
+	s2=(int)u>>24L; \
+	s1&=0x3f; \
+	s2&=0x3f; \
+	LL^=des_SPtrans[4][s1]; \
+	LL^=des_SPtrans[6][s2]; \
+	u2=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u2&=0x3f; \
+	LL^=des_SPtrans[1][u1]; \
+	LL^=des_SPtrans[3][u2]; \
+	s1=(int)t>>16; \
+	s2=(int)t>>24L; \
+	s1&=0x3f; \
+	s2&=0x3f; \
+	LL^=des_SPtrans[5][s1]; \
+	LL^=des_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+	t=ROTATE(t,4); \
+	LL^=\
+		des_SPtrans[0][(u>> 2L)&0x3f]^ \
+		des_SPtrans[2][(u>>10L)&0x3f]^ \
+		des_SPtrans[4][(u>>18L)&0x3f]^ \
+		des_SPtrans[6][(u>>26L)&0x3f]^ \
+		des_SPtrans[1][(t>> 2L)&0x3f]^ \
+		des_SPtrans[3][(t>>10L)&0x3f]^ \
+		des_SPtrans[5][(t>>18L)&0x3f]^ \
+		des_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+	/* IP and FP
+	 * The problem is more of a geometric problem that random bit fiddling.
+	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+	The output has been subject to swaps of the form
+	0 1 -> 3 1 but the odd and even bits have been put into
+	2 3    2 0
+	different words.  The main trick is to remember that
+	t=((l>>size)^r)&(mask);
+	r^=t;
+	l^=(t<<size);
+	can be used to swap and move bits between words.
+
+	So l =  0  1  2  3  r = 16 17 18 19
+	        4  5  6  7      20 21 22 23
+	        8  9 10 11      24 25 26 27
+	       12 13 14 15      28 29 30 31
+	becomes (for size == 2 and mask == 0x3333)
+	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+		10^24 11^25 -- --        8  9 24 25      10 11 24 25
+		14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+	Thanks for hints from Richard Outerbridge - he told me IP&FP
+	could be done in 15 xor, 10 shifts and 5 ands.
+	When I finally started to think of the problem in 2D
+	I first got ~42 operations without xors.  When I remembered
+	how to use xors :-) I got it to its final state.
+	*/
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+	(b)^=(t),\
+	(a)^=((t)<<(n)))
+
+#define IP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+	PERM_OP(l,r,tt,16,0x0000ffffL); \
+	PERM_OP(r,l,tt, 2,0x33333333L); \
+	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+	PERM_OP(r,l,tt, 1,0x55555555L); \
+	}
+
+#define FP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(l,r,tt, 1,0x55555555L); \
+	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+	PERM_OP(l,r,tt, 2,0x33333333L); \
+	PERM_OP(r,l,tt,16,0x0000ffffL); \
+	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+	}
+
+extern const DES_LONG des_SPtrans[8][64];
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+	DES_LONG Eswap0, DES_LONG Eswap1);
+#else
+void fcrypt_body();
+#endif
+
+#endif
diff --git a/crypto/des/des_locl.org b/crypto/des/des_locl.org
new file mode 100644
index 0000000000..e2e503cbed
--- /dev/null
+++ b/crypto/des/des_locl.org
@@ -0,0 +1,516 @@
+/* crypto/des/des_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des_locl.org since des_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#if defined(WIN32) || defined(WIN16)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#endif
+#include "des.h"
+
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )		/* Newer Sparc's */
+  #define DES_PTR
+  #define DES_RISC1
+  #define DES_UNROLL
+#elif defined( __ultrix )	/* Older MIPS */
+  #define DES_PTR
+  #define DES_RISC2
+  #define DES_UNROLL
+#elif defined( __osf1__ )	/* Alpha */
+  #define DES_PTR
+  #define DES_RISC2
+#elif defined ( _AIX )		/* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )		/* HP-PA */
+  /* Unknown */
+#elif defined( __aux )		/* 68K */
+  /* Unknown */
+#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
+  #define DES_UNROLL
+#elif defined( __sgi )		/* Newer MIPS */
+  #define DES_PTR
+  #define DES_RISC2
+  #define DES_UNROLL
+#elif defined( i386 )		/* x86 boxes, should be gcc */
+  #define DES_PTR
+  #define DES_RISC1
+  #define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+
+#ifdef MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#ifndef RAND
+#define RAND
+#endif
+#undef NOPROTO
+#endif
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifndef RAND
+#define RAND
+#endif
+
+#ifdef linux
+#undef RAND
+#endif
+
+#ifdef MSDOS
+#define getpid() 2
+#define RAND
+#undef NOPROTO
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#ifdef __STDC__
+#undef NOPROTO
+#endif
+
+#ifdef RAND
+#define srandom(s) srand(s)
+#define random rand
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE	(1024*16)
+#define BSIZE		(MAXWRITE+4)
+
+#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 5: l2|=((DES_LONG)(*(--(c))));     \
+			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 1: l1|=((DES_LONG)(*(--(c))));     \
+				} \
+			}
+
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+#if defined(WIN32)
+#define	ROTATE(a,n)	(_lrotr(a,n))
+#else
+#define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+	{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+	t=R^(R>>16L); \
+	u=t&E0; t&=E1; \
+	tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
+	tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+	u=R^s[S  ]; \
+	t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the achitecture.  gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together.  This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+	unsigned int u1,u2,u3; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0xfc; \
+	u2&=0xfc; \
+	t=ROTATE(t,4); \
+	u>>=16L; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP      +u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+	u3=(int)(u>>8L); \
+	u1=(int)u&0xfc; \
+	u3&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
+	u2=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u2&=0xfc; \
+	t>>=16L; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+	u3=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u3&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+	unsigned int u1,u2,s1,s2; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0xfc; \
+	u2&=0xfc; \
+	t=ROTATE(t,4); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP      +u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+	s1=(int)(u>>16L); \
+	s2=(int)(u>>24L); \
+	s1&=0xfc; \
+	s2&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
+	u2=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u2&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+	s1=(int)(t>>16L); \
+	s2=(int)(t>>24L); \
+	s1&=0xfc; \
+	s2&=0xfc; \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
+	LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+	t=ROTATE(t,4); \
+	LL^= \
+	*(DES_LONG *)((unsigned char *)des_SP      +((u     )&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x100+((t     )&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+	unsigned int u1,u2,u3; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u>>=2L; \
+	t=ROTATE(t,6); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u2&=0x3f; \
+	u>>=16L; \
+	LL^=des_SPtrans[0][u1]; \
+	LL^=des_SPtrans[2][u2]; \
+	u3=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u3&=0x3f; \
+	LL^=des_SPtrans[4][u1]; \
+	LL^=des_SPtrans[6][u3]; \
+	u2=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u2&=0x3f; \
+	t>>=16L; \
+	LL^=des_SPtrans[1][u1]; \
+	LL^=des_SPtrans[3][u2]; \
+	u3=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u3&=0x3f; \
+	LL^=des_SPtrans[5][u1]; \
+	LL^=des_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+	unsigned int u1,u2,s1,s2; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u>>=2L; \
+	t=ROTATE(t,6); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u2&=0x3f; \
+	LL^=des_SPtrans[0][u1]; \
+	LL^=des_SPtrans[2][u2]; \
+	s1=(int)u>>16L; \
+	s2=(int)u>>24L; \
+	s1&=0x3f; \
+	s2&=0x3f; \
+	LL^=des_SPtrans[4][s1]; \
+	LL^=des_SPtrans[6][s2]; \
+	u2=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u2&=0x3f; \
+	LL^=des_SPtrans[1][u1]; \
+	LL^=des_SPtrans[3][u2]; \
+	s1=(int)t>>16; \
+	s2=(int)t>>24L; \
+	s1&=0x3f; \
+	s2&=0x3f; \
+	LL^=des_SPtrans[5][s1]; \
+	LL^=des_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+	t=ROTATE(t,4); \
+	LL^=\
+		des_SPtrans[0][(u>> 2L)&0x3f]^ \
+		des_SPtrans[2][(u>>10L)&0x3f]^ \
+		des_SPtrans[4][(u>>18L)&0x3f]^ \
+		des_SPtrans[6][(u>>26L)&0x3f]^ \
+		des_SPtrans[1][(t>> 2L)&0x3f]^ \
+		des_SPtrans[3][(t>>10L)&0x3f]^ \
+		des_SPtrans[5][(t>>18L)&0x3f]^ \
+		des_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+	/* IP and FP
+	 * The problem is more of a geometric problem that random bit fiddling.
+	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+	The output has been subject to swaps of the form
+	0 1 -> 3 1 but the odd and even bits have been put into
+	2 3    2 0
+	different words.  The main trick is to remember that
+	t=((l>>size)^r)&(mask);
+	r^=t;
+	l^=(t<<size);
+	can be used to swap and move bits between words.
+
+	So l =  0  1  2  3  r = 16 17 18 19
+	        4  5  6  7      20 21 22 23
+	        8  9 10 11      24 25 26 27
+	       12 13 14 15      28 29 30 31
+	becomes (for size == 2 and mask == 0x3333)
+	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+		10^24 11^25 -- --        8  9 24 25      10 11 24 25
+		14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+	Thanks for hints from Richard Outerbridge - he told me IP&FP
+	could be done in 15 xor, 10 shifts and 5 ands.
+	When I finally started to think of the problem in 2D
+	I first got ~42 operations without xors.  When I remembered
+	how to use xors :-) I got it to its final state.
+	*/
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+	(b)^=(t),\
+	(a)^=((t)<<(n)))
+
+#define IP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+	PERM_OP(l,r,tt,16,0x0000ffffL); \
+	PERM_OP(r,l,tt, 2,0x33333333L); \
+	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+	PERM_OP(r,l,tt, 1,0x55555555L); \
+	}
+
+#define FP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(l,r,tt, 1,0x55555555L); \
+	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+	PERM_OP(l,r,tt, 2,0x33333333L); \
+	PERM_OP(r,l,tt,16,0x0000ffffL); \
+	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+	}
+
+extern const DES_LONG des_SPtrans[8][64];
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+	DES_LONG Eswap0, DES_LONG Eswap1);
+#else
+void fcrypt_body();
+#endif
+
+#endif
diff --git a/crypto/des/des_opts.c b/crypto/des/des_opts.c
new file mode 100644
index 0000000000..8522c28a6e
--- /dev/null
+++ b/crypto/des/des_opts.c
@@ -0,0 +1,620 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+#define PART1
+#define PART2
+#define PART3
+#define PART4
+#endif
+
+#ifdef PART1
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#define des_encrypt  des_encrypt_u4_cisc_idx
+#define des_encrypt2 des_encrypt2_u4_cisc_idx
+#define des_encrypt3 des_encrypt3_u4_cisc_idx
+#define des_decrypt3 des_decrypt3_u4_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u16_cisc_idx
+#define des_encrypt2 des_encrypt2_u16_cisc_idx
+#define des_encrypt3 des_encrypt3_u16_cisc_idx
+#define des_decrypt3 des_decrypt3_u16_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u4_risc1_idx
+#define des_encrypt2 des_encrypt2_u4_risc1_idx
+#define des_encrypt3 des_encrypt3_u4_risc1_idx
+#define des_decrypt3 des_decrypt3_u4_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u4_risc2_idx
+#define des_encrypt2 des_encrypt2_u4_risc2_idx
+#define des_encrypt3 des_encrypt3_u4_risc2_idx
+#define des_decrypt3 des_decrypt3_u4_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u16_risc1_idx
+#define des_encrypt2 des_encrypt2_u16_risc1_idx
+#define des_encrypt3 des_encrypt3_u16_risc1_idx
+#define des_decrypt3 des_decrypt3_u16_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u16_risc2_idx
+#define des_encrypt2 des_encrypt2_u16_risc2_idx
+#define des_encrypt3 des_encrypt3_u16_risc2_idx
+#define des_decrypt3 des_decrypt3_u16_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u4_cisc_ptr
+#define des_encrypt2 des_encrypt2_u4_cisc_ptr
+#define des_encrypt3 des_encrypt3_u4_cisc_ptr
+#define des_decrypt3 des_decrypt3_u4_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u16_cisc_ptr
+#define des_encrypt2 des_encrypt2_u16_cisc_ptr
+#define des_encrypt3 des_encrypt3_u16_cisc_ptr
+#define des_decrypt3 des_decrypt3_u16_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u4_risc1_ptr
+#define des_encrypt2 des_encrypt2_u4_risc1_ptr
+#define des_encrypt3 des_encrypt3_u4_risc1_ptr
+#define des_decrypt3 des_decrypt3_u4_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u4_risc2_ptr
+#define des_encrypt2 des_encrypt2_u4_risc2_ptr
+#define des_encrypt3 des_encrypt3_u4_risc2_ptr
+#define des_decrypt3 des_decrypt3_u4_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u16_risc1_ptr
+#define des_encrypt2 des_encrypt2_u16_risc1_ptr
+#define des_encrypt3 des_encrypt3_u16_risc1_ptr
+#define des_decrypt3 des_decrypt3_u16_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt  des_encrypt_u16_risc2_ptr
+#define des_encrypt2 des_encrypt2_u16_risc2_ptr
+#define des_encrypt3 des_encrypt3_u16_risc2_ptr
+#define des_decrypt3 des_decrypt3_u16_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+	
+#define time_it(func,name,index) \
+	print_name(name); \
+	Time_F(START); \
+	for (count=0,run=1; COND(cb); count++) \
+		{ \
+		unsigned long d[2]; \
+		func(d,&(sch[0]),DES_ENCRYPT); \
+		} \
+	tm[index]=Time_F(STOP); \
+	fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+	tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+	fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+		tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+	static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+	static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+	des_key_schedule sch,sch2,sch3;
+	double d,tm[16],max=0;
+	int rank[16];
+	char *str[16];
+	int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+	long ca,cb,cc,cd,ce;
+#endif
+
+	for (i=0; i<12; i++)
+		{
+		tm[i]=0.0;
+		rank[i]=0;
+		}
+
+#ifndef TIMES
+	fprintf(stderr,"To get the most acurate results, try to run this\n");
+	fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+	des_set_key((C_Block *)key,sch);
+	des_set_key((C_Block *)key2,sch2);
+	des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+	fprintf(stderr,"First we calculate the approximate speed ...\n");
+	des_set_key((C_Block *)key,sch);
+	count=10;
+	do	{
+		long i;
+		unsigned long data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count;
+	cb=count*3;
+	cc=count*3*8/BUFSIZE+1;
+	cd=count*8/BUFSIZE+1;
+
+	ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        alarm(10);
+#endif
+
+#ifdef PART1
+	time_it(des_encrypt_u4_cisc_idx,  "des_encrypt_u4_cisc_idx  ", 0);
+	time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+	time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+	num+=3;
+#endif
+#ifdef PART2
+	time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
+	time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+	time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
+	num+=3;
+#endif
+#ifdef PART3
+	time_it(des_encrypt_u4_cisc_ptr,  "des_encrypt_u4_cisc_ptr  ", 6);
+	time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+	time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+	num+=3;
+#endif
+#ifdef PART4
+	time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
+	time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
+	time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
+	num+=3;
+#endif
+
+#ifdef PART1
+	str[0]=" 4  c i";
+	print_it("des_encrypt_u4_cisc_idx  ",0);
+	max=tm[0];
+	max_idx=0;
+	str[1]="16  c i";
+	print_it("des_encrypt_u16_cisc_idx ",1);
+	if (max < tm[1]) { max=tm[1]; max_idx=1; }
+	str[2]=" 4 r1 i";
+	print_it("des_encrypt_u4_risc1_idx ",2);
+	if (max < tm[2]) { max=tm[2]; max_idx=2; }
+#endif
+#ifdef PART2
+	str[3]="16 r1 i";
+	print_it("des_encrypt_u16_risc1_idx",3);
+	if (max < tm[3]) { max=tm[3]; max_idx=3; }
+	str[4]=" 4 r2 i";
+	print_it("des_encrypt_u4_risc2_idx ",4);
+	if (max < tm[4]) { max=tm[4]; max_idx=4; }
+	str[5]="16 r2 i";
+	print_it("des_encrypt_u16_risc2_idx",5);
+	if (max < tm[5]) { max=tm[5]; max_idx=5; }
+#endif
+#ifdef PART3
+	str[6]=" 4  c p";
+	print_it("des_encrypt_u4_cisc_ptr  ",6);
+	if (max < tm[6]) { max=tm[6]; max_idx=6; }
+	str[7]="16  c p";
+	print_it("des_encrypt_u16_cisc_ptr ",7);
+	if (max < tm[7]) { max=tm[7]; max_idx=7; }
+	str[8]=" 4 r1 p";
+	print_it("des_encrypt_u4_risc1_ptr ",8);
+	if (max < tm[8]) { max=tm[8]; max_idx=8; }
+#endif
+#ifdef PART4
+	str[9]="16 r1 p";
+	print_it("des_encrypt_u16_risc1_ptr",9);
+	if (max < tm[9]) { max=tm[9]; max_idx=9; }
+	str[10]=" 4 r2 p";
+	print_it("des_encrypt_u4_risc2_ptr ",10);
+	if (max < tm[10]) { max=tm[10]; max_idx=10; }
+	str[11]="16 r2 p";
+	print_it("des_encrypt_u16_risc2_ptr",11);
+	if (max < tm[11]) { max=tm[11]; max_idx=11; }
+#endif
+	printf("options    des ecb/s\n");
+	printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+	d=tm[max_idx];
+	tm[max_idx]= -2.0;
+	max= -1.0;
+	for (;;)
+		{
+		for (i=0; i<12; i++)
+			{
+			if (max < tm[i]) { max=tm[i]; j=i; }
+			}
+		if (max < 0.0) break;
+		printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+		tm[j]= -2.0;
+		max= -1.0;
+		}
+
+	switch (max_idx)
+		{
+	case 0:
+		printf("-DDES_DEFAULT_OPTIONS\n");
+		break;
+	case 1:
+		printf("-DDES_UNROLL\n");
+		break;
+	case 2:
+		printf("-DDES_RISC1\n");
+		break;
+	case 3:
+		printf("-DDES_UNROLL -DDES_RISC1\n");
+		break;
+	case 4:
+		printf("-DDES_RISC2\n");
+		break;
+	case 5:
+		printf("-DDES_UNROLL -DDES_RISC2\n");
+		break;
+	case 6:
+		printf("-DDES_PTR\n");
+		break;
+	case 7:
+		printf("-DDES_UNROLL -DDES_PTR\n");
+		break;
+	case 8:
+		printf("-DDES_RISC1 -DDES_PTR\n");
+		break;
+	case 9:
+		printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+		break;
+	case 10:
+		printf("-DDES_RISC2 -DDES_PTR\n");
+		break;
+	case 11:
+		printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+		break;
+		}
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
diff --git a/crypto/des/des_ver.h b/crypto/des/des_ver.h
new file mode 100644
index 0000000000..98352bc0d4
--- /dev/null
+++ b/crypto/des/des_ver.h
@@ -0,0 +1,60 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+extern char *DES_version;	/* SSLeay version string */
+extern char *libdes_version;	/* old libdes version string */
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
new file mode 100644
index 0000000000..6aa582b19e
--- /dev/null
+++ b/crypto/des/destest.c
@@ -0,0 +1,856 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if defined(WIN32) || defined(WIN16) || defined(WINDOWS)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#endif
+#include <string.h>
+#include "des.h"
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+#define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+	{0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+	{0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+	{0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+	{0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+	{0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+	{0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+	{0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+	{0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+	{0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+	{0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+	{0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+	{0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+	{0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+	{0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+	{0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+	{0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+	{0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+	{0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+	{0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+	{0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+	{0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+	{0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+	{0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+	{0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+	{0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+	{0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+	{0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+	{0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+	{0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+	{0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+	{0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+	{0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+	{0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+	{0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+	{0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+	{0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+	{0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+	{0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+	{0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
+	{0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
+	{0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
+	{0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
+	{0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
+	{0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+	{0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
+	{0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
+	{0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
+	{0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
+	{0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
+	{0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
+	{0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
+	{0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
+	{0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
+	{0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
+	{0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
+	{0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
+	{0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
+	{0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
+	{0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
+	{0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
+	{0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
+	{0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
+	{0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
+	{0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
+	{0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
+	{0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
+	{0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
+	{0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
+	{0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
+	{0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
+	{0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
+
+static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
+	{0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
+	{0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
+	{0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
+	{0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
+	{0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
+	{0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
+	{0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
+	{0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
+	{0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
+	{0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
+	{0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
+	{0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
+	{0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
+	{0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
+	{0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
+	{0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
+	{0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
+	{0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
+	{0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
+	{0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
+	{0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
+	{0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
+	{0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
+	{0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
+	{0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
+	{0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
+	{0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
+	{0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
+	{0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
+	{0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
+	{0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
+	{0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
+	{0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
+
+static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static unsigned char cbc_iv  [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static char cbc_data[40]="7654321 Now is the time for ";
+
+static unsigned char cbc_ok[32]={
+	0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+	0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
+	0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
+	0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+static unsigned char xcbc_ok[32]={
+	0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+	0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+	0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+	0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+	};
+
+static unsigned char cbc3_ok[32]={
+	0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
+	0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
+	0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
+	0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
+
+static unsigned char pcbc_ok[32]={
+	0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+	0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
+	0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
+	0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
+
+static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+static unsigned char plain[24]=
+	{
+	0x4e,0x6f,0x77,0x20,0x69,0x73,
+	0x20,0x74,0x68,0x65,0x20,0x74,
+	0x69,0x6d,0x65,0x20,0x66,0x6f,
+	0x72,0x20,0x61,0x6c,0x6c,0x20
+	};
+static unsigned char cfb_cipher8[24]= {
+	0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
+	0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
+static unsigned char cfb_cipher16[24]={
+	0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
+	0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
+static unsigned char cfb_cipher32[24]={
+	0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
+	0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
+static unsigned char cfb_cipher48[24]={
+	0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
+	0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
+static unsigned char cfb_cipher64[24]={
+	0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
+	0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
+
+static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
+static unsigned char ofb_cipher[24]=
+	{
+	0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
+	0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
+	0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
+	};
+
+DES_LONG cbc_cksum_ret=0xB462FEF7L;
+unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+#else
+static char *pt();
+static int cfb_test();
+static int cfb64_test();
+static int ede_cfb64_test();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,j,err=0;
+	des_cblock in,out,outin,iv3;
+	des_key_schedule ks,ks2,ks3;
+	unsigned char cbc_in[40];
+	unsigned char cbc_out[40];
+	DES_LONG cs;
+	unsigned char qret[4][4],cret[8];
+	DES_LONG lqret[4];
+	int num;
+	char *str;
+
+	printf("Doing ecb\n");
+	for (i=0; i<NUM_TESTS; i++)
+		{
+		if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+			{
+			printf("Key error %2d:%d\n",i+1,j);
+			err=1;
+			}
+		memcpy(in,plain_data[i],8);
+		memset(out,0,8);
+		memset(outin,0,8);
+		des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT);
+		des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT);
+
+		if (memcmp(out,cipher_data[i],8) != 0)
+			{
+			printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+				i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
+				pt(out));
+			err=1;
+			}
+		if (memcmp(in,outin,8) != 0)
+			{
+			printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+				i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+			err=1;
+			}
+		}
+
+#ifndef LIBDES_LIT
+	printf("Doing ede ecb\n");
+	for (i=0; i<(NUM_TESTS-1); i++)
+		{
+		if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+			{
+			err=1;
+			printf("Key error %2d:%d\n",i+1,j);
+			}
+		if ((j=des_key_sched((C_Block *)(key_data[i+1]),ks2)) != 0)
+			{
+			printf("Key error %2d:%d\n",i+2,j);
+			err=1;
+			}
+		if ((j=des_key_sched((C_Block *)(key_data[i+2]),ks3)) != 0)
+			{
+			printf("Key error %2d:%d\n",i+3,j);
+			err=1;
+			}
+		memcpy(in,plain_data[i],8);
+		memset(out,0,8);
+		memset(outin,0,8);
+		des_ecb2_encrypt((C_Block *)in,(C_Block *)out,ks,ks2,
+			DES_ENCRYPT);
+		des_ecb2_encrypt((C_Block *)out,(C_Block *)outin,ks,ks2,
+			DES_DECRYPT);
+
+		if (memcmp(out,cipher_ecb2[i],8) != 0)
+			{
+			printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+				i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
+				pt(out));
+			err=1;
+			}
+		if (memcmp(in,outin,8) != 0)
+			{
+			printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+				i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+			err=1;
+			}
+		}
+#endif
+
+	printf("Doing cbc\n");
+	if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	memset(cbc_out,0,40);
+	memset(cbc_in,0,40);
+	des_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+		(long)strlen((char *)cbc_data)+1,ks,
+		(C_Block *)cbc_iv,DES_ENCRYPT);
+	if (memcmp(cbc_out,cbc_ok,32) != 0)
+		printf("cbc_encrypt encrypt error\n");
+	des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+		(long)strlen((char *)cbc_data)+1,ks,
+		(C_Block *)cbc_iv,DES_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
+		{
+		printf("cbc_encrypt decrypt error\n");
+		err=1;
+		}
+
+#ifndef LIBDES_LIT
+	printf("Doing desx cbc\n");
+	if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	memset(cbc_out,0,40);
+	memset(cbc_in,0,40);
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+		(long)strlen((char *)cbc_data)+1,ks,
+		(C_Block *)iv3,
+		(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
+	if (memcmp(cbc_out,xcbc_ok,32) != 0)
+		{
+		printf("des_xcbc_encrypt encrypt error\n");
+		}
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+		(long)strlen((char *)cbc_data)+1,ks,
+		(C_Block *)iv3,
+		(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,32) != 0)
+		{
+		printf("des_xcbc_encrypt decrypt error\n");
+		err=1;
+		}
+#endif
+
+	printf("Doing ede cbc\n");
+	if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	if ((j=des_key_sched((C_Block *)cbc2_key,ks2)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	if ((j=des_key_sched((C_Block *)cbc3_key,ks3)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	memset(cbc_out,0,40);
+	memset(cbc_in,0,40);
+	i=strlen((char *)cbc_data)+1;
+	i=((i+7)/8)*8;
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+
+	des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+		16L,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+	des_ede3_cbc_encrypt((C_Block *)&(cbc_data[16]),
+		(C_Block *)&(cbc_out[16]),
+		(long)i-16,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+	if (memcmp(cbc_out,cbc3_ok,
+		(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+		{
+		printf("des_ede3_cbc_encrypt encrypt error\n");
+		err=1;
+		}
+
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_ede3_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+		(long)i,ks,ks2,ks3,(C_Block *)iv3,DES_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+		{
+		printf("des_ede3_cbc_encrypt decrypt error\n");
+		err=1;
+		}
+
+#ifndef LIBDES_LIT
+	printf("Doing pcbc\n");
+	if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	memset(cbc_out,0,40);
+	memset(cbc_in,0,40);
+	des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+		(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT);
+	if (memcmp(cbc_out,pcbc_ok,32) != 0)
+		{
+		printf("pcbc_encrypt encrypt error\n");
+		err=1;
+		}
+	des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+		(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,32) != 0)
+		{
+		printf("pcbc_encrypt decrypt error\n");
+		err=1;
+		}
+
+	printf("Doing ");
+	printf("cfb8 ");
+	err+=cfb_test(8,cfb_cipher8);
+	printf("cfb16 ");
+	err+=cfb_test(16,cfb_cipher16);
+	printf("cfb32 ");
+	err+=cfb_test(32,cfb_cipher32);
+	printf("cfb48 ");
+	err+=cfb_test(48,cfb_cipher48);
+	printf("cfb64 ");
+	err+=cfb_test(64,cfb_cipher64);
+
+	printf("cfb64() ");
+	err+=cfb64_test(cfb_cipher64);
+
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	for (i=0; i<sizeof(plain); i++)
+		des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
+			8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT);
+	if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
+		{
+		printf("cfb_encrypt small encrypt error\n");
+		err=1;
+		}
+
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	for (i=0; i<sizeof(plain); i++)
+		des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
+			8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT);
+	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+		{
+		printf("cfb_encrypt small decrypt error\n");
+		err=1;
+		}
+
+	printf("ede_cfb64() ");
+	err+=ede_cfb64_test(cfb_cipher64);
+
+	printf("done\n");
+
+	printf("Doing ofb\n");
+	des_key_sched((C_Block *)ofb_key,ks);
+	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+	des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks,
+		(C_Block *)ofb_tmp);
+	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+		{
+		printf("ofb_encrypt encrypt error\n");
+		err=1;
+		}
+	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+	des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks,
+		(C_Block *)ofb_tmp);
+	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+		{
+		printf("ofb_encrypt decrypt error\n");
+		err=1;
+		}
+
+	printf("Doing ofb64\n");
+	des_key_sched((C_Block *)ofb_key,ks);
+	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+	memset(ofb_buf1,0,sizeof(ofb_buf1));
+	memset(ofb_buf2,0,sizeof(ofb_buf1));
+	num=0;
+	for (i=0; i<sizeof(plain); i++)
+		{
+		des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,
+			(C_Block *)ofb_tmp,&num);
+		}
+	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+		{
+		printf("ofb64_encrypt encrypt error\n");
+		err=1;
+		}
+	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+	num=0;
+	des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+		(C_Block *)ofb_tmp,&num);
+	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+		{
+		printf("ofb64_encrypt decrypt error\n");
+		err=1;
+		}
+
+	printf("Doing ede_ofb64\n");
+	des_key_sched((C_Block *)ofb_key,ks);
+	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+	memset(ofb_buf1,0,sizeof(ofb_buf1));
+	memset(ofb_buf2,0,sizeof(ofb_buf1));
+	num=0;
+	for (i=0; i<sizeof(plain); i++)
+		{
+		des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks,
+			(C_Block *)ofb_tmp,&num);
+		}
+	if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+		{
+		printf("ede_ofb64_encrypt encrypt error\n");
+		err=1;
+		}
+	memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+	num=0;
+	des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+		ks,ks,(C_Block *)ofb_tmp,&num);
+	if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+		{
+		printf("ede_ofb64_encrypt decrypt error\n");
+		err=1;
+		}
+
+	printf("Doing cbc_cksum\n");
+	des_key_sched((C_Block *)cbc_key,ks);
+	cs=des_cbc_cksum((C_Block *)cbc_data,(C_Block *)cret,
+		(long)strlen(cbc_data),ks,(C_Block *)cbc_iv);
+	if (cs != cbc_cksum_ret)
+		{
+		printf("bad return value (%08lX), should be %08lX\n",
+			(unsigned long)cs,(unsigned long)cbc_cksum_ret);
+		err=1;
+		}
+	if (memcmp(cret,cbc_cksum_data,8) != 0)
+		{
+		printf("bad cbc_cksum block returned\n");
+		err=1;
+		}
+
+	printf("Doing quad_cksum\n");
+	cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
+		(long)strlen(cbc_data),2,(C_Block *)cbc_iv);
+	for (i=0; i<4; i++)
+		{
+		lqret[i]=0;
+		memcpy(&(lqret[i]),&(qret[i][0]),4);
+		}
+	{ /* Big-endian fix */
+	static DES_LONG l=1;
+	static unsigned char *c=(unsigned char *)&l;
+	DES_LONG ll;
+
+	if (!c[0])
+		{
+		ll=lqret[0]^lqret[3];
+		lqret[0]^=ll;
+		lqret[3]^=ll;
+		ll=lqret[1]^lqret[2];
+		lqret[1]^=ll;
+		lqret[2]^=ll;
+		}
+	}
+	if (cs != 0x70d7a63aL)
+		{
+		printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+			(unsigned long)cs);
+		err=1;
+		}
+	if (lqret[0] != 0x327eba8dL)
+		{
+		printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+			(unsigned long)lqret[0],0x327eba8dL);
+		err=1;
+		}
+	if (lqret[1] != 0x201a49ccL)
+		{
+		printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+			(unsigned long)lqret[1],0x201a49ccL);
+		err=1;
+		}
+	if (lqret[2] != 0x70d7a63aL)
+		{
+		printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+			(unsigned long)lqret[2],0x70d7a63aL);
+		err=1;
+		}
+	if (lqret[3] != 0x501c2c26L)
+		{
+		printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+			(unsigned long)lqret[3],0x501c2c26L);
+		err=1;
+		}
+#endif
+
+	printf("input word alignment test");
+	for (i=0; i<4; i++)
+		{
+		printf(" %d",i);
+		des_cbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
+			(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+			DES_ENCRYPT);
+		}
+	printf("\noutput word alignment test");
+	for (i=0; i<4; i++)
+		{
+		printf(" %d",i);
+		des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
+			(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+			DES_ENCRYPT);
+		}
+	printf("\n");
+	printf("fast crypt test ");
+	str=crypt("testing","ef");
+	if (strcmp("efGnQx2725bI2",str) != 0)
+		{
+		printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
+		err=1;
+		}
+	str=crypt("bca76;23","yA");
+	if (strcmp("yA1Rp/1hZXIJk",str) != 0)
+		{
+		printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
+		err=1;
+		}
+	printf("\n");
+	exit(err);
+	return(0);
+	}
+
+static char *pt(p)
+unsigned char *p;
+	{
+	static char bufs[10][20];
+	static int bnum=0;
+	char *ret;
+	int i;
+	static char *f="0123456789ABCDEF";
+
+	ret= &(bufs[bnum++][0]);
+	bnum%=10;
+	for (i=0; i<8; i++)
+		{
+		ret[i*2]=f[(p[i]>>4)&0xf];
+		ret[i*2+1]=f[p[i]&0xf];
+		}
+	ret[16]='\0';
+	return(ret);
+	}
+
+#ifndef LIBDES_LIT
+
+static int cfb_test(bits, cfb_cipher)
+int bits;
+unsigned char *cfb_cipher;
+	{
+	des_key_schedule ks;
+	int i,err=0;
+
+	des_key_sched((C_Block *)cfb_key,ks);
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks,
+		(C_Block *)cfb_tmp,DES_ENCRYPT);
+	if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+		{
+		err=1;
+		printf("cfb_encrypt encrypt error\n");
+		for (i=0; i<24; i+=8)
+			printf("%s\n",pt(&(cfb_buf1[i])));
+		}
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks,
+		(C_Block *)cfb_tmp,DES_DECRYPT);
+	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+		{
+		err=1;
+		printf("cfb_encrypt decrypt error\n");
+		for (i=0; i<24; i+=8)
+			printf("%s\n",pt(&(cfb_buf1[i])));
+		}
+	return(err);
+	}
+
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+	{
+	des_key_schedule ks;
+	int err=0,i,n;
+
+	des_key_sched((C_Block *)cfb_key,ks);
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	n=0;
+	des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,
+		(C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+	des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+		(long)sizeof(plain)-12,ks,
+		(C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+	if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+		{
+		err=1;
+		printf("cfb_encrypt encrypt error\n");
+		for (i=0; i<24; i+=8)
+			printf("%s\n",pt(&(cfb_buf1[i])));
+		}
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	n=0;
+	des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,
+		(C_Block *)cfb_tmp,&n,DES_DECRYPT);
+	des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+		(long)sizeof(plain)-17,ks,
+		(C_Block *)cfb_tmp,&n,DES_DECRYPT);
+	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+		{
+		err=1;
+		printf("cfb_encrypt decrypt error\n");
+		for (i=0; i<24; i+=8)
+			printf("%s\n",pt(&(cfb_buf2[i])));
+		}
+	return(err);
+	}
+
+static int ede_cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+	{
+	des_key_schedule ks;
+	int err=0,i,n;
+
+	des_key_sched((C_Block *)cfb_key,ks);
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	n=0;
+	des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks,
+		(C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+	des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+		(long)sizeof(plain)-12,ks,ks,ks,
+		(C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+	if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+		{
+		err=1;
+		printf("ede_cfb_encrypt encrypt error\n");
+		for (i=0; i<24; i+=8)
+			printf("%s\n",pt(&(cfb_buf1[i])));
+		}
+	memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+	n=0;
+	des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
+		(C_Block *)cfb_tmp,&n,DES_DECRYPT);
+	des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+		(long)sizeof(plain)-17,ks,ks,ks,
+		(C_Block *)cfb_tmp,&n,DES_DECRYPT);
+	if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+		{
+		err=1;
+		printf("ede_cfb_encrypt decrypt error\n");
+		for (i=0; i<24; i+=8)
+			printf("%s\n",pt(&(cfb_buf2[i])));
+		}
+	return(err);
+	}
+
+#endif
+
diff --git a/crypto/des/doIP b/crypto/des/doIP
new file mode 100644
index 0000000000..18cf231303
--- /dev/null
+++ b/crypto/des/doIP
@@ -0,0 +1,46 @@
+#!/usr/local/bin/perl
+
+@l=(
+	 0, 1, 2, 3, 4, 5, 6, 7,
+	 8, 9,10,11,12,13,14,15,
+	16,17,18,19,20,21,22,23,
+	24,25,26,27,28,29,30,31
+	);
+@r=(
+	32,33,34,35,36,37,38,39,
+	40,41,42,43,44,45,46,47,
+	48,49,50,51,52,53,54,55,
+	56,57,58,59,60,61,62,63
+	);
+
+require 'shifts.pl';
+
+sub PERM_OP
+	{
+	local(*a,*b,*t,$n,$m)=@_;
+
+	@z=&shift(*a,-$n);
+	@z=&xor(*b,*z);
+	@z=&and(*z,$m);
+	@b=&xor(*b,*z);
+	@z=&shift(*z,$n);
+	@a=&xor(*a,*z);
+	}
+
+
+@L=@l;
+@R=@r;
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+&PERM_OP(*L,*R,*T,16,0x0000ffff);
+&PERM_OP(*R,*L,*T,2,0x33333333);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+	&printit(@L);
+	&printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+&PERM_OP(*R,*L,*T,2,0x33333333);
+&PERM_OP(*L,*R,*T,16,0x0000ffff);
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+	&printit(@L);
+	&printit(@R);
diff --git a/crypto/des/doPC1 b/crypto/des/doPC1
new file mode 100644
index 0000000000..096afd8c46
--- /dev/null
+++ b/crypto/des/doPC1
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+
+@l=(
+	 0, 1, 2, 3, 4, 5, 6, 7,
+	 8, 9,10,11,12,13,14,15,
+	16,17,18,19,20,21,22,23,
+	24,25,26,27,28,29,30,31
+	);
+@r=(
+	32,33,34,35,36,37,38,39,
+	40,41,42,43,44,45,46,47,
+	48,49,50,51,52,53,54,55,
+	56,57,58,59,60,61,62,63
+	);
+
+require 'shifts.pl';
+
+sub PERM_OP
+	{
+	local(*a,*b,*t,$n,$m)=@_;
+
+	@z=&shift(*a,-$n);
+	@z=&xor(*b,*z);
+	@z=&and(*z,$m);
+	@b=&xor(*b,*z);
+	@z=&shift(*z,$n);
+	@a=&xor(*a,*z);
+	}
+
+sub HPERM_OP2
+	{
+	local(*a,*t,$n,$m)=@_;
+	local(@x,@y,$i);
+
+	@z=&shift(*a,16-$n);
+	@z=&xor(*a,*z);
+	@z=&and(*z,$m);
+	@a=&xor(*a,*z);
+	@z=&shift(*z,$n-16);
+	@a=&xor(*a,*z);
+	}
+
+sub HPERM_OP
+        {
+        local(*a,*t,$n,$m)=@_;
+        local(@x,@y,$i);
+
+        for ($i=0; $i<16; $i++)
+                {
+                $x[$i]=$a[$i];
+                $y[$i]=$a[16+$i];
+                }
+        @z=&shift(*x,-$n);
+        @z=&xor(*y,*z);
+        @z=&and(*z,$m);
+        @y=&xor(*y,*z);
+        @z=&shift(*z,$n);
+        @x=&xor(*x,*z);
+        for ($i=0; $i<16; $i++)
+                {
+                $a[$i]=$x[$i];
+                $a[16+$i]=$y[$i];
+                }
+        }
+
+@L=@l;
+@R=@r;
+
+	print "---\n"; &printit(@R);
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+	print "---\n"; &printit(@R);
+&HPERM_OP2(*L,*T,-2,0xcccc0000);
+&HPERM_OP2(*R,*T,-2,0xcccc0000);
+	print "---\n"; &printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+	print "---\n"; &printit(@R);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+	print "---\n"; &printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+	print "---\n"; &printit(@R);
+#	&printit(@L);
+	&printit(@R);
+print <<"EOF";
+==============================
+63  55  47  39  31  23  15   7  
+62  54  46  38  30  22  14   6  
+61  53  45  37  29  21  13   5  
+60  52  44  36  --  --  --  --  
+
+57  49  41  33  25  17   9   1  
+58  50  42  34  26  18  10   2  
+59  51  43  35  27  19  11   3  
+28  20  12   4  --  --  --  --  
+EOF
+exit(1);
+@A=&and(*R,0x000000ff);
+@A=&shift(*A,16);
+@B=&and(*R,0x0000ff00);
+@C=&and(*R,0x00ff0000);
+@C=&shift(*C,-16);
+@D=&and(*L,0xf0000000);
+@D=&shift(*D,-4);
+@A=&or(*A,*B);
+@B=&or(*D,*C);
+@R=&or(*A,*B);
+@L=&and(*L,0x0fffffff);
+
+	&printit(@L);
+	&printit(@R);
+
diff --git a/crypto/des/doPC2 b/crypto/des/doPC2
new file mode 100644
index 0000000000..fa5cf74cf7
--- /dev/null
+++ b/crypto/des/doPC2
@@ -0,0 +1,94 @@
+#!/usr/local/bin/perl
+
+@PC2_C=(14,17,11,24, 1, 5,
+	 3,28,15, 6,21,10,
+	23,19,12, 4,26, 8,
+	16, 7,27,20,13, 2,
+	);
+
+@PC2_D=(41,52,31,37,47,55,
+	30,40,51,45,33,48,
+	44,49,39,56,34,53,
+	46,42,50,36,29,32,
+	);
+
+$i=0;
+foreach (@PC2_C) {
+	$_--;
+#	printf "%2d,",$_;
+	$C{$_}=$i;
+	++$i;
+#	print "\n" if ((($i) % 8) == 0);
+	}
+$i=0;
+#print "\n";
+foreach (@PC2_D) {
+	$_-=28;
+	$_--;
+#	printf "%2d,",$_;
+	$D{$_}=$i;
+	$i++;
+#	print "\n" if ((($i) % 8) == 0);
+	}
+
+#print "\n";
+foreach $i (0 .. 27)
+	{
+	$_=$C{$i};
+#	printf "%2d,",$_;
+	$i++;
+#	print "\n" if ((($i) % 8) == 0);
+	}
+#print "\n";
+
+#print "\n";
+foreach $i (0 .. 27)
+	{
+	$_=$D{$i};
+#	printf "%2d,",$_;
+	$i++;
+#	print "\n" if ((($i) % 8) == 0);
+	}
+#print "\n";
+
+print "static ulong skb[8][64]={\n";
+&doit("C",*C, 0, 1, 2, 3, 4, 5);
+&doit("C",*C, 6, 7, 9,10,11,12);
+&doit("C",*C,13,14,15,16,18,19);
+&doit("C",*C,20,22,23,25,26,27);
+
+&doit("D",*D, 0, 1, 2, 3, 4, 5);
+&doit("D",*D, 7, 8,10,11,12,13);
+&doit("D",*D,15,16,17,18,19,20);
+&doit("D",*D,21,22,23,24,26,27);
+print "};\n";
+
+sub doit
+	{
+	local($l,*A,@b)=@_;
+	local(@out);
+
+	printf("/* for $l bits (numbered as per FIPS 46) %d %d %d %d %d %d */\n",
+		$b[0]+1, $b[1]+1, $b[2]+1, $b[3]+1, $b[4]+1, $b[5]+1);
+	for ($i=0; $i<64; $i++)
+		{
+		$out[$i]=0;
+		$j=1;
+#print "\n";
+		for ($k=0; $k<6; $k++)
+			{
+			$l=$A{$b[$k]};
+#print"$l - ";
+			if ((1<<$k) & $i)
+				{
+				$ll=int($l/6)*8+($l%6);
+				$out[$i]|=1<<($ll);
+				}
+			}
+		$pp=$out[$i];
+		$pp=($pp&0xff0000ff)|   (($pp&0x00ff0000)>>8)|
+					(($pp&0x0000ff00)<<8);
+		printf("0x%08X,",$pp);
+		print "\n" if (($i+1) % 4 == 0);
+		}
+	}
diff --git a/crypto/des/ecb3_enc.c b/crypto/des/ecb3_enc.c
new file mode 100644
index 0000000000..28c0d886b4
--- /dev/null
+++ b/crypto/des/ecb3_enc.c
@@ -0,0 +1,87 @@
+/* crypto/des/ecb3_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ecb3_encrypt(input, output, ks1, ks2, ks3, enc)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+int enc;
+	{
+	register DES_LONG l0,l1;
+	register unsigned char *in,*out;
+	DES_LONG ll[2];
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	c2l(in,l0);
+	c2l(in,l1);
+	ll[0]=l0;
+	ll[1]=l1;
+	if (enc)
+		des_encrypt3(ll,ks1,ks2,ks3);
+	else
+		des_decrypt3(ll,ks1,ks2,ks3);
+	l0=ll[0];
+	l1=ll[1];
+	l2c(l0,out);
+	l2c(l1,out);
+	}
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
new file mode 100644
index 0000000000..fac4b41b19
--- /dev/null
+++ b/crypto/des/ecb_enc.c
@@ -0,0 +1,124 @@
+/* crypto/des/ecb_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "spr.h"
+
+char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
+char *DES_version="DES part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *des_options()
+	{
+	static int init=1;
+	static char buf[32];
+
+	if (init)
+		{
+		char *ptr,*unroll,*risc,*size;
+
+		init=0;
+#ifdef DES_PTR
+		ptr="ptr";
+#else
+		ptr="idx";
+#endif
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+		risc="risc1";
+#endif
+#ifdef DES_RISC2
+		risc="risc2";
+#endif
+#else
+		risc="cisc";
+#endif
+#ifdef DES_UNROLL
+		unroll="16";
+#else
+		unroll="4";
+#endif
+		if (sizeof(DES_LONG) != sizeof(long))
+			size="int";
+		else
+			size="long";
+		sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
+		}
+	return(buf);
+	}
+		
+
+void des_ecb_encrypt(input, output, ks, enc)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks;
+int enc;
+	{
+	register DES_LONG l;
+	register unsigned char *in,*out;
+	DES_LONG ll[2];
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	c2l(in,l); ll[0]=l;
+	c2l(in,l); ll[1]=l;
+	des_encrypt(ll,ks,enc);
+	l=ll[0]; l2c(l,out);
+	l=ll[1]; l2c(l,out);
+	l=ll[0]=ll[1]=0;
+	}
+
diff --git a/crypto/des/ede_enc.c b/crypto/des/ede_enc.c
new file mode 100644
index 0000000000..20c3cf34a9
--- /dev/null
+++ b/crypto/des/ede_enc.c
@@ -0,0 +1,189 @@
+/* crypto/des/ede_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		iv=(unsigned char *)ivec;
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		register DES_LONG t0,t1;
+
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+
+			t0=tin0;
+			t1=tin1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			tout0^=xor0;
+			tout1^=xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=t0;
+			xor1=t1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+
+			t0=tin0;
+			t1=tin1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			tout0^=xor0;
+			tout1^=xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=t0;
+			xor1=t1;
+			}
+		iv=(unsigned char *)ivec;
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+#ifdef undef /* MACRO */
+void des_ede2_cbc_encrypt(input, output, length, ks1, ks2, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_cblock (*ivec);
+int enc;
+	{
+	des_ede3_cbc_encrypt(input,output,length,ks1,ks2,ks1,ivec,enc);
+	}
+#endif
+
diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
new file mode 100644
index 0000000000..3b254d0fd5
--- /dev/null
+++ b/crypto/des/enc_read.c
@@ -0,0 +1,214 @@
+/* crypto/des/enc_read.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "des_locl.h"
+
+/* This has some uglies in it but it works - even over sockets. */
+/*extern int errno;*/
+int des_rw_mode=DES_PCBC_MODE;
+
+int des_enc_read(fd, buf, len, sched, iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock (*iv);
+	{
+	/* data to be unencrypted */
+	int net_num=0;
+	static unsigned char *net=NULL;
+	/* extra unencrypted data 
+	 * for when a block of 100 comes in but is des_read one byte at
+	 * a time. */
+	static char *unnet=NULL;
+	static int unnet_start=0;
+	static int unnet_left=0;
+	static char *tmpbuf=NULL;
+	int i;
+	long num=0,rnum;
+	unsigned char *p;
+
+	if (tmpbuf == NULL)
+		{
+		tmpbuf=(char *)malloc(BSIZE);
+		if (tmpbuf == NULL) return(-1);
+		}
+	if (net == NULL)
+		{
+		net=(unsigned char *)malloc(BSIZE);
+		if (net == NULL) return(-1);
+		}
+	if (unnet == NULL)
+		{
+		unnet=(char *)malloc(BSIZE);
+		if (unnet == NULL) return(-1);
+		}
+	/* left over data from last decrypt */
+	if (unnet_left != 0)
+		{
+		if (unnet_left < len)
+			{
+			/* we still still need more data but will return
+			 * with the number of bytes we have - should always
+			 * check the return value */
+			memcpy(buf,&(unnet[unnet_start]),
+				(unsigned int)unnet_left);
+			/* eay 26/08/92 I had the next 2 lines
+			 * reversed :-( */
+			i=unnet_left;
+			unnet_start=unnet_left=0;
+			}
+		else
+			{
+			memcpy(buf,&(unnet[unnet_start]),(unsigned int)len);
+			unnet_start+=len;
+			unnet_left-=len;
+			i=len;
+			}
+		return(i);
+		}
+
+	/* We need to get more data. */
+	if (len > MAXWRITE) len=MAXWRITE;
+
+	/* first - get the length */
+	while (net_num < HDRSIZE) 
+		{
+		i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num);
+		if ((i == -1) && (errno == EINTR)) continue;
+		if (i <= 0) return(0);
+		net_num+=i;
+		}
+
+	/* we now have at net_num bytes in net */
+	p=net;
+	/* num=0;  */
+	n2l(p,num);
+	/* num should be rounded up to the next group of eight
+	 * we make sure that we have read a multiple of 8 bytes from the net.
+	 */
+	if ((num > MAXWRITE) || (num < 0)) /* error */
+		return(-1);
+	rnum=(num < 8)?8:((num+7)/8*8);
+
+	net_num=0;
+	while (net_num < rnum)
+		{
+		i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num);
+		if ((i == -1) && (errno == EINTR)) continue;
+		if (i <= 0) return(0);
+		net_num+=i;
+		}
+
+	/* Check if there will be data left over. */
+	if (len < num)
+		{
+		if (des_rw_mode & DES_PCBC_MODE)
+			des_pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
+				num,sched,iv,DES_DECRYPT);
+		else
+			des_cbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
+				num,sched,iv,DES_DECRYPT);
+		memcpy(buf,unnet,(unsigned int)len);
+		unnet_start=len;
+		unnet_left=(int)num-len;
+
+		/* The following line is done because we return num
+		 * as the number of bytes read. */
+		num=len;
+		}
+	else
+		{
+		/* >output is a multiple of 8 byes, if len < rnum
+		 * >we must be careful.  The user must be aware that this
+		 * >routine will write more bytes than he asked for.
+		 * >The length of the buffer must be correct.
+		 * FIXED - Should be ok now 18-9-90 - eay */
+		if (len < rnum)
+			{
+
+			if (des_rw_mode & DES_PCBC_MODE)
+				des_pcbc_encrypt((des_cblock *)net,
+					(des_cblock *)tmpbuf,
+					num,sched,iv,DES_DECRYPT);
+			else
+				des_cbc_encrypt((des_cblock *)net,
+					(des_cblock *)tmpbuf,
+					num,sched,iv,DES_DECRYPT);
+
+			/* eay 26/08/92 fix a bug that returned more
+			 * bytes than you asked for (returned len bytes :-( */
+			memcpy(buf,tmpbuf,(unsigned int)num);
+			}
+		else
+			{
+			if (des_rw_mode & DES_PCBC_MODE)
+				des_pcbc_encrypt((des_cblock *)net,
+					(des_cblock *)buf,num,sched,iv,
+					DES_DECRYPT);
+			else
+				des_cbc_encrypt((des_cblock *)net,
+					(des_cblock *)buf,num,sched,iv,
+					DES_DECRYPT);
+			}
+		}
+	return((int)num);
+	}
+
diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c
new file mode 100644
index 0000000000..672c745664
--- /dev/null
+++ b/crypto/des/enc_writ.c
@@ -0,0 +1,160 @@
+/* crypto/des/enc_writ.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <errno.h>
+#include <time.h>
+#include "des_locl.h"
+
+int des_enc_write(fd, buf, len, sched, iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock (*iv);
+	{
+#ifdef _LIBC
+	extern int srandom();
+	extern unsigned long time();
+	extern int random();
+	extern int write();
+#endif
+
+	long rnum;
+	int i,j,k,outnum;
+	char *outbuf=NULL;
+	char shortbuf[8];
+	char *p;
+	static int start=1;
+
+	if (outbuf == NULL)
+		{
+		outbuf=(char *)malloc(BSIZE+HDRSIZE);
+		if (outbuf == NULL) return(-1);
+		}
+	/* If we are sending less than 8 bytes, the same char will look
+	 * the same if we don't pad it out with random bytes */
+	if (start)
+		{
+		start=0;
+		srandom((unsigned int)time(NULL));
+		}
+
+	/* lets recurse if we want to send the data in small chunks */
+	if (len > MAXWRITE)
+		{
+		j=0;
+		for (i=0; i<len; i+=k)
+			{
+			k=des_enc_write(fd,&(buf[i]),
+				((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
+			if (k < 0)
+				return(k);
+			else
+				j+=k;
+			}
+		return(j);
+		}
+
+	/* write length first */
+	p=outbuf;
+	l2n(len,p);
+
+	/* pad short strings */
+	if (len < 8)
+		{
+		p=shortbuf;
+		memcpy(shortbuf,buf,(unsigned int)len);
+		for (i=len; i<8; i++)
+			shortbuf[i]=random();
+		rnum=8;
+		}
+	else
+		{
+		p=buf;
+		rnum=((len+7)/8*8); /* round up to nearest eight */
+		}
+
+	if (des_rw_mode & DES_PCBC_MODE)
+		des_pcbc_encrypt((des_cblock *)p,
+			(des_cblock *)&(outbuf[HDRSIZE]),
+			(long)((len<8)?8:len),sched,iv,DES_ENCRYPT); 
+	else
+		des_cbc_encrypt((des_cblock *)p,
+			(des_cblock *)&(outbuf[HDRSIZE]),
+			(long)((len<8)?8:len),sched,iv,DES_ENCRYPT); 
+
+	/* output */
+	outnum=(int)rnum+HDRSIZE;
+
+	for (j=0; j<outnum; j+=i)
+		{
+		/* eay 26/08/92 I was not doing writing from where we
+		 * got upto. */
+		i=write(fd,&(outbuf[j]),(unsigned int)(outnum-j));
+		if (i == -1)
+			{
+			if (errno == EINTR)
+				i=0;
+			else 	/* This is really a bad error - very bad
+				 * It will stuff-up both ends. */
+				return(-1);
+			}
+		}
+
+	return(len);
+	}
diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
new file mode 100644
index 0000000000..db9ad65c1d
--- /dev/null
+++ b/crypto/des/fcrypt.c
@@ -0,0 +1,153 @@
+/* NOCW */
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatable
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+/* Modification by Jens Kupferschmidt (Cu)
+ * I have included directive PARA for shared memory computers.
+ * I have included a directive LONGCRYPT to using this routine to cipher
+ * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
+ * definition is the maximum of lenght of password and can changed. I have
+ * defined 24.
+ */
+
+#include "des_locl.h"
+
+/* Added more values to handle illegal salt values the way normal
+ * crypt() implementations do.  The patch was sent by 
+ * Bjorn Gronvall <bg@sics.se>
+ */
+static unsigned const char con_salt[128]={
+0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
+0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
+0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
+0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
+0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
+0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
+0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
+0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
+0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
+0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
+0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
+0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
+0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
+0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
+0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
+0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
+};
+
+static unsigned const char cov_2char[64]={
+0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
+0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
+0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
+0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
+0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
+0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
+0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
+0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
+};
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+	DES_LONG Eswap0, DES_LONG Eswap1);
+
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+char *crypt(const char *buf,const char *salt);
+#endif
+#else
+void fcrypt_body();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+#endif
+
+#ifdef PERL5
+char *des_crypt(buf,salt)
+#else
+char *crypt(buf,salt)
+#endif
+const char *buf;
+const char *salt;
+	{
+	static char buff[14];
+
+	return(des_fcrypt(buf,salt,buff));
+	}
+
+
+char *des_fcrypt(buf,salt,ret)
+const char *buf;
+const char *salt;
+char *ret;
+	{
+	unsigned int i,j,x,y;
+	DES_LONG Eswap0,Eswap1;
+	DES_LONG out[2],ll;
+	des_cblock key;
+	des_key_schedule ks;
+	unsigned char bb[9];
+	unsigned char *b=bb;
+	unsigned char c,u;
+
+	/* eay 25/08/92
+	 * If you call crypt("pwd","*") as often happens when you
+	 * have * as the pwd field in /etc/passwd, the function
+	 * returns *\0XXXXXXXXX
+	 * The \0 makes the string look like * so the pwd "*" would
+	 * crypt to "*".  This was found when replacing the crypt in
+	 * our shared libraries.  People found that the disbled
+	 * accounts effectivly had no passwd :-(. */
+	x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
+	Eswap0=con_salt[x]<<2;
+	x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
+	Eswap1=con_salt[x]<<6;
+
+/* EAY
+r=strlen(buf);
+r=(r+7)/8;
+*/
+	for (i=0; i<8; i++)
+		{
+		c= *(buf++);
+		if (!c) break;
+		key[i]=(c<<1);
+		}
+	for (; i<8; i++)
+		key[i]=0;
+
+	des_set_key((des_cblock *)(key),ks);
+	fcrypt_body(&(out[0]),ks,Eswap0,Eswap1);
+
+	ll=out[0]; l2c(ll,b);
+	ll=out[1]; l2c(ll,b);
+	y=0;
+	u=0x80;
+	bb[8]=0;
+	for (i=2; i<13; i++)
+		{
+		c=0;
+		for (j=0; j<6; j++)
+			{
+			c<<=1;
+			if (bb[y] & u) c|=1;
+			u>>=1;
+			if (!u)
+				{
+				y++;
+				u=0x80;
+				}
+			}
+		ret[i]=cov_2char[c];
+		}
+	ret[13]='\0';
+	return(ret);
+	}
+
diff --git a/crypto/des/fcrypt_b.c b/crypto/des/fcrypt_b.c
new file mode 100644
index 0000000000..f929b66cfb
--- /dev/null
+++ b/crypto/des/fcrypt_b.c
@@ -0,0 +1,148 @@
+/* crypto/des/fcrypt_b.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatable
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+#define DES_FCRYPT
+#include "des_locl.h"
+#undef DES_FCRYPT
+
+#undef PERM_OP
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+	(b)^=(t),\
+	(a)^=((t)<<(n)))
+
+#undef HPERM_OP
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+	(a)=(a)^(t)^(t>>(16-(n))))\
+
+void fcrypt_body(out, ks, Eswap0, Eswap1)
+DES_LONG *out;
+des_key_schedule ks;
+DES_LONG Eswap0;
+DES_LONG Eswap1;
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+	register DES_LONG *s;
+	register int j;
+	register DES_LONG E0,E1;
+
+	l=0;
+	r=0;
+
+	s=(DES_LONG *)ks;
+	E0=Eswap0;
+	E1=Eswap1;
+
+	for (j=0; j<25; j++)
+		{
+#ifdef DES_UNROLL
+		register int i;
+
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  1 */
+			D_ENCRYPT(r,l,i+6); /*  2 */
+			}
+#else
+		D_ENCRYPT(l,r, 0); /*  1 */
+		D_ENCRYPT(r,l, 2); /*  2 */
+		D_ENCRYPT(l,r, 4); /*  3 */
+		D_ENCRYPT(r,l, 6); /*  4 */
+		D_ENCRYPT(l,r, 8); /*  5 */
+		D_ENCRYPT(r,l,10); /*  6 */
+		D_ENCRYPT(l,r,12); /*  7 */
+		D_ENCRYPT(r,l,14); /*  8 */
+		D_ENCRYPT(l,r,16); /*  9 */
+		D_ENCRYPT(r,l,18); /*  10 */
+		D_ENCRYPT(l,r,20); /*  11 */
+		D_ENCRYPT(r,l,22); /*  12 */
+		D_ENCRYPT(l,r,24); /*  13 */
+		D_ENCRYPT(r,l,26); /*  14 */
+		D_ENCRYPT(l,r,28); /*  15 */
+		D_ENCRYPT(r,l,30); /*  16 */
+#endif
+
+		t=l;
+		l=r;
+		r=t;
+		}
+	l=ROTATE(l,3)&0xffffffffL;
+	r=ROTATE(r,3)&0xffffffffL;
+
+	PERM_OP(l,r,t, 1,0x55555555L);
+	PERM_OP(r,l,t, 8,0x00ff00ffL);
+	PERM_OP(l,r,t, 2,0x33333333L);
+	PERM_OP(r,l,t,16,0x0000ffffL);
+	PERM_OP(l,r,t, 4,0x0f0f0f0fL);
+
+	out[0]=r;
+	out[1]=l;
+	}
+
diff --git a/crypto/des/makefile.bc b/crypto/des/makefile.bc
new file mode 100644
index 0000000000..1fe6d4915a
--- /dev/null
+++ b/crypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC      = bcc
+TLIB    = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS  = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS  = -ml $(WINDOWS)
+
+.c.obj:
+	$(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+	$(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib  
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+	del *.exe
+	del *.obj
+	del libdes.lib
+	del libdes.rsp
+
+OBJS=   cbc_cksm.obj cbc_enc.obj  ecb_enc.obj  pcbc_enc.obj \
+	qud_cksm.obj rand_key.obj set_key.obj  str2key.obj \
+	enc_read.obj enc_writ.obj fcrypt.obj   cfb_enc.obj \
+	ecb3_enc.obj ofb_enc.obj  cbc3_enc.obj read_pwd.obj\
+	cfb64enc.obj ofb64enc.obj ede_enc.obj  cfb64ede.obj\
+	ofb64ede.obj supp.obj
+
+LIB=    libdes.lib
+
+$(LIB): $(OBJS)
+	del $(LIB)
+	makersp "+%s &\n" &&|
+	$(OBJS)
+|       >libdes.rsp
+	$(TLIB) libdes.lib @libdes.rsp,nul
+	del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe:     rpw.obj libdes.lib
+speed.exe:   speed.obj libdes.lib
+des.exe:     des.obj libdes.lib
+
+
diff --git a/crypto/des/ncbc_enc.c b/crypto/des/ncbc_enc.c
new file mode 100644
index 0000000000..b79d965237
--- /dev/null
+++ b/crypto/des/ncbc_enc.c
@@ -0,0 +1,141 @@
+/* crypto/des/ncbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0; tin[0]=tin0;
+			tin1^=tout1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0; tin[0]=tin0;
+			tin1^=tout1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		iv=(unsigned char *)ivec;
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		iv=(unsigned char *)ivec;
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c
new file mode 100644
index 0000000000..6a6b95c769
--- /dev/null
+++ b/crypto/des/ofb64ede.c
@@ -0,0 +1,131 @@
+/* crypto/des/ofb64ede.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void des_ede3_ofb64_encrypt(in, out, length, k1,k2,k3, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule k1,k2,k3;
+des_cblock (*ivec);
+int *num;
+	{
+	register DES_LONG v0,v1;
+	register int n= *num;
+	register long l=length;
+	des_cblock d;
+	register char *dp;
+	DES_LONG ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	c2l(iv,v0);
+	c2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2c(v0,dp);
+	l2c(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			ti[0]=v0;
+			ti[1]=v1;
+			des_encrypt3((DES_LONG *)ti,k1,k2,k3);
+			v0=ti[0];
+			v1=ti[1];
+
+			dp=(char *)d;
+			l2c(v0,dp);
+			l2c(v1,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+/*		v0=ti[0];
+		v1=ti[1];*/
+		iv=(unsigned char *)ivec;
+		l2c(v0,iv);
+		l2c(v1,iv);
+		}
+	v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
+#ifdef undef /* MACRO */
+void des_ede2_ofb64_encrypt(in, out, length, k1,k2, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule k1,k2;
+des_cblock (*ivec);
+int *num;
+	{
+	des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
+	}
+#endif
diff --git a/crypto/des/ofb64enc.c b/crypto/des/ofb64enc.c
new file mode 100644
index 0000000000..fe4073981d
--- /dev/null
+++ b/crypto/des/ofb64enc.c
@@ -0,0 +1,114 @@
+/* crypto/des/ofb64enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void des_ofb64_encrypt(in, out, length, schedule, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int *num;
+	{
+	register DES_LONG v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	des_cblock d;
+	register char *dp;
+	DES_LONG ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	c2l(iv,v0);
+	c2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2c(v0,dp);
+	l2c(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+			dp=(char *)d;
+			t=ti[0]; l2c(t,dp);
+			t=ti[1]; l2c(t,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+		v0=ti[0];
+		v1=ti[1];
+		iv=(unsigned char *)ivec;
+		l2c(v0,iv);
+		l2c(v1,iv);
+		}
+	t=v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
diff --git a/crypto/des/ofb_enc.c b/crypto/des/ofb_enc.c
new file mode 100644
index 0000000000..9b2ecb6749
--- /dev/null
+++ b/crypto/des/ofb_enc.c
@@ -0,0 +1,122 @@
+/* crypto/des/ofb_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second.  The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void des_ofb_encrypt(in, out, numbits, length, schedule, ivec)
+unsigned char *in;
+unsigned char *out;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+	{
+	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
+	register DES_LONG mask0,mask1;
+	register long l=length;
+	register int num=numbits;
+	DES_LONG ti[2];
+	unsigned char *iv;
+
+	if (num > 64) return;
+	if (num > 32)
+		{
+		mask0=0xffffffffL;
+		if (num >= 64)
+			mask1=mask0;
+		else
+			mask1=(1L<<(num-32))-1;
+		}
+	else
+		{
+		if (num == 32)
+			mask0=0xffffffffL;
+		else
+			mask0=(1L<<num)-1;
+		mask1=0x00000000;
+		}
+
+	iv=(unsigned char *)ivec;
+	c2l(iv,v0);
+	c2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	while (l-- > 0)
+		{
+		des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+		c2ln(in,d0,d1,n);
+		in+=n;
+		d0=(d0^ti[0])&mask0;
+		d1=(d1^ti[1])&mask1;
+		l2cn(d0,d1,out,n);
+		out+=n;
+		}
+	v0=ti[0];
+	v1=ti[1];
+	iv=(unsigned char *)ivec;
+	l2c(v0,iv);
+	l2c(v1,iv);
+	v0=v1=d0=d1=ti[0]=ti[1]=0;
+	}
+
diff --git a/crypto/des/options.txt b/crypto/des/options.txt
new file mode 100644
index 0000000000..9fe648816a
--- /dev/null
+++ b/crypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assember		577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR	496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]	459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1	433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 		380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assember			281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assember			281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL 				275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR		235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR			233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR		191,000 1528k/s
+DEC Alpha 165mhz??  - cc - RISC2 PTR [2]			181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR		158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3]	 			148,000	1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL		123,600  989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR			101,000  808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL			 81,000  648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assember			 65,000  522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR	 76,000	 608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2		 43,500  344k/s
+AIX - old slow one :-) - cc -					 39,000  312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0 
+    cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+    gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+    I'll record the higher since it is coming from the library but it
+    is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+    As such, my timing program was never able to get more that %30 of the CPU.
+    This would cause the program to give much lower speed numbers because
+    it would be 'fighting' to stay in the cache with the other CPU burning
+    processes.
diff --git a/crypto/des/pcbc_enc.c b/crypto/des/pcbc_enc.c
new file mode 100644
index 0000000000..8adba1aad3
--- /dev/null
+++ b/crypto/des/pcbc_enc.c
@@ -0,0 +1,126 @@
+/* crypto/des/pcbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_pcbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+	{
+	register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
+	DES_LONG tin[2];
+	unsigned char *in,*out,*iv;
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (; length>0; length-=8)
+			{
+			if (length >= 8)
+				{
+				c2l(in,sin0);
+				c2l(in,sin1);
+				}
+			else
+				c2ln(in,sin0,sin1,length);
+			tin[0]=sin0^xor0;
+			tin[1]=sin1^xor1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0];
+			tout1=tin[1];
+			xor0=sin0^tout0;
+			xor1=sin1^tout1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		}
+	else
+		{
+		c2l(iv,xor0); c2l(iv,xor1);
+		for (; length>0; length-=8)
+			{
+			c2l(in,sin0);
+			c2l(in,sin1);
+			tin[0]=sin0;
+			tin[1]=sin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			if (length >= 8)
+				{
+				l2c(tout0,out);
+				l2c(tout1,out);
+				}
+			else
+				l2cn(tout0,tout1,out,length);
+			xor0=tout0^sin0;
+			xor1=tout1^sin1;
+			}
+		}
+	tin[0]=tin[1]=0;
+	sin0=sin1=xor0=xor1=tout0=tout1=0;
+	}
diff --git a/crypto/des/podd.h b/crypto/des/podd.h
new file mode 100644
index 0000000000..c00cd6ba0c
--- /dev/null
+++ b/crypto/des/podd.h
@@ -0,0 +1,75 @@
+/* crypto/des/podd.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static const unsigned char odd_parity[256]={
+  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
diff --git a/crypto/des/qud_cksm.c b/crypto/des/qud_cksm.c
new file mode 100644
index 0000000000..39e8f40fa9
--- /dev/null
+++ b/crypto/des/qud_cksm.c
@@ -0,0 +1,144 @@
+/* crypto/des/qud_cksm.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* From "Message Authentication"  R.R. Jueneman, S.M. Matyas, C.H. Meyer
+ * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
+ * This module in only based on the code in this paper and is
+ * almost definitely not the same as the MIT implementation.
+ */
+#include "des_locl.h"
+
+/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
+#define Q_B0(a)	(((DES_LONG)(a)))
+#define Q_B1(a)	(((DES_LONG)(a))<<8)
+#define Q_B2(a)	(((DES_LONG)(a))<<16)
+#define Q_B3(a)	(((DES_LONG)(a))<<24)
+
+/* used to scramble things a bit */
+/* Got the value MIT uses via brute force :-) 2/10/90 eay */
+#define NOISE	((DES_LONG)83653421L)
+
+DES_LONG des_quad_cksum(input, output, length, out_count, seed)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+int out_count;
+des_cblock (*seed);
+	{
+	DES_LONG z0,z1,t0,t1;
+	int i;
+	long l;
+	unsigned char *cp;
+	unsigned char *lp;
+
+	if (out_count < 1) out_count=1;
+	lp=(unsigned char *)output;
+
+	z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
+	z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
+
+	for (i=0; ((i<4)&&(i<out_count)); i++)
+		{
+		cp=(unsigned char *)input;
+		l=length;
+		while (l > 0)
+			{
+			if (l > 1)
+				{
+				t0= (DES_LONG)(*(cp++));
+				t0|=(DES_LONG)Q_B1(*(cp++));
+				l--;
+				}
+			else
+				t0= (DES_LONG)(*(cp++));
+			l--;
+			/* add */
+			t0+=z0;
+			t0&=0xffffffffL;
+			t1=z1;
+			/* square, well sort of square */
+			z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
+				&0xffffffffL)%0x7fffffffL; 
+			z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
+			}
+		if (lp != NULL)
+			{
+			/* I believe I finally have things worked out.
+			 * The MIT library assumes that the checksum
+			 * is one huge number and it is returned in a
+			 * host dependant byte order.
+			 */
+			static DES_LONG ltmp=1;
+			static unsigned char *c=(unsigned char *)&ltmp;
+
+			if (c[0])
+				{
+				l2c(z0,lp);
+				l2c(z1,lp);
+				}
+			else
+				{
+				lp=output[out_count-i-1];
+				l2n(z1,lp);
+				l2n(z0,lp);
+				}
+			}
+		}
+	return(z0);
+	}
+
diff --git a/crypto/des/rand_key.c b/crypto/des/rand_key.c
new file mode 100644
index 0000000000..feb7ba75bc
--- /dev/null
+++ b/crypto/des/rand_key.c
@@ -0,0 +1,118 @@
+/* crypto/des/rand_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include <time.h>
+
+static int seed=0;
+static des_cblock init;
+
+void des_random_seed(key)
+des_cblock key;
+	{
+	memcpy(init,key,sizeof(des_cblock));
+	seed=1;
+	}
+
+void des_random_key(ret)
+unsigned char *ret;
+	{
+	des_key_schedule ks;
+	static DES_LONG c=0;
+	static unsigned short pid=0;
+	static des_cblock data={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+	des_cblock key;
+	unsigned char *p;
+	DES_LONG t;
+	int i;
+
+#ifdef MSDOS
+	pid=1;
+#else
+	if (!pid) pid=getpid();
+#endif
+	p=key;
+	if (seed)
+		{
+		for (i=0; i<8; i++)
+			{
+			data[i] ^= init[i];
+			init[i]=0;
+			}
+		seed=0;
+		}
+	t=(DES_LONG)time(NULL);
+	l2c(t,p);
+	t=(DES_LONG)((pid)|((c++)<<16));
+	l2c(t,p);
+
+	des_set_odd_parity((des_cblock *)data);
+	des_set_key((des_cblock *)data,ks);
+	des_cbc_cksum((des_cblock *)key,(des_cblock *)key,
+		(long)sizeof(key),ks,(des_cblock *)data);
+
+	des_set_odd_parity((des_cblock *)key);
+	des_set_key((des_cblock *)key,ks);
+	des_cbc_cksum((des_cblock *)key,(des_cblock *)data,
+		(long)sizeof(key),ks,(des_cblock *)key);
+
+	memcpy(ret,data,sizeof(key));
+	memset(key,0,sizeof(key));
+	memset(ks,0,sizeof(ks));
+	t=0;
+	}
diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c
new file mode 100644
index 0000000000..84136b950b
--- /dev/null
+++ b/crypto/des/read2pwd.c
@@ -0,0 +1,90 @@
+/* crypto/des/read2pwd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+int des_read_password(key, prompt, verify)
+des_cblock (*key);
+char *prompt;
+int verify;
+	{
+	int ok;
+	char buf[BUFSIZ],buff[BUFSIZ];
+
+	if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+		des_string_to_key(buf,key);
+	memset(buf,0,BUFSIZ);
+	memset(buff,0,BUFSIZ);
+	return(ok);
+	}
+
+int des_read_2passwords(key1, key2, prompt, verify)
+des_cblock (*key1);
+des_cblock (*key2);
+char *prompt;
+int verify;
+	{
+	int ok;
+	char buf[BUFSIZ],buff[BUFSIZ];
+
+	if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+		des_string_to_2keys(buf,key1,key2);
+	memset(buf,0,BUFSIZ);
+	memset(buff,0,BUFSIZ);
+	return(ok);
+	}
diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c
new file mode 100644
index 0000000000..75d035cf9c
--- /dev/null
+++ b/crypto/des/read_pwd.c
@@ -0,0 +1,419 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifdef WIN16TTY
+#undef WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan    Support for VMS */
+#include "des_locl.h"
+#include <signal.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef  TERMIO
+#undef  SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#ifdef _LIBC
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS)
+#undef  TERMIOS
+#undef  TERMIO
+#define SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT		struct termios
+#define TTY_FLAGS		c_lflag
+#define	TTY_get(tty,data)	tcgetattr(tty,data)
+#define TTY_set(tty,data)	tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT		struct termio
+#define TTY_FLAGS		c_lflag
+#define TTY_get(tty,data)	ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data)	ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT		struct sgttyb
+#define TTY_FLAGS		sg_flags
+#define TTY_get(tty,data)	ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data)	ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS)
+#include <sys/ioctl.h>
+#endif
+
+#ifdef MSDOS
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+	short iosb$w_value;
+	short iosb$w_count;
+	long  iosb$l_info;
+	};
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+#ifndef NOPROTO
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#else
+static void read_till_nl();
+static void recsig();
+static void pushsig();
+static void popsig();
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets();
+#endif
+#endif
+
+#ifndef NOPROTO
+static void (*savsig[NX509_SIG])(int );
+#else
+static void (*savsig[NX509_SIG])();
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(buf, length, prompt, verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+	{
+	char buff[BUFSIZ];
+	int ret;
+
+	ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+	memset(buff,0,BUFSIZ);
+	return(ret);
+	}
+
+#ifndef WIN16
+
+static void read_till_nl(in)
+FILE *in;
+	{
+#define SIZE 4
+	char buf[SIZE+1];
+
+	do	{
+		fgets(buf,SIZE,in);
+		} while (strchr(buf,'\n') == NULL);
+	}
+
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+	{
+#ifdef VMS
+	struct IOSB iosb;
+	$DESCRIPTOR(terminal,"TT");
+	long tty_orig[3], tty_new[3];
+	long status;
+	unsigned short channel = 0;
+#else
+#ifndef MSDOS
+	TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+	int number=5;
+	int ok=0;
+	int ps=0;
+	int is_a_tty=1;
+
+	FILE *tty=NULL;
+	char *p;
+
+#ifndef MSDOS
+	if ((tty=fopen("/dev/tty","r")) == NULL)
+		tty=stdin;
+#else /* MSDOS */
+	if ((tty=fopen("con","r")) == NULL)
+		tty=stdin;
+#endif /* MSDOS */
+
+#if defined(TTY_get) && !defined(VMS)
+	if (TTY_get(fileno(tty),&tty_orig) == -1)
+		{
+#ifdef ENOTTY
+		if (errno == ENOTTY)
+			is_a_tty=0;
+		else
+#endif
+			return(-1);
+		}
+	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+#endif
+#ifdef VMS
+	status = SYS$ASSIGN(&terminal,&channel,0,0);
+	if (status != SS$_NORMAL)
+		return(-1);
+	status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+		return(-1);
+#endif
+
+	if (setjmp(save))
+		{
+		ok=0;
+		goto error;
+		}
+	pushsig();
+	ps=1;
+
+#ifdef TTY_FLAGS
+	tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(VMS)
+	if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+		return(-1);
+#endif
+#ifdef VMS
+	tty_new[0] = tty_orig[0];
+	tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+	tty_new[2] = tty_orig[2];
+	status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+		return(-1);
+#endif
+	ps=2;
+
+	while ((!ok) && (number--))
+		{
+		fputs(prompt,stderr);
+		fflush(stderr);
+
+		buf[0]='\0';
+		fgets(buf,size,tty);
+		if (feof(tty)) goto error;
+		if (ferror(tty)) goto error;
+		if ((p=(char *)strchr(buf,'\n')) != NULL)
+			*p='\0';
+		else	read_till_nl(tty);
+		if (verify)
+			{
+			fprintf(stderr,"\nVerifying password - %s",prompt);
+			fflush(stderr);
+			buff[0]='\0';
+			fgets(buff,size,tty);
+			if (feof(tty)) goto error;
+			if ((p=(char *)strchr(buff,'\n')) != NULL)
+				*p='\0';
+			else	read_till_nl(tty);
+				
+			if (strcmp(buf,buff) != 0)
+				{
+				fprintf(stderr,"\nVerify failure");
+				fflush(stderr);
+				break;
+				/* continue; */
+				}
+			}
+		ok=1;
+		}
+
+error:
+	fprintf(stderr,"\n");
+#ifdef DEBUG
+	perror("fgets(tty)");
+#endif
+	/* What can we do if there is an error? */
+#if defined(TTY_set) && !defined(VMS) 
+	if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
+#endif
+#ifdef VMS
+	if (ps >= 2)
+		status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0
+			,tty_orig,12,0,0,0,0);
+#endif
+	
+	if (ps >= 1) popsig();
+	if (stdin != tty) fclose(tty);
+#ifdef VMS
+	status = SYS$DASSGN(channel);
+#endif
+	return(!ok);
+	}
+
+#else /* WIN16 */
+
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+	{ 
+	memset(buf,0,size);
+	memset(buff,0,size);
+	return(0);
+	}
+
+#endif
+
+static void pushsig()
+	{
+	int i;
+
+	for (i=1; i<NX509_SIG; i++)
+		savsig[i]=signal(i,recsig);
+
+#ifdef SIGWINCH
+	signal(SIGWINCH,SIG_DFL);
+#endif
+	}
+
+static void popsig()
+	{
+	int i;
+
+	for (i=1; i<NX509_SIG; i++)
+		signal(i,savsig[i]);
+	}
+
+static void recsig(i)
+int i;
+	{
+	longjmp(save,1);
+#ifdef LINT
+	i=i;
+#endif
+	}
+
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(buf,size,tty)
+char *buf;
+int size;
+FILE *tty;
+	{
+	int i;
+	char *p;
+
+	p=buf;
+	for (;;)
+		{
+		if (size == 0)
+			{
+			*p='\0';
+			break;
+			}
+		size--;
+#ifdef WIN16TTY
+		i=_inchar();
+#else
+		i=getch();
+#endif
+		if (i == '\r') i='\n';
+		*(p++)=i;
+		if (i == '\n')
+			{
+			*p='\0';
+			break;
+			}
+		}
+	return(strlen(buf));
+	}
+#endif
diff --git a/crypto/des/rpc_des.h b/crypto/des/rpc_des.h
new file mode 100644
index 0000000000..4d53eea8c7
--- /dev/null
+++ b/crypto/des/rpc_des.h
@@ -0,0 +1,131 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*  @(#)des.h	2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI  */
+/*
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part.  Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ * 
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ * 
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ * 
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ * 
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ * 
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California  94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN 	65536	/* maximum # of bytes to encrypt  */
+#define DES_QUICKLEN	16	/* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+#undef ENCRYPT
+#undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+	unsigned char des_key[8];	/* key (with low bit parity) */
+	enum desdir des_dir;	/* direction */
+	enum desmode des_mode;	/* mode */
+	unsigned char des_ivec[8];	/* input vector */
+	unsigned des_len;	/* number of bytes to crypt */
+	union {
+		unsigned char UDES_data[DES_QUICKLEN];
+		unsigned char *UDES_buf;
+	} UDES;
+#	define des_data UDES.UDES_data	/* direct data here if quick */
+#	define des_buf	UDES.UDES_buf	/* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define	DESIOCBLOCK	_IOWR(d, 6, struct desparams)
+
+/* 
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK	_IOWR(d, 7, struct desparams) 
+
diff --git a/crypto/des/rpc_enc.c b/crypto/des/rpc_enc.c
new file mode 100644
index 0000000000..b7eeb09144
--- /dev/null
+++ b/crypto/des/rpc_enc.c
@@ -0,0 +1,107 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+#ifndef NOPROTO
+int _des_crypt(char *buf,int len,struct desparams *desp);
+#else
+int _des_crypt();
+#endif
+
+int _des_crypt(buf, len, desp)
+char *buf;
+int len;
+struct desparams *desp;
+	{
+	des_key_schedule ks;
+	int enc;
+
+	des_set_key((des_cblock *)desp->des_key,ks);
+	enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
+
+	if (desp->des_mode == CBC)
+		des_ecb_encrypt((des_cblock *)desp->UDES.UDES_buf,
+				(des_cblock *)desp->UDES.UDES_buf,ks,enc);
+	else
+		{
+		des_ncbc_encrypt((des_cblock *)desp->UDES.UDES_buf,
+				(des_cblock *)desp->UDES.UDES_buf,
+				(long)len,ks,
+				(des_cblock *)desp->des_ivec,enc);
+#ifdef undef
+		/* len will always be %8 if called from common_crypt
+		 * in secure_rpc.
+		 * Libdes's cbc encrypt does not copy back the iv,
+		 * so we have to do it here. */
+		/* It does now :-) eay 20/09/95 */
+
+		a=(char *)&(desp->UDES.UDES_buf[len-8]);
+		b=(char *)&(desp->des_ivec[0]);
+
+		*(a++)= *(b++); *(a++)= *(b++);
+		*(a++)= *(b++); *(a++)= *(b++);
+		*(a++)= *(b++); *(a++)= *(b++);
+		*(a++)= *(b++); *(a++)= *(b++);
+#endif
+		}
+	return(1);	
+	}
+
diff --git a/crypto/des/rpw.c b/crypto/des/rpw.c
new file mode 100644
index 0000000000..93793c6f53
--- /dev/null
+++ b/crypto/des/rpw.c
@@ -0,0 +1,101 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "des.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	des_cblock k,k1;
+	int i;
+
+	printf("read passwd\n");
+	if ((i=des_read_password((C_Block *)k,"Enter password:",0)) == 0)
+		{
+		printf("password = ");
+		for (i=0; i<8; i++)
+			printf("%02x ",k[i]);
+		}
+	else
+		printf("error %d\n",i);
+	printf("\n");
+	printf("read 2passwds and verify\n");
+	if ((i=des_read_2passwords((C_Block *)k,(C_Block *)k1,
+		"Enter verified password:",1)) == 0)
+		{
+		printf("password1 = ");
+		for (i=0; i<8; i++)
+			printf("%02x ",k[i]);
+		printf("\n");
+		printf("password2 = ");
+		for (i=0; i<8; i++)
+			printf("%02x ",k1[i]);
+		printf("\n");
+		exit(1);
+		}
+	else
+		{
+		printf("error %d\n",i);
+		exit(0);
+		}
+#ifdef LINT
+	return(0);
+#endif
+	}
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
new file mode 100644
index 0000000000..99ac273484
--- /dev/null
+++ b/crypto/des/set_key.c
@@ -0,0 +1,246 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include "des_locl.h"
+#include "podd.h"
+#include "sk.h"
+
+#ifndef NOPROTO
+static int check_parity(des_cblock (*key));
+#else
+static int check_parity();
+#endif
+
+int des_check_key=0;
+
+void des_set_odd_parity(key)
+des_cblock (*key);
+	{
+	int i;
+
+	for (i=0; i<DES_KEY_SZ; i++)
+		(*key)[i]=odd_parity[(*key)[i]];
+	}
+
+static int check_parity(key)
+des_cblock (*key);
+	{
+	int i;
+
+	for (i=0; i<DES_KEY_SZ; i++)
+		{
+		if ((*key)[i] != odd_parity[(*key)[i]])
+			return(0);
+		}
+	return(1);
+	}
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY	16
+static des_cblock weak_keys[NUM_WEAK_KEY]={
+	/* weak keys */
+	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+	{0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
+	{0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
+	/* semi-weak keys */
+	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+	{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+	{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+	{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+	{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+	{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+	{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+	{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+	{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+	{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int des_is_weak_key(key)
+des_cblock (*key);
+	{
+	int i;
+
+	for (i=0; i<NUM_WEAK_KEY; i++)
+		/* Added == 0 to comparision, I obviously don't run
+		 * this section very often :-(, thanks to
+		 * engineering@MorningStar.Com for the fix
+		 * eay 93/06/29
+		 * Another problem, I was comparing only the first 4
+		 * bytes, 97/03/18 */
+		if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
+	return(0);
+	}
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros. 
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ * 	(b)^=(t),\
+ * 	(a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+	(a)=(a)^(t)^(t>>(16-(n))))
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int des_set_key(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+	{
+	static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+	register DES_LONG c,d,t,s,t2;
+	register unsigned char *in;
+	register DES_LONG *k;
+	register int i;
+
+	if (des_check_key)
+		{
+		if (!check_parity(key))
+			return(-1);
+
+		if (des_is_weak_key(key))
+			return(-2);
+		}
+
+	k=(DES_LONG *)schedule;
+	in=(unsigned char *)key;
+
+	c2l(in,c);
+	c2l(in,d);
+
+	/* do PC1 in 60 simple operations */ 
+/*	PERM_OP(d,c,t,4,0x0f0f0f0fL);
+	HPERM_OP(c,t,-2, 0xcccc0000L);
+	HPERM_OP(c,t,-1, 0xaaaa0000L);
+	HPERM_OP(c,t, 8, 0x00ff0000L);
+	HPERM_OP(c,t,-1, 0xaaaa0000L);
+	HPERM_OP(d,t,-8, 0xff000000L);
+	HPERM_OP(d,t, 8, 0x00ff0000L);
+	HPERM_OP(d,t, 2, 0x33330000L);
+	d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
+	d=(d>>8)|((c&0xf0000000L)>>4);
+	c&=0x0fffffffL; */
+
+	/* I now do it in 47 simple operations :-)
+	 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+	 * for the inspiration. :-) */
+	PERM_OP (d,c,t,4,0x0f0f0f0fL);
+	HPERM_OP(c,t,-2,0xcccc0000L);
+	HPERM_OP(d,t,-2,0xcccc0000L);
+	PERM_OP (d,c,t,1,0x55555555L);
+	PERM_OP (c,d,t,8,0x00ff00ffL);
+	PERM_OP (d,c,t,1,0x55555555L);
+	d=	(((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
+		 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+	c&=0x0fffffffL;
+
+	for (i=0; i<ITERATIONS; i++)
+		{
+		if (shifts2[i])
+			{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+		else
+			{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+		c&=0x0fffffffL;
+		d&=0x0fffffffL;
+		/* could be a few less shifts but I am to lazy at this
+		 * point in time to investigate */
+		s=	des_skb[0][ (c    )&0x3f                ]|
+			des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
+			des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
+			des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
+						  ((c>>22L)&0x38)];
+		t=	des_skb[4][ (d    )&0x3f                ]|
+			des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+			des_skb[6][ (d>>15L)&0x3f                ]|
+			des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+		/* table contained 0213 4657 */
+		t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+		*(k++)=ROTATE(t2,30)&0xffffffffL;
+
+		t2=((s>>16L)|(t&0xffff0000L));
+		*(k++)=ROTATE(t2,26)&0xffffffffL;
+		}
+	return(0);
+	}
+
+int des_key_sched(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+	{
+	return(des_set_key(key,schedule));
+	}
diff --git a/crypto/des/shifts.pl b/crypto/des/shifts.pl
new file mode 100644
index 0000000000..ba686d8ef5
--- /dev/null
+++ b/crypto/des/shifts.pl
@@ -0,0 +1,198 @@
+#!/usr/local/bin/perl
+
+sub lab_shift
+	{
+	local(*a,$n)=@_;
+	local(@r,$i,$j,$k,$d,@z);
+
+	@r=&shift(*a,$n);
+	foreach $i (0 .. 31)
+		{
+		@z=split(/\^/,$r[$i]);
+		for ($j=0; $j <= $#z; $j++)
+			{
+			($d)=($z[$j] =~ /^(..)/);
+			($k)=($z[$j] =~ /\[(.*)\]$/);
+			$k.=",$n" if ($k ne "");
+			$k="$n"	  if ($k eq "");
+			$d="$d[$k]";
+			$z[$j]=$d;
+			}
+		$r[$i]=join('^',@z);
+		}
+	return(@r);
+	}
+
+sub shift
+	{
+	local(*a,$n)=@_;
+	local(@f);
+
+	if ($n > 0)
+		{
+		@f=&shiftl(*a,$n);
+		}
+	else
+		{
+		@f=&shiftr(*a,-$n);
+		}
+	return(@f);
+	}
+
+sub rotate
+	{
+	local(*a,$n)=@_;
+	local(@f);
+
+	if ($n > 0)
+		{ @f=&rotatel(*a,$n); }
+	else
+		{ @f=&rotater(*a,-$n); }
+	return(@f);
+	}
+
+sub rotater
+	{
+	local(*a,$n)=@_;
+	local(@f,@g);
+
+	@f=&shiftr(*a,$n);
+	@g=&shiftl(*a,32-$n);
+	$#f=31;
+	$#g=31;
+	return(&or(*f,*g));
+	}
+
+sub rotatel
+	{
+	local(*a,$n)=@_;
+	local(@f,@g);
+
+	@f=&shiftl(*a,$n);
+	@g=&shiftr(*a,32-$n);
+	$#f=31;
+	$#g=31;
+	return(&or(*f,*g));
+	}
+
+sub shiftr
+	{
+	local(*a,$n)=@_;
+	local(@r,$i);
+
+	$#r=31;
+	foreach $i (0 .. 31)
+		{
+		if (($i+$n) > 31)
+			{
+			$r[$i]="--";
+			}
+		else
+			{
+			$r[$i]=$a[$i+$n];
+			}
+		}
+	return(@r);
+	}
+
+sub shiftl
+	{
+	local(*a,$n)=@_;
+	local(@r,$i);
+
+	$#r=31;
+	foreach $i (0 .. 31)
+		{
+		if ($i < $n)
+			{
+			$r[$i]="--";
+			}
+		else
+			{
+			$r[$i]=$a[$i-$n];
+			}
+		}
+	return(@r);
+	}
+
+sub printit
+	{
+	local(@a)=@_;
+	local($i);
+
+	foreach $i (0 .. 31)
+		{
+		printf "%2s  ",$a[$i];
+		print "\n" if (($i%8) == 7);
+		}
+	print "\n";
+	}
+
+sub xor
+	{
+	local(*a,*b)=@_;
+	local(@r,$i);
+
+	$#r=31;
+	foreach $i (0 .. 31)
+		{
+		$r[$i]=&compress($a[$i].'^'.$b[$i]);
+#		$r[$i]=$a[$i]."^".$b[$i];
+		}
+	return(@r);
+	}
+
+sub and
+	{
+	local(*a,$m)=@_;
+	local(@r,$i);
+
+	$#r=31;
+	foreach $i (0 .. 31)
+		{
+		$r[$i]=(($m & (1<<$i))?($a[$i]):('--'));
+		}
+	return(@r);
+	}
+
+sub or
+	{
+	local(*a,*b)=@_;
+	local(@r,$i);
+
+	$#r=31;
+	foreach $i (0 .. 31)
+		{
+		$r[$i]='--'   if (($a[$i] eq '--') && ($b[$i] eq '--'));
+		$r[$i]=$a[$i] if (($a[$i] ne '--') && ($b[$i] eq '--'));
+		$r[$i]=$b[$i] if (($a[$i] eq '--') && ($b[$i] ne '--'));
+		$r[$i]='++'   if (($a[$i] ne '--') && ($b[$i] ne '--'));
+		}
+	return(@r);
+	}
+
+sub compress
+	{
+	local($s)=@_;
+	local($_,$i,@a,%a,$r);
+
+	$s =~ s/\^\^/\^/g;
+	$s =~ s/^\^//;
+	$s =~ s/\^$//;
+	@a=split(/\^/,$s);
+
+	while ($#a >= 0)
+		{
+		$_=shift(@a);
+		next unless /\d/;
+		$a{$_}++;
+		}
+	foreach $i (sort keys %a)
+		{
+		next if ($a{$i}%2 == 0);
+		$r.="$i^";
+		}
+	chop($r);
+	return($r);
+	}
+1;
diff --git a/crypto/des/sk.h b/crypto/des/sk.h
new file mode 100644
index 0000000000..2407030704
--- /dev/null
+++ b/crypto/des/sk.h
@@ -0,0 +1,204 @@
+/* crypto/des/sk.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static const DES_LONG des_skb[8][64]={
+{
+/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+},{
+/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+},{
+/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+},{
+/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+},{
+/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+},{
+/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+},{
+/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+},{
+/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+}};
diff --git a/crypto/des/speed.c b/crypto/des/speed.c
new file mode 100644
index 0000000000..250b697135
--- /dev/null
+++ b/crypto/des/speed.c
@@ -0,0 +1,329 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+	time_t tms_utime;
+	time_t tms_stime;
+	time_t tms_uchild;	/* I dunno...  */
+	time_t tms_uchildsys;	/* so these names are a guess :-) */
+	}
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   ifndef VMS
+#    define HZ	100.0
+#   else /* VMS */
+#    define HZ	100.0
+#   endif
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE	((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+	{
+	signal(SIGALRM,sig_done);
+	run=0;
+#ifdef LINT
+	sig=sig;
+#endif
+	}
+#endif
+
+#define START	0
+#define STOP	1
+
+double Time_F(s)
+int s;
+	{
+	double ret;
+#ifdef TIMES
+	static struct tms tstart,tend;
+
+	if (s == START)
+		{
+		times(&tstart);
+		return(0);
+		}
+	else
+		{
+		times(&tend);
+		ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#else /* !times() */
+	static struct timeb tstart,tend;
+	long i;
+
+	if (s == START)
+		{
+		ftime(&tstart);
+		return(0);
+		}
+	else
+		{
+		ftime(&tend);
+		i=(long)tend.millitm-(long)tstart.millitm;
+		ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+		return((ret == 0.0)?1e-6:ret);
+		}
+#endif
+	}
+
+int main(argc,argv)
+int argc;
+char **argv;
+	{
+	long count;
+	static unsigned char buf[BUFSIZE];
+	static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+	static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+	static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+	des_key_schedule sch,sch2,sch3;
+	double a,b,c,d,e;
+#ifndef SIGALRM
+	long ca,cb,cc,cd,ce;
+#endif
+
+#ifndef TIMES
+	printf("To get the most acurate results, try to run this\n");
+	printf("program when this computer is idle.\n");
+#endif
+
+	des_set_key((C_Block *)key2,sch2);
+	des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+	printf("First we calculate the approximate speed ...\n");
+	des_set_key((C_Block *)key,sch);
+	count=10;
+	do	{
+		long i;
+		DES_LONG data[2];
+
+		count*=2;
+		Time_F(START);
+		for (i=count; i; i--)
+			des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+		d=Time_F(STOP);
+		} while (d < 3.0);
+	ca=count;
+	cb=count*3;
+	cc=count*3*8/BUFSIZE+1;
+	cd=count*8/BUFSIZE+1;
+	ce=count/20+1;
+	printf("Doing set_key %ld times\n",ca);
+#define COND(d)	(count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c)	(run)
+#define COUNT(d) (count)
+	signal(SIGALRM,sig_done);
+	printf("Doing set_key for 10 seconds\n");
+	alarm(10);
+#endif
+
+	Time_F(START);
+	for (count=0,run=1; COND(ca); count++)
+		des_set_key((C_Block *)key,sch);
+	d=Time_F(STOP);
+	printf("%ld set_key's in %.2f seconds\n",count,d);
+	a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+	printf("Doing des_encrypt's for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing des_encrypt %ld times\n",cb);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cb); count++)
+		{
+		DES_LONG data[2];
+
+		des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+		}
+	d=Time_F(STOP);
+	printf("%ld des_encrypt's in %.2f second\n",count,d);
+	b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+	printf("Doing des_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing des_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cc); count++)
+		des_ncbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,&(sch[0]),
+			(C_Block *)&(key[0]),DES_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld des_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	c=((double)COUNT(cc)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+	printf("Doing des_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+		BUFSIZE);
+	alarm(10);
+#else
+	printf("Doing des_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
+		BUFSIZE);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(cd); count++)
+		des_ede3_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,
+			&(sch[0]),
+			&(sch2[0]),
+			&(sch3[0]),
+			(C_Block *)&(key[0]),
+			DES_ENCRYPT);
+	d=Time_F(STOP);
+	printf("%ld des_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+		count,BUFSIZE,d);
+	d=((double)COUNT(cd)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+	printf("Doing crypt for 10 seconds\n");
+	alarm(10);
+#else
+	printf("Doing crypt %ld times\n",ce);
+#endif
+	Time_F(START);
+	for (count=0,run=1; COND(ce); count++)
+		crypt("testing1","ef");
+	e=Time_F(STOP);
+	printf("%ld crypts in %.2f second\n",count,e);
+	e=((double)COUNT(ce))/e;
+
+	printf("set_key            per sec = %12.2f (%5.1fuS)\n",a,1.0e6/a);
+	printf("DES raw ecb bytes  per sec = %12.2f (%5.1fuS)\n",b,8.0e6/b);
+	printf("DES cbc bytes      per sec = %12.2f (%5.1fuS)\n",c,8.0e6/c);
+	printf("DES ede cbc bytes  per sec = %12.2f (%5.1fuS)\n",d,8.0e6/d);
+	printf("crypt              per sec = %12.2f (%5.1fuS)\n",e,1.0e6/e);
+	exit(0);
+#if defined(LINT) || defined(MSDOS)
+	return(0);
+#endif
+	}
diff --git a/crypto/des/spr.h b/crypto/des/spr.h
new file mode 100644
index 0000000000..a84d6a723f
--- /dev/null
+++ b/crypto/des/spr.h
@@ -0,0 +1,204 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+const DES_LONG des_SPtrans[8][64]={
+{
+/* nibble 0 */
+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+},{
+/* nibble 1 */
+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+},{
+/* nibble 2 */
+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+},{
+/* nibble 3 */
+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+},{
+/* nibble 4 */
+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+},{
+/* nibble 5 */
+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+},{
+/* nibble 6 */
+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+},{
+/* nibble 7 */
+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+}};
diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c
new file mode 100644
index 0000000000..65a1184653
--- /dev/null
+++ b/crypto/des/str2key.c
@@ -0,0 +1,171 @@
+/* crypto/des/str2key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+extern int des_check_key;
+
+void des_string_to_key(str, key)
+char *str;
+des_cblock (*key);
+	{
+	des_key_schedule ks;
+	int i,length;
+	register unsigned char j;
+
+	memset(key,0,8);
+	length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+	for (i=0; i<length; i++)
+		(*key)[i%8]^=(str[i]<<1);
+#else /* MIT COMPATIBLE */
+	for (i=0; i<length; i++)
+		{
+		j=str[i];
+		if ((i%16) < 8)
+			(*key)[i%8]^=(j<<1);
+		else
+			{
+			/* Reverse the bit order 05/05/92 eay */
+			j=((j<<4)&0xf0)|((j>>4)&0x0f);
+			j=((j<<2)&0xcc)|((j>>2)&0x33);
+			j=((j<<1)&0xaa)|((j>>1)&0x55);
+			(*key)[7-(i%8)]^=j;
+			}
+		}
+#endif
+	des_set_odd_parity((des_cblock *)key);
+	i=des_check_key;
+	des_check_key=0;
+	des_set_key((des_cblock *)key,ks);
+	des_check_key=i;
+	des_cbc_cksum((des_cblock *)str,(des_cblock *)key,(long)length,ks,
+		(des_cblock *)key);
+	memset(ks,0,sizeof(ks));
+	des_set_odd_parity((des_cblock *)key);
+	}
+
+void des_string_to_2keys(str, key1, key2)
+char *str;
+des_cblock (*key1);
+des_cblock (*key2);
+	{
+	des_key_schedule ks;
+	int i,length;
+	register unsigned char j;
+
+	memset(key1,0,8);
+	memset(key2,0,8);
+	length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+	if (length <= 8)
+		{
+		for (i=0; i<length; i++)
+			{
+			(*key2)[i]=(*key1)[i]=(str[i]<<1);
+			}
+		}
+	else
+		{
+		for (i=0; i<length; i++)
+			{
+			if ((i/8)&1)
+				(*key2)[i%8]^=(str[i]<<1);
+			else
+				(*key1)[i%8]^=(str[i]<<1);
+			}
+		}
+#else /* MIT COMPATIBLE */
+	for (i=0; i<length; i++)
+		{
+		j=str[i];
+		if ((i%32) < 16)
+			{
+			if ((i%16) < 8)
+				(*key1)[i%8]^=(j<<1);
+			else
+				(*key2)[i%8]^=(j<<1);
+			}
+		else
+			{
+			j=((j<<4)&0xf0)|((j>>4)&0x0f);
+			j=((j<<2)&0xcc)|((j>>2)&0x33);
+			j=((j<<1)&0xaa)|((j>>1)&0x55);
+			if ((i%16) < 8)
+				(*key1)[7-(i%8)]^=j;
+			else
+				(*key2)[7-(i%8)]^=j;
+			}
+		}
+	if (length <= 8) memcpy(key2,key1,8);
+#endif
+	des_set_odd_parity((des_cblock *)key1);
+	des_set_odd_parity((des_cblock *)key2);
+	i=des_check_key;
+	des_check_key=0;
+	des_set_key((des_cblock *)key1,ks);
+	des_cbc_cksum((des_cblock *)str,(des_cblock *)key1,(long)length,ks,
+		(des_cblock *)key1);
+	des_set_key((des_cblock *)key2,ks);
+	des_cbc_cksum((des_cblock *)str,(des_cblock *)key2,(long)length,ks,
+		(des_cblock *)key2);
+	des_check_key=i;
+	memset(ks,0,sizeof(ks));
+	des_set_odd_parity(key1);
+	des_set_odd_parity(key2);
+	}
diff --git a/crypto/des/supp.c b/crypto/des/supp.c
new file mode 100644
index 0000000000..56bd85beff
--- /dev/null
+++ b/crypto/des/supp.c
@@ -0,0 +1,109 @@
+/* crypto/des/supp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Copyright (c) 1995
+ *	Mark Murray.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by Mark Murray
+ * 4. Neither the name of the author nor the names of any co-contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $Id: supp.c,v 1.1 1998/12/21 10:52:29 rse Exp $
+ */
+
+#include <stdio.h>
+#include "des_locl.h"
+
+void des_cblock_print_file(cb, fp)
+	des_cblock *cb;
+	FILE *fp;
+{
+	int i;
+	unsigned int *p = (unsigned int *)cb;
+
+	fprintf(fp, " 0x { ");
+	for (i = 0; i < 8; i++) {
+		fprintf(fp, "%x", p[i]);
+		if (i != 7) fprintf(fp, ", ");
+	}
+	fprintf(fp, " }");
+}
diff --git a/crypto/des/t/test b/crypto/des/t/test
new file mode 100644
index 0000000000..97acd0552e
--- /dev/null
+++ b/crypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/crypto/des/testdes.pl b/crypto/des/testdes.pl
new file mode 100644
index 0000000000..01a165a963
--- /dev/null
+++ b/crypto/des/testdes.pl
@@ -0,0 +1,167 @@
+#!/usr/local/bin/perl
+
+# des.pl tesing code
+
+require 'des.pl';
+
+$num_tests=34;
+@key_data=(
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
+	0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57,
+	0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E,
+	0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86,
+	0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
+	0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
+	0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE,
+	0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6,
+	0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE,
+	0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16,
+	0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F,
+	0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46,
+	0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E,
+	0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76,
+	0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07,
+	0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F,
+	0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7,
+	0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF,
+	0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6,
+	0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF,
+	0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+	0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E,
+	0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE,
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
+	);
+
+@plain_data=(
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+	0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42,
+	0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA,
+	0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72,
+	0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A,
+	0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2,
+	0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A,
+	0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2,
+	0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A,
+	0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02,
+	0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A,
+	0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32,
+	0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA,
+	0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62,
+	0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2,
+	0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA,
+	0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92,
+	0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A,
+	0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2,
+	0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF);
+
+@cipher_data=(
+	0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
+	0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58,
+	0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B,
+	0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33,
+	0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D,
+	0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD,
+	0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
+	0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4,
+	0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B,
+	0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71,
+	0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A,
+	0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A,
+	0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95,
+	0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B,
+	0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09,
+	0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A,
+	0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F,
+	0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88,
+	0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77,
+	0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A,
+	0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56,
+	0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56,
+	0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56,
+	0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC,
+	0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A,
+	0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41,
+	0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93,
+	0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00,
+	0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06,
+	0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7,
+	0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51,
+	0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE,
+	0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D,
+	0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2);
+
+print "Doing ecb tests\n";
+for ($i=0; $i<$num_tests; $i++)
+	{
+	printf "Doing test $i\n";
+	$key =pack("C8",splice(@key_data   ,0,8));
+	$data=pack("C8",splice(@plain_data ,0,8));
+	$res =pack("C8",splice(@cipher_data,0,8));
+
+	@ks=  &des_set_key($key);
+	$out1= &des_ecb_encrypt(*ks,1,$data);
+	$out2= &des_ecb_encrypt(*ks,0,$out1);
+	$out3= &des_ecb_encrypt(*ks,0,$res);
+	&eprint("encryption failure",$res,$out1)
+		if ($out1 ne $res);
+	&eprint("encryption/decryption failure",$data,$out2)
+		if ($out2 ne $data);
+	&eprint("decryption failure",$data,$out3)
+		if ($data ne $out3);
+	}
+print "Done\n";
+
+print "doing speed test over 30 seconds\n";
+$SIG{'ALRM'}='done';
+sub done {$done=1;}
+$done=0;
+
+$count=0;
+$d=pack("C8",0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
+@ks=  &des_set_key($d);
+alarm(30);
+$start=(times)[0];
+while (!$done)
+	{
+	$count++;
+	$d=&des_ecb_encrypt(*ks,1,$d);
+	}
+$end=(times)[0];
+$t=$end-$start;
+printf "$count DESs in %.2f seconds is %.2f DESs/sec or %.2f bytes/sec\n",
+	1.0*$t,1.0*$count/$t,$count*8.0/$t;
+
+sub eprint
+	{
+	local($s,$c,$e)=@_;
+	local(@k);
+
+	@k=unpack("C8",$c);
+	printf "%02x%02x%02x%02x %02x%02x%02x%02x - ",unpack("C8",$c);
+	printf "%02x%02x%02x%02x %02x%02x%02x%02x :",unpack("C8",$e);
+	print " $s\n";
+	}
diff --git a/crypto/des/times/486-50.sol b/crypto/des/times/486-50.sol
new file mode 100644
index 0000000000..0de62d6db3
--- /dev/null
+++ b/crypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options    des ecb/s
+16 r2 i     43552.51 100.0%
+16 r1 i     43487.45  99.9%
+16  c p     43003.23  98.7%
+16 r2 p     42339.00  97.2%
+16  c i     41900.91  96.2%
+16 r1 p     41360.64  95.0%
+ 4  c i     38728.48  88.9%
+ 4  c p     38225.63  87.8%
+ 4 r1 i     38085.79  87.4%
+ 4 r2 i     37825.64  86.9%
+ 4 r2 p     34611.00  79.5%
+ 4 r1 p     31802.00  73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/crypto/des/times/586-100.lnx b/crypto/des/times/586-100.lnx
new file mode 100644
index 0000000000..4323914a11
--- /dev/null
+++ b/crypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options    des ecb/s
+assember   281000.00 177.1%
+16 r1 p    158667.40 100.0%
+16 r1 i    148471.70  93.6%
+16 r2 p    143961.80  90.7%
+16 r2 i    141689.20  89.3%
+ 4 r1 i    140100.00  88.3%
+ 4 r2 i    134049.40  84.5%
+16  c i    124145.20  78.2%
+16  c p    121584.20  76.6%
+ 4  c i    118116.00  74.4%
+ 4 r2 p    117977.90  74.4%
+ 4  c p    114971.40  72.5%
+ 4 r1 p    114578.40  72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/crypto/des/times/686-200.fre b/crypto/des/times/686-200.fre
new file mode 100644
index 0000000000..7d83f6adee
--- /dev/null
+++ b/crypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options    des ecb/s
+assember   578000.00 133.1%
+16 r2 i    434454.80 100.0%
+16 r1 i    433621.43  99.8%
+16 r2 p    431375.69  99.3%
+ 4 r1 i    423722.30  97.5%
+ 4 r2 i    422399.40  97.2%
+16 r1 p    421739.40  97.1%
+16  c i    399027.94  91.8%
+16  c p    372251.70  85.7%
+ 4  c i    365118.35  84.0%
+ 4  c p    352880.51  81.2%
+ 4 r2 p    255104.90  58.7%
+ 4 r1 p    251289.18  57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/crypto/des/times/aix.cc b/crypto/des/times/aix.cc
new file mode 100644
index 0000000000..d96b74e2ce
--- /dev/null
+++ b/crypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella  Minitower Model MT604-100
+Processor        : PPC604 
+P.Speed          : 100Mhz 
+Data/Instr Cache :    16 K
+L2 Cache         :   256 K
+PCI BUS Speed    :    33 Mhz
+TransfRate PCI   :   132 MB/s
+Memory           :    96 MB
+
+options    des ecb/s       
+ 4  c p    275118.61 100.0%
+ 4  c i    273545.07  99.4%
+ 4 r2 p    270441.02  98.3%
+ 4 r1 p    253052.15  92.0%
+ 4 r2 i    240842.97  87.5%
+ 4 r1 i    240556.66  87.4%
+16  c i    224603.99  81.6%
+16  c p    224483.98  81.6%
+16 r2 p    215691.19  78.4%
+16 r1 p    208332.83  75.7%
+16 r1 i    199206.50  72.4%
+16 r2 i    198963.70  72.3%
+-DDES_PTR
+
diff --git a/crypto/des/times/alpha.cc b/crypto/des/times/alpha.cc
new file mode 100644
index 0000000000..95c17efae7
--- /dev/null
+++ b/crypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options    des ecb/s
+ 4 r2 p    181146.14 100.0%
+16 r2 p    172102.94  95.0%
+ 4 r2 i    165424.11  91.3%
+16  c p    160468.64  88.6%
+ 4  c p    156653.59  86.5%
+ 4  c i    155245.18  85.7%
+ 4 r1 p    154729.68  85.4%
+16 r2 i    154137.69  85.1%
+16 r1 p    152357.96  84.1%
+16  c i    148743.91  82.1%
+ 4 r1 i    146695.59  81.0%
+16 r1 i    144961.00  80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/crypto/des/times/hpux.cc b/crypto/des/times/hpux.cc
new file mode 100644
index 0000000000..3de856ddac
--- /dev/null
+++ b/crypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options    des ecb/s
+16  c i    149448.90 100.0%
+ 4  c i    145861.79  97.6%
+16 r2 i    141710.96  94.8%
+16 r1 i    139455.33  93.3%
+ 4 r2 i    138800.00  92.9%
+ 4 r1 i    136692.65  91.5%
+16 r2 p    110228.17  73.8%
+16 r1 p    109397.07  73.2%
+16  c p    109209.89  73.1%
+ 4  c p    108014.71  72.3%
+ 4 r2 p    107873.88  72.2%
+ 4 r1 p    107685.83  72.1%
+-DDES_UNROLL
+
diff --git a/crypto/des/times/sparc.gcc b/crypto/des/times/sparc.gcc
new file mode 100644
index 0000000000..8eaa042104
--- /dev/null
+++ b/crypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options    des ecb/s
+16  c i    124382.70 100.0%
+ 4  c i    118884.68  95.6%
+16  c p    112261.20  90.3%
+16 r2 i    111777.10  89.9%
+16 r2 p    108896.30  87.5%
+16 r1 p    108791.59  87.5%
+ 4  c p    107290.10  86.3%
+ 4 r1 p    104583.80  84.1%
+16 r1 i    104206.20  83.8%
+ 4 r2 p    103709.80  83.4%
+ 4 r2 i     98306.43  79.0%
+ 4 r1 i     91525.80  73.6%
+-DDES_UNROLL
+      
diff --git a/crypto/des/times/usparc.cc b/crypto/des/times/usparc.cc
new file mode 100644
index 0000000000..f6ec8e8831
--- /dev/null
+++ b/crypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I belive the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'.  For 'speed', the DES
+routines are being linked from a library.  I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+  '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+  and while it makes the des_opts numbers much slower, it makes the
+  actual 'speed' numbers look better which is a realistic version of
+  using the libraries. ]
+
+options    des ecb/s
+16 r1 p    475516.90 100.0%
+16 r2 p    439388.10  92.4%
+16  c i    427001.40  89.8%
+16  c p    419516.50  88.2%
+ 4 r2 p    409491.70  86.1%
+ 4 r1 p    404266.90  85.0%
+ 4  c p    398121.00  83.7%
+ 4  c i    370588.40  77.9%
+ 4 r1 i    362742.20  76.3%
+16 r2 i    331275.50  69.7%
+16 r1 i    324730.60  68.3%
+ 4 r2 i     63535.10  13.4%	<-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/crypto/des/typemap b/crypto/des/typemap
new file mode 100644
index 0000000000..a524f53634
--- /dev/null
+++ b/crypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar *	T_DESCHARP
+des_cblock *	T_CBLOCK
+des_cblock	T_CBLOCK
+des_key_schedule	T_SCHEDULE
+des_key_schedule *	T_SCHEDULE
+
+INPUT
+T_CBLOCK
+	$var=(des_cblock *)SvPV($arg,len);
+	if (len < DES_KEY_SZ)
+		{
+		croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+		}
+
+T_SCHEDULE
+	$var=(des_key_schedule *)SvPV($arg,len);
+	if (len < DES_SCHEDULE_SZ)
+		{
+		croak(\"$var needs to be at least %u bytes long\",
+			DES_SCHEDULE_SZ);
+		}
+
+OUTPUT
+T_CBLOCK
+	sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+	sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+	sv_setpvn($arg,(char *)$var,len);
diff --git a/crypto/des/vms.com b/crypto/des/vms.com
new file mode 100755
index 0000000000..62ca1fbda4
--- /dev/null
+++ b/crypto/des/vms.com
@@ -0,0 +1,90 @@
+$! --- VMS.com ---
+$!
+$ GoSub defines
+$ GoSub linker_options
+$ If (P1 .nes. "")
+$ Then 
+$   GoSub 'P1'
+$ Else
+$   GoSub lib
+$   GoSub destest
+$   GoSub rpw
+$   GoSub speed
+$   GoSub des
+$ EndIF
+$!
+$ Exit
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$DEFINES:
+$ OPT_FILE := "VAX_LINKER_OPTIONS.OPT"
+$!
+$ CC_OPTS := "/NODebug/OPTimize/NOWarn"
+$!
+$ LINK_OPTS := "/NODebug/NOTraceback/Contiguous"
+$!
+$ OBJS  = "cbc_cksm.obj,cbc_enc.obj,ecb_enc.obj,pcbc_enc.obj," + -
+          "qud_cksm.obj,rand_key.obj,read_pwd.obj,set_key.obj,"      + -
+          "str2key.obj,enc_read.obj,enc_writ.obj,fcrypt.obj,"           + -
+	  "cfb_enc.obj,ecb3_enc.obj,ofb_enc.obj"
+	   
+	   
+$!
+$ LIBDES = "cbc_cksm.c,cbc_enc.c,ecb_enc.c,enc_read.c,"           + -
+           "enc_writ.c,pcbc_enc.c,qud_cksm.c,rand_key.c,"         + -
+           "read_pwd.c,set_key.c,str2key.c,fcrypt.c,"                + -
+	   "cfb_enc.c,ecb3_enc.c,ofb_enc.c"
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$LINKER_OPTIONS:
+$ If (f$search(OPT_FILE) .eqs. "")
+$ Then
+$   Create 'OPT_FILE'
+$DECK
+! Default system options file to link against the sharable C runtime library
+!
+Sys$Share:VAXcRTL.exe/Share
+$EOD
+$ EndIF
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$LIB:
+$ CC 'CC_OPTS' 'LIBDES'
+$ If (f$search("LIBDES.OLB") .nes. "")
+$ Then Library /Object /Replace libdes 'OBJS'
+$ Else Library /Create /Object  libdes 'OBJS'
+$ EndIF
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$DESTEST:
+$ CC 'CC_OPTS' destest
+$ Link 'link_opts' /Exec=destest destest.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$RPW:
+$ CC 'CC_OPTS' rpw
+$ Link 'link_opts' /Exec=rpw  rpw.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$SPEED:
+$ CC 'CC_OPTS' speed
+$ Link 'link_opts' /Exec=speed speed.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$DES:
+$ CC 'CC_OPTS' des
+$ Link 'link_opts' /Exec=des des.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
diff --git a/crypto/des/xcbc_enc.c b/crypto/des/xcbc_enc.c
new file mode 100644
index 0000000000..fa251170fb
--- /dev/null
+++ b/crypto/des/xcbc_enc.c
@@ -0,0 +1,206 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+
+static unsigned char desx_white_in2out[256]={
+0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
+0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
+0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
+0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
+0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
+0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
+0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
+0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
+0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
+0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
+0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
+0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
+0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
+0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
+0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
+0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
+	};
+
+void des_xwhite_in2out(des_key,in_white,out_white)
+des_cblock (*des_key);
+des_cblock (*in_white);
+des_cblock (*out_white);
+	{
+	unsigned char *key,*in,*out;
+	int out0,out1;
+	int i;
+
+	key=(unsigned char *)des_key;
+	in=(unsigned char *)in_white;
+	out=(unsigned char *)out_white;
+
+	out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
+	out0=out1=0;
+	for (i=0; i<8; i++)
+		{
+		out[i]=key[i]^desx_white_in2out[out0^out1];
+		out0=out1;
+		out1=(int)out[i&0x07];
+		}
+
+	out0=out[0];
+	out1=out[i];
+	for (i=0; i<8; i++)
+		{
+		out[i]=in[i]^desx_white_in2out[out0^out1];
+		out0=out1;
+		out1=(int)out[i&0x07];
+		}
+	}
+
+void des_xcbc_encrypt(input, output, length, schedule, ivec, inw,outw,enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+des_cblock (*inw);
+des_cblock (*outw);
+int enc;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register DES_LONG inW0,inW1,outW0,outW1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)inw;
+	c2l(in,inW0);
+	c2l(in,inW1);
+	in=(unsigned char *)outw;
+	c2l(in,outW0);
+	c2l(in,outW1);
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0^inW0; tin[0]=tin0;
+			tin1^=tout1^inW1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]^outW0; l2c(tout0,out);
+			tout1=tin[1]^outW1; l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0^inW0; tin[0]=tin0;
+			tin1^=tout1^inW1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]^outW0; l2c(tout0,out);
+			tout1=tin[1]^outW1; l2c(tout1,out);
+			}
+		iv=(unsigned char *)ivec;
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0^outW0;
+			c2l(in,tin1); tin[1]=tin1^outW1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0^inW0;
+			tout1=tin[1]^xor1^inW1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0); tin[0]=tin0^outW0;
+			c2l(in,tin1); tin[1]=tin1^outW1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0^inW0;
+			tout1=tin[1]^xor1^inW1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+
+		iv=(unsigned char *)ivec;
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	inW0=inW1=outW0=outW1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl
new file mode 100644
index 0000000000..7e0c1e1049
--- /dev/null
+++ b/crypto/dh/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/dh/Makefile
+#
+
+DIR=	dh
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=dh
+ERRC=dh_err
+GENERAL=Makefile
+TEST= dhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c $(ERRC).c
+LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dh.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/dh/dh.err b/crypto/dh/dh.err
new file mode 100644
index 0000000000..a4fe746985
--- /dev/null
+++ b/crypto/dh/dh.err
@@ -0,0 +1,12 @@
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+#define DH_F_DHPARAMS_PRINT				 100
+#define DH_F_DHPARAMS_PRINT_FP				 101
+#define DH_F_DH_COMPUTE_KEY				 102
+#define DH_F_DH_GENERATE_KEY				 103
+#define DH_F_DH_GENERATE_PARAMETERS			 104
+#define DH_F_DH_NEW					 105
+
+/* Reason codes. */
+#define DH_R_NO_PRIVATE_VALUE				 100
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
new file mode 100644
index 0000000000..44978028b7
--- /dev/null
+++ b/crypto/dh/dh.h
@@ -0,0 +1,162 @@
+/* crypto/dh/dh.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DH_H
+#define HEADER_DH_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifndef HEADER_BN_H
+#define BIGNUM 		char
+#endif
+
+typedef struct dh_st
+	{
+	/* This first argument is used to pick up errors when
+	 * a DH is passed instead of a EVP_PKEY */
+	int pad;
+	int version;
+	BIGNUM *p;
+	BIGNUM *g;
+	int length; /* optional */
+	BIGNUM *pub_key;	/* y */
+	BIGNUM *priv_key;	/* x */
+	} DH;
+
+#define DH_GENERATOR_2		2
+/* #define DH_GENERATOR_3	3 */
+#define DH_GENERATOR_5		5
+
+/* DH_check error codes */
+#define DH_CHECK_P_NOT_PRIME		0x01
+#define DH_CHECK_P_NOT_STRONG_PRIME	0x02
+#define DH_UNABLE_TO_CHECK_GENERATOR	0x04
+#define DH_NOT_SUITABLE_GENERATOR	0x08
+
+#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
+		(char *(*)())d2i_DHparams,(char *)(x))
+#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+		(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
+#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
+		(unsigned char *)(x))
+#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
+		(char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
+#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
+		(unsigned char *)(x))
+
+#ifndef NOPROTO
+DH *	DH_new(void);
+void	DH_free(DH *dh);
+int	DH_size(DH *dh);
+DH *	DH_generate_parameters(int prime_len,int generator,
+		void (*callback)(int,int));
+int	DH_check(DH *dh,int *codes);
+int	DH_generate_key(DH *dh);
+int	DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh);
+DH *	d2i_DHparams(DH **a,unsigned char **pp, long length);
+int	i2d_DHparams(DH *a,unsigned char **pp);
+#ifndef WIN16
+int	DHparams_print_fp(FILE *fp, DH *x);
+#endif
+#ifdef HEADER_BIO_H
+int	DHparams_print(BIO *bp, DH *x);
+#else
+int	DHparams_print(char *bp, DH *x);
+#endif
+void	ERR_load_DH_strings(void );
+
+#else
+
+DH *	DH_new();
+void	DH_free();
+int	DH_size();
+DH *	DH_generate_parameters();
+int	DH_check();
+int	DH_generate_key();
+int	DH_compute_key();
+DH *	d2i_DHparams();
+int	i2d_DHparams();
+#ifndef WIN16
+int	DHparams_print_fp();
+#endif
+int	DHparams_print();
+void	ERR_load_DH_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+#define DH_F_DHPARAMS_PRINT				 100
+#define DH_F_DHPARAMS_PRINT_FP				 101
+#define DH_F_DH_COMPUTE_KEY				 102
+#define DH_F_DH_GENERATE_KEY				 103
+#define DH_F_DH_GENERATE_PARAMETERS			 104
+#define DH_F_DH_NEW					 105
+
+/* Reason codes. */
+#define DH_R_NO_PRIVATE_VALUE				 100
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/dh/dh1024.pem b/crypto/dh/dh1024.pem
new file mode 100644
index 0000000000..81d43f6a3e
--- /dev/null
+++ b/crypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh192.pem b/crypto/dh/dh192.pem
new file mode 100644
index 0000000000..521c07271d
--- /dev/null
+++ b/crypto/dh/dh192.pem
@@ -0,0 +1,3 @@
+-----BEGIN DH PARAMETERS-----
+MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh2048.pem b/crypto/dh/dh2048.pem
new file mode 100644
index 0000000000..295460f508
--- /dev/null
+++ b/crypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
+AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
+z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
+pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
+aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
+Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
+8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
+SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
+gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
+yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
+a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh4096.pem b/crypto/dh/dh4096.pem
new file mode 100644
index 0000000000..390943a21d
--- /dev/null
+++ b/crypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
+vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
+TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
+bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
+rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
+EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
+bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
+W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
+ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
+NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
+jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
+-----END DH PARAMETERS-----
+
diff --git a/crypto/dh/dh512.pem b/crypto/dh/dh512.pem
new file mode 100644
index 0000000000..0a4d863ebe
--- /dev/null
+++ b/crypto/dh/dh512.pem
@@ -0,0 +1,4 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
new file mode 100644
index 0000000000..8da8dc8393
--- /dev/null
+++ b/crypto/dh/dh_check.c
@@ -0,0 +1,120 @@
+/* crypto/dh/dh_check.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+/* Check that p is a strong prime and
+ * if g is 2, 3 or 5, check that is is a suitable generator
+ * where
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5
+ * for 5, p mod 10 == 3 or 7
+ * should hold.
+ */
+
+int DH_check(dh,ret)
+DH *dh;
+int *ret;
+	{
+	int ok=0;
+	BN_CTX *ctx=NULL;
+	BN_ULONG l;
+	BIGNUM *q=NULL;
+
+	*ret=0;
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	q=BN_new();
+	if (q == NULL) goto err;
+
+	if (BN_is_word(dh->g,DH_GENERATOR_2))
+		{
+		l=BN_mod_word(dh->p,24);
+		if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
+		}
+/*	else if (BN_is_word(dh->g,DH_GENERATOR_3))
+		{
+		l=BN_mod_word(dh->p,12);
+		if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
+		}*/
+	else if (BN_is_word(dh->g,DH_GENERATOR_5))
+		{
+		l=BN_mod_word(dh->p,10);
+		if ((l != 3) && (l != 7))
+			*ret|=DH_NOT_SUITABLE_GENERATOR;
+		}
+	else
+		*ret|=DH_UNABLE_TO_CHECK_GENERATOR;
+
+	if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx))
+		*ret|=DH_CHECK_P_NOT_PRIME;
+	else
+		{
+		if (!BN_rshift1(q,dh->p)) goto err;
+		if (!BN_is_prime(q,BN_prime_checks,NULL,ctx))
+			*ret|=DH_CHECK_P_NOT_STRONG_PRIME;
+		}
+	ok=1;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (q != NULL) BN_free(q);
+	return(ok);
+	}
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
new file mode 100644
index 0000000000..1950f43f62
--- /dev/null
+++ b/crypto/dh/dh_err.c
@@ -0,0 +1,90 @@
+/* lib/dh/dh_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "dh.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA DH_str_functs[]=
+	{
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0),	"DHparams_print"},
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0),	"DHparams_print_fp"},
+{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0),	"DH_compute_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0),	"DH_generate_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0),	"DH_generate_parameters"},
+{ERR_PACK(0,DH_F_DH_NEW,0),	"DH_new"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA DH_str_reasons[]=
+	{
+{DH_R_NO_PRIVATE_VALUE                   ,"no private value"},
+{0,NULL},
+	};
+
+void ERR_load_DH_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_DH,DH_str_functs);
+		ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
+		}
+	}
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
new file mode 100644
index 0000000000..ff4f18e1e0
--- /dev/null
+++ b/crypto/dh/dh_gen.c
@@ -0,0 +1,149 @@
+/* crypto/dh/dh_gen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+/* We generate DH parameters as follows
+ * find a prime q which is prime_len/2 bits long.
+ * p=(2*q)+1 or (p-1)/2 = q
+ * For this case, g is a generator if
+ * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
+ * Since the factors of p-1 are q and 2, we just need to check
+ * g^2 mod p != 1 and g^q mod p != 1.
+ *
+ * Having said all that,
+ * there is another special case method for the generators 2, 3 and 5.
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5  <<<<< does not work for strong primes.
+ * for 5, p mod 10 == 3 or 7
+ *
+ * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
+ * special generators and for answering some of my questions.
+ *
+ * I've implemented the second simple method :-).
+ * Since DH should be using a strong prime (both p and q are prime),
+ * this generator function can take a very very long time to run.
+ */
+
+DH *DH_generate_parameters(prime_len,generator,callback)
+int prime_len;
+int generator;
+void (*callback)(P_I_I);
+	{
+	BIGNUM *p=NULL,*t1,*t2;
+	DH *ret=NULL;
+	int g,ok= -1;
+	BN_CTX *ctx=NULL;
+
+	ret=DH_new();
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	t1=ctx->bn[0];
+	t2=ctx->bn[1];
+	ctx->tos=2;
+	
+	if (generator == DH_GENERATOR_2)
+		{
+		BN_set_word(t1,24);
+		BN_set_word(t2,11);
+		g=2;
+		}
+#ifdef undef  /* does not work for strong primes */
+	else if (generator == DH_GENERATOR_3)
+		{
+		BN_set_word(t1,12);
+		BN_set_word(t2,5);
+		g=3;
+		}
+#endif
+	else if (generator == DH_GENERATOR_5)
+		{
+		BN_set_word(t1,10);
+		BN_set_word(t2,3);
+		/* BN_set_word(t3,7); just have to miss
+		 * out on these ones :-( */
+		g=5;
+		}
+	else
+		g=generator;
+	
+	p=BN_generate_prime(prime_len,1,t1,t2,callback);
+	if (p == NULL) goto err;
+	if (callback != NULL) callback(3,0);
+	ret->p=p;
+	ret->g=BN_new();
+	if (!BN_set_word(ret->g,g)) goto err;
+	ok=1;
+err:
+	if (ok == -1)
+		{
+		DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
+		ok=0;
+		}
+
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (!ok && (ret != NULL))
+		{
+		DH_free(ret);
+		ret=NULL;
+		}
+	return(ret);
+	}
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
new file mode 100644
index 0000000000..12f47c4574
--- /dev/null
+++ b/crypto/dh/dh_key.c
@@ -0,0 +1,142 @@
+/* crypto/dh/dh_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rand.h"
+#include "dh.h"
+
+int DH_generate_key(dh)
+DH *dh;
+	{
+	int ok=0;
+	unsigned int i;
+	BN_CTX *ctx=NULL;
+	BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	if (dh->priv_key == NULL)
+		{
+		i=dh->length;
+		if (i == 0)
+			{
+			/* Make the number p-1 bits long */
+			i=BN_num_bits(dh->p)-1;
+			}
+		priv_key=BN_new();
+		if (priv_key == NULL) goto err;
+		if (!BN_rand(priv_key,i,0,0)) goto err;
+		}
+	else
+		priv_key=dh->priv_key;
+
+	if (dh->pub_key == NULL)
+		{
+		pub_key=BN_new();
+		if (pub_key == NULL) goto err;
+		}
+	else
+		pub_key=dh->pub_key;
+
+	if (!BN_mod_exp(pub_key,dh->g,priv_key,dh->p,ctx)) goto err;
+		
+	dh->pub_key=pub_key;
+	dh->priv_key=priv_key;
+	ok=1;
+err:
+	if (ok != 1)
+		DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
+
+	if ((pub_key != NULL)  && (dh->pub_key == NULL))  BN_free(pub_key);
+	if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	return(ok);
+	}
+
+int DH_compute_key(key,pub_key,dh)
+unsigned char *key;
+BIGNUM *pub_key;
+DH *dh;
+	{
+	BN_CTX *ctx;
+	BIGNUM *tmp;
+	int ret= -1;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	tmp=ctx->bn[ctx->tos++];
+	
+	if (dh->priv_key == NULL)
+		{
+		DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
+		goto err;
+		}
+	if (!BN_mod_exp(tmp,pub_key,dh->priv_key,dh->p,ctx))
+		{
+		DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
+		goto err;
+		}
+
+	ret=BN_bn2bin(tmp,key);
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	return(ret);
+	}
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
new file mode 100644
index 0000000000..786a2c14b4
--- /dev/null
+++ b/crypto/dh/dh_lib.c
@@ -0,0 +1,100 @@
+/* crypto/dh/dh_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+char *DH_version="Diffie-Hellman part of SSLeay 0.8.1b 29-Jun-1998";
+
+DH *DH_new()
+	{
+	DH *ret;
+
+	ret=(DH *)Malloc(sizeof(DH));
+	if (ret == NULL)
+		{
+		DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->pad=0;
+	ret->version=0;
+	ret->p=NULL;
+	ret->g=NULL;
+	ret->length=0;
+	ret->pub_key=NULL;
+	ret->priv_key=NULL;
+	return(ret);
+	}
+
+void DH_free(r)
+DH *r;
+	{
+	if (r->p != NULL) BN_clear_free(r->p);
+	if (r->g != NULL) BN_clear_free(r->g);
+	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
+	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+	Free(r);
+	}
+
+int DH_size(dh)
+DH *dh;
+	{
+	return(BN_num_bytes(dh->p));
+	}
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
new file mode 100644
index 0000000000..b338715880
--- /dev/null
+++ b/crypto/dh/dhtest.c
@@ -0,0 +1,187 @@
+/* crypto/dh/dhtest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "crypto.h"
+#include "bio.h"
+#include "bn.h"
+#include "dh.h"
+
+#ifdef WIN16
+#define MS_CALLBACK	_far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK cb(int p, int n);
+#else
+static void MS_CALLBACK cb();
+#endif
+
+#ifdef WIN16
+#define APPS_WIN16
+#include "../bio/bss_file.c"
+#endif
+
+BIO *out=NULL;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	DH *a,*b;
+	char buf[12];
+	unsigned char *abuf=NULL,*bbuf=NULL;
+	int i,alen,blen,aout,bout,ret=1;
+
+#ifdef WIN32
+	CRYPTO_malloc_init();
+#endif
+
+	out=BIO_new(BIO_s_file());
+	if (out == NULL) exit(1);
+	BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+	a=DH_generate_parameters(64,DH_GENERATOR_5,cb);
+	if (a == NULL) goto err;
+
+	BIO_puts(out,"\np    =");
+	BN_print(out,a->p);
+	BIO_puts(out,"\ng    =");
+	BN_print(out,a->g);
+	BIO_puts(out,"\n");
+
+	b=DH_new();
+	if (b == NULL) goto err;
+
+	b->p=BN_dup(a->p);
+	b->g=BN_dup(a->g);
+	if ((b->p == NULL) || (b->g == NULL)) goto err;
+
+	if (!DH_generate_key(a)) goto err;
+	BIO_puts(out,"pri 1=");
+	BN_print(out,a->priv_key);
+	BIO_puts(out,"\npub 1=");
+	BN_print(out,a->pub_key);
+	BIO_puts(out,"\n");
+
+	if (!DH_generate_key(b)) goto err;
+	BIO_puts(out,"pri 2=");
+	BN_print(out,b->priv_key);
+	BIO_puts(out,"\npub 2=");
+	BN_print(out,b->pub_key);
+	BIO_puts(out,"\n");
+
+	alen=DH_size(a);
+	abuf=(unsigned char *)Malloc(alen);
+	aout=DH_compute_key(abuf,b->pub_key,a);
+
+	BIO_puts(out,"key1 =");
+	for (i=0; i<aout; i++)
+		{
+		sprintf(buf,"%02X",abuf[i]);
+		BIO_puts(out,buf);
+		}
+	BIO_puts(out,"\n");
+
+	blen=DH_size(b);
+	bbuf=(unsigned char *)Malloc(blen);
+	bout=DH_compute_key(bbuf,a->pub_key,b);
+
+	BIO_puts(out,"key2 =");
+	for (i=0; i<bout; i++)
+		{
+		sprintf(buf,"%02X",bbuf[i]);
+		BIO_puts(out,buf);
+		}
+	BIO_puts(out,"\n");
+	if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
+		{
+		fprintf(stderr,"Error in DH routines\n");
+		ret=1;
+		}
+	else
+		ret=0;
+err:
+	if (abuf != NULL) Free(abuf);
+	if (bbuf != NULL) Free(bbuf);
+	exit(ret);
+	return(ret);
+	}
+
+static void MS_CALLBACK cb(p, n)
+int p;
+int n;
+	{
+	char c='*';
+
+	if (p == 0) c='.';
+	if (p == 1) c='+';
+	if (p == 2) c='*';
+	if (p == 3) c='\n';
+	BIO_write(out,&c,1);
+#ifdef LINT
+	p=n;
+#endif
+	}
diff --git a/crypto/dh/example b/crypto/dh/example
new file mode 100644
index 0000000000..16a33d2910
--- /dev/null
+++ b/crypto/dh/example
@@ -0,0 +1,50 @@
+From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
+Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
+  (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
+Received: by minbne.mincom.oz.au id AA19958
+  (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
+Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
+          Wed, 27 Sep 1995 19:13:05 +1000
+Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
+          Wed, 27 Sep 1995 04:48:46 -0400
+Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
+Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
+Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14]) 
+          by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442 
+          for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
+Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1) 
+          id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
+Date: Mon, 25 Sep 1995 17:50:51 -0700
+From: Phil Karn <karn@qualcomm.com>
+Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
+To: cypherpunks@toad.com, ipsec-dev@eit.com
+Subject: Primality verification needed
+Sender: owner-cypherpunks@toad.com
+Precedence: bulk
+Status: RO
+X-Status: 
+
+Hi. I've generated a 2047-bit "strong" prime number that I would like to
+use with Diffie-Hellman key exchange. I assert that not only is this number
+'p' prime, but so is (p-1)/2.
+
+I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
+1.3.2 to test this number. This function uses the Miller-Rabin primality test.
+However, to increase my confidence that this number really is a strong prime,
+I'd like to ask others to confirm it with other tests. Here's the number in hex:
+
+72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
+fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
+a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
+fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
+3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
+ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
+56a05180c3bec7ddd5ef6fe76b1f717b
+
+The generator, g, for this prime is 2.
+
+Thanks!
+
+Phil Karn
+
+
diff --git a/crypto/dh/generate b/crypto/dh/generate
new file mode 100644
index 0000000000..5d407231df
--- /dev/null
+++ b/crypto/dh/generate
@@ -0,0 +1,65 @@
+From: stewarts@ix.netcom.com (Bill Stewart)
+Newsgroups: sci.crypt
+Subject: Re: Diffie-Hellman key exchange
+Date: Wed, 11 Oct 1995 23:08:28 GMT
+Organization: Freelance Information Architect
+Lines: 32
+Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
+References: <458rhn$76m$1@mhadf.production.compuserve.com>
+NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
+X-NETCOM-Date: Wed Oct 11  4:09:22 PM PDT 1995
+X-Newsreader: Forte Free Agent 1.0.82
+
+Kent Briggs <72124.3234@CompuServe.COM> wrote:
+
+>I have a copy of the 1976 IEEE article describing the
+>Diffie-Hellman public key exchange algorithm: y=a^x mod q.  I'm
+>looking for sources that give examples of secure a,q pairs and
+>possible some source code that I could examine.
+
+q should be prime, and ideally should be a "strong prime",
+which means it's of the form 2n+1 where n is also prime.
+q also needs to be long enough to prevent the attacks LaMacchia and
+Odlyzko described (some variant on a factoring attack which generates
+a large pile of simultaneous equations and then solves them);
+long enough is about the same size as factoring, so 512 bits may not
+be secure enough for most applications.  (The 192 bits used by
+"secure NFS" was certainly not long enough.)
+
+a should be a generator for q, which means it needs to be
+relatively prime to q-1.   Usually a small prime like 2, 3 or 5 will
+work.  
+
+....
+
+Date: Tue, 26 Sep 1995 13:52:36 MST
+From: "Richard Schroeppel" <rcs@cs.arizona.edu>
+To: karn
+Cc: ho@cs.arizona.edu
+Subject: random large primes
+
+Since your prime is really random, proving it is hard.
+My personal limit on rigorously proved primes is ~350 digits.
+If you really want a proof, we should talk to Francois Morain,
+or the Australian group.
+
+If you want 2 to be a generator (mod P), then you need it
+to be a non-square.  If (P-1)/2 is also prime, then
+non-square == primitive-root for bases << P.
+
+In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
+If you want this, you should restrict your sieve accordingly.
+
+3 is a generator iff P = 5 (mod 12).
+
+5 is a generator iff P = 3 or 7 (mod 10).
+
+2 is perfectly usable as a base even if it's a non-generator, since
+it still covers half the space of possible residues.  And an
+eavesdropper can always determine the low-bit of your exponent for
+a generator anyway.
+
+Rich  rcs@cs.arizona.edu
+
+
+
diff --git a/crypto/dh/p1024.c b/crypto/dh/p1024.c
new file mode 100644
index 0000000000..7f8cd56d5a
--- /dev/null
+++ b/crypto/dh/p1024.c
@@ -0,0 +1,92 @@
+/* crypto/dh/p1024.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
+	0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
+	0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
+	0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
+	0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
+	0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
+	0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
+	0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
+	0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
+	0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
+	0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
+	0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
+	0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
+	0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
+	0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
+	0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
+	};
+
+main()
+	{
+	DH *dh;
+
+	dh=DH_new();
+	dh->p=BN_bin2bn(data,sizeof(data),NULL);
+	dh->g=BN_new();
+	BN_set_word(dh->g,2);
+	PEM_write_DHparams(stdout,dh);
+	}
diff --git a/crypto/dh/p192.c b/crypto/dh/p192.c
new file mode 100644
index 0000000000..c96972c8c6
--- /dev/null
+++ b/crypto/dh/p192.c
@@ -0,0 +1,80 @@
+/* crypto/dh/p192.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
+0xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
+0xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
+	};
+
+main()
+	{
+	DH *dh;
+
+	dh=DH_new();
+	dh->p=BN_bin2bn(data,sizeof(data),NULL);
+	dh->g=BN_new();
+	BN_set_word(dh->g,3);
+	PEM_write_DHparams(stdout,dh);
+	}
diff --git a/crypto/dh/p512.c b/crypto/dh/p512.c
new file mode 100644
index 0000000000..6105612cf9
--- /dev/null
+++ b/crypto/dh/p512.c
@@ -0,0 +1,85 @@
+/* crypto/dh/p512.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
+0xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
+0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
+0x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
+0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
+0xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
+	};
+
+main()
+	{
+	DH *dh;
+
+	dh=DH_new();
+	dh->p=BN_bin2bn(data,sizeof(data),NULL);
+	dh->g=BN_new();
+	BN_set_word(dh->g,2);
+	PEM_write_DHparams(stdout,dh);
+	}
diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl
new file mode 100644
index 0000000000..7b9c9cf4ce
--- /dev/null
+++ b/crypto/dsa/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/dsa/Makefile
+#
+
+DIR=	dsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=dsa
+ERRC=dsa_err
+GENERAL=Makefile
+TEST=dsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c $(ERRC).c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_vrf.o dsa_sign.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dsa.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/dsa/README b/crypto/dsa/README
new file mode 100644
index 0000000000..6a7e9c170a
--- /dev/null
+++ b/crypto/dsa/README
@@ -0,0 +1,4 @@
+The stuff in here is based on patches supplied to me by
+Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
+I have since modified a them a little but a debt of gratitude
+is due for doing the initial work.
diff --git a/crypto/dsa/dsa.err b/crypto/dsa/dsa.err
new file mode 100644
index 0000000000..1131e9fa74
--- /dev/null
+++ b/crypto/dsa/dsa.err
@@ -0,0 +1,15 @@
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+#define DSA_F_DSAPARAMS_PRINT				 100
+#define DSA_F_DSAPARAMS_PRINT_FP			 101
+#define DSA_F_DSA_IS_PRIME				 102
+#define DSA_F_DSA_NEW					 103
+#define DSA_F_DSA_PRINT					 104
+#define DSA_F_DSA_PRINT_FP				 105
+#define DSA_F_DSA_SIGN					 106
+#define DSA_F_DSA_SIGN_SETUP				 107
+#define DSA_F_DSA_VERIFY				 108
+
+/* Reason codes. */
+#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
new file mode 100644
index 0000000000..e5dfafe214
--- /dev/null
+++ b/crypto/dsa/dsa.h
@@ -0,0 +1,194 @@
+/* crypto/dsa/dsa.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * The DSS routines are based on patches supplied by
+ * Steven Schoch <schoch@sheba.arc.nasa.gov>.  He basically did the
+ * work and I have just tweaked them a little to fit into my
+ * stylistic vision for SSLeay :-) */
+
+#ifndef HEADER_DSA_H
+#define HEADER_DSA_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "bn.h"
+
+typedef struct dsa_st
+	{
+	/* This first variable is used to pick up errors where
+	 * a DSA is passed instead of of a EVP_PKEY */
+	int pad;
+	int version;
+	int write_params;
+	BIGNUM *p;
+	BIGNUM *q;	/* == 20 */
+	BIGNUM *g;
+
+	BIGNUM *pub_key;  /* y public key */
+	BIGNUM *priv_key; /* x private key */
+
+	BIGNUM *kinv;	/* Signing pre-calc */
+	BIGNUM *r;	/* Signing pre-calc */
+
+	int references;
+	} DSA;
+
+#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
+		(char *(*)())d2i_DSAparams,(char *)(x))
+#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+		(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+		(unsigned char *)(x))
+#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
+		(char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
+#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
+		(unsigned char *)(x))
+
+#ifndef NOPROTO
+
+DSA *	DSA_new(void);
+int	DSA_size(DSA *);
+	/* DSA *	DSA_generate_key(int bits, void (*callback)()); */
+	/* next 4 return -1 on error */
+int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
+int	DSA_sign(int type,unsigned char *dgst,int dlen,
+		unsigned char *sig, unsigned int *siglen, DSA *dsa);
+int	DSA_verify(int type,unsigned char *dgst,int dgst_len,
+		unsigned char *sigbuf, int siglen, DSA *dsa);
+void	DSA_free (DSA *r);
+
+void	ERR_load_DSA_strings(void );
+
+DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
+DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
+DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
+DSA *	DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
+		int *counter_ret, unsigned long *h_ret,void (*callback)());
+int	DSA_generate_key(DSA *a);
+int	i2d_DSAPublicKey(DSA *a, unsigned char **pp);
+int 	i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
+int	i2d_DSAparams(DSA *a,unsigned char **pp);
+
+#ifdef HEADER_BIO_H
+int	DSAparams_print(BIO *bp, DSA *x);
+int	DSA_print(BIO *bp, DSA *x, int off);
+#endif
+#ifndef WIN16
+int	DSAparams_print_fp(FILE *fp, DSA *x);
+int	DSA_print_fp(FILE *bp, DSA *x, int off);
+#endif
+
+int DSA_is_prime(BIGNUM *q,void (*callback)());
+
+#else
+
+DSA *	DSA_new();
+int	DSA_size();
+int	DSA_sign_setup();
+int	DSA_sign();
+int	DSA_verify();
+void	DSA_free ();
+
+void	ERR_load_DSA_strings();
+
+DSA *	d2i_DSAPublicKey();
+DSA *	d2i_DSAPrivateKey();
+DSA * 	d2i_DSAparams();
+DSA *	DSA_generate_parameters();
+int	DSA_generate_key();
+int	i2d_DSAPublicKey();
+int 	i2d_DSAPrivateKey();
+int	i2d_DSAparams();
+
+int	DSA_is_prime();
+
+int	DSAparams_print();
+int	DSA_print();
+
+#ifndef WIN16
+int	DSAparams_print_fp();
+int	DSA_print_fp();
+#endif
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+#define DSA_F_DSAPARAMS_PRINT				 100
+#define DSA_F_DSAPARAMS_PRINT_FP			 101
+#define DSA_F_DSA_IS_PRIME				 102
+#define DSA_F_DSA_NEW					 103
+#define DSA_F_DSA_PRINT					 104
+#define DSA_F_DSA_PRINT_FP				 105
+#define DSA_F_DSA_SIGN					 106
+#define DSA_F_DSA_SIGN_SETUP				 107
+#define DSA_F_DSA_VERIFY				 108
+
+/* Reason codes. */
+#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
new file mode 100644
index 0000000000..ec0699d282
--- /dev/null
+++ b/crypto/dsa/dsa_err.c
@@ -0,0 +1,93 @@
+/* lib/dsa/dsa_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "dsa.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA DSA_str_functs[]=
+	{
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0),	"DSAparams_print"},
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0),	"DSAparams_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_IS_PRIME,0),	"DSA_is_prime"},
+{ERR_PACK(0,DSA_F_DSA_NEW,0),	"DSA_new"},
+{ERR_PACK(0,DSA_F_DSA_PRINT,0),	"DSA_print"},
+{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0),	"DSA_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_SIGN,0),	"DSA_sign"},
+{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0),	"DSA_sign_setup"},
+{ERR_PACK(0,DSA_F_DSA_VERIFY,0),	"DSA_verify"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA DSA_str_reasons[]=
+	{
+{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{0,NULL},
+	};
+
+void ERR_load_DSA_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
+		ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
+		}
+	}
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
new file mode 100644
index 0000000000..2b80104e7b
--- /dev/null
+++ b/crypto/dsa/dsa_gen.c
@@ -0,0 +1,325 @@
+/* crypto/dsa/dsa_gen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define HASH    SHA
+#else
+#define HASH    SHA1
+#endif 
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "sha.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+
+DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback)
+int bits;
+unsigned char *seed_in;
+int seed_len;
+int *counter_ret;
+unsigned long *h_ret;
+void (*callback)();
+	{
+	int ok=0;
+	unsigned char seed[SHA_DIGEST_LENGTH];
+	unsigned char md[SHA_DIGEST_LENGTH];
+	unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
+	BIGNUM *r0,*W,*X,*c,*test;
+	BIGNUM *g=NULL,*q=NULL,*p=NULL;
+	int k,n=0,i,b,m=0;
+	int counter=0;
+	BN_CTX *ctx=NULL,*ctx2=NULL;
+	unsigned int h=2;
+	DSA *ret=NULL;
+
+	if (bits < 512) bits=512;
+	bits=(bits+63)/64*64;
+
+	if ((seed_in != NULL) && (seed_len == 20))
+		memcpy(seed,seed_in,seed_len);
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	ctx2=BN_CTX_new();
+	if (ctx2 == NULL) goto err;
+	ret=DSA_new();
+	if (ret == NULL) goto err;
+	r0=ctx2->bn[0];
+	g=ctx2->bn[1];
+	W=ctx2->bn[2];
+	q=ctx2->bn[3];
+	X=ctx2->bn[4];
+	c=ctx2->bn[5];
+	p=ctx2->bn[6];
+	test=ctx2->bn[7];
+
+	BN_lshift(test,BN_value_one(),bits-1);
+
+	for (;;)
+		{
+		for (;;)
+			{
+			/* step 1 */
+			if (callback != NULL) callback(0,m++);
+
+			if (!seed_len)
+				RAND_bytes(seed,SHA_DIGEST_LENGTH);
+			else
+				seed_len=0;
+
+			memcpy(buf,seed,SHA_DIGEST_LENGTH);
+			memcpy(buf2,seed,SHA_DIGEST_LENGTH);
+			for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+				{
+				buf[i]++;
+				if (buf[i] != 0) break;
+				}
+
+			/* step 2 */
+			HASH(seed,SHA_DIGEST_LENGTH,md);
+			HASH(buf,SHA_DIGEST_LENGTH,buf2);
+			for (i=0; i<SHA_DIGEST_LENGTH; i++)
+				md[i]^=buf2[i];
+
+			/* step 3 */
+			md[0]|=0x80;
+			md[SHA_DIGEST_LENGTH-1]|=0x01;
+			if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) abort();
+
+			/* step 4 */
+			if (DSA_is_prime(q,callback) > 0) break;
+			/* do a callback call */
+			/* step 5 */
+			}
+
+		if (callback != NULL) callback(2,0);
+		if (callback != NULL) callback(3,0);
+
+		/* step 6 */
+		counter=0;
+
+		n=(bits-1)/160;
+		b=(bits-1)-n*160;
+
+		for (;;)
+			{
+			/* step 7 */
+			BN_zero(W);
+			for (k=0; k<=n; k++)
+				{
+				for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+					{
+					buf[i]++;
+					if (buf[i] != 0) break;
+					}
+
+				HASH(buf,SHA_DIGEST_LENGTH,md);
+
+				/* step 8 */
+				if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) abort();
+				BN_lshift(r0,r0,160*k);
+				BN_add(W,W,r0);
+				}
+
+			/* more of step 8 */
+			BN_mask_bits(W,bits-1);
+			BN_copy(X,W); /* this should be ok */
+			BN_add(X,X,test); /* this should be ok */
+
+			/* step 9 */
+			BN_lshift1(r0,q);
+			BN_mod(c,X,r0,ctx);
+			BN_sub(r0,c,BN_value_one());
+			BN_sub(p,X,r0);
+
+			/* step 10 */
+			if (BN_cmp(p,test) >= 0)
+				{
+				/* step 11 */
+				if (DSA_is_prime(p,callback) > 0)
+					goto end;
+				}
+
+			/* step 13 */
+			counter++;
+
+			/* step 14 */
+			if (counter >= 4096) break;
+
+			if (callback != NULL) callback(0,counter);
+			}
+		}
+end:
+	if (callback != NULL) callback(2,1);
+
+	/* We now need to gernerate g */
+	/* Set r0=(p-1)/q */
+        BN_sub(test,p,BN_value_one());
+        BN_div(r0,NULL,test,q,ctx);
+
+	BN_set_word(test,h);
+	for (;;)
+		{
+		/* g=test^r0%p */
+		BN_mod_exp(g,test,r0,p,ctx);
+		if (!BN_is_one(g)) break;
+		BN_add(test,test,BN_value_one());
+		h++;
+		}
+
+	if (callback != NULL) callback(3,1);
+
+	ok=1;
+err:
+	if (!ok)
+		{
+		if (ret != NULL) DSA_free(ret);
+		}
+	else
+		{
+		ret->p=BN_dup(p);
+		ret->q=BN_dup(q);
+		ret->g=BN_dup(g);
+		if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
+		if (counter_ret != NULL) *counter_ret=counter;
+		if (h_ret != NULL) *h_ret=h;
+		}
+	BN_CTX_free(ctx);
+	BN_CTX_free(ctx2);
+	return(ok?ret:NULL);
+	}
+
+int DSA_is_prime(w, callback)
+BIGNUM *w;
+void (*callback)();
+	{
+	int ok= -1,j,i,n;
+	BN_CTX *ctx=NULL,*ctx2=NULL;
+	BIGNUM *w_1,*b,*m,*z;
+	int a;
+
+	if (!BN_is_bit_set(w,0)) return(0);
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	ctx2=BN_CTX_new();
+	if (ctx2 == NULL) goto err;
+
+	m=  ctx2->bn[2];
+	b=  ctx2->bn[3];
+	z=  ctx2->bn[4];
+	w_1=ctx2->bn[5];
+
+	/* step 1 */
+	n=50;
+
+	/* step 2 */
+	if (!BN_sub(w_1,w,BN_value_one())) goto err;
+	for (a=1; !BN_is_bit_set(w_1,a); a++)
+		;
+	if (!BN_rshift(m,w_1,a)) goto err;
+
+	for (i=1; i < n; i++)
+		{
+		/* step 3 */
+		BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0);
+		BN_set_word(b,0x10001L);
+
+		/* step 4 */
+		j=0;
+		if (!BN_mod_exp(z,b,m,w,ctx)) goto err;
+
+		/* step 5 */
+		for (;;)
+			{
+			if (((j == 0) && BN_is_one(z)) || (BN_cmp(z,w_1) == 0))
+				break;
+
+			/* step 6 */
+			if ((j > 0) && BN_is_one(z))
+				{
+				ok=0;
+				goto err;
+				}
+
+			j++;
+			if (j >= a)
+				{
+				ok=0;
+				goto err;
+				}
+
+			if (!BN_mod_mul(z,z,z,w,ctx)) goto err;
+			if (callback != NULL) callback(1,j);
+			}
+		}
+
+	ok=1;
+err:
+	if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB);
+	BN_CTX_free(ctx);
+	BN_CTX_free(ctx2);
+	
+	return(ok);
+	}
+
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
new file mode 100644
index 0000000000..2c70248687
--- /dev/null
+++ b/crypto/dsa/dsa_key.c
@@ -0,0 +1,112 @@
+/* crypto/dsa/dsa_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "sha.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+
+int DSA_generate_key(dsa)
+DSA *dsa;
+	{
+	int ok=0;
+	unsigned int i;
+	BN_CTX *ctx=NULL;
+	BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+	if (dsa->priv_key == NULL)
+		{
+		if ((priv_key=BN_new()) == NULL) goto err;
+		}
+	else
+		priv_key=dsa->priv_key;
+
+	i=BN_num_bits(dsa->q);
+	for (;;)
+		{
+		BN_rand(priv_key,i,1,0);
+		if (BN_cmp(priv_key,dsa->q) >= 0)
+			BN_sub(priv_key,priv_key,dsa->q);
+		if (!BN_is_zero(priv_key)) break;
+		}
+
+	if (dsa->pub_key == NULL)
+		{
+		if ((pub_key=BN_new()) == NULL) goto err;
+		}
+	else
+		pub_key=dsa->pub_key;
+
+	if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
+
+	dsa->priv_key=priv_key;
+	dsa->pub_key=pub_key;
+	ok=1;
+
+err:
+	if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
+	if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	return(ok);
+	}
+
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
new file mode 100644
index 0000000000..e666db07f0
--- /dev/null
+++ b/crypto/dsa/dsa_lib.c
@@ -0,0 +1,142 @@
+/* crypto/dsa/dsa_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "asn1.h"
+
+char *DSA_version="\0DSA part of SSLeay 0.8.1b 29-Jun-1998";
+
+DSA *DSA_new()
+	{
+	DSA *ret;
+
+	ret=(DSA *)Malloc(sizeof(DSA));
+	if (ret == NULL)
+		{
+		DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->pad=0;
+	ret->version=0;
+	ret->write_params=1;
+	ret->p=NULL;
+	ret->q=NULL;
+	ret->g=NULL;
+
+	ret->pub_key=NULL;
+	ret->priv_key=NULL;
+
+	ret->kinv=NULL;
+	ret->r=NULL;
+
+	ret->references=1;
+	return(ret);
+	}
+
+void DSA_free(r)
+DSA *r;
+	{
+	int i;
+
+	if (r == NULL) return;
+
+	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"DSA_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	if (r->p != NULL) BN_clear_free(r->p);
+	if (r->q != NULL) BN_clear_free(r->q);
+	if (r->g != NULL) BN_clear_free(r->g);
+	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
+	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+	if (r->kinv != NULL) BN_clear_free(r->kinv);
+	if (r->r != NULL) BN_clear_free(r->r);
+	Free(r);
+	}
+
+int DSA_size(r)
+DSA *r;
+	{
+	int ret,i;
+	ASN1_INTEGER bs;
+	unsigned char buf[4];
+
+	i=BN_num_bits(r->q);
+	bs.length=(i+7)/8;
+	bs.data=buf;
+	bs.type=V_ASN1_INTEGER;
+	/* If the top bit is set the asn1 encoding is 1 larger. */
+	buf[0]=0xff;	
+
+	i=i2d_ASN1_INTEGER(&bs,NULL);
+	i+=i; /* r and s */
+	ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+	return(ret);
+	}
+
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
new file mode 100644
index 0000000000..ebb758feb5
--- /dev/null
+++ b/crypto/dsa/dsa_sign.c
@@ -0,0 +1,215 @@
+/* crypto/dsa/dsa_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+#include "asn1.h"
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/*	DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
+
+int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
+int type;
+unsigned char *dgst;
+int dlen;
+unsigned char *sig;	/* out */
+unsigned int *siglen;	/* out */
+DSA *dsa;
+	{
+	BIGNUM *kinv=NULL,*r=NULL;
+	BIGNUM *m=NULL;
+	BIGNUM *xr=NULL,*s=NULL;
+	BN_CTX *ctx=NULL;
+	unsigned char *p;
+	int i,len=0,ret=0,reason=ERR_R_BN_LIB;
+        ASN1_INTEGER rbs,sbs;
+	MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
+	MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
+
+	i=BN_num_bytes(dsa->q); /* should be 20 */
+	if ((dlen > i) || (dlen > 50))
+		{
+		reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
+		goto err;
+		}
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	if ((dsa->kinv == NULL) || (dsa->r == NULL))
+		{
+		if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
+		}
+	else
+		{
+		kinv=dsa->kinv;
+		dsa->kinv=NULL;
+		r=dsa->r;
+		dsa->r=NULL;
+		}
+
+	m=BN_new();
+	xr=BN_new();
+	s=BN_new();
+	if (m == NULL || xr == NULL || s == NULL) goto err;
+
+	if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
+
+	/* Compute  s = inv(k) (m + xr) mod q */
+	if (!BN_mul(xr, dsa->priv_key, r)) goto err;	/* s = xr */
+	if (!BN_add(s, xr, m)) goto err;		/* s = m + xr */
+	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
+
+	/*
+	 * Now create a ASN.1 sequence of the integers R and S.
+	 */
+	rbs.data=rbuf;
+	sbs.data=sbuf;
+	rbs.type = V_ASN1_INTEGER;
+	sbs.type = V_ASN1_INTEGER;
+	rbs.length=BN_bn2bin(r,rbs.data);
+	sbs.length=BN_bn2bin(s,sbs.data);
+
+	len =i2d_ASN1_INTEGER(&rbs,NULL);
+	len+=i2d_ASN1_INTEGER(&sbs,NULL);
+
+	p=sig;
+	ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+	i2d_ASN1_INTEGER(&rbs,&p);
+	i2d_ASN1_INTEGER(&sbs,&p);
+	*siglen=(p-sig);
+	ret=1;
+err:
+	if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
+		
+#if 1 /* do the right thing :-) */
+	if (kinv != NULL) BN_clear_free(kinv);
+	if (r != NULL) BN_clear_free(r);
+#endif
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (m != NULL) BN_clear_free(m);
+	if (xr != NULL) BN_clear_free(xr);
+	if (s != NULL) BN_clear_free(s);
+	return(ret);
+	}
+
+int DSA_sign_setup(dsa,ctx_in,kinvp,rp)
+DSA *dsa;
+BN_CTX *ctx_in;
+BIGNUM **kinvp;
+BIGNUM **rp;
+	{
+	BN_CTX *ctx;
+	BIGNUM *k=NULL,*kinv=NULL,*r=NULL;
+	int ret=0;
+
+	if (ctx_in == NULL)
+		{
+		if ((ctx=BN_CTX_new()) == NULL) goto err;
+		}
+	else
+		ctx=ctx_in;
+
+	r=BN_new();
+	k=BN_new();
+	if ((r == NULL) || (k == NULL))
+		goto err;
+	kinv=NULL;
+
+	if (r == NULL) goto err;
+
+	/* Get random k */
+	for (;;)
+		{
+		if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;
+		if (BN_cmp(k,dsa->q) >= 0)
+			BN_sub(k,k,dsa->q);
+		if (!BN_is_zero(k)) break;
+		}
+
+	/* Compute r = (g^k mod p) mod q */
+	if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;
+	if (!BN_mod(r,r,dsa->q,ctx)) goto err;
+
+	/* Compute  part of 's = inv(k) (m + xr) mod q' */
+	if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
+
+	if (*kinvp != NULL) BN_clear_free(*kinvp);
+	*kinvp=kinv;
+	kinv=NULL;
+	if (*rp != NULL) BN_clear_free(*rp);
+	*rp=r;
+	ret=1;
+err:
+	if (!ret)
+		{
+		DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
+		if (kinv != NULL) BN_clear_free(kinv);
+		if (r != NULL) BN_clear_free(r);
+		}
+	if (ctx_in == NULL) BN_CTX_free(ctx);
+	if (k != NULL) BN_clear_free(k);
+	if (kinv != NULL) BN_clear_free(kinv);
+	return(ret);
+	}
+
diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c
new file mode 100644
index 0000000000..a217f8631c
--- /dev/null
+++ b/crypto/dsa/dsa_vrf.c
@@ -0,0 +1,152 @@
+/* crypto/dsa/dsa_vrf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* returns
+ *	 1: correct signature
+ *	 0: incorrect signature
+ *	-1: error
+ */
+int DSA_verify(type,dgst,dgst_len,sigbuf,siglen, dsa)
+int type;
+unsigned char *dgst;
+int dgst_len;
+unsigned char *sigbuf;
+int siglen;
+DSA *dsa;
+	{
+	/* The next 3 are used by the M_ASN1 macros */
+	long length=siglen;
+	ASN1_CTX c;
+	unsigned char **pp= &sigbuf;
+	BN_CTX *ctx;
+	BIGNUM *r=NULL;
+	BIGNUM *t1=NULL,*t2=NULL;
+	BIGNUM *u1=NULL,*u2=NULL;
+	ASN1_INTEGER *bs=NULL;
+	int ret = -1;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	t1=BN_new();
+	t2=BN_new();
+	if (t1 == NULL || t2 == NULL) goto err;
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+        M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+        if ((r=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
+        M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+        if ((u1=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
+	if (!asn1_Finish(&c)) goto err;
+
+	/* Calculate W = inv(S) mod Q
+	 * save W in u2 */
+	if ((u2=BN_mod_inverse(u1,dsa->q,ctx)) == NULL) goto err_bn;
+
+	/* save M in u1 */
+	if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err_bn;
+
+	/* u1 = M * w mod q */
+	if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err_bn;
+
+	/* u2 = r * w mod q */
+	if (!BN_mod_mul(u2,r,u2,dsa->q,ctx)) goto err_bn;
+
+	/* v = ( g^u1 * y^u2 mod p ) mod q */
+	/* let t1 = g ^ u1 mod p */
+	if (!BN_mod_exp(t1,dsa->g,u1,dsa->p,ctx)) goto err_bn;
+	/* let t2 = y ^ u2 mod p */
+	if (!BN_mod_exp(t2,dsa->pub_key,u2,dsa->p,ctx)) goto err_bn;
+	/* let u1 = t1 * t2 mod p */
+	if (!BN_mod_mul(u1,t1,t2,dsa->p,ctx)) goto err_bn;
+	/* let u1 = u1 mod q */
+	if (!BN_mod(u1,u1,dsa->q,ctx)) goto err_bn;
+	/* V is now in u1.  If the signature is correct, it will be
+	 * equal to R. */
+	ret=(BN_ucmp(u1, r) == 0);
+	if (0)
+		{
+err: /* ASN1 error */
+		DSAerr(DSA_F_DSA_VERIFY,c.error);
+		}
+	if (0)
+		{
+err_bn: /* BN error */
+		DSAerr(DSA_F_DSA_VERIFY,ERR_R_BN_LIB);
+		}
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (r != NULL) BN_free(r);
+	if (t1 != NULL) BN_free(t1);
+	if (t2 != NULL) BN_free(t2);
+	if (u1 != NULL) BN_free(u1);
+	if (u2 != NULL) BN_free(u2);
+	if (bs != NULL) ASN1_BIT_STRING_free(bs);
+	return(ret);
+	}
diff --git a/crypto/dsa/dsagen.c b/crypto/dsa/dsagen.c
new file mode 100644
index 0000000000..3422d877f4
--- /dev/null
+++ b/crypto/dsa/dsagen.c
@@ -0,0 +1,105 @@
+/* crypto/dsa/dsagen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "dsa.h"
+
+#define TEST
+#define GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define LAST_VALUE 0xbd
+#else
+#define LAST_VALUE 0xd3
+#endif
+
+#ifdef TEST
+unsigned char seed[20]={
+	0xd5,0x01,0x4e,0x4b,
+	0x60,0xef,0x2b,0xa8,
+	0xb6,0x21,0x1b,0x40,
+	0x62,0xba,0x32,0x24,
+	0xe0,0x42,0x7d,LAST_VALUE};
+#endif
+
+int cb(p,n)
+int p,n;
+	{
+	char c='*';
+
+	if (p == 0) c='.';
+	if (p == 1) c='+';
+	if (p == 2) c='*';
+	if (p == 3) c='\n';
+	printf("%c",c);
+	fflush(stdout);
+	}
+
+main()
+	{
+	int i;
+	BIGNUM *n;
+	BN_CTX *ctx;
+	unsigned char seed_buf[20];
+	DSA *dsa;
+	int counter,h;
+
+	memcpy(seed_buf,seed,20);
+	dsa=DSA_generate_key(1024,seed,20,&counter,&h,cb);
+	}
+
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
new file mode 100644
index 0000000000..894d2dbf04
--- /dev/null
+++ b/crypto/dsa/dsatest.c
@@ -0,0 +1,216 @@
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "crypto.h"
+#include "rand.h"
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+
+#ifdef WIN16
+#include "../bio/bss_file.c"
+#endif
+
+#ifdef WIN16
+#define MS_CALLBACK     _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+static unsigned char seed[20]={
+	0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
+	0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
+	};
+
+static unsigned char out_p[]={
+	0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+	0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+	0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+	0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+	0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+	0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+	0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+	0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
+	};
+
+static unsigned char out_q[]={
+	0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
+	0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
+	0xda,0xce,0x91,0x5f,
+	};
+
+static unsigned char out_g[]={
+	0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
+	0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
+	0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
+	0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
+	0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
+	0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
+	0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
+	0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
+	};
+
+static BIO *bio_err=NULL;
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	DSA *dsa=NULL;
+	int counter,ret=0,i,j;
+	unsigned char buf[256];
+	unsigned long h;
+
+	if (bio_err == NULL)
+		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+	BIO_printf(bio_err,"test generation of DSA parameters\n");
+	BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n");
+	dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb);
+
+	BIO_printf(bio_err,"seed\n");
+	for (i=0; i<20; i+=4)
+		{
+		BIO_printf(bio_err,"%02X%02X%02X%02X ",
+			seed[i],seed[i+1],seed[i+2],seed[i+3]);
+		}
+	BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
+		
+	if (dsa == NULL) goto end;
+	DSA_print(bio_err,dsa,0);
+	if (counter != 105) 
+		{
+		BIO_printf(bio_err,"counter should be 105\n");
+		goto end;
+		}
+	if (h != 2)
+		{
+		BIO_printf(bio_err,"h should be 2\n");
+		goto end;
+		}
+
+	i=BN_bn2bin(dsa->q,buf);
+	j=sizeof(out_q);
+	if ((i != j) || (memcmp(buf,out_q,i) != 0))
+		{
+		BIO_printf(bio_err,"q value is wrong\n");
+		goto end;
+		}
+
+	i=BN_bn2bin(dsa->p,buf);
+	j=sizeof(out_p);
+	if ((i != j) || (memcmp(buf,out_p,i) != 0))
+		{
+		BIO_printf(bio_err,"p value is wrong\n");
+		goto end;
+		}
+
+	i=BN_bn2bin(dsa->g,buf);
+	j=sizeof(out_g);
+	if ((i != j) || (memcmp(buf,out_g,i) != 0))
+		{
+		BIO_printf(bio_err,"g value is wrong\n");
+		goto end;
+		}
+
+	ret=1;
+end:
+	if (!ret)
+		ERR_print_errors(bio_err);
+	if (bio_err != NULL) BIO_free(bio_err);
+	if (dsa != NULL) DSA_free(dsa);
+	exit(!ret);
+	return(0);
+	}
+
+static void MS_CALLBACK dsa_cb(p, n)
+int p;
+int n;
+	{
+	char c='*';
+	static int ok=0,num=0;
+
+	if (p == 0) { c='.'; num++; };
+	if (p == 1) c='+';
+	if (p == 2) { c='*'; ok++; }
+	if (p == 3) c='\n';
+	BIO_write(bio_err,&c,1);
+	BIO_flush(bio_err);
+
+	if (!ok && (p == 0) && (num > 1))
+		{
+		BIO_printf(bio_err,"error in dsatest\n");
+		exit(1);
+		}
+	}
+
+
diff --git a/crypto/dsa/fips186a.txt b/crypto/dsa/fips186a.txt
new file mode 100644
index 0000000000..3a2e0a0d51
--- /dev/null
+++ b/crypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
+The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
+examples.  This is an updated version that uses SHA-1 (FIPS 180-1)
+supplied to me by Wei Dai
+--
+		     APPENDIX 5. EXAMPLE OF THE DSA
+
+
+This appendix is for informational purposes only and is not required to meet
+the standard.
+
+Let L = 512 (size of p).  The values in this example are expressed in
+hexadecimal notation.  The p and q given here were generated by the prime
+generation standard described in appendix 2 using the 160-bit SEED:
+
+          d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
+
+With this SEED, the algorithm found p and q when the counter was at 105.
+
+x was generated by the algorithm described in appendix 3, section 3.1, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
+
+XSEED =   
+
+	bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
+
+t =
+	67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
+
+x = G(t,XSEED) mod q
+
+k was generated by the algorithm described in appendix 3, section 3.2, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
+
+KSEED =
+
+	687a66d9 0648f993 867e121f 4ddf9ddb 01205584
+
+t =
+	EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
+
+k = G(t,KSEED) mod q
+
+Finally:
+
+h = 2
+
+p =
+	8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
+	cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
+	49693dfb f83724c2 ec0736ee 31c80291
+
+
+q =
+	c773218c 737ec8ee 993b4f2d ed30f48e dace915f
+
+
+g =
+	626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
+	3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
+	c42e9f6f 464b088c c572af53 e6d78802
+
+
+x =
+	2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
+
+
+k =
+	358dad57 1462710f 50e254cf 1a376b2b deaadfbf
+
+
+kinv = 
+
+	0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
+
+M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
+
+SHA(M) =  
+
+	a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
+
+
+y =
+
+	19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85 
+	9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
+	858fba33 f44c0669 9630a76b 030ee333
+
+
+r =
+	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
+
+s =
+	41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
+
+
+w =
+	9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
+
+
+u1 =
+	bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
+
+
+u2 =
+	821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
+
+
+gu1 mod p =
+
+	51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
+	9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
+	6f96662a 1987a21b e4ec1071 010b6069
+
+
+yu2 mod p =
+
+	8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
+	5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67 
+	c19441f4 22bf3c34 08aeba1f 0a4dbec7
+
+v =
+	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl
new file mode 100644
index 0000000000..9e1e451e59
--- /dev/null
+++ b/crypto/err/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/err/Makefile
+#
+
+DIR=	error
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= err.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/err/err.c b/crypto/err/err.c
new file mode 100644
index 0000000000..6eec77a154
--- /dev/null
+++ b/crypto/err/err.c
@@ -0,0 +1,550 @@
+/* crypto/err/err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "crypto.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "err.h"
+#include "crypto.h"
+
+
+static LHASH *error_hash=NULL;
+static LHASH *thread_hash=NULL;
+
+#ifndef NOPROTO
+static unsigned long err_hash(ERR_STRING_DATA *a);
+static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b);
+static unsigned long pid_hash(ERR_STATE *pid);
+static int pid_cmp(ERR_STATE *a,ERR_STATE *pid);
+#else
+static unsigned long err_hash();
+static int err_cmp();
+static unsigned long pid_hash();
+static int pid_cmp();
+#endif
+
+#ifndef NO_ERR
+static ERR_STRING_DATA ERR_str_libraries[]=
+	{
+{ERR_PACK(ERR_LIB_NONE,0,0)		,"unknown library"},
+{ERR_PACK(ERR_LIB_SYS,0,0)		,"system library"},
+{ERR_PACK(ERR_LIB_BN,0,0)		,"bignum routines"},
+{ERR_PACK(ERR_LIB_RSA,0,0)		,"rsa routines"},
+{ERR_PACK(ERR_LIB_DH,0,0)		,"Diffie-Hellman routines"},
+{ERR_PACK(ERR_LIB_EVP,0,0)		,"digital envelope routines"},
+{ERR_PACK(ERR_LIB_BUF,0,0)		,"memory buffer routines"},
+{ERR_PACK(ERR_LIB_BIO,0,0)		,"BIO routines"},
+{ERR_PACK(ERR_LIB_OBJ,0,0)		,"object identifier routines"},
+{ERR_PACK(ERR_LIB_PEM,0,0)		,"PEM routines"},
+{ERR_PACK(ERR_LIB_ASN1,0,0)		,"asn1 encoding routines"},
+{ERR_PACK(ERR_LIB_X509,0,0)		,"x509 certificate routines"},
+{ERR_PACK(ERR_LIB_CONF,0,0)		,"configuation file routines"},
+{ERR_PACK(ERR_LIB_METH,0,0)		,"X509 lookup 'method' routines"},
+{ERR_PACK(ERR_LIB_SSL,0,0)		,"SSL routines"},
+{ERR_PACK(ERR_LIB_RSAREF,0,0)		,"RSAref routines"},
+{ERR_PACK(ERR_LIB_PROXY,0,0)		,"Proxy routines"},
+{ERR_PACK(ERR_LIB_BIO,0,0)		,"BIO routines"},
+{ERR_PACK(ERR_LIB_PKCS7,0,0)		,"PKCS7 routines"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA ERR_str_functs[]=
+	{
+	{ERR_PACK(0,SYS_F_FOPEN,0),     	"fopen"},
+	{ERR_PACK(0,SYS_F_CONNECT,0),		"connect"},
+	{ERR_PACK(0,SYS_F_GETSERVBYNAME,0),	"getservbyname"},
+	{ERR_PACK(0,SYS_F_SOCKET,0),		"socket"}, 
+	{ERR_PACK(0,SYS_F_IOCTLSOCKET,0),	"ioctlsocket"},
+	{ERR_PACK(0,SYS_F_BIND,0),		"bind"},
+	{ERR_PACK(0,SYS_F_LISTEN,0),		"listen"},
+	{ERR_PACK(0,SYS_F_ACCEPT,0),		"accept"},
+#ifdef WINDOWS
+	{ERR_PACK(0,SYS_F_WSASTARTUP,0),	"WSAstartup"},
+#endif
+	{0,NULL},
+	};
+
+static ERR_STRING_DATA ERR_str_reasons[]=
+	{
+{ERR_R_FATAL                             ,"fatal"},
+{ERR_R_SYS_LIB				,"system lib"},
+{ERR_R_BN_LIB				,"BN lib"},
+{ERR_R_RSA_LIB				,"RSA lib"},
+{ERR_R_DH_LIB				,"DH lib"},
+{ERR_R_EVP_LIB				,"EVP lib"},
+{ERR_R_BUF_LIB				,"BUF lib"},
+{ERR_R_BIO_LIB				,"BIO lib"},
+{ERR_R_OBJ_LIB				,"OBJ lib"},
+{ERR_R_PEM_LIB				,"PEM lib"},
+{ERR_R_X509_LIB				,"X509 lib"},
+{ERR_R_METH_LIB				,"METH lib"},
+{ERR_R_ASN1_LIB				,"ASN1 lib"},
+{ERR_R_CONF_LIB				,"CONF lib"},
+{ERR_R_SSL_LIB				,"SSL lib"},
+{ERR_R_PROXY_LIB			,"PROXY lib"},
+{ERR_R_BIO_LIB				,"BIO lib"},
+{ERR_R_PKCS7_LIB			,"PKCS7 lib"},
+{ERR_R_MALLOC_FAILURE			,"Malloc failure"},
+{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED	,"called a fuction you should not call"},
+{0,NULL},
+	};
+#endif
+
+void ERR_load_ERR_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+		if (init == 0)
+			{
+			CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+			return;
+			}
+		init=0;
+		CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+#ifndef NO_ERR
+		ERR_load_strings(0,ERR_str_libraries);
+		ERR_load_strings(0,ERR_str_reasons);
+		ERR_load_strings(ERR_LIB_SYS,ERR_str_functs);
+#endif
+		}
+	}
+
+void ERR_load_strings(lib,str)
+int lib;
+ERR_STRING_DATA *str;
+	{
+	if (error_hash == NULL)
+		{
+		CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
+		error_hash=lh_new(err_hash,err_cmp);
+		if (error_hash == NULL)
+			{
+			CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+			return;
+			}
+		CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+
+		ERR_load_ERR_strings();
+		}
+
+	CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
+	while (str->error)
+		{
+		str->error|=ERR_PACK(lib,0,0);
+		lh_insert(error_hash,(char *)str);
+		str++;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+	}
+
+void ERR_free_strings()
+	{
+	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+
+	if (error_hash != NULL)
+		{
+		lh_free(error_hash);
+		error_hash=NULL;
+		}
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+	}
+
+void ERR_put_error(lib,func,reason,file,line)
+int lib,func,reason;
+char *file;
+int line;
+	{
+	ERR_STATE *es;
+
+	es=ERR_get_state();
+
+	es->top=(es->top+1)%ERR_NUM_ERRORS;
+	if (es->top == es->bottom)
+		es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
+	es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
+	es->err_file[es->top]=file;
+	es->err_line[es->top]=line;
+	}
+
+void ERR_clear_error()
+	{
+	int i;
+	ERR_STATE *es;
+
+	es=ERR_get_state();
+
+	for (i=0; i<ERR_NUM_ERRORS; i++)
+		{
+		es->err_buffer[i]=0;
+		es->err_file[i]=NULL;
+		es->err_line[i]= -1;
+		}
+	es->top=es->bottom=0;
+	}
+
+unsigned long ERR_peek_error()
+	{	
+	int i;
+	ERR_STATE *es;
+
+	/* should be fine since only one thread should ever be playing
+	 * with the value returned from this call */
+	es=ERR_get_state();
+
+	if (es->bottom == es->top) return(0);
+	i=(es->bottom+1)%ERR_NUM_ERRORS;
+
+
+	return(es->err_buffer[i]);
+	}
+
+unsigned long ERR_get_error()
+	{
+	int i;
+	unsigned long ret;
+	ERR_STATE *es;
+
+	es=ERR_get_state();
+
+	if (es->bottom == es->top) return(0);
+	i=(es->bottom+1)%ERR_NUM_ERRORS;
+	es->bottom=i;
+	ret=es->err_buffer[i];
+	es->err_buffer[i]=0;
+
+
+	return(ret);
+	}
+
+unsigned long ERR_peek_error_line(file,line)
+char **file;
+int *line;
+	{	
+	int i=0;
+	ERR_STATE *es;
+
+	es=ERR_get_state();
+
+	if (es->bottom == es->top)
+		{
+		return(0);
+		}
+
+	i=(es->bottom+1)%ERR_NUM_ERRORS;
+	if (es->err_file[i] == NULL)
+		{
+		*file="NA";
+		*line=0;
+		}
+	else
+		{
+		*file=es->err_file[i];
+		*line=es->err_line[i];
+		}
+
+	return(es->err_buffer[i]);
+	}
+
+unsigned long ERR_get_error_line(file,line)
+char **file;
+int *line;
+	{
+	int i;
+	unsigned long ret;
+	ERR_STATE *es;
+
+	es=ERR_get_state();
+
+	if (es->bottom == es->top)
+		return(0);
+
+	i=(es->bottom+1)%ERR_NUM_ERRORS;
+	es->bottom=i;
+	ret=  es->err_buffer[i];
+	if (es->err_file[i] == NULL)
+		{
+		*file="NA";
+		*line=0;
+		}
+	else
+		{
+		*file=es->err_file[i];
+		*line=es->err_line[i];
+		}
+	es->err_buffer[i]=0;
+	es->err_file[i]=NULL;
+	es->err_line[i]= -1;
+
+	return(ret);
+	}
+
+/* BAD for multi-threaded, uses a local buffer if ret == NULL */
+char *ERR_error_string(e,ret)
+unsigned long e;
+char *ret;
+	{
+	static char buf[256];
+	char *ls,*fs,*rs;
+	unsigned long l,f,r;
+	int i;
+
+	l=ERR_GET_LIB(e);
+	f=ERR_GET_FUNC(e);
+	r=ERR_GET_REASON(e);
+
+	ls=ERR_lib_error_string(e);
+	fs=ERR_func_error_string(e);
+	rs=ERR_reason_error_string(e);
+
+	if (ret == NULL) ret=buf;
+
+	sprintf(&(ret[0]),"error:%08lX:",e);
+	i=strlen(ret);
+	if (ls == NULL)
+		sprintf(&(ret[i]),":lib(%lu) ",l);
+	else	sprintf(&(ret[i]),"%s",ls);
+	i=strlen(ret);
+	if (fs == NULL)
+		sprintf(&(ret[i]),":func(%lu) ",f);
+	else	sprintf(&(ret[i]),":%s",fs);
+	i=strlen(ret);
+	if (rs == NULL)
+		sprintf(&(ret[i]),":reason(%lu)",r);
+	else	sprintf(&(ret[i]),":%s",rs);
+
+	return(ret);
+	}
+
+LHASH *ERR_get_string_table()
+	{
+	return(error_hash);
+	}
+
+LHASH *ERR_get_err_state_table()
+	{
+	return(thread_hash);
+	}
+
+char *ERR_lib_error_string(e)
+unsigned long e;
+	{
+	ERR_STRING_DATA d,*p=NULL;
+	unsigned long l;
+
+	l=ERR_GET_LIB(e);
+
+	CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+	if (error_hash != NULL)
+		{
+		d.error=ERR_PACK(l,0,0);
+		p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+		}
+
+	CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+	return((p == NULL)?NULL:p->string);
+	}
+
+char *ERR_func_error_string(e)
+unsigned long e;
+	{
+	ERR_STRING_DATA d,*p=NULL;
+	unsigned long l,f;
+
+	l=ERR_GET_LIB(e);
+	f=ERR_GET_FUNC(e);
+
+	CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+	if (error_hash != NULL)
+		{
+		d.error=ERR_PACK(l,f,0);
+		p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+		}
+
+	CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+	return((p == NULL)?NULL:p->string);
+	}
+
+char *ERR_reason_error_string(e)
+unsigned long e;
+	{
+	ERR_STRING_DATA d,*p=NULL;
+	unsigned long l,r;
+
+	l=ERR_GET_LIB(e);
+	r=ERR_GET_REASON(e);
+
+	CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+	if (error_hash != NULL)
+		{
+		d.error=ERR_PACK(l,0,r);
+		p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+		if (p == NULL)
+			{
+			d.error=ERR_PACK(0,0,r);
+			p=(ERR_STRING_DATA *)lh_retrieve(error_hash,
+				(char *)&d);
+			}
+		}
+
+	CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+	return((p == NULL)?NULL:p->string);
+	}
+
+static unsigned long err_hash(a)
+ERR_STRING_DATA *a;
+	{
+	unsigned long ret,l;
+
+	l=a->error;
+	ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
+	return(ret^ret%19*13);
+	}
+
+static int err_cmp(a,b)
+ERR_STRING_DATA *a,*b;
+	{
+	return((int)(a->error-b->error));
+	}
+
+static unsigned long pid_hash(a)
+ERR_STATE *a;
+	{
+	return(a->pid*13);
+	}
+
+static int pid_cmp(a,b)
+ERR_STATE *a,*b;
+	{
+	return((int)((long)a->pid - (long)b->pid));
+	}
+
+void ERR_remove_state(pid)
+unsigned long pid;
+	{
+	ERR_STATE *p,tmp;
+
+	if (thread_hash == NULL)
+		return;
+	if (pid == 0)
+		pid=(unsigned long)CRYPTO_thread_id();
+	tmp.pid=pid;
+	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+	p=(ERR_STATE *)lh_delete(thread_hash,(char *)&tmp);
+	if (p != NULL) Free(p);
+	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+	}
+
+ERR_STATE *ERR_get_state()
+	{
+	static ERR_STATE fallback;
+	ERR_STATE *ret=NULL,tmp,*tmpp;
+	unsigned long pid;
+
+	pid=(unsigned long)CRYPTO_thread_id();
+
+	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+	if (thread_hash == NULL)
+		{
+		CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+		CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+		if (thread_hash == NULL)
+			{
+			thread_hash=lh_new(pid_hash,pid_cmp);
+			CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+			if (thread_hash == NULL) return(&fallback);
+			}
+		else
+			CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+		}
+	else
+		{
+		tmp.pid=pid;
+		ret=(ERR_STATE *)lh_retrieve(thread_hash,(char *)&tmp);
+		CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+		}
+
+	/* ret == the error state, if NULL, make a new one */
+	if (ret == NULL)
+		{
+		ret=(ERR_STATE *)Malloc(sizeof(ERR_STATE));
+		if (ret == NULL) return(&fallback);
+		ret->pid=pid;
+		ret->top=0;
+		ret->bottom=0;
+		CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+		tmpp=(ERR_STATE *)lh_insert(thread_hash,(char *)ret);
+		CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+		if (tmpp != NULL) /* old entry - should not happen */
+			Free(tmpp);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/err/err.h b/crypto/err/err.h
new file mode 100644
index 0000000000..aa3354e2dd
--- /dev/null
+++ b/crypto/err/err.h
@@ -0,0 +1,265 @@
+/* crypto/err/err.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ERR_H
+#define HEADER_ERR_H
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/* The following is a bit of a trick to help the object files only contain
+ * the 'name of the file' string once.  Since 'err.h' is protected by the
+ * HEADER_ERR_H stuff, this should be included only once per file. */
+
+#define ERR_file_name	__FILE__
+
+#ifndef NO_ERR
+#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,d,e)
+#else
+#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,NULL,0)
+#endif
+
+#include <errno.h>
+
+#define ERR_NUM_ERRORS	10
+typedef struct err_state_st
+	{
+	unsigned long pid;
+	unsigned long err_buffer[ERR_NUM_ERRORS];
+	char *err_file[ERR_NUM_ERRORS];
+	int err_line[ERR_NUM_ERRORS];
+	int top,bottom;
+	} ERR_STATE;
+
+/* library */
+#define ERR_LIB_NONE		1
+#define ERR_LIB_SYS		2
+#define ERR_LIB_BN		3
+#define ERR_LIB_RSA		4
+#define ERR_LIB_DH		5
+#define ERR_LIB_EVP		6
+#define ERR_LIB_BUF		7
+#define ERR_LIB_OBJ		8
+#define ERR_LIB_PEM		9
+#define ERR_LIB_DSA		10
+#define ERR_LIB_X509		11
+#define ERR_LIB_METH		12
+#define ERR_LIB_ASN1		13
+#define ERR_LIB_CONF		14
+#define ERR_LIB_SSL		20
+#define ERR_LIB_SSL23		21
+#define ERR_LIB_SSL2		22
+#define ERR_LIB_SSL3		23
+#define ERR_LIB_RSAREF		30
+#define ERR_LIB_PROXY		31
+#define ERR_LIB_BIO		32
+#define ERR_LIB_PKCS7		33
+
+#define ERR_LIB_USER		128
+
+#define SYSerr(f,r)	ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
+#define BNerr(f,r)	ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
+#define RSAerr(f,r)	ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
+#define DHerr(f,r)	ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
+#define EVPerr(f,r)	ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
+#define BUFerr(f,r)	ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
+#define BIOerr(f,r)	ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
+#define OBJerr(f,r)	ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
+#define PEMerr(f,r)	ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
+#define DSAerr(f,r)	ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
+#define X509err(f,r)	ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
+#define METHerr(f,r)	ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
+#define ASN1err(f,r)	ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
+#define CONFerr(f,r)	ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
+#define SSLerr(f,r)	ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
+#define SSL23err(f,r)	ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
+#define SSL2err(f,r)	ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
+#define SSL3err(f,r)	ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
+#define RSAREFerr(f,r)	ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
+#define PROXYerr(f,r)	ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
+#define PKCS7err(f,r)	ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
+
+/* Borland C seems too stupid to be able to shift and do longs in
+ * the pre-processor :-( */
+#define ERR_PACK(l,f,r)		(((((unsigned long)l)&0xffL)*0x1000000)| \
+				((((unsigned long)f)&0xfffL)*0x1000)| \
+				((((unsigned long)r)&0xfffL)))
+#define ERR_GET_LIB(l)		(int)((((unsigned long)l)>>24L)&0xffL)
+#define ERR_GET_FUNC(l)		(int)((((unsigned long)l)>>12L)&0xfffL)
+#define ERR_GET_REASON(l)	(int)((l)&0xfffL)
+#define ERR_FATAL_ERROR(l)	(int)((l)&ERR_R_FATAL)
+
+/* OS fuctions */
+#define SYS_F_FOPEN		1
+#define SYS_F_CONNECT		2
+#define SYS_F_GETSERVBYNAME	3
+#define SYS_F_SOCKET		4
+#define SYS_F_IOCTLSOCKET	5
+#define SYS_F_BIND		6
+#define SYS_F_LISTEN		7
+#define SYS_F_ACCEPT		8
+#define SYS_F_WSASTARTUP	9 /* Winsock stuff */
+
+#define ERR_R_FATAL		32	
+/* reasons */
+#define ERR_R_SYS_LIB	ERR_LIB_SYS
+#define ERR_R_BN_LIB	ERR_LIB_BN
+#define ERR_R_RSA_LIB	ERR_LIB_RSA
+#define ERR_R_DSA_LIB	ERR_LIB_DSA
+#define ERR_R_DH_LIB	ERR_LIB_DH
+#define ERR_R_EVP_LIB	ERR_LIB_EVP
+#define ERR_R_BUF_LIB	ERR_LIB_BUF
+#define ERR_R_BIO_LIB	ERR_LIB_BIO
+#define ERR_R_OBJ_LIB	ERR_LIB_OBJ
+#define ERR_R_PEM_LIB	ERR_LIB_PEM
+#define ERR_R_X509_LIB	ERR_LIB_X509
+#define ERR_R_METH_LIB	ERR_LIB_METH
+#define ERR_R_ASN1_LIB	ERR_LIB_ASN1
+#define ERR_R_CONF_LIB	ERR_LIB_CONF
+#define ERR_R_SSL_LIB	ERR_LIB_SSL
+#define ERR_R_SSL23_LIB	ERR_LIB_SSL23
+#define ERR_R_SSL2_LIB	ERR_LIB_SSL2
+#define ERR_R_SSL3_LIB	ERR_LIB_SSL3
+#define ERR_R_PROXY_LIB	ERR_LIB_PROXY
+#define ERR_R_BIO_LIB	ERR_LIB_BIO
+#define ERR_R_PKCS7_LIB	ERR_LIB_PKCS7
+
+/* fatal error */
+#define	ERR_R_MALLOC_FAILURE			(1|ERR_R_FATAL)
+#define	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED	(2|ERR_R_FATAL)
+#define	ERR_R_PASSED_NULL_PARAMETER		(3|ERR_R_FATAL)
+
+typedef struct ERR_string_data_st
+	{
+	unsigned long error;
+	char *string;
+	} ERR_STRING_DATA;
+
+#ifndef NOPROTO
+void ERR_put_error(int lib, int func,int reason,char *file,int line);
+unsigned long ERR_get_error(void );
+unsigned long ERR_get_error_line(char **file,int *line);
+unsigned long ERR_peek_error(void );
+unsigned long ERR_peek_error_line(char **file,int *line);
+void ERR_clear_error(void );
+char *ERR_error_string(unsigned long e,char *buf);
+char *ERR_lib_error_string(unsigned long e);
+char *ERR_func_error_string(unsigned long e);
+char *ERR_reason_error_string(unsigned long e);
+#ifndef WIN16
+void ERR_print_errors_fp(FILE *fp);
+#endif
+#ifdef HEADER_BIO_H
+void ERR_print_errors(BIO *bp);
+#endif
+void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
+void ERR_load_ERR_strings(void );
+void ERR_load_crypto_strings(void );
+void ERR_free_strings(void );
+
+void ERR_remove_state(unsigned long pid); /* if zero we look it up */
+ERR_STATE *ERR_get_state(void);
+
+#ifdef HEADER_LHASH_H
+LHASH *ERR_get_string_table(void );
+LHASH *ERR_get_err_state_table(void );
+#else
+char *ERR_get_string_table(void );
+char *ERR_get_err_state_table(void );
+#endif
+
+#else
+
+void ERR_put_error();
+unsigned long ERR_get_error();
+unsigned long ERR_get_error_line();
+unsigned long ERR_peek_error();
+unsigned long ERR_peek_error_line();
+void ERR_clear_error();
+char *ERR_error_string();
+char *ERR_lib_error_string();
+char *ERR_func_error_string();
+char *ERR_reason_error_string();
+#ifndef WIN16
+void ERR_print_errors_fp();
+#endif
+void ERR_print_errors();
+void ERR_load_strings();
+void ERR_load_ERR_strings();
+void ERR_load_crypto_strings();
+void ERR_free_strings();
+
+void ERR_remove_state();
+ERR_STATE *ERR_get_state();
+
+#ifdef HEADER_LHASH_H
+LHASH *ERR_get_string_table();
+LHASH *ERR_get_err_state_table();
+#else
+char *ERR_get_string_table();
+char *ERR_get_err_state_table();
+#endif
+
+#endif
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
new file mode 100644
index 0000000000..d6d8109ea0
--- /dev/null
+++ b/crypto/err/err_all.c
@@ -0,0 +1,115 @@
+/* crypto/err/err_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "asn1.h"
+#include "bn.h"
+#include "buffer.h"
+#include "bio.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifdef RSAref
+#include "rsaref.h"
+#endif
+#ifndef NO_DH
+#include "dh.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+#include "evp.h"
+#include "objects.h"
+#include "pem.h"
+#include "x509.h"
+#include "conf.h"
+#include "err.h"
+
+void ERR_load_crypto_strings()
+	{
+	static int done=0;
+
+	if (done) return;
+	done=1;
+#ifndef NO_ERR
+	ERR_load_ASN1_strings();
+	ERR_load_BN_strings();
+	ERR_load_BUF_strings();
+	ERR_load_BIO_strings();
+	ERR_load_CONF_strings();
+#ifndef NO_RSA
+#ifdef RSAref
+	ERR_load_RSAREF_strings();
+#else
+	ERR_load_RSA_strings();
+#endif
+#endif
+#ifndef NO_DH
+	ERR_load_DH_strings();
+#endif
+#ifndef NO_DSA
+	ERR_load_DSA_strings();
+#endif
+	ERR_load_ERR_strings();
+	ERR_load_EVP_strings();
+	ERR_load_OBJ_strings();
+	ERR_load_PEM_strings();
+	ERR_load_X509_strings();
+	ERR_load_PKCS7_strings();
+#endif
+	}
diff --git a/crypto/err/err_code.pl b/crypto/err/err_code.pl
new file mode 100644
index 0000000000..5b893001c6
--- /dev/null
+++ b/crypto/err/err_code.pl
@@ -0,0 +1,126 @@
+#!/usr/local/bin/perl
+
+%errfile=(
+	"ERR",	"NONE",
+	"BN",	"bn/bn.err",
+	"RSA",	"rsa/rsa.err",
+	"DSA",	"dsa/dsa.err",
+	"DH",	"dh/dh.err",
+	"EVP",	"evp/evp.err",
+	"BUF",	"buffer/buffer.err",
+	"BIO",	"bio/bio.err",
+	"OBJ",	"objects/objects.err",
+	"PEM",	"pem/pem.err",
+	"X509",	"x509/x509.err",
+	"METH",	"meth/meth.err",
+	"ASN1",	"asn1/asn1.err",
+	"CONF",	"conf/conf.err",
+	"PROXY","proxy/proxy.err",
+	"PKCS7","pkcs7/pkcs7.err",
+	"RSAREF","../rsaref/rsaref.err",
+	"SSL",	"../ssl/ssl.err",
+	"SSL2",	"../ssl/ssl2.err",
+	"SSL3",	"../ssl/ssl3.err",
+	"SSL23","../ssl/ssl23.err",
+	);
+
+$function{'RSAREF_F_RSA_BN2BIN'}=1;
+$function{'RSAREF_F_RSA_PRIVATE_DECRYPT'}=1;
+$function{'RSAREF_F_RSA_PRIVATE_ENCRYPT'}=1;
+$function{'RSAREF_F_RSA_PUBLIC_DECRYPT'}=1;
+$function{'RSAREF_F_RSA_PUBLIC_ENCRYPT'}=1;
+$function{'SSL_F_CLIENT_CERTIFICATE'}=1;
+
+$r_value{'SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE'}=	1010;
+$r_value{'SSL_R_SSLV3_ALERT_BAD_RECORD_MAC'}=	1020;
+$r_value{'SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE'}=1030;
+$r_value{'SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE'}=	1040;
+$r_value{'SSL_R_SSLV3_ALERT_NO_CERTIFICATE'}=	1041;
+$r_value{'SSL_R_SSLV3_ALERT_BAD_CERTIFICATE'}=	1042;
+$r_value{'SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE'}=1043;
+$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED'}=	1044;
+$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED'}=	1045;
+$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN'}=	1046;
+$r_value{'SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER'}=	1047;
+
+$r_value{'RSAREF_R_CONTENT_ENCODING'}=	0x0400;
+$r_value{'RSAREF_R_DATA'}=		0x0401;
+$r_value{'RSAREF_R_DIGEST_ALGORITHM'}=	0x0402;
+$r_value{'RSAREF_R_ENCODING'}=		0x0403;
+$r_value{'RSAREF_R_KEY'}=		0x0404;
+$r_value{'RSAREF_R_KEY_ENCODING'}=	0x0405;
+$r_value{'RSAREF_R_LEN'}=		0x0406;
+$r_value{'RSAREF_R_MODULUS_LEN'}=	0x0407;
+$r_value{'RSAREF_R_NEED_RANDOM'}=	0x0408;
+$r_value{'RSAREF_R_PRIVATE_KEY'}=	0x0409;
+$r_value{'RSAREF_R_PUBLIC_KEY'}=	0x040a;
+$r_value{'RSAREF_R_SIGNATURE'}=		0x040b;
+$r_value{'RSAREF_R_SIGNATURE_ENCODING'}=0x040c;
+$r_value{'RSAREF_R_ENCRYPTION_ALGORITHM'}=0x040d;
+
+$last="";
+while (<>)
+	{
+	if (/err\(([A-Z0-9]+_F_[0-9A-Z_]+)\s*,\s*([0-9A-Z]+_R_[0-9A-Z_]+)\s*\)/)
+		{
+		if ($1 != $last)
+			{
+			if ($function{$1} == 0)
+				{
+				printf STDERR "$. $1 is bad\n";
+				}
+			}
+		$function{$1}++;
+		$last=$1;
+		$reason{$2}++;
+		}
+	}
+
+foreach (keys %function,keys %reason)
+	{
+	/^([A-Z0-9]+)_/;
+	$prefix{$1}++;
+	}
+
+@F=sort keys %function;
+@R=sort keys %reason;
+foreach $j (sort keys %prefix)
+	{
+	next if $errfile{$j} eq "NONE";
+	printf STDERR "doing %-6s - ",$j;
+	open(OUT,">$errfile{$j}") || die "unable to open '$errfile{$j}':$!\n";
+	@f=grep(/^${j}_/,@F);
+	@r=grep(/^${j}_/,@R);
+	$num=100;
+	print OUT "/* Error codes for the $j functions. */\n\n";
+	print OUT "/* Function codes. */\n";
+	$f_count=0;
+	foreach $i (@f)
+		{
+		$z=6-int(length($i)/8);
+		printf OUT "#define $i%s $num\n","\t" x $z;
+		$num++;
+		$f_count++;
+		}
+	$num=100;
+	print OUT "\n/* Reason codes. */\n";
+	$r_count=0;
+	foreach $i (@r)
+		{
+		$z=6-int(length($i)/8);
+		if (defined($r_value{$i}))
+			{
+			printf OUT "#define $i%s $r_value{$i}\n","\t" x $z;
+			}
+		else
+			{
+			printf OUT "#define $i%s $num\n","\t" x $z;
+			$num++;
+			}
+		$r_count++;
+		}
+	close(OUT);
+
+	printf STDERR "%3d functions, %3d reasons\n",$f_count,$r_count;
+	}
+
diff --git a/crypto/err/err_genc.pl b/crypto/err/err_genc.pl
new file mode 100644
index 0000000000..6733cfe574
--- /dev/null
+++ b/crypto/err/err_genc.pl
@@ -0,0 +1,147 @@
+#!/usr/local/bin/perl
+
+($#ARGV == 1) || die "usage: $0 <header file> <output C file>\n";
+open(IN,"<$ARGV[0]") || die "unable to open $ARGV[0]:$!\n";
+open(STDOUT,">$ARGV[1]") || die "unable to open $ARGV[1]:$!\n";
+
+$Func=0;
+$Reas=0;
+$fuction{'FOPEN'}='fopen';
+while (<IN>)
+	{
+	if (/(\S+)\s*\(\);/)
+		{
+		$t=$1;
+		$t =~ s/\*//;
+		($upper=$t) =~ tr/a-z/A-Z/;
+		$fuction{$upper}=$t;
+		}
+	next unless (/^#define\s+(\S+)\s/);
+
+	$o=$1;
+	if ($o =~ /^([^_]+)_F_(.*)/)
+		{
+		$type=$1;
+		$Func++;
+		$n=$2;
+		$n=$fuction{$n} if (defined($fuction{$n}));
+		$out{$1."_str_functs"}.=
+			sprintf("{ERR_PACK(0,%s,0),\t\"$n\"},\n",$o);
+		}
+	elsif ($o =~ /^([^_]+)_R_(.*)/)
+		{
+		$type=$1;
+		$Reas++;
+		$r=$2;
+		$r =~ tr/A-Z_/a-z /;
+		$pkg{$type."_str_reasons"}=$type;
+		$out{$type."_str_reasons"}.=sprintf("{%-40s,\"$r\"},\n",$o);
+		}
+	elsif ($ARGV[0] =~ /rsaref/ && $o =~ /^RE_(.*)/)
+		{
+		$type="RSAREF";
+		$Reas++;
+		$r=$1;
+		$r =~ tr/A-Z_/a-z /;
+		$pkg{$type."_str_reasons"}=$type;
+		$out{$type."_str_reasons"}.=sprintf("{%-40s,\"$r\"},\n",$o);
+		}
+	}
+close(IN);
+
+&header($type,$ARGV[0]);
+
+foreach (sort keys %out)
+	{
+	print "static ERR_STRING_DATA ${_}[]=\n\t{\n";
+	print $out{$_};
+	print "{0,NULL},\n";
+	print "\t};\n\n";
+	}
+
+print "void ERR_load_${type}_strings()\n";
+print "\t{\n";
+print "\tstatic int init=1;\n\n";
+print "\tif (init)\n";
+print "\t\t{\n";
+print "\t\tinit=0;\n";
+print "\t\tERR_load_strings(ERR_LIB_$type,${type}_str_functs);\n"
+	if $Func;
+print "\t\tERR_load_strings(ERR_LIB_$type,${type}_str_reasons);\n"
+	if $Reas;
+print "\t\t}\n";
+print "\t}\n";
+
+sub header
+	{
+	($type,$header)=@_;
+
+	($lc=$type) =~ tr/A-Z/a-z/;
+	$header =~ s/^.*\///;
+
+	print "/* lib/$lc/${lc}\_err.c */\n";
+	print <<'EOF';
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+EOF
+
+	print "#include <stdio.h>\n";
+	print "#include \"err.h\"\n";
+	print "#include \"$header\"\n";
+	print "\n/* BEGIN ERROR CODES */\n";
+	}
+
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
new file mode 100644
index 0000000000..16e313879d
--- /dev/null
+++ b/crypto/err/err_prn.c
@@ -0,0 +1,102 @@
+/* crypto/err/err_prn.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "crypto.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "err.h"
+#include "crypto.h"
+
+#ifndef WIN16
+void ERR_print_errors_fp(fp)
+FILE *fp;
+	{
+	unsigned long l;
+	char buf[200];
+	char *file;
+	int line;
+	unsigned long es;
+
+	es=CRYPTO_thread_id();
+	while ((l=ERR_get_error_line(&file,&line)) != 0)
+		fprintf(fp,"%lu:%s:%s:%d\n",es,ERR_error_string(l,buf),
+			file,line);
+	}
+#endif
+
+void ERR_print_errors(bp)
+BIO *bp;
+	{
+	unsigned long l;
+	char buf[256];
+	char buf2[256];
+	char *file;
+	int line;
+	unsigned long es;
+
+	es=CRYPTO_thread_id();
+	while ((l=ERR_get_error_line(&file,&line)) != 0)
+		{
+		sprintf(buf2,"%lu:%s:%s:%d\n",es,ERR_error_string(l,buf),
+			file,line);
+		BIO_write(bp,buf2,strlen(buf2));
+		}
+	}
+
diff --git a/crypto/err/error.err b/crypto/err/error.err
new file mode 100644
index 0000000000..f09557d8d9
--- /dev/null
+++ b/crypto/err/error.err
@@ -0,0 +1,13 @@
+/* Error codes for the ERR functions. */
+
+/* Function codes. */
+
+/* Reason codes. */
+#define ERR_R_BN_LIB					100
+#define ERR_R_DER_LIB					101
+#define ERR_R_MALLOC_FAILURE				102
+#define ERR_R_PEM_LIB					103
+#define ERR_R_RSA_LIB					104
+#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED		105
+#define ERR_R_SYS_LIB					106
+#define ERR_R_X509_LIB					107
diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl
new file mode 100644
index 0000000000..20338119ef
--- /dev/null
+++ b/crypto/evp/Makefile.ssl
@@ -0,0 +1,105 @@
+#
+# SSLeay/crypto/evp/Makefile
+#
+
+DIR=	evp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=evp
+ERRC=evp_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
+	e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c \
+	e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c \
+	e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c \
+	e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c \
+	e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c \
+	e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c \
+	m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c \
+	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c \
+	bio_md.c bio_b64.c bio_enc.c $(ERRC).c e_null.c \
+	c_all.c
+
+LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o \
+	e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \
+	e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o \
+	e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o \
+	e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o \
+	e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o \
+	e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o \
+	m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o \
+	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o \
+	bio_md.o bio_b64.o bio_enc.o $(ERRC).o e_null.o \
+	c_all.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
new file mode 100644
index 0000000000..e362dc3bfe
--- /dev/null
+++ b/crypto/evp/bio_b64.c
@@ -0,0 +1,452 @@
+/* crypto/evp/bio_b64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int b64_write(BIO *h,char *buf,int num);
+static int b64_read(BIO *h,char *buf,int size);
+/*static int b64_puts(BIO *h,char *str); */
+/*static int b64_gets(BIO *h,char *str,int size); */
+static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int b64_new(BIO *h);
+static int b64_free(BIO *data);
+#else
+static int b64_write();
+static int b64_read();
+/*static int b64_puts(); */
+/*static int b64_gets(); */
+static long b64_ctrl();
+static int b64_new();
+static int b64_free();
+#endif
+
+#define B64_BLOCK_SIZE	1024
+#define B64_NONE	0
+#define B64_ENCODE	1
+#define B64_DECODE	2
+
+typedef struct b64_struct
+	{
+	/*BIO *bio; moved to the BIO structure */
+	int buf_len;
+	int buf_off;
+	int tmp_len;		/* used to find the start when decoding */
+	int tmp_nl;		/* If true, scan until '\n' */
+	int encode;
+	int start;		/* have we started decoding yet? */
+	int cont;		/* <= 0 when finished */
+	EVP_ENCODE_CTX base64;
+	char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
+	char tmp[B64_BLOCK_SIZE];
+	} BIO_B64_CTX;
+
+static BIO_METHOD methods_b64=
+	{
+	BIO_TYPE_BASE64,"base64 encoding",
+	b64_write,
+	b64_read,
+	NULL, /* b64_puts, */
+	NULL, /* b64_gets, */
+	b64_ctrl,
+	b64_new,
+	b64_free,
+	};
+
+BIO_METHOD *BIO_f_base64()
+	{
+	return(&methods_b64);
+	}
+
+static int b64_new(bi)
+BIO *bi;
+	{
+	BIO_B64_CTX *ctx;
+
+	ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX));
+	if (ctx == NULL) return(0);
+
+	ctx->buf_len=0;
+	ctx->tmp_len=0;
+	ctx->tmp_nl=0;
+	ctx->buf_off=0;
+	ctx->cont=1;
+	ctx->start=1;
+	ctx->encode=0;
+
+	bi->init=1;
+	bi->ptr=(char *)ctx;
+	bi->flags=0;
+	return(1);
+	}
+
+static int b64_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	Free(a->ptr);
+	a->ptr=NULL;
+	a->init=0;
+	a->flags=0;
+	return(1);
+	}
+	
+static int b64_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0,i,ii,j,k,x,n,num;
+	BIO_B64_CTX *ctx;
+	unsigned char *p,*q;
+
+	if (out == NULL) return(0);
+	ctx=(BIO_B64_CTX *)b->ptr;
+
+	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+	if (ctx->encode != B64_DECODE)
+		{
+		ctx->encode=B64_DECODE;
+		ctx->buf_len=0;
+		ctx->buf_off=0;
+		EVP_DecodeInit(&(ctx->base64));
+		}
+
+	/* First check if there are bytes decoded/encoded */
+	if (ctx->buf_len > 0)
+		{
+		i=ctx->buf_len-ctx->buf_off;
+		if (i > outl) i=outl;
+		memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+		ret=i;
+		out+=i;
+		outl-=i;
+		ctx->buf_off+=i;
+		if (ctx->buf_len == ctx->buf_off)
+			{
+			ctx->buf_len=0;
+			ctx->buf_off=0;
+			}
+		}
+
+	/* At this point, we have room of outl bytes and an empty
+	 * buffer, so we should read in some more. */
+
+	while (outl > 0)
+		{
+		if (ctx->cont <= 0) break;
+
+		i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
+			B64_BLOCK_SIZE-ctx->tmp_len);
+
+		if (i <= 0)
+			{
+			/* Should be continue next time we are called? */
+			if (!BIO_should_retry(b->next_bio))
+				ctx->cont=i;
+			break;
+			}
+		i+=ctx->tmp_len;
+
+		/* We need to scan, a line at a time until we
+		 * have a valid line if we are starting. */
+		if (ctx->start)
+			{
+			q=p=(unsigned char *)ctx->tmp;
+			for (j=0; j<i; j++)
+				{
+				if (*(q++) != '\n') continue;
+
+				/* due to a previous very long line,
+				 * we need to keep on scanning for a '\n'
+				 * before we even start looking for
+				 * base64 encoded stuff. */
+				if (ctx->tmp_nl)
+					{
+					p=q;
+					ctx->tmp_nl=0;
+					continue;
+					}
+
+				k=EVP_DecodeUpdate(&(ctx->base64),
+					(unsigned char *)ctx->buf,
+					&num,p,q-p);
+				if ((k <= 0) && (num == 0) && (ctx->start))
+					EVP_DecodeInit(&ctx->base64);
+				else 
+					{
+					if (p != (unsigned char *)
+						&(ctx->tmp[0]))
+						{
+						i-=(p- (unsigned char *)
+							&(ctx->tmp[0]));
+						for (x=0; x < i; x++)
+							ctx->tmp[x]=p[x];
+						EVP_DecodeInit(&ctx->base64);
+						}
+					ctx->start=0;
+					break;
+					}
+				p=q;
+				}
+
+			/* we fell off the end without starting */
+			if (j == i)
+				{
+				/* Is this is one long chunk?, if so, keep on
+				 * reading until a new line. */
+				if (p == (unsigned char *)&(ctx->tmp[0]))
+					{
+					ctx->tmp_nl=1;
+					ctx->tmp_len=0;
+					}
+				else if (p != q) /* finished on a '\n' */
+					{
+					n=q-p;
+					for (ii=0; ii<n; ii++)
+						ctx->tmp[ii]=p[ii];
+					ctx->tmp_len=n;
+					}
+				/* else finished on a '\n' */
+				continue;
+				}
+			else
+				ctx->tmp_len=0;
+			}
+		i=EVP_DecodeUpdate(&(ctx->base64),
+			(unsigned char *)ctx->buf,&ctx->buf_len,
+			(unsigned char *)ctx->tmp,i);
+		ctx->cont=i;
+		ctx->buf_off=0;
+		if (i < 0)
+			{
+			ctx->buf_len=0;
+			break;
+			}
+
+		if (ctx->buf_len <= outl)
+			i=ctx->buf_len;
+		else
+			i=outl;
+
+		memcpy(out,ctx->buf,i);
+		ret+=i;
+		ctx->buf_off=i;
+		if (ctx->buf_off == ctx->buf_len)
+			{
+			ctx->buf_len=0;
+			ctx->buf_off=0;
+			}
+		outl-=i;
+		out+=i;
+		}
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+	return((ret == 0)?ctx->cont:ret);
+	}
+
+static int b64_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret=inl,n,i;
+	BIO_B64_CTX *ctx;
+
+	ctx=(BIO_B64_CTX *)b->ptr;
+	BIO_clear_retry_flags(b);
+
+	if (ctx->encode != B64_ENCODE)
+		{
+		ctx->encode=B64_ENCODE;
+		ctx->buf_len=0;
+		ctx->buf_off=0;
+		EVP_EncodeInit(&(ctx->base64));
+		}
+
+	n=ctx->buf_len-ctx->buf_off;
+	while (n > 0)
+		{
+		i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+		if (i <= 0)
+			{
+			BIO_copy_next_retry(b);
+			return(i);
+			}
+		ctx->buf_off+=i;
+		n-=i;
+		}
+	/* at this point all pending data has been written */
+
+	if ((in == NULL) || (inl <= 0)) return(0);
+
+	ctx->buf_off=0;
+	while (inl > 0)
+		{
+		n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
+		EVP_EncodeUpdate(&(ctx->base64),
+			(unsigned char *)ctx->buf,&ctx->buf_len,
+			(unsigned char *)in,n);
+		inl-=n;
+		in+=n;
+
+		ctx->buf_off=0;
+		n=ctx->buf_len;
+		while (n > 0)
+			{
+			i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+			if (i <= 0)
+				{
+				BIO_copy_next_retry(b);
+				return((ret == 0)?i:ret);
+				}
+			n-=i;
+			ctx->buf_off+=i;
+			}
+		ctx->buf_len=0;
+		ctx->buf_off=0;
+		}
+	return(ret);
+	}
+
+static long b64_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	BIO_B64_CTX *ctx;
+	long ret=1;
+	int i;
+
+	ctx=(BIO_B64_CTX *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ctx->cont=1;
+		ctx->start=1;
+		ctx->encode=B64_NONE;
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_EOF:	/* More to read */
+		if (ctx->cont <= 0)
+			ret=1;
+		else
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_WPENDING: /* More to write in buffer */
+		ret=ctx->buf_len-ctx->buf_off;
+		if ((ret == 0) && (ctx->base64.num != 0))
+			ret=1;
+		else if (ret <= 0)
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_PENDING: /* More to read in buffer */
+		ret=ctx->buf_len-ctx->buf_off;
+		if (ret <= 0)
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_FLUSH:
+		/* do a final write */
+again:
+		while (ctx->buf_len != ctx->buf_off)
+			{
+			i=b64_write(b,NULL,0);
+			if (i < 0)
+				{
+				ret=i;
+				break;
+				}
+			}
+		if (ctx->base64.num != 0)
+			{
+			ctx->buf_off=0;
+			EVP_EncodeFinal(&(ctx->base64),
+				(unsigned char *)ctx->buf,
+				&(ctx->buf_len));
+			/* push out the bytes */
+			goto again;
+			}
+		/* Finally flush the underlying BIO */
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+
+	case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		BIO_copy_next_retry(b);
+		break;
+
+	case BIO_CTRL_DUP:
+		break;
+	case BIO_CTRL_INFO:
+	case BIO_CTRL_GET:
+	case BIO_CTRL_SET:
+	default:
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+		}
+	return(ret);
+	}
+
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
new file mode 100644
index 0000000000..6020736fd0
--- /dev/null
+++ b/crypto/evp/bio_enc.c
@@ -0,0 +1,402 @@
+/* crypto/evp/bio_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int enc_write(BIO *h,char *buf,int num);
+static int enc_read(BIO *h,char *buf,int size);
+/*static int enc_puts(BIO *h,char *str); */
+/*static int enc_gets(BIO *h,char *str,int size); */
+static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int enc_new(BIO *h);
+static int enc_free(BIO *data);
+#else
+static int enc_write();
+static int enc_read();
+/*static int enc_puts(); */
+/*static int enc_gets(); */
+static long enc_ctrl();
+static int enc_new();
+static int enc_free();
+#endif
+
+#define ENC_BLOCK_SIZE	(1024*4)
+
+typedef struct enc_struct
+	{
+	int buf_len;
+	int buf_off;
+	int cont;		/* <= 0 when finished */
+	int finished;
+	int ok;			/* bad decrypt */
+	EVP_CIPHER_CTX cipher;
+	char buf[ENC_BLOCK_SIZE+10];
+	} BIO_ENC_CTX;
+
+static BIO_METHOD methods_enc=
+	{
+	BIO_TYPE_CIPHER,"cipher",
+	enc_write,
+	enc_read,
+	NULL, /* enc_puts, */
+	NULL, /* enc_gets, */
+	enc_ctrl,
+	enc_new,
+	enc_free,
+	};
+
+BIO_METHOD *BIO_f_cipher()
+	{
+	return(&methods_enc);
+	}
+
+static int enc_new(bi)
+BIO *bi;
+	{
+	BIO_ENC_CTX *ctx;
+
+	ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX));
+	if (ctx == NULL) return(0);
+
+	ctx->buf_len=0;
+	ctx->buf_off=0;
+	ctx->cont=1;
+	ctx->finished=0;
+	ctx->ok=1;
+
+	bi->init=0;
+	bi->ptr=(char *)ctx;
+	bi->flags=0;
+	return(1);
+	}
+
+static int enc_free(a)
+BIO *a;
+	{
+	BIO_ENC_CTX *b;
+
+	if (a == NULL) return(0);
+	b=(BIO_ENC_CTX *)a->ptr;
+	EVP_CIPHER_CTX_cleanup(&(b->cipher));
+	memset(a->ptr,0,sizeof(BIO_ENC_CTX));
+	Free(a->ptr);
+	a->ptr=NULL;
+	a->init=0;
+	a->flags=0;
+	return(1);
+	}
+	
+static int enc_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0,i;
+	BIO_ENC_CTX *ctx;
+
+	if (out == NULL) return(0);
+	ctx=(BIO_ENC_CTX *)b->ptr;
+
+	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+	/* First check if there are bytes decoded/encoded */
+	if (ctx->buf_len > 0)
+		{
+		i=ctx->buf_len-ctx->buf_off;
+		if (i > outl) i=outl;
+		memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+		ret=i;
+		out+=i;
+		outl-=i;
+		ctx->buf_off+=i;
+		if (ctx->buf_len == ctx->buf_off)
+			{
+			ctx->buf_len=0;
+			ctx->buf_off=0;
+			}
+		}
+
+	/* At this point, we have room of outl bytes and an empty
+	 * buffer, so we should read in some more. */
+
+	while (outl > 0)
+		{
+		if (ctx->cont <= 0) break;
+
+		/* read in at offset 8, read the EVP_Cipher
+		 * documentation about why */
+		i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
+
+		if (i <= 0)
+			{
+			/* Should be continue next time we are called? */
+			if (!BIO_should_retry(b->next_bio))
+				{
+				ctx->cont=i;
+				i=EVP_CipherFinal(&(ctx->cipher),
+					(unsigned char *)ctx->buf,
+					&(ctx->buf_len));
+				ctx->ok=i;
+				ctx->buf_off=0;
+				}
+			else
+				ret=(ret == 0)?i:ret;
+			break;
+			}
+		else
+			{
+			EVP_CipherUpdate(&(ctx->cipher),
+				(unsigned char *)ctx->buf,&ctx->buf_len,
+				(unsigned char *)&(ctx->buf[8]),i);
+			ctx->cont=1;
+			}
+
+		if (ctx->buf_len <= outl)
+			i=ctx->buf_len;
+		else
+			i=outl;
+
+		if (i <= 0) break;
+		memcpy(out,ctx->buf,i);
+		ret+=i;
+		ctx->buf_off=i;
+		outl-=i;
+		out+=i;
+		}
+
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+	return((ret == 0)?ctx->cont:ret);
+	}
+
+static int enc_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret=0,n,i;
+	BIO_ENC_CTX *ctx;
+
+	ctx=(BIO_ENC_CTX *)b->ptr;
+	ret=inl;
+
+	BIO_clear_retry_flags(b);
+	n=ctx->buf_len-ctx->buf_off;
+	while (n > 0)
+		{
+		i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+		if (i <= 0)
+			{
+			BIO_copy_next_retry(b);
+			return(i);
+			}
+		ctx->buf_off+=i;
+		n-=i;
+		}
+	/* at this point all pending data has been written */
+
+	if ((in == NULL) || (inl <= 0)) return(0);
+
+	ctx->buf_off=0;
+	while (inl > 0)
+		{
+		n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
+		EVP_CipherUpdate(&(ctx->cipher),
+			(unsigned char *)ctx->buf,&ctx->buf_len,
+			(unsigned char *)in,n);
+		inl-=n;
+		in+=n;
+
+		ctx->buf_off=0;
+		n=ctx->buf_len;
+		while (n > 0)
+			{
+			i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+			if (i <= 0)
+				{
+				BIO_copy_next_retry(b);
+				return(i);
+				}
+			n-=i;
+			ctx->buf_off+=i;
+			}
+		ctx->buf_len=0;
+		ctx->buf_off=0;
+		}
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static long enc_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	BIO *dbio;
+	BIO_ENC_CTX *ctx,*dctx;
+	long ret=1;
+	int i;
+
+	ctx=(BIO_ENC_CTX *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		ctx->ok=1;
+		ctx->finished=0;
+		EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+			ctx->cipher.encrypt);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_EOF:	/* More to read */
+		if (ctx->cont <= 0)
+			ret=1;
+		else
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_WPENDING:
+		ret=ctx->buf_len-ctx->buf_off;
+		if (ret <= 0)
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_PENDING: /* More to read in buffer */
+		ret=ctx->buf_len-ctx->buf_off;
+		if (ret <= 0)
+			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_CTRL_FLUSH:
+		/* do a final write */
+again:
+		while (ctx->buf_len != ctx->buf_off)
+			{
+			i=enc_write(b,NULL,0);
+			if (i < 0)
+				{
+				ret=i;
+				break;
+				}
+			}
+
+		if (!ctx->finished)
+			{
+			ctx->finished=1;
+			ctx->buf_off=0;
+			ret=EVP_CipherFinal(&(ctx->cipher),
+				(unsigned char *)ctx->buf,
+				&(ctx->buf_len));
+			ctx->ok=(int)ret;
+			if (ret <= 0) break;
+
+			/* push out the bytes */
+			goto again;
+			}
+		
+		/* Finally flush the underlying BIO */
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_C_GET_CIPHER_STATUS:
+		ret=(long)ctx->ok;
+		break;
+	case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		BIO_copy_next_retry(b);
+		break;
+
+	case BIO_CTRL_DUP:
+		dbio=(BIO *)ptr;
+		dctx=(BIO_ENC_CTX *)dbio->ptr;
+		memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
+		dbio->init=1;
+		break;
+	default:
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+		}
+	return(ret);
+	}
+
+void BIO_set_cipher(b,c,k,i,e)
+BIO *b;
+EVP_CIPHER *c;
+unsigned char *k;
+unsigned char *i;
+int e;
+	{
+	BIO_ENC_CTX *ctx;
+
+	if (b == NULL) return;
+
+	if ((b->callback != NULL) &&
+		(b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+		return;
+
+	b->init=1;
+	ctx=(BIO_ENC_CTX *)b->ptr;
+	EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+	
+	if (b->callback != NULL)
+		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+	}
+
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
new file mode 100644
index 0000000000..0d6508c988
--- /dev/null
+++ b/crypto/evp/bio_md.c
@@ -0,0 +1,270 @@
+/* crypto/evp/bio_md.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int md_write(BIO *h,char *buf,int num);
+static int md_read(BIO *h,char *buf,int size);
+/*static int md_puts(BIO *h,char *str); */
+static int md_gets(BIO *h,char *str,int size);
+static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int md_new(BIO *h);
+static int md_free(BIO *data);
+#else
+static int md_write();
+static int md_read();
+/*static int md_puts(); */
+static int md_gets();
+static long md_ctrl();
+static int md_new();
+static int md_free();
+#endif
+
+static BIO_METHOD methods_md=
+	{
+	BIO_TYPE_MD,"message digest",
+	md_write,
+	md_read,
+	NULL, /* md_puts, */
+	md_gets,
+	md_ctrl,
+	md_new,
+	md_free,
+	};
+
+BIO_METHOD *BIO_f_md()
+	{
+	return(&methods_md);
+	}
+
+static int md_new(bi)
+BIO *bi;
+	{
+	EVP_MD_CTX *ctx;
+
+	ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX));
+	if (ctx == NULL) return(0);
+
+	bi->init=0;
+	bi->ptr=(char *)ctx;
+	bi->flags=0;
+	return(1);
+	}
+
+static int md_free(a)
+BIO *a;
+	{
+	if (a == NULL) return(0);
+	Free(a->ptr);
+	a->ptr=NULL;
+	a->init=0;
+	a->flags=0;
+	return(1);
+	}
+	
+static int md_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+	{
+	int ret=0;
+	EVP_MD_CTX *ctx;
+
+	if (out == NULL) return(0);
+	ctx=(EVP_MD_CTX *)b->ptr;
+
+	if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+	ret=BIO_read(b->next_bio,out,outl);
+	if (b->init)
+		{
+		if (ret > 0)
+			{
+			EVP_DigestUpdate(ctx,(unsigned char *)out,
+				(unsigned int)ret);
+			}
+		}
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static int md_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+	{
+	int ret=0;
+	EVP_MD_CTX *ctx;
+
+	if ((in == NULL) || (inl <= 0)) return(0);
+	ctx=(EVP_MD_CTX *)b->ptr;
+
+	if ((ctx != NULL) && (b->next_bio != NULL))
+		ret=BIO_write(b->next_bio,in,inl);
+	if (b->init)
+		{
+		if (ret > 0)
+			{
+			EVP_DigestUpdate(ctx,(unsigned char *)in,
+				(unsigned int)ret);
+			}
+		}
+	BIO_clear_retry_flags(b);
+	BIO_copy_next_retry(b);
+	return(ret);
+	}
+
+static long md_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+	{
+	EVP_MD_CTX *ctx,*dctx,**pctx;
+	EVP_MD **ppmd;
+	EVP_MD *md;
+	long ret=1;
+	BIO *dbio;
+
+	ctx=(EVP_MD_CTX *)b->ptr;
+
+	switch (cmd)
+		{
+	case BIO_CTRL_RESET:
+		if (b->init)
+			EVP_DigestInit(ctx,ctx->digest);
+		else
+			ret=0;
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+	case BIO_C_GET_MD:
+		if (b->init)
+			{
+			ppmd=(EVP_MD **)ptr;
+			*ppmd=ctx->digest;
+			}
+		else
+			ret=0;
+		break;
+	case BIO_C_GET_MD_CTX:
+		if (b->init)
+			{
+			pctx=(EVP_MD_CTX **)ptr;
+			*pctx=ctx;
+			}
+		else
+			ret=0;
+		break;
+	case BIO_C_DO_STATE_MACHINE:
+		BIO_clear_retry_flags(b);
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		BIO_copy_next_retry(b);
+		break;
+
+	case BIO_C_SET_MD:
+		md=(EVP_MD *)ptr;
+		EVP_DigestInit(ctx,md);
+		b->init=1;
+		break;
+	case BIO_CTRL_DUP:
+		dbio=(BIO *)ptr;
+		dctx=(EVP_MD_CTX *)dbio->ptr;
+		memcpy(dctx,ctx,sizeof(ctx));
+		b->init=1;
+		break;
+	default:
+		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+		break;
+		}
+	return(ret);
+	}
+
+static int md_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+	{
+	EVP_MD_CTX *ctx;
+	unsigned int ret;
+
+
+	ctx=(EVP_MD_CTX *)bp->ptr;
+	if (size < ctx->digest->md_size)
+		return(0);
+	EVP_DigestFinal(ctx,(unsigned char *)buf,&ret);
+	return((int)ret);
+	}
+
+/*
+static int md_puts(bp,str)
+BIO *bp;
+char *str;
+	{
+	return(-1);
+	}
+*/
+
diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c
new file mode 100644
index 0000000000..b618d8d259
--- /dev/null
+++ b/crypto/evp/c_all.c
@@ -0,0 +1,155 @@
+/* crypto/evp/c_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+void SSLeay_add_all_algorithms()
+	{
+	SSLeay_add_all_ciphers();
+	SSLeay_add_all_digests();
+	}
+
+void SSLeay_add_all_ciphers()
+	{
+#ifndef NO_DES
+	EVP_add_cipher(EVP_des_cfb());
+	EVP_add_cipher(EVP_des_ede_cfb());
+	EVP_add_cipher(EVP_des_ede3_cfb());
+
+	EVP_add_cipher(EVP_des_ofb());
+	EVP_add_cipher(EVP_des_ede_ofb());
+	EVP_add_cipher(EVP_des_ede3_ofb());
+
+	EVP_add_cipher(EVP_desx_cbc());
+	EVP_add_alias(SN_desx_cbc,"DESX");
+	EVP_add_alias(SN_desx_cbc,"desx");
+
+	EVP_add_cipher(EVP_des_cbc());
+	EVP_add_alias(SN_des_cbc,"DES");
+	EVP_add_alias(SN_des_cbc,"des");
+	EVP_add_cipher(EVP_des_ede_cbc());
+	EVP_add_cipher(EVP_des_ede3_cbc());
+	EVP_add_alias(SN_des_ede3_cbc,"DES3");
+	EVP_add_alias(SN_des_ede3_cbc,"des3");
+
+	EVP_add_cipher(EVP_des_ecb());
+	EVP_add_cipher(EVP_des_ede());
+	EVP_add_cipher(EVP_des_ede3());
+#endif
+
+#ifndef NO_RC4
+	EVP_add_cipher(EVP_rc4());
+#endif
+
+#ifndef NO_IDEA
+	EVP_add_cipher(EVP_idea_ecb());
+	EVP_add_cipher(EVP_idea_cfb());
+	EVP_add_cipher(EVP_idea_ofb());
+	EVP_add_cipher(EVP_idea_cbc());
+	EVP_add_alias(SN_idea_cbc,"IDEA");
+	EVP_add_alias(SN_idea_cbc,"idea");
+#endif
+
+#ifndef NO_RC2
+	EVP_add_cipher(EVP_rc2_ecb());
+	EVP_add_cipher(EVP_rc2_cfb());
+	EVP_add_cipher(EVP_rc2_ofb());
+	EVP_add_cipher(EVP_rc2_cbc());
+	EVP_add_alias(SN_rc2_cbc,"RC2");
+	EVP_add_alias(SN_rc2_cbc,"rc2");
+#endif
+
+#ifndef NO_BLOWFISH
+	EVP_add_cipher(EVP_bf_ecb());
+	EVP_add_cipher(EVP_bf_cfb());
+	EVP_add_cipher(EVP_bf_ofb());
+	EVP_add_cipher(EVP_bf_cbc());
+	EVP_add_alias(SN_bf_cbc,"BF");
+	EVP_add_alias(SN_bf_cbc,"bf");
+	EVP_add_alias(SN_bf_cbc,"blowfish");
+#endif
+	}
+
+
+void SSLeay_add_all_digests()
+	{
+#ifndef NO_MD2
+	EVP_add_digest(EVP_md2());
+#endif
+#ifndef NO_MD2
+	EVP_add_digest(EVP_md5());
+#endif
+#ifndef NO_SHA
+	EVP_add_digest(EVP_sha());
+#ifndef NO_DSA
+	EVP_add_digest(EVP_dss());
+#endif
+#endif
+#ifndef NO_SHA1
+	EVP_add_digest(EVP_sha1());
+#ifndef NO_DSA
+	EVP_add_digest(EVP_dss1());
+#endif
+#endif
+#if !defined(NO_MDC2) && !defined(NO_DES)
+	EVP_add_digest(EVP_mdc2());
+#endif
+	}
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
new file mode 100644
index 0000000000..035218d431
--- /dev/null
+++ b/crypto/evp/digest.c
@@ -0,0 +1,89 @@
+/* crypto/evp/digest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "evp.h"
+
+void EVP_DigestInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+	{
+	ctx->digest=type;
+	type->init(&(ctx->md));
+	}
+
+void EVP_DigestUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+	{
+	ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
+	}
+
+void EVP_DigestFinal(ctx,md,size)
+EVP_MD_CTX *ctx;
+unsigned char *md;
+unsigned int *size;
+	{
+	ctx->digest->final(md,&(ctx->md.base[0]));
+	if (size != NULL)
+		*size=ctx->digest->md_size;
+	memset(&(ctx->md),0,sizeof(ctx->md));
+	}
diff --git a/crypto/evp/e_cbc_3d.c b/crypto/evp/e_cbc_3d.c
new file mode 100644
index 0000000000..3749759e28
--- /dev/null
+++ b/crypto/evp/e_cbc_3d.c
@@ -0,0 +1,153 @@
+/* crypto/evp/e_cbc_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_cbc_ede_init_key();
+static void des_cbc_ede3_init_key();
+static void des_cbc_ede_cipher();
+#endif
+
+static EVP_CIPHER d_cbc_ede_cipher2=
+	{
+	NID_des_ede_cbc,
+	8,16,8,
+	des_cbc_ede_init_key,
+	des_cbc_ede_cipher,
+	};
+
+static EVP_CIPHER d_cbc_ede_cipher3=
+	{
+	NID_des_ede3_cbc,
+	8,24,8,
+	des_cbc_ede3_init_key,
+	des_cbc_ede_cipher,
+	};
+
+EVP_CIPHER *EVP_des_ede_cbc()
+	{
+	return(&d_cbc_ede_cipher2);
+	}
+
+EVP_CIPHER *EVP_des_ede3_cbc()
+	{
+	return(&d_cbc_ede_cipher3);
+	}
+	
+static void des_cbc_ede_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_ede.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_ede.iv[0]),&(ctx->c.des_ede.oiv[0]),8);
+
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		memcpy( (char *)ctx->c.des_ede.ks3,
+			(char *)ctx->c.des_ede.ks1,
+			sizeof(ctx->c.des_ede.ks1));
+		}
+	}
+
+static void des_cbc_ede3_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_ede.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_ede.iv[0]),&(ctx->c.des_ede.oiv[0]),8);
+
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		des_set_key((des_cblock *)&(key[16]),ctx->c.des_ede.ks3);
+		}
+	}
+
+static void des_cbc_ede_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_ede3_cbc_encrypt(
+		(des_cblock *)in,(des_cblock *)out,
+		(long)inl, ctx->c.des_ede.ks1,
+		ctx->c.des_ede.ks2,ctx->c.des_ede.ks3,
+		(des_cblock *)&(ctx->c.des_ede.iv[0]),
+		ctx->encrypt);
+	}
diff --git a/crypto/evp/e_cbc_bf.c b/crypto/evp/e_cbc_bf.c
new file mode 100644
index 0000000000..d6278e2488
--- /dev/null
+++ b/crypto/evp/e_cbc_bf.c
@@ -0,0 +1,114 @@
+/* crypto/evp/e_cbc_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void bf_cbc_init_key();
+static void bf_cbc_cipher();
+#endif
+
+static EVP_CIPHER bfish_cbc_cipher=
+	{
+	NID_bf_cbc,
+	8,EVP_BLOWFISH_KEY_SIZE,8,
+	bf_cbc_init_key,
+	bf_cbc_cipher,
+	};
+
+EVP_CIPHER *EVP_bf_cbc()
+	{
+	return(&bfish_cbc_cipher);
+	}
+	
+static void bf_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.bf_cbc.oiv[0]),iv,8);
+	memcpy(&(ctx->c.bf_cbc.iv[0]),&(ctx->c.bf_cbc.oiv[0]),8);
+	if (key != NULL)
+		BF_set_key(&(ctx->c.bf_cbc.ks),EVP_BLOWFISH_KEY_SIZE,key);
+	}
+
+static void bf_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	BF_cbc_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.bf_cbc.ks),&(ctx->c.bf_cbc.iv[0]),
+		ctx->encrypt);
+	}
+
+#endif
diff --git a/crypto/evp/e_cbc_d.c b/crypto/evp/e_cbc_d.c
new file mode 100644
index 0000000000..accc01e95e
--- /dev/null
+++ b/crypto/evp/e_cbc_d.c
@@ -0,0 +1,111 @@
+/* crypto/evp/e_cbc_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_cbc_init_key();
+static void des_cbc_cipher();
+#endif
+
+static EVP_CIPHER d_cbc_cipher=
+	{
+	NID_des_cbc,
+	8,8,8,
+	des_cbc_init_key,
+	des_cbc_cipher,
+	};
+
+EVP_CIPHER *EVP_des_cbc()
+	{
+	return(&d_cbc_cipher);
+	}
+	
+static void des_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cbc.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cbc.iv[0]),&(ctx->c.des_cbc.oiv[0]),8);
+	if (key != NULL)
+		des_set_key((des_cblock *)key,ctx->c.des_cbc.ks);
+	}
+
+static void des_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_ncbc_encrypt(
+		(des_cblock *)in,(des_cblock *)out,
+		(long)inl, ctx->c.des_cbc.ks,
+		(des_cblock *)&(ctx->c.des_cbc.iv[0]),
+		ctx->encrypt);
+	}
diff --git a/crypto/evp/e_cbc_i.c b/crypto/evp/e_cbc_i.c
new file mode 100644
index 0000000000..abfb5ed146
--- /dev/null
+++ b/crypto/evp/e_cbc_i.c
@@ -0,0 +1,126 @@
+/* crypto/evp/e_cbc_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void idea_cbc_init_key();
+static void idea_cbc_cipher();
+#endif
+
+static EVP_CIPHER i_cbc_cipher=
+	{
+	NID_idea_cbc,
+	8,16,8,
+	idea_cbc_init_key,
+	idea_cbc_cipher,
+	};
+
+EVP_CIPHER *EVP_idea_cbc()
+	{
+	return(&i_cbc_cipher);
+	}
+	
+static void idea_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.idea_cbc.oiv[0]),iv,8);
+	memcpy(&(ctx->c.idea_cbc.iv[0]),&(ctx->c.idea_cbc.oiv[0]),8);
+	if (key != NULL)
+		{
+		if (enc)
+			idea_set_encrypt_key(key,&(ctx->c.idea_cbc.ks));
+		else
+			{
+			IDEA_KEY_SCHEDULE tmp;
+
+			idea_set_encrypt_key(key,&tmp);
+			idea_set_decrypt_key(&tmp,&(ctx->c.idea_cbc.ks));
+			memset((unsigned char *)&tmp,0,
+				sizeof(IDEA_KEY_SCHEDULE));
+			}
+		}
+	}
+
+static void idea_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	idea_cbc_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.idea_cbc.ks),&(ctx->c.idea_cbc.iv[0]),
+		ctx->encrypt);
+	}
+
+#endif
diff --git a/crypto/evp/e_cbc_r2.c b/crypto/evp/e_cbc_r2.c
new file mode 100644
index 0000000000..2e3f85598b
--- /dev/null
+++ b/crypto/evp/e_cbc_r2.c
@@ -0,0 +1,115 @@
+/* crypto/evp/e_cbc_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc2_cbc_init_key();
+static void rc2_cbc_cipher();
+#endif
+
+static EVP_CIPHER r2_cbc_cipher=
+	{
+	NID_rc2_cbc,
+	8,EVP_RC2_KEY_SIZE,8,
+	rc2_cbc_init_key,
+	rc2_cbc_cipher,
+	};
+
+EVP_CIPHER *EVP_rc2_cbc()
+	{
+	return(&r2_cbc_cipher);
+	}
+	
+static void rc2_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.rc2_cbc.oiv[0]),iv,8);
+	memcpy(&(ctx->c.rc2_cbc.iv[0]),&(ctx->c.rc2_cbc.oiv[0]),8);
+	if (key != NULL)
+		RC2_set_key(&(ctx->c.rc2_cbc.ks),EVP_RC2_KEY_SIZE,key,
+			EVP_RC2_KEY_SIZE*8);
+	}
+
+static void rc2_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC2_cbc_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.rc2_cbc.ks),&(ctx->c.rc2_cbc.iv[0]),
+		ctx->encrypt);
+	}
+
+#endif
diff --git a/crypto/evp/e_cfb_3d.c b/crypto/evp/e_cfb_3d.c
new file mode 100644
index 0000000000..3d6577a78c
--- /dev/null
+++ b/crypto/evp/e_cfb_3d.c
@@ -0,0 +1,156 @@
+/* crypto/evp/e_cfb_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ede_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ede3_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_ede_cfb_init_key();
+static void des_ede3_cfb_init_key();
+static void des_ede_cfb_cipher();
+#endif
+
+static EVP_CIPHER d_ede_cfb_cipher2=
+	{
+	NID_des_ede_cfb64,
+	1,16,8,
+	des_ede_cfb_init_key,
+	des_ede_cfb_cipher,
+	};
+
+static EVP_CIPHER d_ede3_cfb_cipher3=
+	{
+	NID_des_ede3_cfb64,
+	1,24,8,
+	des_ede3_cfb_init_key,
+	des_ede_cfb_cipher,
+	};
+
+EVP_CIPHER *EVP_des_ede_cfb()
+	{
+	return(&d_ede_cfb_cipher2);
+	}
+
+EVP_CIPHER *EVP_des_ede3_cfb()
+	{
+	return(&d_ede3_cfb_cipher3);
+	}
+	
+static void des_ede_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.des_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+		memcpy( (char *)ctx->c.des_cfb.ks3,
+			(char *)ctx->c.des_cfb.ks,
+			sizeof(ctx->c.des_cfb.ks));
+		}
+	}
+
+static void des_ede3_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.des_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+		des_set_key((des_cblock *)&(key[16]),ctx->c.des_cfb.ks3);
+		}
+	}
+
+static void des_ede_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_ede3_cfb64_encrypt(
+		in,out,(long)inl,
+		ctx->c.des_cfb.ks,
+		ctx->c.des_cfb.ks2,
+		ctx->c.des_cfb.ks3,
+		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
+		&ctx->c.des_cfb.num,ctx->encrypt);
+	}
diff --git a/crypto/evp/e_cfb_bf.c b/crypto/evp/e_cfb_bf.c
new file mode 100644
index 0000000000..be15d14016
--- /dev/null
+++ b/crypto/evp/e_cfb_bf.c
@@ -0,0 +1,116 @@
+/* crypto/evp/e_cfb_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void bf_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void bf_cfb_init_key();
+static void bf_cfb_cipher();
+#endif
+
+static EVP_CIPHER bfish_cfb_cipher=
+	{
+	NID_bf_cfb64,
+	1,EVP_BLOWFISH_KEY_SIZE,8,
+	bf_cfb_init_key,
+	bf_cfb_cipher,
+	};
+
+EVP_CIPHER *EVP_bf_cfb()
+	{
+	return(&bfish_cfb_cipher);
+	}
+	
+static void bf_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.bf_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.bf_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.bf_cfb.iv[0]),&(ctx->c.bf_cfb.oiv[0]),8);
+	if (key != NULL)
+		BF_set_key(&(ctx->c.bf_cfb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+	}
+
+static void bf_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	BF_cfb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.bf_cfb.ks),
+		&(ctx->c.bf_cfb.iv[0]),
+		&ctx->c.bf_cfb.num,ctx->encrypt);
+	}
+#endif
diff --git a/crypto/evp/e_cfb_d.c b/crypto/evp/e_cfb_d.c
new file mode 100644
index 0000000000..75af87ac06
--- /dev/null
+++ b/crypto/evp/e_cfb_d.c
@@ -0,0 +1,113 @@
+/* crypto/evp/e_cfb_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_cfb_init_key();
+static void des_cfb_cipher();
+#endif
+
+static EVP_CIPHER d_cfb_cipher=
+	{
+	NID_des_cfb64,
+	1,8,8,
+	des_cfb_init_key,
+	des_cfb_cipher,
+	};
+
+EVP_CIPHER *EVP_des_cfb()
+	{
+	return(&d_cfb_cipher);
+	}
+	
+static void des_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.des_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+	if (key != NULL)
+		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+	}
+
+static void des_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_cfb64_encrypt(
+		in,out,
+		(long)inl, ctx->c.des_cfb.ks,
+		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
+		&ctx->c.des_cfb.num,ctx->encrypt);
+	}
diff --git a/crypto/evp/e_cfb_i.c b/crypto/evp/e_cfb_i.c
new file mode 100644
index 0000000000..7fe2fbf6df
--- /dev/null
+++ b/crypto/evp/e_cfb_i.c
@@ -0,0 +1,116 @@
+/* crypto/evp/e_cfb_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void idea_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void idea_cfb_init_key();
+static void idea_cfb_cipher();
+#endif
+
+static EVP_CIPHER i_cfb_cipher=
+	{
+	NID_idea_cfb64,
+	1,IDEA_KEY_LENGTH,IDEA_BLOCK,
+	idea_cfb_init_key,
+	idea_cfb_cipher,
+	};
+
+EVP_CIPHER *EVP_idea_cfb()
+	{
+	return(&i_cfb_cipher);
+	}
+
+static void idea_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.idea_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.idea_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.idea_cfb.iv[0]),&(ctx->c.idea_cfb.oiv[0]),8);
+	if (key != NULL)
+		idea_set_encrypt_key(key,&(ctx->c.idea_cfb.ks));
+	}
+
+static void idea_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	idea_cfb64_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.idea_cfb.ks),&(ctx->c.idea_cfb.iv[0]),
+		&ctx->c.idea_cfb.num,ctx->encrypt);
+	}
+
+#endif
diff --git a/crypto/evp/e_cfb_r2.c b/crypto/evp/e_cfb_r2.c
new file mode 100644
index 0000000000..a63c0f13f0
--- /dev/null
+++ b/crypto/evp/e_cfb_r2.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_cfb_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc2_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc2_cfb_init_key();
+static void rc2_cfb_cipher();
+#endif
+
+static EVP_CIPHER r2_cfb_cipher=
+	{
+	NID_rc2_cfb64,
+	1,EVP_RC2_KEY_SIZE,8,
+	rc2_cfb_init_key,
+	rc2_cfb_cipher,
+	};
+
+EVP_CIPHER *EVP_rc2_cfb()
+	{
+	return(&r2_cfb_cipher);
+	}
+	
+static void rc2_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.rc2_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.rc2_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.rc2_cfb.iv[0]),&(ctx->c.rc2_cfb.oiv[0]),8);
+	if (key != NULL)
+		RC2_set_key(&(ctx->c.rc2_cfb.ks),EVP_RC2_KEY_SIZE,key,
+			EVP_RC2_KEY_SIZE*8);
+	}
+
+static void rc2_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC2_cfb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.rc2_cfb.ks),
+		&(ctx->c.rc2_cfb.iv[0]),
+		&ctx->c.rc2_cfb.num,ctx->encrypt);
+	}
+#endif
diff --git a/crypto/evp/e_dsa.c b/crypto/evp/e_dsa.c
new file mode 100644
index 0000000000..f3dc78e06f
--- /dev/null
+++ b/crypto/evp/e_dsa.c
@@ -0,0 +1,71 @@
+/* crypto/evp/e_dsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_PKEY_METHOD dss_method=
+	{
+	DSA_sign,
+	DSA_verify,
+	{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,NULL},
+	};
+
diff --git a/crypto/evp/e_ecb_3d.c b/crypto/evp/e_ecb_3d.c
new file mode 100644
index 0000000000..0a19805f9f
--- /dev/null
+++ b/crypto/evp/e_ecb_3d.c
@@ -0,0 +1,152 @@
+/* crypto/evp/e_ecb_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_ede_init_key();
+static void des_ede3_init_key();
+static void des_ede_cipher();
+#endif
+
+static EVP_CIPHER d_ede_cipher2=
+	{
+	NID_des_ede,
+	8,16,0,
+	des_ede_init_key,
+	des_ede_cipher,
+	};
+
+static EVP_CIPHER d_ede3_cipher3=
+	{
+	NID_des_ede3,
+	8,24,0,
+	des_ede3_init_key,
+	des_ede_cipher,
+	};
+
+EVP_CIPHER *EVP_des_ede()
+	{
+	return(&d_ede_cipher2);
+	}
+
+EVP_CIPHER *EVP_des_ede3()
+	{
+	return(&d_ede3_cipher3);
+	}
+
+static void des_ede_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		memcpy( (char *)ctx->c.des_ede.ks3,
+			(char *)ctx->c.des_ede.ks1,
+			sizeof(ctx->c.des_ede.ks1));
+		}
+	}
+
+static void des_ede3_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+		des_set_key((des_cblock *)&(key[16]),ctx->c.des_ede.ks3);
+		}
+	}
+
+static void des_ede_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		des_ecb3_encrypt(
+			(des_cblock *)&(in[i]),(des_cblock *)&(out[i]),
+			ctx->c.des_ede.ks1,
+			ctx->c.des_ede.ks2,
+			ctx->c.des_ede.ks3,
+			ctx->encrypt);
+		}
+	}
diff --git a/crypto/evp/e_ecb_bf.c b/crypto/evp/e_ecb_bf.c
new file mode 100644
index 0000000000..f625862e47
--- /dev/null
+++ b/crypto/evp/e_ecb_bf.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_ecb_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void bf_ecb_init_key();
+static void bf_ecb_cipher();
+#endif
+
+static EVP_CIPHER bfish_ecb_cipher=
+	{
+	NID_bf_ecb,
+	8,EVP_BLOWFISH_KEY_SIZE,0,
+	bf_ecb_init_key,
+	bf_ecb_cipher,
+	};
+
+EVP_CIPHER *EVP_bf_ecb()
+	{
+	return(&bfish_ecb_cipher);
+	}
+	
+static void bf_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		BF_set_key(&(ctx->c.bf_ecb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+	}
+
+static void bf_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		BF_ecb_encrypt(
+			&(in[i]),&(out[i]),
+			&(ctx->c.bf_ecb.ks),ctx->encrypt);
+		}
+	}
+
+#endif
diff --git a/crypto/evp/e_ecb_d.c b/crypto/evp/e_ecb_d.c
new file mode 100644
index 0000000000..b1b80e61dd
--- /dev/null
+++ b/crypto/evp/e_ecb_d.c
@@ -0,0 +1,113 @@
+/* crypto/evp/e_ecb_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_ecb_init_key();
+static void des_ecb_cipher();
+#endif
+
+static EVP_CIPHER d_ecb_cipher=
+	{
+	NID_des_ecb,
+	8,8,0,
+	des_ecb_init_key,
+	des_ecb_cipher,
+	};
+
+EVP_CIPHER *EVP_des_ecb()
+	{
+	return(&d_ecb_cipher);
+	}
+	
+static void des_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		des_set_key((des_cblock *)key,ctx->c.des_ecb.ks);
+	}
+
+static void des_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		des_ecb_encrypt(
+			(des_cblock *)&(in[i]),(des_cblock *)&(out[i]),
+			ctx->c.des_ecb.ks,ctx->encrypt);
+		}
+	}
diff --git a/crypto/evp/e_ecb_i.c b/crypto/evp/e_ecb_i.c
new file mode 100644
index 0000000000..318c4c3afd
--- /dev/null
+++ b/crypto/evp/e_ecb_i.c
@@ -0,0 +1,128 @@
+/* crypto/evp/e_ecb_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void idea_ecb_init_key();
+static void idea_ecb_cipher();
+#endif
+
+static EVP_CIPHER i_ecb_cipher=
+	{
+	NID_idea_ecb,
+	8,16,0,
+	idea_ecb_init_key,
+	idea_ecb_cipher,
+	};
+
+EVP_CIPHER *EVP_idea_ecb()
+	{
+	return(&i_ecb_cipher);
+	}
+	
+static void idea_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		{
+		if (enc)
+			idea_set_encrypt_key(key,&(ctx->c.idea_ecb.ks));
+		else
+			{
+			IDEA_KEY_SCHEDULE tmp;
+
+			idea_set_encrypt_key(key,&tmp);
+			idea_set_decrypt_key(&tmp, &(ctx->c.idea_ecb.ks));
+			memset((unsigned char *)&tmp,0,
+				sizeof(IDEA_KEY_SCHEDULE));
+			}
+		}
+	}
+
+static void idea_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		idea_ecb_encrypt(
+			&(in[i]),&(out[i]),&(ctx->c.idea_ecb.ks));
+		}
+	}
+
+#endif
diff --git a/crypto/evp/e_ecb_r2.c b/crypto/evp/e_ecb_r2.c
new file mode 100644
index 0000000000..66d25f6b5c
--- /dev/null
+++ b/crypto/evp/e_ecb_r2.c
@@ -0,0 +1,118 @@
+/* crypto/evp/e_ecb_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc2_ecb_init_key();
+static void rc2_ecb_cipher();
+#endif
+
+static EVP_CIPHER r2_ecb_cipher=
+	{
+	NID_rc2_ecb,
+	8,EVP_RC2_KEY_SIZE,0,
+	rc2_ecb_init_key,
+	rc2_ecb_cipher,
+	};
+
+EVP_CIPHER *EVP_rc2_ecb()
+	{
+	return(&r2_ecb_cipher);
+	}
+	
+static void rc2_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		RC2_set_key(&(ctx->c.rc2_ecb.ks),EVP_RC2_KEY_SIZE,key,
+			EVP_RC2_KEY_SIZE*8);
+	}
+
+static void rc2_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	unsigned int i;
+
+	if (inl < 8) return;
+	inl-=8;
+	for (i=0; i<=inl; i+=8)
+		{
+		RC2_ecb_encrypt(
+			&(in[i]),&(out[i]),
+			&(ctx->c.rc2_ecb.ks),ctx->encrypt);
+		}
+	}
+
+#endif
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
new file mode 100644
index 0000000000..c30e2736f2
--- /dev/null
+++ b/crypto/evp/e_null.c
@@ -0,0 +1,105 @@
+/* crypto/evp/e_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void null_init_key();
+static void null_cipher();
+#endif
+
+static EVP_CIPHER n_cipher=
+	{
+	NID_undef,
+	1,0,0,
+	null_init_key,
+	null_cipher,
+	};
+
+EVP_CIPHER *EVP_enc_null()
+	{
+	return(&n_cipher);
+	}
+
+static void null_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	memset(&(ctx->c),0,sizeof(ctx->c));
+	}
+
+static void null_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	if (in != out)
+		memcpy((char *)out,(char *)in,(int)inl);
+	}
+
diff --git a/crypto/evp/e_ofb_3d.c b/crypto/evp/e_ofb_3d.c
new file mode 100644
index 0000000000..7dbe50f3d2
--- /dev/null
+++ b/crypto/evp/e_ofb_3d.c
@@ -0,0 +1,155 @@
+/* crypto/evp/e_ofb_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ede_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ede3_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_ede_ofb_init_key();
+static void des_ede3_ofb_init_key();
+static void des_ede_ofb_cipher();
+#endif
+
+static EVP_CIPHER d_ede_ofb_cipher2=
+	{
+	NID_des_ede_ofb64,
+	1,16,8,
+	des_ede_ofb_init_key,
+	des_ede_ofb_cipher,
+	};
+
+static EVP_CIPHER d_ede3_ofb_cipher3=
+	{
+	NID_des_ede3_ofb64,
+	1,24,8,
+	des_ede3_ofb_init_key,
+	des_ede_ofb_cipher,
+	};
+
+EVP_CIPHER *EVP_des_ede_ofb()
+	{
+	return(&d_ede_ofb_cipher2);
+	}
+
+EVP_CIPHER *EVP_des_ede3_ofb()
+	{
+	return(&d_ede3_ofb_cipher3);
+	}
+	
+static void des_ede_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.des_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+		memcpy( (char *)ctx->c.des_cfb.ks3,
+			(char *)ctx->c.des_cfb.ks,
+			sizeof(ctx->c.des_cfb.ks));
+		}
+	}
+
+static void des_ede3_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.des_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+		des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+		des_set_key((des_cblock *)&(key[16]),ctx->c.des_cfb.ks3);
+		}
+	}
+
+static void des_ede_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_ede3_ofb64_encrypt(
+		in,out,
+		(long)inl,
+		ctx->c.des_cfb.ks, ctx->c.des_cfb.ks2, ctx->c.des_cfb.ks3,
+		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
+		&ctx->c.des_cfb.num);
+	}
diff --git a/crypto/evp/e_ofb_bf.c b/crypto/evp/e_ofb_bf.c
new file mode 100644
index 0000000000..078f171062
--- /dev/null
+++ b/crypto/evp/e_ofb_bf.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_ofb_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void bf_ofb_init_key();
+static void bf_ofb_cipher();
+#endif
+
+static EVP_CIPHER bfish_ofb_cipher=
+	{
+	NID_bf_ofb64,
+	1,EVP_BLOWFISH_KEY_SIZE,8,
+	bf_ofb_init_key,
+	bf_ofb_cipher,
+	};
+
+EVP_CIPHER *EVP_bf_ofb()
+	{
+	return(&bfish_ofb_cipher);
+	}
+	
+static void bf_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.bf_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.bf_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.bf_cfb.iv[0]),&(ctx->c.bf_cfb.oiv[0]),8);
+	if (key != NULL)
+		BF_set_key(&(ctx->c.bf_cfb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+	}
+
+static void bf_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	BF_ofb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.bf_cfb.ks),
+		&(ctx->c.bf_cfb.iv[0]),
+		&ctx->c.bf_cfb.num);
+	}
+
+#endif
diff --git a/crypto/evp/e_ofb_d.c b/crypto/evp/e_ofb_d.c
new file mode 100644
index 0000000000..a48af2e51b
--- /dev/null
+++ b/crypto/evp/e_ofb_d.c
@@ -0,0 +1,113 @@
+/* crypto/evp/e_ofb_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void des_ofb_init_key();
+static void des_ofb_cipher();
+#endif
+
+static EVP_CIPHER d_ofb_cipher=
+	{
+	NID_des_ofb64,
+	1,8,8,
+	des_ofb_init_key,
+	des_ofb_cipher,
+	};
+
+EVP_CIPHER *EVP_des_ofb()
+	{
+	return(&d_ofb_cipher);
+	}
+	
+static void des_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.des_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+	if (key != NULL)
+		des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+	}
+
+static void des_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_ofb64_encrypt(
+		in,out,
+		(long)inl, ctx->c.des_cfb.ks,
+		(des_cblock *)&(ctx->c.des_cfb.iv[0]),
+		&ctx->c.des_cfb.num);
+	}
diff --git a/crypto/evp/e_ofb_i.c b/crypto/evp/e_ofb_i.c
new file mode 100644
index 0000000000..dbf370b7b6
--- /dev/null
+++ b/crypto/evp/e_ofb_i.c
@@ -0,0 +1,116 @@
+/* crypto/evp/e_ofb_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void idea_ofb_init_key();
+static void idea_ofb_cipher();
+#endif
+
+static EVP_CIPHER i_ofb_cipher=
+	{
+	NID_idea_ofb64,
+	1,IDEA_KEY_LENGTH,IDEA_BLOCK,
+	idea_ofb_init_key,
+	idea_ofb_cipher,
+	};
+
+EVP_CIPHER *EVP_idea_ofb()
+	{
+	return(&i_ofb_cipher);
+	}
+	
+static void idea_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.idea_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.idea_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.idea_cfb.iv[0]),&(ctx->c.idea_cfb.oiv[0]),8);
+	if (key != NULL)
+		idea_set_encrypt_key(key,&(ctx->c.idea_cfb.ks));
+	}
+
+static void idea_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	idea_ofb64_encrypt(
+		in,out,(long)inl,
+		&(ctx->c.idea_cfb.ks),&(ctx->c.idea_cfb.iv[0]),
+		&ctx->c.idea_cfb.num);
+	}
+
+#endif
diff --git a/crypto/evp/e_ofb_r2.c b/crypto/evp/e_ofb_r2.c
new file mode 100644
index 0000000000..04e13b3592
--- /dev/null
+++ b/crypto/evp/e_ofb_r2.c
@@ -0,0 +1,118 @@
+/* crypto/evp/e_ofb_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc2_ofb_init_key();
+static void rc2_ofb_cipher();
+#endif
+
+static EVP_CIPHER r2_ofb_cipher=
+	{
+	NID_rc2_ofb64,
+	1,EVP_RC2_KEY_SIZE,8,
+	rc2_ofb_init_key,
+	rc2_ofb_cipher,
+	};
+
+EVP_CIPHER *EVP_rc2_ofb()
+	{
+	return(&r2_ofb_cipher);
+	}
+	
+static void rc2_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	ctx->c.rc2_cfb.num=0;
+
+	if (iv != NULL)
+		memcpy(&(ctx->c.rc2_cfb.oiv[0]),iv,8);
+	memcpy(&(ctx->c.rc2_cfb.iv[0]),&(ctx->c.rc2_cfb.oiv[0]),8);
+	if (key != NULL)
+		RC2_set_key(&(ctx->c.rc2_cfb.ks),EVP_RC2_KEY_SIZE,key,
+			EVP_RC2_KEY_SIZE*8);
+	}
+
+static void rc2_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC2_ofb64_encrypt(
+		in,out,
+		(long)inl, &(ctx->c.rc2_cfb.ks),
+		&(ctx->c.rc2_cfb.iv[0]),
+		&ctx->c.rc2_cfb.num);
+	}
+
+#endif
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
new file mode 100644
index 0000000000..e1ffb5d95a
--- /dev/null
+++ b/crypto/evp/e_rc4.c
@@ -0,0 +1,109 @@
+/* crypto/evp/e_rc4.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC4
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void rc4_init_key();
+static void rc4_cipher();
+#endif
+
+static EVP_CIPHER r4_cipher=
+	{
+	NID_rc4,
+	1,EVP_RC4_KEY_SIZE,0,
+	rc4_init_key,
+	rc4_cipher,
+	};
+
+EVP_CIPHER *EVP_rc4()
+	{
+	return(&r4_cipher);
+	}
+
+static void rc4_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (key != NULL)
+		memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
+	RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
+		ctx->c.rc4.key);
+	}
+
+static void rc4_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	RC4(&(ctx->c.rc4.ks),inl,in,out);
+	}
+#endif
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
new file mode 100644
index 0000000000..55fe0869d3
--- /dev/null
+++ b/crypto/evp/e_xcbc_d.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_xcbc_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+	unsigned char *iv,int enc);
+static void desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+	unsigned char *in, unsigned int inl);
+#else
+static void desx_cbc_init_key();
+static void desx_cbc_cipher();
+#endif
+
+static EVP_CIPHER d_xcbc_cipher=
+	{
+	NID_desx_cbc,
+	8,24,8,
+	desx_cbc_init_key,
+	desx_cbc_cipher,
+	};
+
+EVP_CIPHER *EVP_desx_cbc()
+	{
+	return(&d_xcbc_cipher);
+	}
+	
+static void desx_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (iv != NULL)
+		memcpy(&(ctx->c.desx_cbc.oiv[0]),iv,8);
+	memcpy(&(ctx->c.desx_cbc.iv[0]),&(ctx->c.desx_cbc.oiv[0]),8);
+	if (key != NULL)
+		{
+		des_set_key((des_cblock *)key,ctx->c.desx_cbc.ks);
+		memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
+		memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
+		}
+	}
+
+static void desx_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+	{
+	des_xcbc_encrypt(
+		(des_cblock *)in,(des_cblock *)out,
+		(long)inl, ctx->c.desx_cbc.ks,
+		(des_cblock *)&(ctx->c.desx_cbc.iv[0]),
+		(des_cblock *)&(ctx->c.desx_cbc.inw[0]),
+		(des_cblock *)&(ctx->c.desx_cbc.outw[0]),
+		ctx->encrypt);
+	}
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
new file mode 100644
index 0000000000..7cd65244e6
--- /dev/null
+++ b/crypto/evp/encode.c
@@ -0,0 +1,422 @@
+/* crypto/evp/encode.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+#define conv_bin2ascii(a)	(data_bin2ascii[(a)&0x3f])
+#define conv_ascii2bin(a)	(data_ascii2bin[(a)&0x7f])
+
+/* 64 char lines
+ * pad input with 0
+ * left over chars are set to =
+ * 1 byte  => xx==
+ * 2 bytes => xxx=
+ * 3 bytes => xxxx
+ */
+#define BIN_PER_LINE    (64/4*3)
+#define CHUNKS_PER_LINE (64/4)
+#define CHAR_PER_LINE   (64+1)
+
+static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+abcdefghijklmnopqrstuvwxyz0123456789+/";
+
+/* 0xF0 is a EOLN
+ * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
+ * 0xF2 is EOF
+ * 0xE0 is ignore at start of line.
+ * 0xFF is error
+ */
+
+#define B64_EOLN		0xF0
+#define B64_CR			0xF1
+#define B64_EOF			0xF2
+#define B64_WS			0xE0
+#define B64_ERROR       	0xFF
+#define B64_NOT_BASE64(a)	(((a)|0x13) == 0xF3)
+
+static unsigned char data_ascii2bin[128]={
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
+	0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
+	0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
+	0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
+	0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
+	0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
+	0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
+	0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
+	0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
+	0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
+	0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
+	};
+
+void EVP_EncodeInit(ctx)
+EVP_ENCODE_CTX *ctx;
+	{
+	ctx->length=48;
+	ctx->num=0;
+	ctx->line_num=0;
+	}
+
+void EVP_EncodeUpdate(ctx,out,outl,in,inl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	int i,j;
+	unsigned int total=0;
+
+	*outl=0;
+	if (inl == 0) return;
+	if ((ctx->num+inl) < ctx->length)
+		{
+		memcpy(&(ctx->enc_data[ctx->num]),in,inl);
+		ctx->num+=inl;
+		return;
+		}
+	if (ctx->num != 0)
+		{
+		i=ctx->length-ctx->num;
+		memcpy(&(ctx->enc_data[ctx->num]),in,i);
+		in+=i;
+		inl-=i;
+		j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
+		ctx->num=0;
+		out+=j;
+		*(out++)='\n';
+		*out='\0';
+		total=j+1;
+		}
+	while (inl >= ctx->length)
+		{
+		j=EVP_EncodeBlock(out,in,ctx->length);
+		in+=ctx->length;
+		inl-=ctx->length;
+		out+=j;
+		*(out++)='\n';
+		*out='\0';
+		total+=j+1;
+		}
+	if (inl != 0)
+		memcpy(&(ctx->enc_data[0]),in,inl);
+	ctx->num=inl;
+	*outl=total;
+	}
+
+void EVP_EncodeFinal(ctx,out,outl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	unsigned int ret=0;
+
+	if (ctx->num != 0)
+		{
+		ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
+		out[ret++]='\n';
+		out[ret]='\0';
+		ctx->num=0;
+		}
+	*outl=ret;
+	}
+
+int EVP_EncodeBlock(t,f,dlen)
+unsigned char *t,*f;
+int dlen;
+	{
+	int i,ret=0;
+	unsigned long l;
+
+	for (i=dlen; i > 0; i-=3)
+		{
+		if (i >= 3)
+			{
+			l=	(((unsigned long)f[0])<<16L)|
+				(((unsigned long)f[1])<< 8L)|f[2];
+			*(t++)=conv_bin2ascii(l>>18L);
+			*(t++)=conv_bin2ascii(l>>12L);
+			*(t++)=conv_bin2ascii(l>> 6L);
+			*(t++)=conv_bin2ascii(l     );
+			}
+		else
+			{
+			l=((unsigned long)f[0])<<16L;
+			if (i == 2) l|=((unsigned long)f[1]<<8L);
+
+			*(t++)=conv_bin2ascii(l>>18L);
+			*(t++)=conv_bin2ascii(l>>12L);
+			*(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
+			*(t++)='=';
+			}
+		ret+=4;
+		f+=3;
+		}
+
+	*t='\0';
+	return(ret);
+	}
+
+void EVP_DecodeInit(ctx)
+EVP_ENCODE_CTX *ctx;
+	{
+	ctx->length=30;
+	ctx->num=0;
+	ctx->line_num=0;
+	}
+
+/* -1 for error
+ *  0 for last line
+ *  1 for full line
+ */
+int EVP_DecodeUpdate(ctx,out,outl,in,inl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2;
+	unsigned char *d;
+
+	n=ctx->num;
+	d=ctx->enc_data;
+	ln=ctx->line_num;
+
+	/* last line of input. */
+	if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
+		{ rv=0; goto end; }
+		
+	/* We parse the input data */
+	for (i=0; i<inl; i++)
+		{
+		/* If the current line is > 80 characters, scream alot */
+		if (ln >= 80) { rv= -1; goto end; }
+
+		/* Get char and put it into the buffer */
+		tmp= *(in++);
+		v=conv_ascii2bin(tmp);
+		/* only save the good data :-) */
+		if (!B64_NOT_BASE64(v))
+			{
+			d[n++]=tmp;
+			ln++;
+			}
+		else if (v == B64_ERROR)
+			{
+			rv= -1;
+			goto end;
+			}
+
+		/* have we seen a '=' which is 'definitly' the last
+		 * input line.  seof will point to the character that
+		 * holds it. and eof will hold how many characters to
+		 * chop off. */
+		if (tmp == '=')
+			{
+			if (seof == -1) seof=n;
+			eof++;
+			}
+
+		/* eoln */
+		if (v == B64_EOLN) ln=0;
+
+		/* If we are at the end of input and it looks like a
+		 * line, process it. */
+		if (((i+1) == inl) && (((n&3) == 0) || eof))
+			v=B64_EOF;
+
+		if ((v == B64_EOF) || (n >= 64))
+			{
+			tmp2=v;
+			if (n > 0)
+				{
+				v=EVP_DecodeBlock(out,d,n);
+				if (v < 0) { rv=0; goto end; }
+				n=0;
+				ret+=(v-eof);
+				}
+			else
+				{
+				eof=1;
+				v=0;
+				}
+
+			/* This is the case where we have had a short
+			 * but valid input line */
+			if ((v < ctx->length) && eof)
+				{
+				rv=0;
+				goto end;
+				}
+			else
+				ctx->length=v;
+
+			if (seof >= 0) { rv=0; goto end; }
+			out+=v;
+			}
+		}
+	rv=1;
+end:
+	*outl=ret;
+	ctx->num=n;
+	ctx->line_num=ln;
+	return(rv);
+	}
+
+int EVP_DecodeBlock(t,f,n)
+unsigned char *t,*f;
+int n;
+	{
+	int i,ret=0,a,b,c,d;
+	unsigned long l;
+
+	/* trim white space from the start of the line. */
+	while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
+		{
+		f++;
+		n--;
+		}
+
+	/* strip off stuff at the end of the line
+	 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
+	while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
+		n--;
+
+	if (n%4 != 0) return(-1);
+
+	for (i=0; i<n; i+=4)
+		{
+		a=conv_ascii2bin(*(f++));
+		b=conv_ascii2bin(*(f++));
+		c=conv_ascii2bin(*(f++));
+		d=conv_ascii2bin(*(f++));
+		if (	(a & 0x80) || (b & 0x80) ||
+			(c & 0x80) || (d & 0x80))
+			return(-1);
+		l=(	(((unsigned long)a)<<18L)|
+			(((unsigned long)b)<<12L)|
+			(((unsigned long)c)<< 6L)|
+			(((unsigned long)d)     ));
+		*(t++)=(unsigned char)(l>>16L)&0xff;
+		*(t++)=(unsigned char)(l>> 8L)&0xff;
+		*(t++)=(unsigned char)(l     )&0xff;
+		ret+=3;
+		}
+	return(ret);
+	}
+
+int EVP_DecodeFinal(ctx,out,outl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	int i;
+
+	*outl=0;
+	if (ctx->num != 0)
+		{
+		i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
+		if (i < 0) return(-1);
+		ctx->num=0;
+		*outl=i;
+		return(1);
+		}
+	else
+		return(1);
+	}
+
+#ifdef undef
+int EVP_DecodeValid(buf,len)
+unsigned char *buf;
+int len;
+	{
+	int i,num=0,bad=0;
+
+	if (len == 0) return(-1);
+	while (conv_ascii2bin(*buf) == B64_WS)
+		{
+		buf++;
+		len--;
+		if (len == 0) return(-1);
+		}
+
+	for (i=len; i >= 4; i-=4)
+		{
+		if (	(conv_ascii2bin(buf[0]) >= 0x40) ||
+			(conv_ascii2bin(buf[1]) >= 0x40) ||
+			(conv_ascii2bin(buf[2]) >= 0x40) ||
+			(conv_ascii2bin(buf[3]) >= 0x40))
+			return(-1);
+		buf+=4;
+		num+=1+(buf[2] != '=')+(buf[3] != '=');
+		}
+	if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
+		return(num);
+	if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
+		(conv_ascii2bin(buf[0]) == B64_EOLN))
+		return(num);
+	return(1);
+	}
+#endif
diff --git a/crypto/evp/evp.err b/crypto/evp/evp.err
new file mode 100644
index 0000000000..0630b993a5
--- /dev/null
+++ b/crypto/evp/evp.err
@@ -0,0 +1,23 @@
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+#define EVP_F_D2I_PKEY					 100
+#define EVP_F_EVP_DECRYPTFINAL				 101
+#define EVP_F_EVP_OPENINIT				 102
+#define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
+#define EVP_F_EVP_PKEY_NEW				 104
+#define EVP_F_EVP_SEALINIT				 105
+#define EVP_F_EVP_SIGNFINAL				 106
+#define EVP_F_EVP_VERIFYFINAL				 107
+
+/* Reason codes. */
+#define EVP_R_BAD_DECRYPT				 100
+#define EVP_R_DIFFERENT_KEY_TYPES			 101
+#define EVP_R_IV_TOO_LARGE				 102
+#define EVP_R_MISSING_PARMATERS				 103
+#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED		 104
+#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED		 105
+#define EVP_R_PUBLIC_KEY_NOT_RSA			 106
+#define EVP_R_UNSUPPORTED_CIPHER			 107
+#define EVP_R_WRONG_FINAL_BLOCK_LENGTH			 108
+#define EVP_R_WRONG_PUBLIC_KEY_TYPE			 109
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
new file mode 100644
index 0000000000..3ece7fbd4f
--- /dev/null
+++ b/crypto/evp/evp.h
@@ -0,0 +1,704 @@
+/* crypto/evp/evp.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ENVELOPE_H
+#define HEADER_ENVELOPE_H
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#ifndef NO_MD2
+#include "md2.h"
+#endif
+#ifndef NO_MD5
+#include "md5.h"
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+#include "sha.h"
+#endif
+#ifndef NO_DES
+#include "des.h"
+#endif
+#ifndef NO_RC4
+#include "rc4.h"
+#endif
+#ifndef NO_RC2
+#include "rc2.h"
+#endif
+#ifndef NO_BLOWFISH
+#include "blowfish.h"
+#endif
+#ifndef NO_IDEA
+#include "idea.h"
+#endif
+#ifndef NO_MDC2
+#include "mdc2.h"
+#endif
+
+#define EVP_RC2_KEY_SIZE	16
+#define EVP_RC4_KEY_SIZE	16
+#define EVP_BLOWFISH_KEY_SIZE	16
+#define EVP_MAX_MD_SIZE		20
+#define EVP_MAX_KEY_LENGTH	24
+#define EVP_MAX_IV_LENGTH	8
+
+#ifndef NO_RSA
+#include "rsa.h"
+#else
+#define RSA	long
+#endif
+
+#ifndef NO_DSA
+#include "dsa.h"
+#else
+#define DSA	long
+#endif
+
+#ifndef NO_DH
+#include "dh.h"
+#else
+#define DH	long
+#endif
+
+#include "objects.h"
+
+#define EVP_PK_RSA	0x0001
+#define EVP_PK_DSA	0x0002
+#define EVP_PK_DH	0x0004
+#define EVP_PKT_SIGN	0x0010
+#define EVP_PKT_ENC	0x0020
+#define EVP_PKT_EXCH	0x0040
+#define EVP_PKS_RSA	0x0100
+#define EVP_PKS_DSA	0x0200
+#define EVP_PKT_EXP	0x1000 /* <= 512 bit key */
+
+#define EVP_PKEY_NONE	NID_undef
+#define EVP_PKEY_RSA	NID_rsaEncryption
+#define EVP_PKEY_RSA2	NID_rsa
+#define EVP_PKEY_DSA	NID_dsa
+#define EVP_PKEY_DSA2	NID_dsaWithSHA
+#define EVP_PKEY_DSA3	NID_dsaWithSHA1
+#define EVP_PKEY_DH	NID_dhKeyAgreement
+
+typedef struct evp_pkey_st
+	{
+	int type;
+	int save_type;
+	int references;
+	union	{
+		char *ptr;
+		struct rsa_st *rsa;	/* RSA */
+		struct dsa_st *dsa;	/* DSA */
+		struct dh_st *dh;	/* DH */
+		} pkey;
+	int save_parameters;
+#ifdef HEADER_STACK_H
+	STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+#else
+	char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+#endif
+	} EVP_PKEY;
+
+#ifndef EVP_MD
+typedef struct env_md_st
+	{
+	int type;
+	int pkey_type;
+	int md_size;
+	void (*init)();
+	void (*update)();
+	void (*final)();
+
+	int (*sign)();
+	int (*verify)();
+	int required_pkey_type[4]; /*EVP_PKEY_xxx */
+	} EVP_MD;
+
+#define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}
+
+#ifndef NO_DSA
+#define EVP_PKEY_DSA_method	DSA_sign,DSA_verify, \
+				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,0}
+#else
+#define EVP_PKEY_DSA_method	EVP_PKEY_NULL_method
+#endif
+
+#ifndef NO_RSA
+#define EVP_PKEY_RSA_method	RSA_sign,RSA_verify, \
+				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
+				RSA_sign_ASN1_OCTET_STRING, \
+				RSA_verify_ASN1_OCTET_STRING, \
+				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#else
+#define EVP_PKEY_RSA_method	EVP_PKEY_NULL_method
+#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
+#endif
+
+#endif /* !EVP_MD */
+
+typedef struct env_md_ctx_st
+	{
+	EVP_MD *digest;
+	union	{
+		unsigned char base[4];
+#ifndef NO_MD2
+		MD2_CTX md2;
+#endif
+#ifndef NO_MD5
+		MD5_CTX md5;
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+		SHA_CTX sha;
+#endif
+#ifndef NO_MDC2
+		MDC2_CTX mdc2;
+#endif
+		} md;
+	} EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+	{
+	int nid;
+	int block_size;
+	int key_len;
+	int iv_len;
+	void (*init)();		/* init for encryption */
+	void (*do_cipher)();	/* encrypt data */
+	void (*cleanup)();	/* used by cipher method */ 
+	} EVP_CIPHER;
+
+typedef struct evp_cipher_info_st
+	{
+	EVP_CIPHER *cipher;
+	unsigned char iv[EVP_MAX_IV_LENGTH];
+	} EVP_CIPHER_INFO;
+
+typedef struct evp_cipher_ctx_st
+	{
+	EVP_CIPHER *cipher;
+	int encrypt;		/* encrypt or decrypt */
+	int buf_len;		/* number we have left */
+	unsigned char buf[8];
+	char *app_data;		/* aplication stuff */
+	union	{
+#ifndef NO_RC4
+		struct
+			{
+			unsigned char key[EVP_RC4_KEY_SIZE];
+			RC4_KEY ks;	/* working key */
+			} rc4;
+#endif
+#ifndef NO_DES
+		struct
+			{
+			des_key_schedule ks;/* key schedule */
+			} des_ecb;
+
+		struct
+			{
+			C_Block oiv;	/* original iv */
+			C_Block iv;	/* working iv */
+			des_key_schedule ks;/* key schedule */
+			} des_cbc;
+
+		struct
+			{
+			C_Block oiv;	/* original iv */
+			C_Block iv;	/* working iv */
+			C_Block inw;
+			C_Block outw;
+			des_key_schedule ks;/* key schedule */
+			} desx_cbc;
+
+		struct
+			{
+			C_Block oiv;	/* original iv */
+			C_Block iv;	/* working iv */
+			des_key_schedule ks;/* key schedule */
+			des_key_schedule ks2;/* key schedule (for ede) */
+			des_key_schedule ks3;/* key schedule (for ede3) */
+			int num;	/* used by cfb mode */
+			} des_cfb;
+
+		struct
+			{
+			C_Block oiv;	/* original iv */
+			C_Block iv;	/* working iv */
+			des_key_schedule ks1;/* ksched 1 */
+			des_key_schedule ks2;/* ksched 2 */
+			des_key_schedule ks3;/* ksched 3 */
+			} des_ede;
+#endif
+#ifndef NO_IDEA
+		struct
+			{
+			IDEA_KEY_SCHEDULE ks;/* key schedule */
+			} idea_ecb;
+		struct
+			{
+			unsigned char oiv[8];/* original iv */
+			unsigned char iv[8]; /* working iv */
+			IDEA_KEY_SCHEDULE ks;/* key schedule */
+			} idea_cbc;
+		struct
+			{
+			unsigned char oiv[8];/* original iv */
+			unsigned char iv[8]; /* working iv */
+			IDEA_KEY_SCHEDULE ks;/* key schedule */
+			int num;	/* used by cfb mode */
+			} idea_cfb;
+#endif
+#ifndef NO_RC2
+		struct
+			{
+			RC2_KEY ks;/* key schedule */
+			} rc2_ecb;
+		struct
+			{
+			unsigned char oiv[8];/* original iv */
+			unsigned char iv[8]; /* working iv */
+			RC2_KEY ks;/* key schedule */
+			} rc2_cbc;
+		struct
+			{
+			unsigned char oiv[8];/* original iv */
+			unsigned char iv[8]; /* working iv */
+			RC2_KEY ks;/* key schedule */
+			int num;	/* used by cfb mode */
+			} rc2_cfb;
+#endif
+#ifndef NO_BLOWFISH
+		struct
+			{
+			BF_KEY ks;/* key schedule */
+			} bf_ecb;
+		struct
+			{
+			unsigned char oiv[8];/* original iv */
+			unsigned char iv[8]; /* working iv */
+			BF_KEY ks;/* key schedule */
+			} bf_cbc;
+		struct
+			{
+			unsigned char oiv[8];/* original iv */
+			unsigned char iv[8]; /* working iv */
+			BF_KEY ks;/* key schedule */
+			int num;	/* used by cfb mode */
+			} bf_cfb;
+#endif
+		} c;
+	} EVP_CIPHER_CTX;
+
+typedef struct evp_Encode_Ctx_st
+	{
+	int num;	/* number saved in a partial encode/decode */
+	int length;	/* The length is either the output line length
+			 * (in input bytes) or the shortest input line
+			 * length that is ok.  Once decoding begins,
+			 * the length is adjusted up each time a longer
+			 * line is decoded */
+	unsigned char enc_data[80];	/* data to encode */
+	int line_num;	/* number read on current line */
+	} EVP_ENCODE_CTX;
+
+#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+					(char *)(rsa))
+#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+					(char *)(dsa))
+#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
+					(char *)(dh))
+
+/* Add some extra combinations */
+#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+#define EVP_MD_type(e)			((e)->type)
+#define EVP_MD_pkey_type(e)		((e)->pkey_type)
+#define EVP_MD_size(e)			((e)->md_size)
+#define EVP_MD_CTX_size(e)		((e)->digest->md_size)
+#define EVP_MD_CTX_type(e)		((e)->digest)
+
+#define EVP_CIPHER_nid(e)		((e)->nid)
+#define EVP_CIPHER_block_size(e)	((e)->block_size)
+#define EVP_CIPHER_key_length(e)	((e)->key_len)
+#define EVP_CIPHER_iv_length(e)		((e)->iv_len)
+
+#define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
+#define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
+#define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
+#define EVP_CIPHER_CTX_key_length(e)	((e)->cipher->key_len)
+#define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
+#define EVP_CIPHER_CTX_get_app_data(e)	((e)->app_data)
+#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
+
+#define EVP_ENCODE_LENGTH(l)	(((l+2)/3*4)+(l/48+1)*2+80)
+#define EVP_DECODE_LENGTH(l)	((l+3)/4*3+80)
+
+#define EVP_SignInit(a,b)		EVP_DigestInit(a,b)
+#define EVP_SignUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
+#define	EVP_VerifyInit(a,b)		EVP_DigestInit(a,b)
+#define	EVP_VerifyUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
+#define EVP_OpenUpdate(a,b,c,d,e)	EVP_DecryptUpdate(a,b,c,d,e)
+#define EVP_SealUpdate(a,b,c,d,e)	EVP_EncryptUpdate(a,b,c,d,e)	
+
+#define BIO_set_md(b,md)		BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
+#define BIO_get_md(b,mdp)		BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
+#define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_get_cipher_status(b)	BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
+
+#define	EVP_Cipher(c,o,i,l)	(c)->cipher->do_cipher((c),(o),(i),(l))
+
+#ifndef NOPROTO
+
+void	EVP_DigestInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void	EVP_DigestUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+void	EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+
+int	EVP_read_pw_string(char *buf,int length,char *prompt,int verify);
+void	EVP_set_pw_prompt(char *prompt);
+char *	EVP_get_pw_prompt(void);
+
+int	EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
+		unsigned char *data, int datal, int count,
+		unsigned char *key,unsigned char *iv);
+
+EVP_CIPHER *EVP_get_cipherbyname(char *name);
+
+void	EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
+		unsigned char *key, unsigned char *iv);
+void	EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		int *outl, unsigned char *in, int inl);
+void	EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+void	EVP_DecryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
+		unsigned char *key, unsigned char *iv);
+void	EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		int *outl, unsigned char *in, int inl);
+int	EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+void	EVP_CipherInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char *key,
+		unsigned char *iv,int enc);
+void	EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		int *outl, unsigned char *in, int inl);
+int	EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+int	EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
+		EVP_PKEY *pkey);
+
+int	EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
+		unsigned int siglen,EVP_PKEY *pkey);
+
+int	EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+		int ekl,unsigned char *iv,EVP_PKEY *priv);
+int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+int	EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+		int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
+void	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+
+void	EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void	EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
+		int *outl,unsigned char *in,int inl);
+void	EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
+int	EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n);
+
+void	EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int	EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
+		unsigned char *in, int inl);
+int	EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+		char *out, int *outl);
+int	EVP_DecodeBlock(unsigned char *t, unsigned
+		char *f, int n);
+
+void	ERR_load_EVP_strings(void );
+
+void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_md(void);
+BIO_METHOD *BIO_f_base64(void);
+BIO_METHOD *BIO_f_cipher(void);
+void BIO_set_cipher(BIO *b,EVP_CIPHER *c,unsigned char *k,
+	unsigned char *i, int enc);
+#endif
+
+EVP_MD *EVP_md_null(void);
+EVP_MD *EVP_md2(void);
+EVP_MD *EVP_md5(void);
+EVP_MD *EVP_sha(void);
+EVP_MD *EVP_sha1(void);
+EVP_MD *EVP_dss(void);
+EVP_MD *EVP_dss1(void);
+EVP_MD *EVP_mdc2(void);
+
+EVP_CIPHER *EVP_enc_null(void);		/* does nothing :-) */
+EVP_CIPHER *EVP_des_ecb(void);
+EVP_CIPHER *EVP_des_ede(void);
+EVP_CIPHER *EVP_des_ede3(void);
+EVP_CIPHER *EVP_des_cfb(void);
+EVP_CIPHER *EVP_des_ede_cfb(void);
+EVP_CIPHER *EVP_des_ede3_cfb(void);
+EVP_CIPHER *EVP_des_ofb(void);
+EVP_CIPHER *EVP_des_ede_ofb(void);
+EVP_CIPHER *EVP_des_ede3_ofb(void);
+EVP_CIPHER *EVP_des_cbc(void);
+EVP_CIPHER *EVP_des_ede_cbc(void);
+EVP_CIPHER *EVP_des_ede3_cbc(void);
+EVP_CIPHER *EVP_desx_cbc(void);
+EVP_CIPHER *EVP_rc4(void);
+EVP_CIPHER *EVP_idea_ecb(void);
+EVP_CIPHER *EVP_idea_cfb(void);
+EVP_CIPHER *EVP_idea_ofb(void);
+EVP_CIPHER *EVP_idea_cbc(void);
+EVP_CIPHER *EVP_rc2_ecb(void);
+EVP_CIPHER *EVP_rc2_cbc(void);
+EVP_CIPHER *EVP_rc2_cfb(void);
+EVP_CIPHER *EVP_rc2_ofb(void);
+EVP_CIPHER *EVP_bf_ecb(void);
+EVP_CIPHER *EVP_bf_cbc(void);
+EVP_CIPHER *EVP_bf_cfb(void);
+EVP_CIPHER *EVP_bf_ofb(void);
+
+void SSLeay_add_all_algorithms(void);
+void SSLeay_add_all_ciphers(void);
+void SSLeay_add_all_digests(void);
+
+int EVP_add_cipher(EVP_CIPHER *cipher);
+int EVP_add_digest(EVP_MD *digest);
+int EVP_add_alias(char *name,char *alias);
+int EVP_delete_alias(char *name);
+
+EVP_CIPHER *EVP_get_cipherbyname(char *name);
+EVP_MD *EVP_get_digestbyname(char *name);
+void EVP_cleanup(void);
+
+int		EVP_PKEY_type(int type);
+int		EVP_PKEY_size(EVP_PKEY *pkey);
+int 		EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
+EVP_PKEY *	EVP_PKEY_new(void);
+void		EVP_PKEY_free(EVP_PKEY *pkey);
+EVP_PKEY *	d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
+			long length);
+int		i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+EVP_PKEY *	d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
+			long length);
+int		i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
+int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
+
+#else
+
+void	EVP_DigestInit();
+void	EVP_DigestUpdate();
+void	EVP_DigestFinal();
+
+int	EVP_read_pw_string();
+void	EVP_set_pw_prompt();
+char *	EVP_get_pw_prompt();
+
+int	EVP_BytesToKey();
+
+EVP_CIPHER *EVP_get_cipherbyname();
+
+void	EVP_EncryptInit();
+void	EVP_EncryptUpdate();
+void	EVP_EncryptFinal();
+
+void	EVP_DecryptInit();
+void	EVP_DecryptUpdate();
+int	EVP_DecryptFinal();
+
+void	EVP_CipherInit();
+void	EVP_CipherUpdate();
+int	EVP_CipherFinal();
+
+int	EVP_SignFinal();
+
+int	EVP_VerifyFinal();
+
+int	EVP_OpenInit();
+int	EVP_OpenFinal();
+
+int	EVP_SealInit();
+void	EVP_SealFinal();
+
+void	EVP_EncodeInit();
+void	EVP_EncodeUpdate();
+void	EVP_EncodeFinal();
+int	EVP_EncodeBlock();
+
+void	EVP_DecodeInit();
+int	EVP_DecodeUpdate();
+int	EVP_DecodeFinal();
+int	EVP_DecodeBlock();
+
+void	ERR_load_EVP_strings();
+
+void EVP_CIPHER_CTX_cleanup();
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_md();
+BIO_METHOD *BIO_f_base64();
+BIO_METHOD *BIO_f_cipher();
+void BIO_set_cipher();
+#endif
+
+EVP_MD *EVP_md_null();
+EVP_MD *EVP_md2();
+EVP_MD *EVP_md5();
+EVP_MD *EVP_sha();
+EVP_MD *EVP_sha1();
+EVP_MD *EVP_dss();
+EVP_MD *EVP_dss1();
+EVP_MD *EVP_mdc2();
+
+EVP_CIPHER *EVP_enc_null();
+EVP_CIPHER *EVP_des_ecb();
+EVP_CIPHER *EVP_des_ede();
+EVP_CIPHER *EVP_des_ede3();
+EVP_CIPHER *EVP_des_cfb();
+EVP_CIPHER *EVP_des_ede_cfb();
+EVP_CIPHER *EVP_des_ede3_cfb();
+EVP_CIPHER *EVP_des_ofb();
+EVP_CIPHER *EVP_des_ede_ofb();
+EVP_CIPHER *EVP_des_ede3_ofb();
+EVP_CIPHER *EVP_des_cbc();
+EVP_CIPHER *EVP_des_ede_cbc();
+EVP_CIPHER *EVP_des_ede3_cbc();
+EVP_CIPHER *EVP_desx_cbc();
+EVP_CIPHER *EVP_rc4();
+EVP_CIPHER *EVP_idea_ecb();
+EVP_CIPHER *EVP_idea_cfb();
+EVP_CIPHER *EVP_idea_ofb();
+EVP_CIPHER *EVP_idea_cbc();
+EVP_CIPHER *EVP_rc2_ecb();
+EVP_CIPHER *EVP_rc2_cbc();
+EVP_CIPHER *EVP_rc2_cfb();
+EVP_CIPHER *EVP_rc2_ofb();
+EVP_CIPHER *EVP_bf_ecb();
+EVP_CIPHER *EVP_bf_cbc();
+EVP_CIPHER *EVP_bf_cfb();
+EVP_CIPHER *EVP_bf_ofb();
+
+void SSLeay_add_all_algorithms();
+void SSLeay_add_all_ciphers();
+void SSLeay_add_all_digests();
+
+int EVP_add_cipher();
+int EVP_add_digest();
+int EVP_add_alias();
+int EVP_delete_alias();
+
+EVP_CIPHER *EVP_get_cipherbyname();
+EVP_MD *EVP_get_digestbyname();
+void EVP_cleanup();
+
+int		EVP_PKEY_type();
+int		EVP_PKEY_size();
+int 		EVP_PKEY_assign();
+EVP_PKEY *	EVP_PKEY_new();
+void		EVP_PKEY_free();
+EVP_PKEY *	d2i_PublicKey();
+int		i2d_PublicKey();
+
+EVP_PKEY *	d2i_PrivateKey();
+int		i2d_PrivateKey();
+
+int EVP_PKEY_copy_parameters();
+int EVP_PKEY_missing_parameters();
+int EVP_PKEY_save_parameters();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+#define EVP_F_D2I_PKEY					 100
+#define EVP_F_EVP_DECRYPTFINAL				 101
+#define EVP_F_EVP_OPENINIT				 102
+#define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
+#define EVP_F_EVP_PKEY_NEW				 104
+#define EVP_F_EVP_SEALINIT				 105
+#define EVP_F_EVP_SIGNFINAL				 106
+#define EVP_F_EVP_VERIFYFINAL				 107
+
+/* Reason codes. */
+#define EVP_R_BAD_DECRYPT				 100
+#define EVP_R_DIFFERENT_KEY_TYPES			 101
+#define EVP_R_IV_TOO_LARGE				 102
+#define EVP_R_MISSING_PARMATERS				 103
+#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED		 104
+#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED		 105
+#define EVP_R_PUBLIC_KEY_NOT_RSA			 106
+#define EVP_R_UNSUPPORTED_CIPHER			 107
+#define EVP_R_WRONG_FINAL_BLOCK_LENGTH			 108
+#define EVP_R_WRONG_PUBLIC_KEY_TYPE			 109
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
new file mode 100644
index 0000000000..2015b5f892
--- /dev/null
+++ b/crypto/evp/evp_enc.c
@@ -0,0 +1,296 @@
+/* crypto/evp/evp_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+char *EVP_version="EVP part of SSLeay 0.8.1b 29-Jun-1998";
+
+void EVP_CipherInit(ctx,data,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *data;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+	{
+	if (enc)
+		EVP_EncryptInit(ctx,data,key,iv);
+	else	
+		EVP_DecryptInit(ctx,data,key,iv);
+	}
+
+void EVP_CipherUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	if (ctx->encrypt)
+		EVP_EncryptUpdate(ctx,out,outl,in,inl);
+	else	EVP_DecryptUpdate(ctx,out,outl,in,inl);
+	}
+
+int EVP_CipherFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	if (ctx->encrypt)
+		{
+		EVP_EncryptFinal(ctx,out,outl);
+		return(1);
+		}
+	else	return(EVP_DecryptFinal(ctx,out,outl));
+	}
+
+void EVP_EncryptInit(ctx,cipher,key,iv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *cipher;
+unsigned char *key;
+unsigned char *iv;
+	{
+	if (cipher != NULL)
+		ctx->cipher=cipher;
+	ctx->cipher->init(ctx,key,iv,1);
+	ctx->encrypt=1;
+	ctx->buf_len=0;
+	}
+
+void EVP_DecryptInit(ctx,cipher,key,iv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *cipher;
+unsigned char *key;
+unsigned char *iv;
+	{
+	if (cipher != NULL)
+		ctx->cipher=cipher;
+	ctx->cipher->init(ctx,key,iv,0);
+	ctx->encrypt=0;
+	ctx->buf_len=0;
+	}
+
+
+void EVP_EncryptUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	int i,j,bl;
+
+	i=ctx->buf_len;
+	bl=ctx->cipher->block_size;
+	*outl=0;
+	if ((inl == 0) && (i != bl)) return;
+	if (i != 0)
+		{
+		if (i+inl < bl)
+			{
+			memcpy(&(ctx->buf[i]),in,inl);
+			ctx->buf_len+=inl;
+			return;
+			}
+		else
+			{
+			j=bl-i;
+			if (j != 0) memcpy(&(ctx->buf[i]),in,j);
+			ctx->cipher->do_cipher(ctx,out,ctx->buf,bl);
+			inl-=j;
+			in+=j;
+			out+=bl;
+			*outl+=bl;
+			}
+		}
+	i=inl%bl; /* how much is left */
+	inl-=i;
+	if (inl > 0)
+		{
+		ctx->cipher->do_cipher(ctx,out,in,inl);
+		*outl+=inl;
+		}
+
+	if (i != 0)
+		memcpy(ctx->buf,&(in[inl]),i);
+	ctx->buf_len=i;
+	}
+
+void EVP_EncryptFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	int i,n,b,bl;
+
+	b=ctx->cipher->block_size;
+	if (b == 1)
+		{
+		*outl=0;
+		return;
+		}
+	bl=ctx->buf_len;
+	n=b-bl;
+	for (i=bl; i<b; i++)
+		ctx->buf[i]=n;
+	ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
+	*outl=b;
+	}
+
+void EVP_DecryptUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	int b,bl,n;
+	int keep_last=0;
+
+	*outl=0;
+	if (inl == 0) return;
+
+	b=ctx->cipher->block_size;
+	if (b > 1)
+		{
+		/* Is the input a multiple of the block size? */
+		bl=ctx->buf_len;
+		n=inl+bl;
+		if (n%b == 0)
+			{
+			if (inl < b) /* must be 'just one' buff */
+				{
+				memcpy(&(ctx->buf[bl]),in,inl);
+				ctx->buf_len=b;
+				*outl=0;
+				return;
+				}
+			keep_last=1;
+			inl-=b; /* don't do the last block */
+			}
+		}
+	EVP_EncryptUpdate(ctx,out,outl,in,inl);
+
+	/* if we have 'decrypted' a multiple of block size, make sure
+	 * we have a copy of this last block */
+	if (keep_last)
+		{
+		memcpy(&(ctx->buf[0]),&(in[inl]),b);
+#ifdef DEBUG
+		if (ctx->buf_len != 0)
+			{
+			abort();
+			}
+#endif
+		ctx->buf_len=b;
+		}
+	}
+
+int EVP_DecryptFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	int i,b;
+	int n;
+
+	*outl=0;
+	b=ctx->cipher->block_size;
+	if (b > 1)
+		{
+		if (ctx->buf_len != b)
+			{
+			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+			return(0);
+			}
+		EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0);
+		if (n != b)
+			return(0);
+		n=ctx->buf[b-1];
+		if (n > b)
+			{
+			EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+			return(0);
+			}
+		for (i=0; i<n; i++)
+			{
+			if (ctx->buf[--b] != n)
+				{
+				EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+				return(0);
+				}
+			}
+		n=ctx->cipher->block_size-n;
+		for (i=0; i<n; i++)
+			out[i]=ctx->buf[i];
+		*outl=n;
+		}
+	else
+		*outl=0;
+	return(1);
+	}
+
+void EVP_CIPHER_CTX_cleanup(c)
+EVP_CIPHER_CTX *c;
+	{
+	if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
+		c->cipher->cleanup(c);
+	memset(c,0,sizeof(EVP_CIPHER_CTX));
+	}
+
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
new file mode 100644
index 0000000000..326da1177e
--- /dev/null
+++ b/crypto/evp/evp_err.c
@@ -0,0 +1,101 @@
+/* lib/evp/evp_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "evp.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA EVP_str_functs[]=
+	{
+{ERR_PACK(0,EVP_F_D2I_PKEY,0),	"D2I_PKEY"},
+{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),	"EVP_DecryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_OPENINIT,0),	"EVP_OpenInit"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0),	"EVP_PKEY_copy_parameters"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),	"EVP_PKEY_new"},
+{ERR_PACK(0,EVP_F_EVP_SEALINIT,0),	"EVP_SealInit"},
+{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),	"EVP_SignFinal"},
+{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),	"EVP_VerifyFinal"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA EVP_str_reasons[]=
+	{
+{EVP_R_BAD_DECRYPT                       ,"bad decrypt"},
+{EVP_R_DIFFERENT_KEY_TYPES               ,"different key types"},
+{EVP_R_IV_TOO_LARGE                      ,"iv too large"},
+{EVP_R_MISSING_PARMATERS                 ,"missing parmaters"},
+{EVP_R_NO_SIGN_FUNCTION_CONFIGURED       ,"no sign function configured"},
+{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED     ,"no verify function configured"},
+{EVP_R_PUBLIC_KEY_NOT_RSA                ,"public key not rsa"},
+{EVP_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
+{EVP_R_WRONG_FINAL_BLOCK_LENGTH          ,"wrong final block length"},
+{EVP_R_WRONG_PUBLIC_KEY_TYPE             ,"wrong public key type"},
+{0,NULL},
+	};
+
+void ERR_load_EVP_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
+		ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
+		}
+	}
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
new file mode 100644
index 0000000000..0aa1dbb65a
--- /dev/null
+++ b/crypto/evp/evp_key.c
@@ -0,0 +1,163 @@
+/* crypto/evp/evp_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "x509.h"
+#include "objects.h"
+#include "evp.h"
+
+/* should be init to zeros. */
+static char prompt_string[80];
+
+void EVP_set_pw_prompt(prompt)
+char *prompt;
+	{
+	if (prompt == NULL)
+		prompt_string[0]='\0';
+	else
+		strncpy(prompt_string,prompt,79);
+	}
+
+char *EVP_get_pw_prompt()
+	{
+	if (prompt_string[0] == '\0')
+		return(NULL);
+	else
+		return(prompt_string);
+	}
+
+int EVP_read_pw_string(buf,len,prompt,verify)
+char *buf;
+int len;
+char *prompt;
+int verify;
+	{
+	if ((prompt == NULL) && (prompt_string[0] != '\0'))
+		prompt=prompt_string;
+	return(des_read_pw_string(buf,len,prompt,verify));
+	}
+
+int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv)
+EVP_CIPHER *type;
+EVP_MD *md;
+unsigned char *salt;
+unsigned char *data;
+int datal;
+int count;
+unsigned char *key;
+unsigned char *iv;
+	{
+	EVP_MD_CTX c;
+	unsigned char md_buf[EVP_MAX_MD_SIZE];
+	int niv,nkey,addmd=0;
+	unsigned int mds=0,i;
+
+	nkey=type->key_len;
+	niv=type->iv_len;
+
+	if (data == NULL) return(nkey);
+
+	for (;;)
+		{
+		EVP_DigestInit(&c,md);
+		if (addmd++)
+			EVP_DigestUpdate(&c,&(md_buf[0]),mds);
+		EVP_DigestUpdate(&c,data,datal);
+		if (salt != NULL)
+			EVP_DigestUpdate(&c,salt,8);
+		EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+
+		for (i=1; i<(unsigned int)count; i++)
+			{
+			EVP_DigestInit(&c,md);
+			EVP_DigestUpdate(&c,&(md_buf[0]),mds);
+			EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+			}
+		i=0;
+		if (nkey)
+			{
+			for (;;)
+				{
+				if (nkey == 0) break;
+				if (i == mds) break;
+				if (key != NULL)
+					*(key++)=md_buf[i];
+				nkey--;
+				i++;
+				}
+			}
+		if (niv && (i != mds))
+			{
+			for (;;)
+				{
+				if (niv == 0) break;
+				if (i == mds) break;
+				if (iv != NULL)
+					*(iv++)=md_buf[i];
+				niv--;
+				i++;
+				}
+			}
+		if ((nkey == 0) && (niv == 0)) break;
+		}
+	memset(&c,0,sizeof(c));
+	memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
+	return(nkey);
+	}
+
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c
new file mode 100644
index 0000000000..743beacc5b
--- /dev/null
+++ b/crypto/evp/m_dss.c
@@ -0,0 +1,80 @@
+/* crypto/evp/m_dss.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD dsa_md=
+	{
+	NID_dsaWithSHA,
+	NID_dsaWithSHA,
+	SHA_DIGEST_LENGTH,
+	SHA_Init,
+	SHA_Update,
+	SHA_Final,
+	EVP_PKEY_DSA_method,
+	};
+
+EVP_MD *EVP_dss()
+	{
+	return(&dsa_md);
+	}
+
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
new file mode 100644
index 0000000000..a14e8590b1
--- /dev/null
+++ b/crypto/evp/m_dss1.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_dss1.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD dss1_md=
+	{
+	NID_dsa,
+	NID_dsaWithSHA1,
+	SHA_DIGEST_LENGTH,
+	SHA1_Init,
+	SHA1_Update,
+	SHA1_Final,
+	EVP_PKEY_DSA_method,
+	};
+
+EVP_MD *EVP_dss1()
+	{
+	return(&dss1_md);
+	}
diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c
new file mode 100644
index 0000000000..17360c100e
--- /dev/null
+++ b/crypto/evp/m_md2.c
@@ -0,0 +1,80 @@
+/* crypto/evp/m_md2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md2_md=
+	{
+	NID_md2,
+	NID_md2WithRSAEncryption,
+	MD2_DIGEST_LENGTH,
+	MD2_Init,
+	MD2_Update,
+	MD2_Final,
+	EVP_PKEY_RSA_method,
+	};
+
+EVP_MD *EVP_md2()
+	{
+	return(&md2_md);
+	}
+
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
new file mode 100644
index 0000000000..f7b4eb1eae
--- /dev/null
+++ b/crypto/evp/m_md5.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_md5.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md5_md=
+	{
+	NID_md5,
+	NID_md5WithRSAEncryption,
+	MD5_DIGEST_LENGTH,
+	MD5_Init,
+	MD5_Update,
+	MD5_Final,
+	EVP_PKEY_RSA_method,
+	};
+
+EVP_MD *EVP_md5()
+	{
+	return(&md5_md);
+	}
diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c
new file mode 100644
index 0000000000..da70f689b8
--- /dev/null
+++ b/crypto/evp/m_mdc2.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_mdc2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD mdc2_md=
+	{
+	NID_mdc2,
+	NID_mdc2WithRSA,
+	MDC2_DIGEST_LENGTH,
+	MDC2_Init,
+	MDC2_Update,
+	MDC2_Final,
+	EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
+	};
+
+EVP_MD *EVP_mdc2()
+	{
+	return(&mdc2_md);
+	}
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
new file mode 100644
index 0000000000..47db2c5258
--- /dev/null
+++ b/crypto/evp/m_null.c
@@ -0,0 +1,86 @@
+/* crypto/evp/m_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static void function()
+	{
+	}
+
+static EVP_MD null_md=
+	{
+	NID_undef,
+	NID_undef,
+	0,
+	function,
+	function,
+	function,
+	
+	EVP_PKEY_NULL_method
+	};
+
+EVP_MD *EVP_md_null()
+	{
+	return(&null_md);
+	}
+
+
diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c
new file mode 100644
index 0000000000..d723ac76a3
--- /dev/null
+++ b/crypto/evp/m_sha.c
@@ -0,0 +1,80 @@
+/* crypto/evp/m_sha.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha_md=
+	{
+	NID_sha,
+	NID_shaWithRSAEncryption,
+	SHA_DIGEST_LENGTH,
+	SHA_Init,
+	SHA_Update,
+	SHA_Final,
+	EVP_PKEY_RSA_method,
+	};
+
+EVP_MD *EVP_sha()
+	{
+	return(&sha_md);
+	}
+
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
new file mode 100644
index 0000000000..30037ffcd8
--- /dev/null
+++ b/crypto/evp/m_sha1.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_sha1.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha1_md=
+	{
+	NID_sha1,
+	NID_sha1WithRSAEncryption,
+	SHA_DIGEST_LENGTH,
+	SHA1_Init,
+	SHA1_Update,
+	SHA1_Final,
+	EVP_PKEY_RSA_method,
+	};
+
+EVP_MD *EVP_sha1()
+	{
+	return(&sha1_md);
+	}
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
new file mode 100644
index 0000000000..49fd34f27f
--- /dev/null
+++ b/crypto/evp/names.c
@@ -0,0 +1,281 @@
+/* crypto/evp/names.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+typedef struct aliases_st {
+	char *alias;
+	/* This must be the last field becaue I will allocate things
+	 * so they go off the end of it */
+	char name[4];
+	} ALIASES;
+
+static STACK /* ALIASES */ *aliases=NULL;
+static STACK /* EVP_CIPHERS */ *ciphers=NULL;
+static STACK /* EVP_MD */ *digests=NULL;
+
+static int cipher_nid_cmp(a,b)
+EVP_CIPHER **a,**b;
+	{ return((*a)->nid - (*b)->nid); }
+
+static int digest_type_cmp(a,b)
+EVP_MD **a,**b;
+	{ return((*a)->pkey_type - (*b)->pkey_type); }
+
+int EVP_add_cipher(c)
+EVP_CIPHER *c;
+	{
+	int i;
+
+	if (ciphers == NULL)
+		{
+		ciphers=sk_new(cipher_nid_cmp);
+		if (ciphers == NULL) return(0);
+		}
+	if ((i=sk_find(ciphers,(char *)c)) >= 0)
+		{
+		if (sk_value(ciphers,i) == (char *)c)
+			return(1);
+		sk_delete(ciphers,i);
+		}
+	return(sk_push(ciphers,(char *)c));
+	}
+
+int EVP_add_digest(md)
+EVP_MD *md;
+	{
+	int i;
+	char *n;
+
+	if (digests == NULL)
+		{
+		digests=sk_new(digest_type_cmp);
+		if (digests == NULL) return(0);
+		}
+	if ((i=sk_find(digests,(char *)md)) >= 0)
+		{
+		if (sk_value(digests,i) == (char *)md)
+			return(1);
+		sk_delete(digests,i);
+		}
+	if (md->type != md->pkey_type)
+		{
+		n=OBJ_nid2sn(md->pkey_type);
+		EVP_add_alias(n,OBJ_nid2sn(md->type));
+		EVP_add_alias(n,OBJ_nid2ln(md->type));
+		}
+	sk_push(digests,(char *)md);
+	return(1);
+	}
+
+static int alias_cmp(a,b)
+ALIASES **a,**b;
+	{
+	return(strcmp((*a)->alias,(*b)->alias));
+	}
+
+int EVP_add_alias(name,aname)
+char *name;
+char *aname;
+	{
+	int l1,l2,i;
+	ALIASES *a;
+	char *p;
+
+	if ((name == NULL) || (aname == NULL)) return(0);
+	l1=strlen(name)+1;
+	l2=strlen(aname)+1;
+	i=sizeof(ALIASES)+l1+l2;
+	if ((a=(ALIASES *)Malloc(i)) == NULL)
+		return(0);
+	strcpy(a->name,name);
+	p= &(a->name[l1]);
+	strcpy(p,aname);
+	a->alias=p;
+
+	if (aliases == NULL)
+		{
+		aliases=sk_new(alias_cmp);
+		if (aliases == NULL) goto err;
+		}
+
+	if ((i=sk_find(aliases,(char *)a)) >= 0)
+		Free(sk_delete(aliases,i));
+	if (!sk_push(aliases,(char *)a)) goto err;
+	return(1);
+err:
+	return(0);
+	}
+
+int EVP_delete_alias(name)
+char *name;
+	{
+	ALIASES a;
+	int i;
+
+	if (aliases != NULL)
+		{
+		a.alias=name;
+		if ((i=sk_find(aliases,(char *)&a)) >= 0)
+			{
+			Free(sk_delete(aliases,i));
+			return(1);
+			}
+		}
+	return(0);
+	}
+
+EVP_CIPHER *EVP_get_cipherbyname(name)
+char *name;
+	{
+	int nid,num=6,i;
+	EVP_CIPHER c,*cp;
+	ALIASES a,*ap;
+
+	if (ciphers == NULL) return(NULL);
+	for (;;)
+		{
+		if (num-- <= 0) return(NULL);
+		if (aliases != NULL)
+			{
+			a.alias=name;
+			i=sk_find(aliases,(char *)&a);
+			if (i >= 0)
+				{
+				ap=(ALIASES *)sk_value(aliases,i);
+				name=ap->name;
+				continue;
+				}
+			}
+
+		nid=OBJ_txt2nid(name);
+		c.nid=nid;
+		i=sk_find(ciphers,(char *)&c);
+		if (i >= 0)
+			{
+			cp=(EVP_CIPHER *)sk_value(ciphers,i);
+			return(cp);
+			}
+		else
+			return(NULL);
+		}
+	}
+
+EVP_MD *EVP_get_digestbyname(name)
+char *name;
+	{
+	int nid,num=6,i;
+	EVP_MD c,*cp;
+	ALIASES a,*ap;
+
+	if (digests == NULL) return(NULL);
+
+	for (;;)
+		{
+		if (num-- <= 0) return(NULL);
+
+		if (aliases != NULL)
+			{
+			a.alias=name;
+			i=sk_find(aliases,(char *)&a);
+			if (i >= 0)
+				{
+				ap=(ALIASES *)sk_value(aliases,i);
+				name=ap->name;
+				continue;
+				}
+			}
+
+		nid=OBJ_txt2nid(name);
+		c.pkey_type=nid;
+		i=sk_find(digests,(char *)&c);
+		if (i >= 0)
+			{
+			cp=(EVP_MD *)sk_value(digests,i);
+			return(cp);
+			}
+		else
+			return(NULL);
+		}
+	}
+
+void EVP_cleanup()
+	{
+	int i;
+
+	if (aliases != NULL)
+		{
+		for (i=0; i<sk_num(aliases); i++)
+			Free(sk_value(aliases,i));
+		sk_free(aliases);
+		aliases=NULL;
+		}
+	if (ciphers != NULL)
+		{
+		sk_free(ciphers);
+		ciphers=NULL;
+		}
+	if (digests != NULL)
+		{
+		sk_free(digests);
+		digests=NULL;
+		}
+	}
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
new file mode 100644
index 0000000000..11369048e7
--- /dev/null
+++ b/crypto/evp/p_lib.c
@@ -0,0 +1,256 @@
+/* crypto/evp/p_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "evp.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */
+/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */
+
+#ifndef NOPROTO
+static void EVP_PKEY_free_it(EVP_PKEY *x);
+#else
+static void EVP_PKEY_free_it();
+#endif
+
+int EVP_PKEY_size(pkey)
+EVP_PKEY *pkey;
+	{
+#ifndef NO_RSA
+	if (pkey->type == EVP_PKEY_RSA)
+		return(RSA_size(pkey->pkey.rsa));
+	else
+#endif
+#ifndef NO_DSA
+		if (pkey->type == EVP_PKEY_DSA)
+		return(DSA_size(pkey->pkey.dsa));
+#endif
+	return(0);
+	}
+
+int EVP_PKEY_save_parameters(pkey,mode)
+EVP_PKEY *pkey;
+int mode;
+	{
+#ifndef NO_DSA
+	if (pkey->type == EVP_PKEY_DSA)
+		{
+		int ret=pkey->save_parameters=mode;
+
+		if (mode >= 0)
+			pkey->save_parameters=mode;
+		return(ret);
+		}
+#endif
+	return(0);
+	}
+
+int EVP_PKEY_copy_parameters(to,from)
+EVP_PKEY *to,*from;
+	{
+	if (to->type != from->type)
+		{
+		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
+		return(0);
+		}
+
+	if (EVP_PKEY_missing_parameters(from))
+		{
+		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
+		return(0);
+		}
+#ifndef NO_DSA
+	if (to->type == EVP_PKEY_DSA)
+		{
+		BIGNUM *a;
+
+		if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
+		if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
+		to->pkey.dsa->p=a;
+
+		if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
+		if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
+		to->pkey.dsa->q=a;
+
+		if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
+		if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
+		to->pkey.dsa->g=a;
+		}
+#endif
+	return(1);
+err:
+	return(0);
+	}
+
+int EVP_PKEY_missing_parameters(pkey)
+EVP_PKEY *pkey;
+	{
+#ifndef NO_DSA
+	if (pkey->type == EVP_PKEY_DSA)
+		{
+		DSA *dsa;
+
+		dsa=pkey->pkey.dsa;
+		if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+			return(1);
+		}
+#endif
+	return(0);
+	}
+
+EVP_PKEY *EVP_PKEY_new()
+	{
+	EVP_PKEY *ret;
+
+	ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY));
+	if (ret == NULL)
+		{
+		EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->type=EVP_PKEY_NONE;
+	ret->references=1;
+	ret->pkey.ptr=NULL;
+	ret->attributes=NULL;
+	ret->save_parameters=1;
+	return(ret);
+	}
+
+int EVP_PKEY_assign(pkey,type,key)
+EVP_PKEY *pkey;
+int type;
+char *key;
+	{
+	if (pkey == NULL) return(0);
+	if (pkey->pkey.ptr != NULL)
+		EVP_PKEY_free_it(pkey);
+	pkey->type=EVP_PKEY_type(type);
+	pkey->save_type=type;
+	pkey->pkey.ptr=key;
+	return(1);
+	}
+
+int EVP_PKEY_type(type)
+int type;
+	{
+	switch (type)
+		{
+	case EVP_PKEY_RSA:
+	case EVP_PKEY_RSA2:
+		return(EVP_PKEY_RSA);
+	case EVP_PKEY_DSA:
+	case EVP_PKEY_DSA2:
+	case EVP_PKEY_DSA3:
+		return(EVP_PKEY_DSA);
+	case EVP_PKEY_DH:
+		return(EVP_PKEY_DH);
+	default:
+		return(NID_undef);
+		}
+	}
+
+void EVP_PKEY_free(x)
+EVP_PKEY *x;
+	{
+	int i;
+
+	if (x == NULL) return;
+
+	i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
+		abort();
+		}
+#endif
+	EVP_PKEY_free_it(x);
+	Free((char *)x);
+	}
+
+static void EVP_PKEY_free_it(x)
+EVP_PKEY *x;
+	{
+	switch (x->type)
+		{
+#ifndef NO_RSA
+	case EVP_PKEY_RSA:
+	case EVP_PKEY_RSA2:
+		RSA_free(x->pkey.rsa);
+		break;
+#endif
+#ifndef NO_DSA
+	case EVP_PKEY_DSA:
+	case EVP_PKEY_DSA2:
+	case EVP_PKEY_DSA3:
+		DSA_free(x->pkey.dsa);
+		break;
+#endif
+#ifndef NO_DH
+	case EVP_PKEY_DH:
+		DH_free(x->pkey.dh);
+		break;
+#endif
+		}
+	}
+
diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
new file mode 100644
index 0000000000..46434051ae
--- /dev/null
+++ b/crypto/evp/p_open.c
@@ -0,0 +1,118 @@
+/* crypto/evp/p_open.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_OpenInit(ctx,type,ek,ekl,iv,priv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *type;
+unsigned char *ek;
+int ekl;
+unsigned char *iv;
+EVP_PKEY *priv;
+	{
+	unsigned char *key=NULL;
+	int i,size=0,ret=0;
+	
+	if (priv->type != EVP_PKEY_RSA)
+		{
+                EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
+		ret= -1;
+		goto err;
+                }
+
+	size=RSA_size(priv->pkey.rsa);
+	key=(unsigned char *)Malloc(size+2);
+	if (key == NULL)
+		{
+		/* ERROR */
+		EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
+		ret= -1;
+		goto err;
+		}
+
+	i=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
+	if (i != type->key_len)
+		{
+		/* ERROR */
+		goto err;
+		}
+
+	EVP_DecryptInit(ctx,type,key,iv);
+	ret=1;
+err:
+	if (key != NULL) memset(key,0,size);
+	Free(key);
+	return(ret);
+	}
+
+int EVP_OpenFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	int i;
+
+	i=EVP_DecryptFinal(ctx,out,outl);
+	EVP_DecryptInit(ctx,NULL,NULL,NULL);
+	return(i);
+	}
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
new file mode 100644
index 0000000000..b059c59e8a
--- /dev/null
+++ b/crypto/evp/p_seal.c
@@ -0,0 +1,122 @@
+/* crypto/evp/p_seal.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_SealInit(ctx,type,ek,ekl,iv,pubk,npubk)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *type;
+unsigned char **ek;
+int *ekl;
+unsigned char *iv;
+EVP_PKEY **pubk;
+int npubk;
+	{
+	unsigned char key[EVP_MAX_KEY_LENGTH];
+	int i,ret=0,n;
+	
+	if (npubk <= 0) return(0);
+	RAND_bytes(key,EVP_MAX_KEY_LENGTH);
+	if (type->iv_len > 0)
+		RAND_bytes(iv,type->iv_len);
+
+	EVP_EncryptInit(ctx,type,key,iv);
+	for (i=0; i<npubk; i++)
+		{
+		if (pubk[i]->type != EVP_PKEY_RSA)
+			{
+			EVPerr(EVP_F_EVP_SEALINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
+			goto err;
+			}
+		n=RSA_public_encrypt(type->key_len,key,ek[i],pubk[i]->pkey.rsa,
+			RSA_PKCS1_PADDING);
+		if (n <= 0) goto err;
+		ekl[i]=n;
+		}
+	ret=npubk;
+err:
+	memset(key,0,EVP_MAX_KEY_LENGTH);
+	return(ret);
+	}
+
+/* MACRO
+void EVP_SealUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	EVP_EncryptUpdate(ctx,out,outl,in,inl);
+	}
+*/
+
+void EVP_SealFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+	{
+	EVP_EncryptFinal(ctx,out,outl);
+	EVP_EncryptInit(ctx,NULL,NULL,NULL);
+	}
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
new file mode 100644
index 0000000000..ad5bcd8ba8
--- /dev/null
+++ b/crypto/evp/p_sign.c
@@ -0,0 +1,117 @@
+/* crypto/evp/p_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifdef undef
+void EVP_SignInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+	{
+	EVP_DigestInit(ctx,type);
+	}
+
+void EVP_SignUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+	{
+	EVP_DigestUpdate(ctx,data,count);
+	}
+#endif
+
+int EVP_SignFinal(ctx,sigret,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigret;
+unsigned int *siglen;
+EVP_PKEY *pkey;
+	{
+	unsigned char m[EVP_MAX_MD_SIZE];
+	unsigned int m_len;
+	int i,ok=0,v;
+
+	*siglen=0;
+	EVP_DigestFinal(ctx,&(m[0]),&m_len);
+	for (i=0; i<4; i++)
+		{
+		v=ctx->digest->required_pkey_type[i];
+		if (v == 0) break;
+		if (pkey->type == v)
+			{
+			ok=1;
+			break;
+			}
+		}
+	if (!ok)
+		{
+		EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
+		return(0);
+		}
+	if (ctx->digest->sign == NULL)
+		{
+		EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
+		return(0);
+		}
+	return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
+		pkey->pkey.ptr));
+	}
+
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
new file mode 100644
index 0000000000..4dbaf1ea26
--- /dev/null
+++ b/crypto/evp/p_verify.c
@@ -0,0 +1,99 @@
+/* crypto/evp/p_verify.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_VerifyFinal(ctx,sigbuf,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigbuf;
+unsigned int siglen;
+EVP_PKEY *pkey;
+	{
+	unsigned char m[EVP_MAX_MD_SIZE];
+	unsigned int m_len;
+	int i,ok=0,v;
+
+	for (i=0; i<4; i++)
+		{
+		v=ctx->digest->required_pkey_type[i];
+		if (v == 0) break;
+		if (pkey->type == v)
+			{
+			ok=1;
+			break;
+			}
+		}
+	if (!ok)
+		{
+		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
+		return(-1);
+		}
+	EVP_DigestFinal(ctx,&(m[0]),&m_len);
+        if (ctx->digest->verify == NULL)
+                {
+		EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
+		return(0);
+		}
+
+	return(ctx->digest->verify(ctx->digest->type,m,m_len,
+		sigbuf,siglen,pkey->pkey.ptr));
+	}
diff --git a/crypto/idea/Makefile.ssl b/crypto/idea/Makefile.ssl
new file mode 100644
index 0000000000..41b42ce03b
--- /dev/null
+++ b/crypto/idea/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/idea/Makefile
+#
+
+DIR=	idea
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ideatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= idea.h
+HEADER=	idea_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c
new file mode 100644
index 0000000000..d17e9f29e0
--- /dev/null
+++ b/crypto/idea/i_cbc.c
@@ -0,0 +1,140 @@
+/* crypto/idea/i_cbc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+void idea_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+IDEA_KEY_SCHEDULE *ks;
+unsigned char *iv;
+int encrypt;
+	{
+	register unsigned long tin0,tin1;
+	register unsigned long tout0,tout1,xor0,xor1;
+	register long l=length;
+	unsigned long tin[2];
+
+	if (encrypt)
+		{
+		n2l(iv,tout0);
+		n2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			idea_encrypt(tin,ks);
+			tout0=tin[0]; l2n(tout0,out);
+			tout1=tin[1]; l2n(tout1,out);
+			}
+		if (l != -8)
+			{
+			n2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			idea_encrypt(tin,ks);
+			tout0=tin[0]; l2n(tout0,out);
+			tout1=tin[1]; l2n(tout1,out);
+			}
+		l2n(tout0,iv);
+		l2n(tout1,iv);
+		}
+	else
+		{
+		n2l(iv,xor0);
+		n2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0); tin[0]=tin0;
+			n2l(in,tin1); tin[1]=tin1;
+			idea_encrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2n(tout0,out);
+			l2n(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			n2l(in,tin0); tin[0]=tin0;
+			n2l(in,tin1); tin[1]=tin1;
+			idea_encrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2nn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2n(xor0,iv);
+		l2n(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
new file mode 100644
index 0000000000..366f2d19cf
--- /dev/null
+++ b/crypto/idea/i_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/idea/i_cfb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void idea_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+IDEA_KEY_SCHEDULE *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+	{
+	register unsigned long v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned long ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (encrypt)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				n2l(iv,v0); ti[0]=v0;
+				n2l(iv,v1); ti[1]=v1;
+				idea_encrypt((unsigned long *)ti,schedule);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2n(t,iv);
+				t=ti[1]; l2n(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				n2l(iv,v0); ti[0]=v0;
+				n2l(iv,v1); ti[1]=v1;
+				idea_encrypt((unsigned long *)ti,schedule);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2n(t,iv);
+				t=ti[1]; l2n(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=t=c=cc=0;
+	*num=n;
+	}
+
diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
new file mode 100644
index 0000000000..b3b694b0c6
--- /dev/null
+++ b/crypto/idea/i_ecb.c
@@ -0,0 +1,138 @@
+/* crypto/idea/i_ecb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+char *IDEA_version="IDEA part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *idea_options()
+	{
+	if (sizeof(short) != sizeof(IDEA_INT))
+		return("idea(int)");
+	else
+		return("idea(short)");
+	}
+
+void idea_ecb_encrypt(in, out, ks)
+unsigned char *in;
+unsigned char *out;
+IDEA_KEY_SCHEDULE *ks;
+	{
+	unsigned long l0,l1,d[2];
+
+	n2l(in,l0); d[0]=l0;
+	n2l(in,l1); d[1]=l1;
+	idea_encrypt(d,ks);
+	l0=d[0]; l2n(l0,out);
+	l1=d[1]; l2n(l1,out);
+	l0=l1=d[0]=d[1]=0;
+	}
+
+void idea_encrypt(d,key)
+unsigned long *d;
+IDEA_KEY_SCHEDULE *key;
+	{
+	int i;
+	register IDEA_INT *p;
+	register unsigned long x1,x2,x3,x4,t0,t1,ul;
+
+	x2=d[0];
+	x1=(x2>>16);
+	x4=d[1];
+	x3=(x4>>16);
+
+	p= &(key->data[0][0]);
+	for (i=0; i<8; i++)
+		{
+		x1&=0xffff;
+		idea_mul(x1,x1,*p,ul); p++;
+
+		x2+= *(p++);
+		x3+= *(p++);
+
+		x4&=0xffff;
+		idea_mul(x4,x4,*p,ul); p++;
+
+		t0=(x1^x3)&0xffff;
+		idea_mul(t0,t0,*p,ul); p++;
+
+		t1=(t0+(x2^x4))&0xffff;
+		idea_mul(t1,t1,*p,ul); p++;
+
+		t0+=t1;
+
+		x1^=t1;
+		x4^=t0;
+		ul=x2^t0;		/* do the swap to x3 */
+		x2=x3^t1;
+		x3=ul;
+		}
+
+	x1&=0xffff;
+	idea_mul(x1,x1,*p,ul); p++;
+
+	t0= x3+ *(p++);
+	t1= x2+ *(p++);
+
+	x4&=0xffff;
+	idea_mul(x4,x4,*p,ul);
+
+	d[0]=(t0&0xffff)|((x1&0xffff)<<16);
+	d[1]=(x4&0xffff)|((t1&0xffff)<<16);
+	}
diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
new file mode 100644
index 0000000000..43a9584a37
--- /dev/null
+++ b/crypto/idea/i_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/idea/i_ofb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void idea_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+IDEA_KEY_SCHEDULE *schedule;
+unsigned char *ivec;
+int *num;
+	{
+	register unsigned long v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned char d[8];
+	register char *dp;
+	unsigned long ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	n2l(iv,v0);
+	n2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2n(v0,dp);
+	l2n(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			idea_encrypt((unsigned long *)ti,schedule);
+			dp=(char *)d;
+			t=ti[0]; l2n(t,dp);
+			t=ti[1]; l2n(t,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+		v0=ti[0];
+		v1=ti[1];
+		iv=(unsigned char *)ivec;
+		l2n(v0,iv);
+		l2n(v1,iv);
+		}
+	t=v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c
new file mode 100644
index 0000000000..fcbdb691e2
--- /dev/null
+++ b/crypto/idea/i_skey.c
@@ -0,0 +1,166 @@
+/* crypto/idea/i_skey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+#ifndef NOPROTO
+static IDEA_INT inverse(unsigned int xin);
+#else
+static IDEA_INT inverse();
+#endif
+
+void idea_set_encrypt_key(key, ks)
+unsigned char *key;
+IDEA_KEY_SCHEDULE *ks;
+	{
+	int i;
+	register IDEA_INT *kt,*kf,r0,r1,r2;
+
+	kt= &(ks->data[0][0]);
+	n2s(key,kt[0]); n2s(key,kt[1]); n2s(key,kt[2]); n2s(key,kt[3]);
+	n2s(key,kt[4]); n2s(key,kt[5]); n2s(key,kt[6]); n2s(key,kt[7]);
+
+	kf=kt;
+	kt+=8;
+	for (i=0; i<6; i++)
+		{
+		r2= kf[1];
+		r1= kf[2];
+		*(kt++)= ((r2<<9) | (r1>>7))&0xffff;
+		r0= kf[3];
+		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
+		r1= kf[4];
+		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
+		r0= kf[5];
+		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
+		r1= kf[6];
+		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
+		r0= kf[7];
+		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
+		r1= kf[0];
+		if (i >= 5) break;
+		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
+		*(kt++)= ((r1<<9) | (r2>>7))&0xffff;
+		kf+=8;
+		}
+	}
+
+void idea_set_decrypt_key(ek, dk)
+IDEA_KEY_SCHEDULE *ek;
+IDEA_KEY_SCHEDULE *dk;
+	{
+	int r;
+	register IDEA_INT *fp,*tp,t;
+
+	tp= &(dk->data[0][0]);
+	fp= &(ek->data[8][0]);
+	for (r=0; r<9; r++)
+		{
+		*(tp++)=inverse(fp[0]);
+		*(tp++)=((int)(0x10000L-fp[2])&0xffff);
+		*(tp++)=((int)(0x10000L-fp[1])&0xffff);
+		*(tp++)=inverse(fp[3]);
+		if (r == 8) break;
+		fp-=6;
+		*(tp++)=fp[4];
+		*(tp++)=fp[5];
+		}
+
+	tp= &(dk->data[0][0]);
+	t=tp[1];
+	tp[1]=tp[2];
+	tp[2]=t;
+
+	t=tp[49];
+	tp[49]=tp[50];
+	tp[50]=t;
+	}
+
+/* taken directly from the 'paper' I'll have a look at it later */
+static IDEA_INT inverse(xin)
+unsigned int xin;
+	{
+	long n1,n2,q,r,b1,b2,t;
+
+	if (xin == 0)
+		b2=0;
+	else
+		{
+		n1=0x10001;
+		n2=xin;
+		b2=1;
+		b1=0;
+
+		do	{
+			r=(n1%n2);
+			q=(n1-r)/n2;
+			if (r == 0)
+				{ if (b2 < 0) b2=0x10001+b2; }
+			else
+				{
+				n1=n2;
+				n2=r;
+				t=b2;
+				b2=b1-q*b2;
+				b1=t;
+				}
+			} while (r != 0);
+		}
+	return((IDEA_INT)b2);
+	}
diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h
new file mode 100644
index 0000000000..e0eb4e0d63
--- /dev/null
+++ b/crypto/idea/idea.h
@@ -0,0 +1,116 @@
+/* crypto/idea/idea.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify idea.org since idea.h is automatically generated from 
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_IDEA_H
+#define HEADER_IDEA_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define IDEA_ENCRYPT	1
+#define IDEA_DECRYPT	0
+
+#define IDEA_INT unsigned int
+#define IDEA_BLOCK	8
+#define IDEA_KEY_LENGTH	16
+
+typedef struct idea_key_st
+	{
+	IDEA_INT data[9][6];
+	} IDEA_KEY_SCHEDULE;
+
+#ifndef NOPROTO
+char *idea_options(void);
+void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+	IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
+	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
+void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+	int *num,int enc);
+void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
+void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
+#else
+char *idea_options();
+void idea_ecb_encrypt();
+void idea_set_encrypt_key();
+void idea_set_decrypt_key();
+void idea_cbc_encrypt();
+void idea_cfb64_encrypt();
+void idea_ofb64_encrypt();
+void idea_encrypt();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/idea/idea.org b/crypto/idea/idea.org
new file mode 100644
index 0000000000..e0eb4e0d63
--- /dev/null
+++ b/crypto/idea/idea.org
@@ -0,0 +1,116 @@
+/* crypto/idea/idea.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify idea.org since idea.h is automatically generated from 
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_IDEA_H
+#define HEADER_IDEA_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define IDEA_ENCRYPT	1
+#define IDEA_DECRYPT	0
+
+#define IDEA_INT unsigned int
+#define IDEA_BLOCK	8
+#define IDEA_KEY_LENGTH	16
+
+typedef struct idea_key_st
+	{
+	IDEA_INT data[9][6];
+	} IDEA_KEY_SCHEDULE;
+
+#ifndef NOPROTO
+char *idea_options(void);
+void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+	IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
+	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
+void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+	int *num,int enc);
+void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
+void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
+#else
+char *idea_options();
+void idea_ecb_encrypt();
+void idea_set_encrypt_key();
+void idea_set_decrypt_key();
+void idea_cbc_encrypt();
+void idea_cfb64_encrypt();
+void idea_ofb64_encrypt();
+void idea_encrypt();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/idea/idea_lcl.h b/crypto/idea/idea_lcl.h
new file mode 100644
index 0000000000..fcd007f2b4
--- /dev/null
+++ b/crypto/idea/idea_lcl.h
@@ -0,0 +1,197 @@
+/* crypto/idea/idea_lcl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The new form of this macro (check if the a*b == 0) was sugested by 
+ * Colin Plumb <colin@nyx10.cs.du.edu> */
+/* Removal of the inner if from from Wei Dai 24/4/96 */
+#define idea_mul(r,a,b,ul) \
+ul=(unsigned long)a*b; \
+if (ul != 0) \
+	{ \
+	r=(ul&0xffff)-(ul>>16); \
+	r-=((r)>>16); \
+/*	if (r&0xffff0000L) r=(r+0x10001); */ \
+	} \
+else \
+	r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ \
+
+#ifdef undef
+#define idea_mul(r,a,b,ul,sl) \
+if (a == 0) r=(0x10001-b)&0xffff; \
+else if (b == 0) r=(0x10001-a)&0xffff; \
+else	{ \
+	ul=(unsigned long)a*b; \
+	sl=(ul&0xffff)-(ul>>16); \
+	if (sl <= 0) sl+=0x10001; \
+	r=sl; \
+	} 
+#endif
+
+/*  7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
+ * for pointing out that I was assuming little endian
+ * byte order for all quantities what idea
+ * actually used bigendian.  No where in the spec does it mention
+ * this, it is all in terms of 16 bit numbers and even the example
+ * does not use byte streams for the input example :-(.
+ * If you byte swap each pair of input, keys and iv, the functions
+ * would produce the output as the old version :-(.
+ */
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#undef s2n
+#define s2n(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+#undef n2s
+#define n2s(c,l)	(l =((IDEA_INT)(*((c)++)))<< 8L, \
+			 l|=((IDEA_INT)(*((c)++)))      )
+
+#ifdef undef
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+				} \
+			}
+
+#undef c2s
+#define c2s(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L)
+
+#undef s2c
+#define s2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))     , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+#endif
diff --git a/crypto/idea/ideatest.c b/crypto/idea/ideatest.c
new file mode 100644
index 0000000000..ee01ba5b2c
--- /dev/null
+++ b/crypto/idea/ideatest.c
@@ -0,0 +1,232 @@
+/* crypto/idea/ideatest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "idea.h"
+
+unsigned char k[16]={
+	0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
+	0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
+
+unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
+unsigned char  c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
+unsigned char out[80];
+
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+	0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+	0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+	};
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+        {
+        0x4e,0x6f,0x77,0x20,0x69,0x73,
+        0x20,0x74,0x68,0x65,0x20,0x74,
+        0x69,0x6d,0x65,0x20,0x66,0x6f,
+        0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+	0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+	0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+	0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/*	0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+	0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+	0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+	}; 
+
+#ifndef NOPROTO
+static int cfb64_test(unsigned char *cfb_cipher);
+static char *pt(unsigned char *p);
+#else
+static int cfb64_test();
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	IDEA_KEY_SCHEDULE key,dkey; 
+	unsigned char iv[8];
+
+	idea_set_encrypt_key(k,&key);
+	idea_ecb_encrypt(in,out,&key);
+	if (memcmp(out,c,8) != 0)
+		{
+		printf("ecb idea error encrypting\n");
+		printf("got     :");
+		for (i=0; i<8; i++)
+			printf("%02X ",out[i]);
+		printf("\n");
+		printf("expected:");
+		for (i=0; i<8; i++)
+			printf("%02X ",c[i]);
+		err=20;
+		printf("\n");
+		}
+
+	idea_set_decrypt_key(&key,&dkey);
+	idea_ecb_encrypt(c,out,&dkey);
+	if (memcmp(out,in,8) != 0)
+		{
+		printf("ecb idea error decrypting\n");
+		printf("got     :");
+		for (i=0; i<8; i++)
+			printf("%02X ",out[i]);
+		printf("\n");
+		printf("expected:");
+		for (i=0; i<8; i++)
+			printf("%02X ",in[i]);
+		printf("\n");
+		err=3;
+		}
+
+	if (err == 0) printf("ecb idea ok\n");
+
+	memcpy(iv,k,8);
+	idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
+	memcpy(iv,k,8);
+	idea_cbc_encrypt(out,out,8,&dkey,iv,0);
+	idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
+	if (memcmp(text,out,strlen(text)+1) != 0)
+		{
+		printf("cbc idea bad\n");
+		err=4;
+		}
+	else
+		printf("cbc idea ok\n");
+
+	printf("cfb64 idea ");
+	if (cfb64_test(cfb_cipher64))
+		{
+		printf("bad\n");
+		err=5;
+		}
+	else
+		printf("ok\n");
+
+	exit(err);
+	return(err);
+	}
+
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+        {
+        IDEA_KEY_SCHEDULE eks,dks;
+        int err=0,i,n;
+
+        idea_set_encrypt_key(cfb_key,&eks);
+        idea_set_decrypt_key(&eks,&dks);
+        memcpy(cfb_tmp,cfb_iv,8);
+        n=0;
+        idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+                cfb_tmp,&n,IDEA_ENCRYPT);
+        idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+                (long)CFB_TEST_SIZE-12,&eks,
+                cfb_tmp,&n,IDEA_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+                {
+                err=1;
+                printf("idea_cfb64_encrypt encrypt error\n");
+                for (i=0; i<CFB_TEST_SIZE; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,8);
+        n=0;
+        idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+                cfb_tmp,&n,IDEA_DECRYPT);
+        idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                (long)CFB_TEST_SIZE-17,&dks,
+                cfb_tmp,&n,IDEA_DECRYPT);
+        if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+                {
+                err=1;
+                printf("idea_cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+static char *pt(p)
+unsigned char *p;
+	{
+	static char bufs[10][20];
+	static int bnum=0;
+	char *ret;
+	int i;
+	static char *f="0123456789ABCDEF";
+
+	ret= &(bufs[bnum++][0]);
+	bnum%=10;
+	for (i=0; i<8; i++)
+		{
+		ret[i*2]=f[(p[i]>>4)&0xf];
+		ret[i*2+1]=f[p[i]&0xf];
+		}
+	ret[16]='\0';
+	return(ret);
+	}
+	
diff --git a/crypto/idea/version b/crypto/idea/version
new file mode 100644
index 0000000000..3f22293795
--- /dev/null
+++ b/crypto/idea/version
@@ -0,0 +1,12 @@
+1.1 07/12/95 - eay
+	Many thanks to Rhys Weatherley <rweather@us.oracle.com>
+	for pointing out that I was assuming little endian byte
+	order for all quantities what idea actually used
+	bigendian.  No where in the spec does it mention
+	this, it is all in terms of 16 bit numbers and even the example
+	does not use byte streams for the input example :-(.
+	If you byte swap each pair of input, keys and iv, the functions
+	would produce the output as the old version :-(.
+
+1.0 ??/??/95 - eay
+	First version.
diff --git a/crypto/lhash/Makefile.ssl b/crypto/lhash/Makefile.ssl
new file mode 100644
index 0000000000..cb08547b4f
--- /dev/null
+++ b/crypto/lhash/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/lhash/Makefile
+#
+
+DIR=	lhash
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=lhash.c lh_stats.c
+LIBOBJ=lhash.o lh_stats.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= lhash.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
new file mode 100644
index 0000000000..824eb6215c
--- /dev/null
+++ b/crypto/lhash/lh_stats.c
@@ -0,0 +1,289 @@
+/* crypto/lhash/lh_stats.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+/* If you wish to build this outside of SSLeay, remove the following line
+ * and things should work as expected */
+#include "bio.h"
+
+#include "lhash.h"
+
+#ifndef HEADER_BIO_H
+
+void lh_stats(lh, out)
+LHASH *lh;
+FILE *out;
+	{
+	fprintf(out,"num_items             = %lu\n",lh->num_items);
+	fprintf(out,"num_nodes             = %u\n",lh->num_nodes);
+	fprintf(out,"num_alloc_nodes       = %u\n",lh->num_alloc_nodes);
+	fprintf(out,"num_expands           = %lu\n",lh->num_expands);
+	fprintf(out,"num_expand_reallocs   = %lu\n",lh->num_expand_reallocs);
+	fprintf(out,"num_contracts         = %lu\n",lh->num_contracts);
+	fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
+	fprintf(out,"num_hash_calls        = %lu\n",lh->num_hash_calls);
+	fprintf(out,"num_comp_calls        = %lu\n",lh->num_comp_calls);
+	fprintf(out,"num_insert            = %lu\n",lh->num_insert);
+	fprintf(out,"num_replace           = %lu\n",lh->num_replace);
+	fprintf(out,"num_delete            = %lu\n",lh->num_delete);
+	fprintf(out,"num_no_delete         = %lu\n",lh->num_no_delete);
+	fprintf(out,"num_retrieve          = %lu\n",lh->num_retrieve);
+	fprintf(out,"num_retrieve_miss     = %lu\n",lh->num_retrieve_miss);
+	fprintf(out,"num_hash_comps        = %lu\n",lh->num_hash_comps);
+#ifdef DEBUG
+	fprintf(out,"p                     = %u\n",lh->p);
+	fprintf(out,"pmax                  = %u\n",lh->pmax);
+	fprintf(out,"up_load               = %lu\n",lh->up_load);
+	fprintf(out,"down_load             = %lu\n",lh->down_load);
+#endif
+	}
+
+void lh_node_stats(lh, out)
+LHASH *lh;
+FILE *out;
+	{
+	LHASH_NODE *n;
+	unsigned int i,num;
+
+	for (i=0; i<lh->num_nodes; i++)
+		{
+		for (n=lh->b[i],num=0; n != NULL; n=n->next)
+			num++;
+		fprintf(out,"node %6u -> %3u\n",i,num);
+		}
+	}
+
+void lh_node_usage_stats(lh, out)
+LHASH *lh;
+FILE *out;
+	{
+	LHASH_NODE *n;
+	unsigned long num;
+	unsigned int i;
+	unsigned long total=0,n_used=0;
+
+	for (i=0; i<lh->num_nodes; i++)
+		{
+		for (n=lh->b[i],num=0; n != NULL; n=n->next)
+			num++;
+		if (num != 0)
+			{
+			n_used++;
+			total+=num;
+			}
+		}
+	fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
+	fprintf(out,"%lu items\n",total);
+	if (n_used == 0) return;
+	fprintf(out,"load %d.%02d  actual load %d.%02d\n",
+		(int)(total/lh->num_nodes),
+		(int)((total%lh->num_nodes)*100/lh->num_nodes),
+		(int)(total/n_used),
+		(int)((total%n_used)*100/n_used));
+	}
+
+#else
+
+#ifndef WIN16
+void lh_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+	{
+	BIO *bp;
+
+	bp=BIO_new(BIO_s_file());
+	if (bp == NULL) goto end;
+	BIO_set_fp(bp,fp,BIO_NOCLOSE);
+	lh_stats_bio(lh,bp);
+	BIO_free(bp);
+end:;
+	}
+
+void lh_node_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+	{
+	BIO *bp;
+
+	bp=BIO_new(BIO_s_file());
+	if (bp == NULL) goto end;
+	BIO_set_fp(bp,fp,BIO_NOCLOSE);
+	lh_node_stats_bio(lh,bp);
+	BIO_free(bp);
+end:;
+	}
+
+void lh_node_usage_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+	{
+	BIO *bp;
+
+	bp=BIO_new(BIO_s_file());
+	if (bp == NULL) goto end;
+	BIO_set_fp(bp,fp,BIO_NOCLOSE);
+	lh_node_usage_stats_bio(lh,bp);
+	BIO_free(bp);
+end:;
+	}
+
+#endif
+
+void lh_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+	{
+	char buf[128];
+
+	sprintf(buf,"num_items             = %lu\n",lh->num_items);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_nodes             = %u\n",lh->num_nodes);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_alloc_nodes       = %u\n",lh->num_alloc_nodes);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_expands           = %lu\n",lh->num_expands);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_expand_reallocs   = %lu\n",lh->num_expand_reallocs);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_contracts         = %lu\n",lh->num_contracts);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_hash_calls        = %lu\n",lh->num_hash_calls);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_comp_calls        = %lu\n",lh->num_comp_calls);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_insert            = %lu\n",lh->num_insert);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_replace           = %lu\n",lh->num_replace);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_delete            = %lu\n",lh->num_delete);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_no_delete         = %lu\n",lh->num_no_delete);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_retrieve          = %lu\n",lh->num_retrieve);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_retrieve_miss     = %lu\n",lh->num_retrieve_miss);
+	BIO_puts(out,buf);
+	sprintf(buf,"num_hash_comps        = %lu\n",lh->num_hash_comps);
+	BIO_puts(out,buf);
+#ifdef DEBUG
+	sprintf(buf,"p                     = %u\n",lh->p);
+	BIO_puts(out,buf);
+	sprintf(buf,"pmax                  = %u\n",lh->pmax);
+	BIO_puts(out,buf);
+	sprintf(buf,"up_load               = %lu\n",lh->up_load);
+	BIO_puts(out,buf);
+	sprintf(buf,"down_load             = %lu\n",lh->down_load);
+	BIO_puts(out,buf);
+#endif
+	}
+
+void lh_node_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+	{
+	LHASH_NODE *n;
+	unsigned int i,num;
+	char buf[128];
+
+	for (i=0; i<lh->num_nodes; i++)
+		{
+		for (n=lh->b[i],num=0; n != NULL; n=n->next)
+			num++;
+		sprintf(buf,"node %6u -> %3u\n",i,num);
+		BIO_puts(out,buf);
+		}
+	}
+
+void lh_node_usage_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+	{
+	LHASH_NODE *n;
+	unsigned long num;
+	unsigned int i;
+	unsigned long total=0,n_used=0;
+	char buf[128];
+
+	for (i=0; i<lh->num_nodes; i++)
+		{
+		for (n=lh->b[i],num=0; n != NULL; n=n->next)
+			num++;
+		if (num != 0)
+			{
+			n_used++;
+			total+=num;
+			}
+		}
+	sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
+	BIO_puts(out,buf);
+	sprintf(buf,"%lu items\n",total);
+	BIO_puts(out,buf);
+	if (n_used == 0) return;
+	sprintf(buf,"load %d.%02d  actual load %d.%02d\n",
+		(int)(total/lh->num_nodes),
+		(int)((total%lh->num_nodes)*100/lh->num_nodes),
+		(int)(total/n_used),
+		(int)((total%n_used)*100/n_used));
+	BIO_puts(out,buf);
+	}
+
+#endif
diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c
new file mode 100644
index 0000000000..f90b3bbd24
--- /dev/null
+++ b/crypto/lhash/lh_test.c
@@ -0,0 +1,89 @@
+/* crypto/lhash/lh_test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "lhash.h"
+
+main()
+	{
+	LHASH *conf;
+	char buf[256];
+	int i;
+
+	conf=lh_new(lh_strhash,strcmp);
+	for (;;)
+		{
+		char *p;
+
+		buf[0]='\0';
+		fgets(buf,256,stdin);
+		if (buf[0] == '\0') break;
+		buf[256]='\0';
+		i=strlen(buf);
+		p=Malloc(i+1);
+		memcpy(p,buf,i+1);
+		lh_insert(conf,p);
+		}
+
+	lh_node_stats(conf,stdout);
+	lh_stats(conf,stdout);
+	lh_node_usage_stats(conf,stdout);
+	exit(0);
+	}
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
new file mode 100644
index 0000000000..3e61248946
--- /dev/null
+++ b/crypto/lhash/lhash.c
@@ -0,0 +1,489 @@
+/* crypto/lhash/lhash.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+char *lh_version="lhash part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Code for dynamic hash table routines
+ * Author - Eric Young v 2.0
+ *
+ * 2.0 eay - Fixed a bug that occured when using lh_delete
+ *	     from inside lh_doall().  As entries were deleted,
+ *	     the 'table' was 'contract()ed', making some entries
+ *	     jump from the end of the table to the start, there by
+ *	     skiping the lh_doall() processing. eay - 4/12/95
+ *
+ * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
+ *	     were not being free()ed. 21/11/95
+ *
+ * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
+ *	     19/09/95
+ *
+ * 1.7 eay - Removed the fputs() for realloc failures - the code
+ *           should silently tolerate them.  I have also fixed things
+ *           lint complained about 04/05/95
+ *
+ * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
+ *
+ * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
+ *
+ * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
+ *
+ * 1.3 eay - Fixed a few lint problems 19/3/1991
+ *
+ * 1.2 eay - Fixed lh_doall problem 13/3/1991
+ *
+ * 1.1 eay - Added lh_doall
+ *
+ * 1.0 eay - First version
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "lhash.h"
+
+#undef MIN_NODES 
+#define MIN_NODES	16
+#define UP_LOAD		(2*LH_LOAD_MULT) /* load times 256  (default 2) */
+#define DOWN_LOAD	(LH_LOAD_MULT)   /* load times 256  (default 1) */
+
+#ifndef NOPROTO
+
+#define P_CP	char *
+#define P_CPP	char *,char *
+static void expand(LHASH *lh);
+static void contract(LHASH *lh);
+static LHASH_NODE **getrn(LHASH *lh, char *data, unsigned long *rhash);
+
+#else
+
+#define	P_CP
+#define P_CPP
+static void expand();
+static void contract();
+static LHASH_NODE **getrn();
+
+#endif
+
+LHASH *lh_new(h, c)
+unsigned long (*h)();
+int (*c)();
+	{
+	LHASH *ret;
+	int i;
+
+	if ((ret=(LHASH *)malloc(sizeof(LHASH))) == NULL)
+		goto err0;
+	if ((ret->b=(LHASH_NODE **)malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
+		goto err1;
+	for (i=0; i<MIN_NODES; i++)
+		ret->b[i]=NULL;
+	ret->comp=((c == NULL)?(int (*)())strcmp:c);
+	ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h);
+	ret->num_nodes=MIN_NODES/2;
+	ret->num_alloc_nodes=MIN_NODES;
+	ret->p=0;
+	ret->pmax=MIN_NODES/2;
+	ret->up_load=UP_LOAD;
+	ret->down_load=DOWN_LOAD;
+	ret->num_items=0;
+
+	ret->num_expands=0;
+	ret->num_expand_reallocs=0;
+	ret->num_contracts=0;
+	ret->num_contract_reallocs=0;
+	ret->num_hash_calls=0;
+	ret->num_comp_calls=0;
+	ret->num_insert=0;
+	ret->num_replace=0;
+	ret->num_delete=0;
+	ret->num_no_delete=0;
+	ret->num_retrieve=0;
+	ret->num_retrieve_miss=0;
+	ret->num_hash_comps=0;
+
+	return(ret);
+err1:
+	free((char *)ret);
+err0:
+	return(NULL);
+	}
+
+void lh_free(lh)
+LHASH *lh;
+	{
+	unsigned int i;
+	LHASH_NODE *n,*nn;
+
+	for (i=0; i<lh->num_nodes; i++)
+		{
+		n=lh->b[i];
+		while (n != NULL)
+			{
+			nn=n->next;
+			free(n);
+			n=nn;
+			}
+		}
+	free((char *)lh->b);
+	free((char *)lh);
+	}
+
+char *lh_insert(lh, data)
+LHASH *lh;
+char *data;
+	{
+	unsigned long hash;
+	LHASH_NODE *nn,**rn;
+	char *ret;
+
+	if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
+		expand(lh);
+
+	rn=getrn(lh,data,&hash);
+
+	if (*rn == NULL)
+		{
+		if ((nn=(LHASH_NODE *)malloc(sizeof(LHASH_NODE))) == NULL)
+			return(NULL);
+		nn->data=data;
+		nn->next=NULL;
+#ifndef NO_HASH_COMP
+		nn->hash=hash;
+#endif
+		*rn=nn;
+		ret=NULL;
+		lh->num_insert++;
+		lh->num_items++;
+		}
+	else /* replace same key */
+		{
+		ret= (*rn)->data;
+		(*rn)->data=data;
+		lh->num_replace++;
+		}
+	return(ret);
+	}
+
+char *lh_delete(lh, data)
+LHASH *lh;
+char *data;
+	{
+	unsigned long hash;
+	LHASH_NODE *nn,**rn;
+	char *ret;
+
+	rn=getrn(lh,data,&hash);
+
+	if (*rn == NULL)
+		{
+		lh->num_no_delete++;
+		return(NULL);
+		}
+	else
+		{
+		nn= *rn;
+		*rn=nn->next;
+		ret=nn->data;
+		free((char *)nn);
+		lh->num_delete++;
+		}
+
+	lh->num_items--;
+	if ((lh->num_nodes > MIN_NODES) &&
+		(lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
+		contract(lh);
+
+	return(ret);
+	}
+
+char *lh_retrieve(lh, data)
+LHASH *lh;
+char *data;
+	{
+	unsigned long hash;
+	LHASH_NODE **rn;
+	char *ret;
+
+	rn=getrn(lh,data,&hash);
+
+	if (*rn == NULL)
+		{
+		lh->num_retrieve_miss++;
+		return(NULL);
+		}
+	else
+		{
+		ret= (*rn)->data;
+		lh->num_retrieve++;
+		}
+	return(ret);
+	}
+
+void lh_doall(lh, func)
+LHASH *lh;
+void (*func)();
+	{
+	lh_doall_arg(lh,func,NULL);
+	}
+
+void lh_doall_arg(lh, func, arg)
+LHASH *lh;
+void (*func)();
+char *arg;
+	{
+	int i;
+	LHASH_NODE *a,*n;
+
+	/* reverse the order so we search from 'top to bottom'
+	 * We were having memory leaks otherwise */
+	for (i=lh->num_nodes-1; i>=0; i--)
+		{
+		a=lh->b[i];
+		while (a != NULL)
+			{
+			/* 28/05/91 - eay - n added so items can be deleted
+			 * via lh_doall */
+			n=a->next;
+			func(a->data,arg);
+			a=n;
+			}
+		}
+	}
+
+static void expand(lh)
+LHASH *lh;
+	{
+	LHASH_NODE **n,**n1,**n2,*np;
+	unsigned int p,i,j;
+	unsigned long hash,nni;
+
+	lh->num_nodes++;
+	lh->num_expands++;
+	p=(int)lh->p++;
+	n1= &(lh->b[p]);
+	n2= &(lh->b[p+(int)lh->pmax]);
+	*n2=NULL;        /* 27/07/92 - eay - undefined pointer bug */
+	nni=lh->num_alloc_nodes;
+	
+	for (np= *n1; np != NULL; )
+		{
+#ifndef NO_HASH_COMP
+		hash=np->hash;
+#else
+		hash=(*(lh->hash))(np->data);
+		lh->num_hash_calls++;
+#endif
+		if ((hash%nni) != p)
+			{ /* move it */
+			*n1= (*n1)->next;
+			np->next= *n2;
+			*n2=np;
+			}
+		else
+			n1= &((*n1)->next);
+		np= *n1;
+		}
+
+	if ((lh->p) >= lh->pmax)
+		{
+		j=(int)lh->num_alloc_nodes*2;
+		n=(LHASH_NODE **)realloc((char *)lh->b,
+			(unsigned int)sizeof(LHASH_NODE *)*j);
+		if (n == NULL)
+			{
+/*			fputs("realloc error in lhash",stderr); */
+			lh->p=0;
+			return;
+			}
+		/* else */
+		for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
+			n[i]=NULL;			  /* 02/03/92 eay */
+		lh->pmax=lh->num_alloc_nodes;
+		lh->num_alloc_nodes=j;
+		lh->num_expand_reallocs++;
+		lh->p=0;
+		lh->b=n;
+		}
+	}
+
+static void contract(lh)
+LHASH *lh;
+	{
+	LHASH_NODE **n,*n1,*np;
+
+	np=lh->b[lh->p+lh->pmax-1];
+	lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
+	if (lh->p == 0)
+		{
+		n=(LHASH_NODE **)realloc((char *)lh->b,
+			(unsigned int)(sizeof(LHASH_NODE *)*lh->pmax));
+		if (n == NULL)
+			{
+/*			fputs("realloc error in lhash",stderr); */
+			return;
+			}
+		lh->num_contract_reallocs++;
+		lh->num_alloc_nodes/=2;
+		lh->pmax/=2;
+		lh->p=lh->pmax-1;
+		lh->b=n;
+		}
+	else
+		lh->p--;
+
+	lh->num_nodes--;
+	lh->num_contracts++;
+
+	n1=lh->b[(int)lh->p];
+	if (n1 == NULL)
+		lh->b[(int)lh->p]=np;
+	else
+		{
+		while (n1->next != NULL)
+			n1=n1->next;
+		n1->next=np;
+		}
+	}
+
+static LHASH_NODE **getrn(lh, data, rhash)
+LHASH *lh;
+char *data;
+unsigned long *rhash;
+	{
+	LHASH_NODE **ret,*n1;
+	unsigned long hash,nn;
+	int (*cf)();
+
+	hash=(*(lh->hash))(data);
+	lh->num_hash_calls++;
+	*rhash=hash;
+
+	nn=hash%lh->pmax;
+	if (nn < lh->p)
+		nn=hash%lh->num_alloc_nodes;
+
+	cf=lh->comp;
+	ret= &(lh->b[(int)nn]);
+	for (n1= *ret; n1 != NULL; n1=n1->next)
+		{
+#ifndef NO_HASH_COMP
+		lh->num_hash_comps++;
+		if (n1->hash != hash)
+			{
+			ret= &(n1->next);
+			continue;
+			}
+#endif
+		lh->num_comp_calls++;
+		if ((*cf)(n1->data,data) == 0)
+			break;
+		ret= &(n1->next);
+		}
+	return(ret);
+	}
+
+/*
+static unsigned long lh_strhash(str)
+char *str;
+	{
+	int i,l;
+	unsigned long ret=0;
+	unsigned short *s;
+
+	if (str == NULL) return(0);
+	l=(strlen(str)+1)/2;
+	s=(unsigned short *)str;
+	for (i=0; i<l; i++)
+		ret^=(s[i]<<(i&0x0f));
+	return(ret);
+	} */
+
+/* The following hash seems to work very well on normal text strings
+ * no collisions on /usr/dict/words and it distributes on %2^n quite
+ * well, not as good as MD5, but still good.
+ */
+unsigned long lh_strhash(c)
+char *c;
+	{
+	unsigned long ret=0;
+	long n;
+	unsigned long v;
+	int r;
+
+	if ((c == NULL) || (*c == '\0'))
+		return(ret);
+/*
+	unsigned char b[16];
+	MD5(c,strlen(c),b);
+	return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); 
+*/
+
+	n=0x100;
+	while (*c)
+		{
+		v=n|(*c);
+		n+=0x100;
+		r= (int)((v>>2)^v)&0x0f;
+		ret=(ret<<r)|(ret>>(32-r));
+		ret&=0xFFFFFFFFL;
+		ret^=v*v;
+		c++;
+		}
+	return((ret>>16)^ret);
+	}
+
diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h
new file mode 100644
index 0000000000..66678cf393
--- /dev/null
+++ b/crypto/lhash/lhash.h
@@ -0,0 +1,155 @@
+/* crypto/lhash/lhash.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Header for dynamic hash table routines
+ * Author - Eric Young
+ */
+
+#ifndef HEADER_LHASH_H
+#define HEADER_LHASH_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct lhash_node_st
+	{
+	char *data;
+	struct lhash_node_st *next;
+#ifndef NO_HASH_COMP
+	unsigned long hash;
+#endif
+	} LHASH_NODE;
+
+typedef struct lhash_st
+	{
+	LHASH_NODE **b;
+	int (*comp)();
+	unsigned long (*hash)();
+	unsigned int num_nodes;
+	unsigned int num_alloc_nodes;
+	unsigned int p;
+	unsigned int pmax;
+	unsigned long up_load; /* load times 256 */
+	unsigned long down_load; /* load times 256 */
+	unsigned long num_items;
+
+	unsigned long num_expands;
+	unsigned long num_expand_reallocs;
+	unsigned long num_contracts;
+	unsigned long num_contract_reallocs;
+	unsigned long num_hash_calls;
+	unsigned long num_comp_calls;
+	unsigned long num_insert;
+	unsigned long num_replace;
+	unsigned long num_delete;
+	unsigned long num_no_delete;
+	unsigned long num_retrieve;
+	unsigned long num_retrieve_miss;
+	unsigned long num_hash_comps;
+	} LHASH;
+
+#define LH_LOAD_MULT	256
+
+#ifndef NOPROTO
+LHASH *lh_new(unsigned long (*h)(), int (*c)());
+void lh_free(LHASH *lh);
+char *lh_insert(LHASH *lh, char *data);
+char *lh_delete(LHASH *lh, char *data);
+char *lh_retrieve(LHASH *lh, char *data);
+void lh_doall(LHASH *lh, void (*func)(/* char *b */));
+void lh_doall_arg(LHASH *lh, void (*func)(/*char *a,char *b*/),char *arg);
+unsigned long lh_strhash(char *c);
+
+#ifndef WIN16
+void lh_stats(LHASH *lh, FILE *out);
+void lh_node_stats(LHASH *lh, FILE *out);
+void lh_node_usage_stats(LHASH *lh, FILE *out);
+#endif
+
+#ifdef HEADER_BIO_H
+void lh_stats_bio(LHASH *lh, BIO *out);
+void lh_node_stats_bio(LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(LHASH *lh, BIO *out);
+#endif
+#else
+LHASH *lh_new();
+void lh_free();
+char *lh_insert();
+char *lh_delete();
+char *lh_retrieve();
+void lh_doall();
+void lh_doall_arg();
+unsigned long lh_strhash();
+
+#ifndef WIN16
+void lh_stats();
+void lh_node_stats();
+void lh_node_usage_stats();
+#endif
+void lh_stats_bio();
+void lh_node_stats_bio();
+void lh_node_usage_stats_bio();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/crypto/lhash/num.pl b/crypto/lhash/num.pl
new file mode 100644
index 0000000000..30fedf9cd5
--- /dev/null
+++ b/crypto/lhash/num.pl
@@ -0,0 +1,17 @@
+#!/usr/local/bin/perl
+
+#node     10 ->   4
+
+while (<>)
+	{
+	next unless /^node/;
+	chop;
+	@a=split;
+	$num{$a[3]}++;
+	}
+
+@a=sort {$a <=> $b } keys %num;
+foreach (0 .. $a[$#a])
+	{
+	printf "%4d:%4d\n",$_,$num{$_};
+	}
diff --git a/crypto/libvms.com b/crypto/libvms.com
new file mode 100755
index 0000000000..44f90c65b0
--- /dev/null
+++ b/crypto/libvms.com
@@ -0,0 +1,31 @@
+$!
+$! Compile crypto.c as several subset modules and insert in crypto-xxx.olb.
+$! If P1 is specifed, it specifies alternate list of subsets to compile.
+$!
+$ libname = "CRYPTO-AXP.OLB"
+$ subset_list = "LIB,ASN1,BN,BUFFER,CONF,DES,DH,DSA,ERROR,EVP,IDEA,LHASH,MD," + -
+	"METH,OBJECTS,PEM,RAND,RC,RSA,SHA,STACK,TXT_DB,X509"
+$ if p1 .nes. "" then subset_list = p1
+$!
+$ if f$getsyi("CPU") .lt. 128 then libname = "CRYPTO-VAX.OLB"
+$ if f$search(libname) .eqs. "" then library/create/object/log 'libname'
+$!
+$ cc = "cc/include=[-.include]/prefix=all" + P2
+$!
+$ i = 0
+$ next_subset:
+$    subset = f$element(i,",",subset_list)
+$    if subset .eqs. "," then goto done
+$    i = i + 1
+$    create crypto_'subset'.subset
+#include "crypto.c"
+$    ofile = "sys$disk:[]crypto_" + subset + ".obj"
+$    on warning then goto next_subset
+$    write sys$output "Compiling ", ofile
+$    cc /object='ofile' crypto_'subset'.subset -
+	/define=(CRYPTO_SUBSET,CRYPTO_'subset'_SUBSET)
+$    library/replace/log 'libname'/module=CRYPTO_'subset' 'ofile'
+$    goto next_subset
+$!
+$ done:
+$ exit
diff --git a/crypto/md/Makefile.ssl b/crypto/md/Makefile.ssl
new file mode 100644
index 0000000000..3e9dda7034
--- /dev/null
+++ b/crypto/md/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/md/Makefile
+#
+
+DIR=	md
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md2test.c md5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md2.h md5.h
+HEADER=	md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/md/md2.c b/crypto/md/md2.c
new file mode 100644
index 0000000000..f3a65b914f
--- /dev/null
+++ b/crypto/md/md2.c
@@ -0,0 +1,137 @@
+/* crypto/md/md2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md2.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+void exit(int);
+void perror(const char *);
+#else
+void do_fp();
+void pt();
+int read();
+void exit();
+void perror();
+#endif
+
+int main(argc, argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("MD2(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	return(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	MD2_CTX c;
+	unsigned char md[MD2_DIGEST_LENGTH];
+	int fd,i;
+	static unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	MD2_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		MD2_Update(&c,buf,(unsigned long)i);
+		}
+	MD2_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<MD2_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
diff --git a/crypto/md/md2.h b/crypto/md/md2.h
new file mode 100644
index 0000000000..9f39933790
--- /dev/null
+++ b/crypto/md/md2.h
@@ -0,0 +1,106 @@
+/* crypto/md/md2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify md2.org since md2.h is automatically generated from 
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define MD2_DIGEST_LENGTH	16
+#define MD2_BLOCK       	16
+
+#define MD2_INT unsigned int
+
+typedef struct MD2state_st
+	{
+	int num;
+	unsigned char data[MD2_BLOCK];
+	MD2_INT cksm[MD2_BLOCK];
+	MD2_INT state[MD2_BLOCK];
+	} MD2_CTX;
+
+#ifndef NOPROTO
+char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+char *MD2_options();
+void MD2_Init();
+void MD2_Update();
+void MD2_Final();
+unsigned char *MD2();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md/md2.org b/crypto/md/md2.org
new file mode 100644
index 0000000000..9f39933790
--- /dev/null
+++ b/crypto/md/md2.org
@@ -0,0 +1,106 @@
+/* crypto/md/md2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify md2.org since md2.h is automatically generated from 
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define MD2_DIGEST_LENGTH	16
+#define MD2_BLOCK       	16
+
+#define MD2_INT unsigned int
+
+typedef struct MD2state_st
+	{
+	int num;
+	unsigned char data[MD2_BLOCK];
+	MD2_INT cksm[MD2_BLOCK];
+	MD2_INT state[MD2_BLOCK];
+	} MD2_CTX;
+
+#ifndef NOPROTO
+char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+char *MD2_options();
+void MD2_Init();
+void MD2_Update();
+void MD2_Final();
+unsigned char *MD2();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md/md2_dgst.c b/crypto/md/md2_dgst.c
new file mode 100644
index 0000000000..ef70de7371
--- /dev/null
+++ b/crypto/md/md2_dgst.c
@@ -0,0 +1,235 @@
+/* crypto/md/md2_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *MD2_version="MD2 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR	unsigned char
+
+#ifndef NOPROTO
+static void md2_block(MD2_CTX *c, unsigned char *d);
+#else
+static void md2_block();
+#endif
+
+/* The magic S table - I have converted it to hex since it is
+ * basicaly just a random byte string. */
+static MD2_INT S[256]={
+	0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+	0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+	0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+	0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+	0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+	0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+	0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+	0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+	0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+	0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+	0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+	0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+	0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+	0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+	0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+	0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+	0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+	0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+	0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+	0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+	0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+	0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+	0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+	0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+	0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+	0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+	0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+	0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+	0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+	0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+	0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+	0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+	};
+
+char *MD2_options()
+	{
+	if (sizeof(MD2_INT) == 1)
+		return("md2(char)");
+	else
+		return("md2(int)");
+	}
+
+void MD2_Init(c)
+MD2_CTX *c;
+	{
+	c->num=0;
+	memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
+	memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
+	memset(c->data,0,MD2_BLOCK);
+	}
+
+void MD2_Update(c, data, len)
+MD2_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register UCHAR *p;
+
+	if (len == 0) return;
+
+	p=c->data;
+	if (c->num != 0)
+		{
+		if ((c->num+len) >= MD2_BLOCK)
+			{
+			memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
+			md2_block(c,c->data);
+			data+=(MD2_BLOCK - c->num);
+			len-=(MD2_BLOCK - c->num);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			memcpy(&(p[c->num]),data,(int)len);
+			/* data+=len; */
+			c->num+=(int)len;
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of MD2_BLOCK
+	 * chars and save the leftovers to c->data. */
+	while (len >= MD2_BLOCK)
+		{
+		md2_block(c,data);
+		data+=MD2_BLOCK;
+		len-=MD2_BLOCK;
+		}
+	memcpy(p,data,(int)len);
+	c->num=(int)len;
+	}
+
+static void md2_block(c, d)
+MD2_CTX *c;
+unsigned char *d;
+	{
+	register MD2_INT t,*sp1,*sp2;
+	register int i,j;
+	MD2_INT state[48];
+
+	sp1=c->state;
+	sp2=c->cksm;
+	j=sp2[MD2_BLOCK-1];
+	for (i=0; i<16; i++)
+		{
+		state[i]=sp1[i];
+		state[i+16]=t=d[i];
+		state[i+32]=(t^sp1[i]);
+		j=sp2[i]^=S[t^j];
+		}
+	t=0;
+	for (i=0; i<18; i++)
+		{
+		for (j=0; j<48; j+=8)
+			{
+			t= state[j+ 0]^=S[t];
+			t= state[j+ 1]^=S[t];
+			t= state[j+ 2]^=S[t];
+			t= state[j+ 3]^=S[t];
+			t= state[j+ 4]^=S[t];
+			t= state[j+ 5]^=S[t];
+			t= state[j+ 6]^=S[t];
+			t= state[j+ 7]^=S[t];
+			}
+		t=(t+i)&0xff;
+		}
+	memcpy(sp1,state,16*sizeof(MD2_INT));
+	memset(state,0,48*sizeof(MD2_INT));
+	}
+
+void MD2_Final(md, c)
+unsigned char *md;
+MD2_CTX *c;
+	{
+	int i,v;
+	register UCHAR *cp;
+	register MD2_INT *p1,*p2;
+
+	cp=c->data;
+	p1=c->state;
+	p2=c->cksm;
+	v=MD2_BLOCK-c->num;
+	for (i=c->num; i<MD2_BLOCK; i++)
+		cp[i]=(UCHAR)v;
+
+	md2_block(c,cp);
+
+	for (i=0; i<MD2_BLOCK; i++)
+		cp[i]=(UCHAR)p2[i];
+	md2_block(c,cp);
+
+	for (i=0; i<16; i++)
+		md[i]=(UCHAR)(p1[i]&0xff);
+	memset((char *)&c,0,sizeof(c));
+	}
+
diff --git a/crypto/md/md2_one.c b/crypto/md/md2_one.c
new file mode 100644
index 0000000000..352484a933
--- /dev/null
+++ b/crypto/md/md2_one.c
@@ -0,0 +1,80 @@
+/* crypto/md/md2_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md2.h"
+
+/* This is a separate file so that #defines in cryptlib.h can
+ * map my MD functions to different names */
+
+unsigned char *MD2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	MD2_CTX c;
+	static unsigned char m[MD2_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	MD2_Init(&c);
+	MD2_Update(&c,d,n);
+	MD2_Final(md,&c);
+	memset(&c,0,sizeof(c));	/* Security consideration */
+	return(md);
+	}
diff --git a/crypto/md/md2test.c b/crypto/md/md2test.c
new file mode 100644
index 0000000000..6e51245b2a
--- /dev/null
+++ b/crypto/md/md2test.c
@@ -0,0 +1,130 @@
+/* crypto/md/md2test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *test[]={
+	"",
+	"a",
+	"abc",
+	"message digest",
+	"abcdefghijklmnopqrstuvwxyz",
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+	NULL,
+	};
+
+char *ret[]={
+	"8350e5a3e24c153df2275c9f80692773",
+	"32ec01ec4a6dac72c0ab96fb34c0b5d1",
+	"da853b0d3f88d99b30283a69e6ded6bb",
+	"ab4f496bfb2a530b219ff33031fe06b0",
+	"4e8ddff3650292ab5a4108c3aa47940b",
+	"da33def2a42df13975352846c30338cd",
+	"d5976f79d83d3a0dc9806c3c66f3efd8",
+	};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	char **P,**R;
+	char *p;
+
+	P=test;
+	R=ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
+		if (strcmp(p,*R) != 0)
+			{
+			printf("error calculating MD2 on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<MD2_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/md/md5.c b/crypto/md/md5.c
new file mode 100644
index 0000000000..2dd7894cc0
--- /dev/null
+++ b/crypto/md/md5.c
@@ -0,0 +1,135 @@
+/* crypto/md/md5.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("MD5(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	MD5_CTX c;
+	unsigned char md[MD5_DIGEST_LENGTH];
+	int fd;
+	int i;
+	static unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	MD5_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		MD5_Update(&c,buf,(unsigned long)i);
+		}
+	MD5_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<MD5_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
+
diff --git a/crypto/md/md5.h b/crypto/md/md5.h
new file mode 100644
index 0000000000..0071db8089
--- /dev/null
+++ b/crypto/md/md5.h
@@ -0,0 +1,97 @@
+/* crypto/md/md5.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD5_H
+#define HEADER_MD5_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define MD5_CBLOCK	64
+#define MD5_LBLOCK	16
+#define MD5_BLOCK	16
+#define MD5_LAST_BLOCK  56
+#define MD5_LENGTH_BLOCK 8
+#define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st
+	{
+	unsigned long A,B,C,D;
+	unsigned long Nl,Nh;
+	unsigned long data[MD5_LBLOCK];
+	int num;
+	} MD5_CTX;
+
+#ifndef NOPROTO
+void MD5_Init(MD5_CTX *c);
+void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
+void MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
+#else
+void MD5_Init();
+void MD5_Update();
+void MD5_Final();
+unsigned char *MD5();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md/md5_dgst.c b/crypto/md/md5_dgst.c
new file mode 100644
index 0000000000..b209bb4e97
--- /dev/null
+++ b/crypto/md/md5_dgst.c
@@ -0,0 +1,366 @@
+/* crypto/md/md5_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+
+char *MD5_version="MD5 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+#ifndef NOPROTO
+static void md5_block(MD5_CTX *c, unsigned long *p);
+#else
+static void md5_block();
+#endif
+
+void MD5_Init(c)
+MD5_CTX *c;
+	{
+	c->A=INIT_DATA_A;
+	c->B=INIT_DATA_B;
+	c->C=INIT_DATA_C;
+	c->D=INIT_DATA_D;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	}
+
+void MD5_Update(c, data, len)
+MD5_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register ULONG *p;
+	int sw,sc;
+	ULONG l;
+
+	if (len == 0) return;
+
+	l=(c->Nl+(len<<3))&0xffffffffL;
+	/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
+	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
+	if (l < c->Nl) /* overflow */
+		c->Nh++;
+	c->Nh+=(len>>29);
+	c->Nl=l;
+
+	if (c->num != 0)
+		{
+		p=c->data;
+		sw=c->num>>2;
+		sc=c->num&0x03;
+
+		if ((c->num+len) >= MD5_CBLOCK)
+			{
+			l= p[sw];
+			p_c2l(data,l,sc);
+			p[sw++]=l;
+			for (; sw<MD5_LBLOCK; sw++)
+				{
+				c2l(data,l);
+				p[sw]=l;
+				}
+			len-=(MD5_CBLOCK-c->num);
+
+			md5_block(c,p);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			int ew,ec;
+
+			c->num+=(int)len;
+			if ((sc+len) < 4) /* ugly, add char's to a word */
+				{
+				l= p[sw];
+				p_c2l_p(data,l,sc,len);
+				p[sw]=l;
+				}
+			else
+				{
+				ew=(c->num>>2);
+				ec=(c->num&0x03);
+				l= p[sw];
+				p_c2l(data,l,sc);
+				p[sw++]=l;
+				for (; sw < ew; sw++)
+					{ c2l(data,l); p[sw]=l; }
+				if (ec)
+					{
+					c2l_p(data,l,ec);
+					p[sw]=l;
+					}
+				}
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of MD5_CBLOCK
+	 * chars and save the leftovers to c->data. */
+	p=c->data;
+	while (len >= MD5_CBLOCK)
+		{
+#if defined(L_ENDIAN) || defined(B_ENDIAN)
+		memcpy(p,data,MD5_CBLOCK);
+		data+=MD5_CBLOCK;
+#ifdef B_ENDIAN
+		for (sw=(MD5_LBLOCK/4); sw; sw--)
+			{
+			Endian_Reverse32(p[0]);
+			Endian_Reverse32(p[1]);
+			Endian_Reverse32(p[2]);
+			Endian_Reverse32(p[3]);
+			p+=4;
+			}
+#endif
+#else
+		for (sw=(MD5_LBLOCK/4); sw; sw--)
+			{
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l;
+			c2l(data,l); *(p++)=l; 
+			} 
+#endif
+		p=c->data;
+		md5_block(c,p);
+		len-=MD5_CBLOCK;
+		}
+	sc=(int)len;
+	c->num=sc;
+	if (sc)
+		{
+		sw=sc>>2;	/* words to copy */
+#ifdef L_ENDIAN
+		p[sw]=0;
+		memcpy(p,data,sc);
+#else
+		sc&=0x03;
+		for ( ; sw; sw--)
+			{ c2l(data,l); *(p++)=l; }
+		c2l_p(data,l,sc);
+		*p=l;
+#endif
+		}
+	}
+
+static void md5_block(c, X)
+MD5_CTX *c;
+register ULONG *X;
+	{
+	register ULONG A,B,C,D;
+
+	A=c->A;
+	B=c->B;
+	C=c->C;
+	D=c->D;
+
+	/* Round 0 */
+	R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
+	R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
+	R0(C,D,A,B,X[ 2],17,0x242070dbL);
+	R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
+	R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
+	R0(D,A,B,C,X[ 5],12,0x4787c62aL);
+	R0(C,D,A,B,X[ 6],17,0xa8304613L);
+	R0(B,C,D,A,X[ 7],22,0xfd469501L);
+	R0(A,B,C,D,X[ 8], 7,0x698098d8L);
+	R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
+	R0(C,D,A,B,X[10],17,0xffff5bb1L);
+	R0(B,C,D,A,X[11],22,0x895cd7beL);
+	R0(A,B,C,D,X[12], 7,0x6b901122L);
+	R0(D,A,B,C,X[13],12,0xfd987193L);
+	R0(C,D,A,B,X[14],17,0xa679438eL);
+	R0(B,C,D,A,X[15],22,0x49b40821L);
+	/* Round 1 */
+	R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
+	R1(D,A,B,C,X[ 6], 9,0xc040b340L);
+	R1(C,D,A,B,X[11],14,0x265e5a51L);
+	R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
+	R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
+	R1(D,A,B,C,X[10], 9,0x02441453L);
+	R1(C,D,A,B,X[15],14,0xd8a1e681L);
+	R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
+	R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
+	R1(D,A,B,C,X[14], 9,0xc33707d6L);
+	R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
+	R1(B,C,D,A,X[ 8],20,0x455a14edL);
+	R1(A,B,C,D,X[13], 5,0xa9e3e905L);
+	R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
+	R1(C,D,A,B,X[ 7],14,0x676f02d9L);
+	R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
+	/* Round 2 */
+	R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
+	R2(D,A,B,C,X[ 8],11,0x8771f681L);
+	R2(C,D,A,B,X[11],16,0x6d9d6122L);
+	R2(B,C,D,A,X[14],23,0xfde5380cL);
+	R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
+	R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
+	R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
+	R2(B,C,D,A,X[10],23,0xbebfbc70L);
+	R2(A,B,C,D,X[13], 4,0x289b7ec6L);
+	R2(D,A,B,C,X[ 0],11,0xeaa127faL);
+	R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
+	R2(B,C,D,A,X[ 6],23,0x04881d05L);
+	R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
+	R2(D,A,B,C,X[12],11,0xe6db99e5L);
+	R2(C,D,A,B,X[15],16,0x1fa27cf8L);
+	R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
+	/* Round 3 */
+	R3(A,B,C,D,X[ 0], 6,0xf4292244L);
+	R3(D,A,B,C,X[ 7],10,0x432aff97L);
+	R3(C,D,A,B,X[14],15,0xab9423a7L);
+	R3(B,C,D,A,X[ 5],21,0xfc93a039L);
+	R3(A,B,C,D,X[12], 6,0x655b59c3L);
+	R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
+	R3(C,D,A,B,X[10],15,0xffeff47dL);
+	R3(B,C,D,A,X[ 1],21,0x85845dd1L);
+	R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
+	R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
+	R3(C,D,A,B,X[ 6],15,0xa3014314L);
+	R3(B,C,D,A,X[13],21,0x4e0811a1L);
+	R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
+	R3(D,A,B,C,X[11],10,0xbd3af235L);
+	R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
+	R3(B,C,D,A,X[ 9],21,0xeb86d391L);
+
+	c->A+=A&0xffffffffL;
+	c->B+=B&0xffffffffL;
+	c->C+=C&0xffffffffL;
+	c->D+=D&0xffffffffL;
+	}
+
+void MD5_Final(md, c)
+unsigned char *md;
+MD5_CTX *c;
+	{
+	register int i,j;
+	register ULONG l;
+	register ULONG *p;
+	static unsigned char end[4]={0x80,0x00,0x00,0x00};
+	unsigned char *cp=end;
+
+	/* c->num should definitly have room for at least one more byte. */
+	p=c->data;
+	j=c->num;
+	i=j>>2;
+
+	/* purify often complains about the following line as an
+	 * Uninitialized Memory Read.  While this can be true, the
+	 * following p_c2l macro will reset l when that case is true.
+	 * This is because j&0x03 contains the number of 'valid' bytes
+	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
+	 * occur but this is also the only time p_c2l will do
+	 * l= *(cp++) instead of l|= *(cp++)
+	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+	 * 'potential bug' */
+#ifdef PURIFY
+	if ((j&0x03) == 0) p[i]=0;
+#endif
+	l=p[i];
+	p_c2l(cp,l,j&0x03);
+	p[i]=l;
+	i++;
+	/* i is the next 'undefined word' */
+	if (c->num >= MD5_LAST_BLOCK)
+		{
+		for (; i<MD5_LBLOCK; i++)
+			p[i]=0;
+		md5_block(c,p);
+		i=0;
+		}
+	for (; i<(MD5_LBLOCK-2); i++)
+		p[i]=0;
+	p[MD5_LBLOCK-2]=c->Nl;
+	p[MD5_LBLOCK-1]=c->Nh;
+	md5_block(c,p);
+	cp=md;
+	l=c->A; l2c(l,cp);
+	l=c->B; l2c(l,cp);
+	l=c->C; l2c(l,cp);
+	l=c->D; l2c(l,cp);
+
+	/* clear stuff, md5_block may be leaving some stuff on the stack
+	 * but I'm not worried :-) */
+	c->num=0;
+/*	memset((char *)&c,0,sizeof(c));*/
+	}
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
diff --git a/crypto/md/md5_locl.h b/crypto/md/md5_locl.h
new file mode 100644
index 0000000000..b2f0028fbd
--- /dev/null
+++ b/crypto/md/md5_locl.h
@@ -0,0 +1,190 @@
+/* crypto/md/md5_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include "md5.h"
+
+#define ULONG	unsigned long
+#define UCHAR	unsigned char
+#define UINT	unsigned int
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#undef c2l
+#define c2l(c,l)	(l = ((unsigned long)(*((c)++)))     , \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++))); \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+			case 3: l|=((unsigned long)(*((c)++)))<<24; \
+				} \
+			}
+
+/* NOTE the pointer is not incremented at the end of this */
+#undef c2l_p
+#define c2l_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<<16; \
+			case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+			case 1: l|=((unsigned long)(*(--(c))))    ; \
+				} \
+			}
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++))); \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<<16; \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+				} \
+			}
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	(a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+	}
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+	(a)=ROTATE(l,16L); \
+	}
+#endif
+/*
+#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
+#define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below.  Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define	F(x,y,z)	((((y) ^ (z)) & (x)) ^ (z))
+#define	G(x,y,z)	((((x) ^ (y)) & (z)) ^ (y))
+#define	H(x,y,z)	((x) ^ (y) ^ (z))
+#define	I(x,y,z)	(((x) | (~(z))) ^ (y))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n)     _lrotl(a,n)
+#else
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+
+#define R0(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+F((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+G((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+H((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+I((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
diff --git a/crypto/md/md5_one.c b/crypto/md/md5_one.c
new file mode 100644
index 0000000000..b23cb285ea
--- /dev/null
+++ b/crypto/md/md5_one.c
@@ -0,0 +1,78 @@
+/* crypto/md/md5_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md5_locl.h"
+
+unsigned char *MD5(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	MD5_CTX c;
+	static unsigned char m[MD5_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	MD5_Init(&c);
+	MD5_Update(&c,d,n);
+	MD5_Final(md,&c);
+	memset(&c,0,sizeof(c)); /* security consideration */
+	return(md);
+	}
+
diff --git a/crypto/md/md5test.c b/crypto/md/md5test.c
new file mode 100644
index 0000000000..e5c38cf817
--- /dev/null
+++ b/crypto/md/md5test.c
@@ -0,0 +1,130 @@
+/* crypto/md/md5test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "md5.h"
+
+char *test[]={
+	"",
+	"a",
+	"abc",
+	"message digest",
+	"abcdefghijklmnopqrstuvwxyz",
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+	"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+	NULL,
+	};
+
+char *ret[]={
+	"d41d8cd98f00b204e9800998ecf8427e",
+	"0cc175b9c0f1b6a831c399e269772661",
+	"900150983cd24fb0d6963f7d28e17f72",
+	"f96b697d7cb7938d525a2f31aaf161d0",
+	"c3fcd3d76192e4007dfb496cca67e13b",
+	"d174ab98d277d9f5a5611c2c9f419d9f",
+	"57edf4a22be3c955ac49da2e2107b67a",
+	};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	unsigned char **P,**R;
+	char *p;
+
+	P=(unsigned char **)test;
+	R=(unsigned char **)ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(MD5(*P,(unsigned long)strlen((char *)*P),NULL));
+		if (strcmp(p,(char *)*R) != 0)
+			{
+			printf("error calculating MD5 on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<MD5_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/mdc2/Makefile.ssl b/crypto/mdc2/Makefile.ssl
new file mode 100644
index 0000000000..495a2789a0
--- /dev/null
+++ b/crypto/mdc2/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/mdc2/Makefile
+#
+
+DIR=	mdc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= mdc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=mdc2dgst.c mdc2_one.c
+LIBOBJ=mdc2dgst.o mdc2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= mdc2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h
new file mode 100644
index 0000000000..d87ea12ec9
--- /dev/null
+++ b/crypto/mdc2/mdc2.h
@@ -0,0 +1,100 @@
+/* crypto/mdc2/mdc2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MDC2_H
+#define HEADER_MDC2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <des.h>
+
+#define MDC2_BLOCK              8
+#define MDC2_DIGEST_LENGTH      16
+ 
+typedef struct mdc2_ctx_st
+	{
+	int num;
+	unsigned char data[MDC2_BLOCK];
+	des_cblock h,hh;
+	int pad_type; /* either 1 or 2, default 1 */
+	} MDC2_CTX;
+
+#ifndef NOPROTO
+
+void MDC2_Init(MDC2_CTX *c);
+void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len);
+void MDC2_Final(unsigned char *md, MDC2_CTX *c);
+unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md);
+
+#else
+
+void MDC2_Init();
+void MDC2_Update();
+void MDC2_Final();
+unsigned char *MDC2();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/crypto/mdc2/mdc2_one.c b/crypto/mdc2/mdc2_one.c
new file mode 100644
index 0000000000..488ae39283
--- /dev/null
+++ b/crypto/mdc2/mdc2_one.c
@@ -0,0 +1,78 @@
+/* crypto/mdc2/mdc2_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "mdc2.h"
+
+unsigned char *MDC2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	MDC2_CTX c;
+	static unsigned char m[MDC2_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	MDC2_Init(&c);
+	MDC2_Update(&c,d,n);
+        MDC2_Final(md,&c);
+	memset(&c,0,sizeof(c)); /* security consideration */
+	return(md);
+	}
+
diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
new file mode 100644
index 0000000000..f4dfcf9bdc
--- /dev/null
+++ b/crypto/mdc2/mdc2dgst.c
@@ -0,0 +1,211 @@
+/* crypto/mdc2/mdc2dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "des.h"
+#include "mdc2.h"
+
+#undef c2l
+#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<<24L)
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			*((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+#ifndef NOPROTO
+static void mdc2_body(MDC2_CTX *c, unsigned char *in, unsigned int len);
+#else
+static void mdc2_body();
+#endif
+
+void MDC2_Init(c)
+MDC2_CTX *c;
+	{
+	c->num=0;
+	c->pad_type=1;
+	memset(&(c->h[0]),0x52,MDC2_BLOCK);
+	memset(&(c->hh[0]),0x25,MDC2_BLOCK);
+	}
+
+void MDC2_Update(c,in,len)
+MDC2_CTX *c;
+register unsigned char *in;
+unsigned long len;
+	{
+	int i,j;
+
+	i=c->num;
+	if (i != 0)
+		{
+		if (i+len < MDC2_BLOCK)
+			{
+			/* partial block */
+			memcpy(&(c->data[i]),in,(int)len);
+			c->num+=(int)len;
+			return;
+			}
+		else
+			{
+			/* filled one */
+			j=MDC2_BLOCK-i;
+			memcpy(&(c->data[i]),in,j);
+			len-=j;
+			in+=j;
+			c->num=0;
+			mdc2_body(c,&(c->data[0]),MDC2_BLOCK);
+			}
+		}
+	i=(int)(len&(unsigned long)~(MDC2_BLOCK-1));
+	if (i > 0) mdc2_body(c,in,i);
+	j=(int)len-i;
+	if (j > 0)
+		{
+		memcpy(&(c->data[0]),&(in[i]),j);
+		c->num=j;
+		}
+	}
+
+static void mdc2_body(c,in,len)
+MDC2_CTX *c;
+unsigned char *in;
+unsigned int len;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG ttin0,ttin1;
+	DES_LONG d[2],dd[2];
+	des_cblock *h,*hh;
+	des_key_schedule k;
+	unsigned char *p;
+	unsigned int i;
+
+	h= (des_cblock *)&(c->h[0]);
+	hh= (des_cblock *)&(c->hh[0]);
+
+	for (i=0; i<len; i+=8)
+		{
+		c2l(in,tin0); d[0]=dd[0]=tin0;
+		c2l(in,tin1); d[1]=dd[1]=tin1;
+		(*h)[0]=((*h)[0]&0x9f)|0x40;
+		(*hh)[0]=((*hh)[0]&0x9f)|0x20;
+
+		des_set_key(h,k);
+		des_encrypt((DES_LONG *)d,k,1);
+
+		des_set_key(hh,k);
+		des_encrypt((DES_LONG *)dd,k,1);
+
+		ttin0=tin0^dd[0];
+		ttin1=tin1^dd[1];
+		tin0^=d[0];
+		tin1^=d[1];
+
+		p=(unsigned char *)h;
+		l2c(tin0,p);
+		l2c(ttin1,p);
+		p=(unsigned char *)hh;
+		l2c(ttin0,p);
+		l2c(tin1,p);
+		}
+	}
+
+void MDC2_Final(md,c)
+unsigned char *md;
+MDC2_CTX *c;
+	{
+	int i,j;
+
+	i=c->num;
+	j=c->pad_type;
+	if ((i > 0) || (j == 2))
+		{
+		if (j == 2)
+			c->data[i++]=0x80;
+		memset(&(c->data[i]),0,MDC2_BLOCK-i);
+		mdc2_body(c,c->data,MDC2_BLOCK);
+		}
+	memcpy(md,(char *)c->h,MDC2_BLOCK);
+	memcpy(&(md[MDC2_BLOCK]),(char *)c->hh,MDC2_BLOCK);
+	}
+
+#undef TEST
+
+#ifdef TEST
+main()
+	{
+	unsigned char md[MDC2_DIGEST_LENGTH];
+	int i;
+	MDC2_CTX c;
+	static char *text="Now is the time for all ";
+
+	MDC2_Init(&c);
+	MDC2_Update(&c,text,strlen(text));
+	MDC2_Final(&(md[0]),&c);
+
+	for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+		printf("%02X",md[i]);
+	printf("\n");
+	}
+
+#endif
diff --git a/crypto/mdc2/mdc2test.c b/crypto/mdc2/mdc2test.c
new file mode 100644
index 0000000000..6e552a64e4
--- /dev/null
+++ b/crypto/mdc2/mdc2test.c
@@ -0,0 +1,122 @@
+/* crypto/mdc2/mdc2test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "mdc2.h"
+
+static unsigned char pad1[16]={
+	0x42,0xE5,0x0C,0xD2,0x24,0xBA,0xCE,0xBA,
+	0x76,0x0B,0xDD,0x2B,0xD4,0x09,0x28,0x1A
+	};
+
+static unsigned char pad2[16]={
+	0x2E,0x46,0x79,0xB5,0xAD,0xD9,0xCA,0x75,
+	0x35,0xD8,0x7A,0xFE,0xAB,0x33,0xBE,0xE2
+	};
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int ret=0;
+	unsigned char md[MDC2_DIGEST_LENGTH];
+	int i;
+	MDC2_CTX c;
+	static char *text="Now is the time for all ";
+
+	MDC2_Init(&c);
+	MDC2_Update(&c,(unsigned char *)text,strlen(text));
+	MDC2_Final(&(md[0]),&c);
+
+	if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0)
+		{
+		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+			printf("%02X",md[i]);
+		printf(" <- generated\n");
+		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+			printf("%02X",pad1[i]);
+		printf(" <- correct\n");
+		ret=1;
+		}
+	else
+		printf("pad1 - ok\n");
+
+	MDC2_Init(&c);
+	c.pad_type=2;
+	MDC2_Update(&c,(unsigned char *)text,strlen(text));
+	MDC2_Final(&(md[0]),&c);
+
+	if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0)
+		{
+		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+			printf("%02X",md[i]);
+		printf(" <- generated\n");
+		for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+			printf("%02X",pad2[i]);
+		printf(" <- correct\n");
+		ret=1;
+		}
+	else
+		printf("pad2 - ok\n");
+
+	exit(ret);
+	return(ret);
+	}
+
diff --git a/crypto/mem.c b/crypto/mem.c
new file mode 100644
index 0000000000..4274cc938a
--- /dev/null
+++ b/crypto/mem.c
@@ -0,0 +1,355 @@
+/* crypto/mem.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "buffer.h"
+#include "bio.h"
+#include "lhash.h"
+#include "cryptlib.h"
+
+static int mh_mode=CRYPTO_MEM_CHECK_OFF;
+static unsigned long order=0;
+
+static LHASH *mh=NULL;
+
+typedef struct mem_st
+	{
+	char *addr;
+	int num;
+	char *file;
+	int line;
+	unsigned long order;
+	} MEM;
+
+int CRYPTO_mem_ctrl(mode)
+int mode;
+	{
+	int ret=mh_mode;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+	switch (mode)
+		{
+	case CRYPTO_MEM_CHECK_ON:
+		mh_mode|=CRYPTO_MEM_CHECK_ON;
+		break;
+	case CRYPTO_MEM_CHECK_OFF:
+		mh_mode&= ~CRYPTO_MEM_CHECK_ON;
+		break;
+	default:
+		break;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+	return(ret);
+	}
+
+static int mem_cmp(a,b)
+MEM *a,*b;
+	{
+	return(a->addr - b->addr);
+	}
+
+static unsigned long mem_hash(a)
+MEM *a;
+	{
+	unsigned long ret;
+
+	ret=(unsigned long)a->addr;
+
+	ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
+	return(ret);
+	}
+
+static char *(*malloc_func)()=	(char *(*)())malloc;
+static char *(*realloc_func)()=	(char *(*)())realloc;
+static void (*free_func)()=	(void (*)())free;
+
+void CRYPTO_set_mem_functions(m,r,f)
+char *(*m)();
+char *(*r)();
+void (*f)();
+	{
+	if ((m == NULL) || (r == NULL) || (f == NULL)) return;
+	malloc_func=m;
+	realloc_func=r;
+	free_func=f;
+	}
+
+void CRYPTO_get_mem_functions(m,r,f)
+char *(**m)();
+char *(**r)();
+void (**f)();
+	{
+	if (m != NULL) *m=malloc_func;
+	if (r != NULL) *r=realloc_func;
+	if (f != NULL) *f=free_func;
+	}
+
+char *CRYPTO_malloc(num)
+int num;
+	{
+	return(malloc_func(num));
+	}
+
+char *CRYPTO_realloc(str,num)
+char *str;
+int num;
+	{
+	return(realloc_func(str,num));
+	}
+
+void CRYPTO_free(str)
+char *str;
+	{
+	free_func(str);
+	}
+
+char *CRYPTO_dbg_malloc(num,file,line)
+int num;
+char *file;
+int line;
+	{
+	char *ret;
+	MEM *m;
+
+	if ((ret=malloc_func(num)) == NULL)
+		return(NULL);
+
+	if (mh_mode & CRYPTO_MEM_CHECK_ON)
+		{
+		if ((m=(MEM *)malloc(sizeof(MEM))) == NULL)
+			{
+			free(ret);
+			return(NULL);
+			}
+		CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+		if (mh == NULL)
+			{
+			if ((mh=lh_new(mem_hash,mem_cmp)) == NULL)
+				{
+				free(ret);
+				free(m);
+				return(NULL);
+				}
+			}
+
+		m->addr=ret;
+		m->file=file;
+		m->line=line;
+		m->num=num;
+		m->order=order++;
+		if (lh_insert(mh,(char *)m) != NULL)
+			{
+			free(m);
+			free(ret);
+			/* abort(); */
+			ret=NULL;
+			}
+		CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+		}
+	return(ret);
+	}
+
+void CRYPTO_dbg_free(addr)
+char *addr;
+	{
+	MEM m,*mp;
+
+	if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL))
+		{
+		CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+		m.addr=addr;
+		mp=(MEM *)lh_delete(mh,(char *)&m);
+		if (mp != NULL)
+			free(mp);
+		CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+		}
+	free_func(addr);
+	}
+
+char *CRYPTO_dbg_realloc(addr,num,file,line)
+char *addr;
+int num;
+char *file;
+int line;
+	{
+	char *ret;
+	MEM m,*mp;
+
+	ret=realloc_func(addr,num);
+	if (ret == addr) return(ret);
+
+	if (mh_mode & CRYPTO_MEM_CHECK_ON)
+		{
+		if (ret == NULL) return(NULL);
+		m.addr=addr;
+		CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+		mp=(MEM *)lh_delete(mh,(char *)&m);
+		if (mp != NULL)
+			{
+			mp->addr=ret;
+			lh_insert(mh,(char *)mp);
+			}
+		CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+		}
+	return(ret);
+	}
+
+char *CRYPTO_remalloc(a,n)
+char *a;
+int n;
+	{
+	if (a != NULL) Free(a);
+	a=(char *)Malloc(n);
+	return(a);
+	}
+
+char *CRYPTO_dbg_remalloc(a,n,file,line)
+char *a;
+int n;
+char *file;
+int line;
+	{
+	if (a != NULL) CRYPTO_dbg_free(a);
+	a=(char *)CRYPTO_dbg_malloc(n,file,line);
+	return(a);
+	}
+
+
+typedef struct mem_leak_st
+	{
+	BIO *bio;
+	int chunks;
+	long bytes;
+	} MEM_LEAK;
+
+static void print_leak(m,l)
+MEM *m;
+MEM_LEAK *l;
+	{
+	char buf[128];
+
+	sprintf(buf,"%5ld file=%s, line=%d, number=%d, address=%08lX\n",
+		m->order,m->file,m->line,m->num,(long)m->addr);
+	BIO_puts(l->bio,buf);
+	l->chunks++;
+	l->bytes+=m->num;
+	}
+
+void CRYPTO_mem_leaks(b)
+BIO *b;
+	{
+	MEM_LEAK ml;
+	char buf[80];
+
+	if (mh == NULL) return;
+	ml.bio=b;
+	ml.bytes=0;
+	ml.chunks=0;
+	CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+	lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml);
+	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+	if (ml.chunks != 0)
+		{
+		sprintf(buf,"%ld bytes leaked in %d chunks\n",
+			ml.bytes,ml.chunks);
+		BIO_puts(b,buf);
+		}
+	/*
+	lh_stats_bio(mh,b);
+        lh_node_stats_bio(mh,b);
+        lh_node_usage_stats_bio(mh,b);
+	*/
+	}
+
+static void (*mem_cb)()=NULL;
+
+static void cb_leak(m,cb)
+MEM *m;
+char *cb;
+	{
+	void (*mem_callback)()=(void (*)())cb;
+	mem_callback(m->order,m->file,m->line,m->num,m->addr);
+	}
+
+void CRYPTO_mem_leaks_cb(cb)
+void (*cb)();
+	{
+	if (mh == NULL) return;
+	CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+	mem_cb=cb;
+	lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb);
+	mem_cb=NULL;
+	CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+	}
+
+#ifndef WIN16
+void CRYPTO_mem_leaks_fp(fp)
+FILE *fp;
+	{
+	BIO *b;
+
+	if (mh == NULL) return;
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+		return;
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	CRYPTO_mem_leaks(b);
+	BIO_free(b);
+	}
+#endif
+
diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl
new file mode 100644
index 0000000000..148ac3ce4a
--- /dev/null
+++ b/crypto/objects/Makefile.ssl
@@ -0,0 +1,87 @@
+#
+# SSLeay/crypto/objects/Makefile
+#
+
+DIR=	objects
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=objects
+ERRC=obj_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	obj_dat.c obj_lib.c $(ERRC).c
+LIBOBJ= obj_dat.o obj_lib.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= objects.h
+HEADER=	$(EXHEADER) obj_dat.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	obj_dat.h lib
+
+obj_dat.h: objects.h obj_dat.pl
+	perl ./obj_dat.pl < objects.h > obj_dat.h
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
new file mode 100644
index 0000000000..86c3d38e4b
--- /dev/null
+++ b/crypto/objects/obj_dat.c
@@ -0,0 +1,501 @@
+/* crypto/objects/obj_dat.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "asn1.h"
+#include "objects.h"
+
+/* obj_dat.h is generated from objects.h by obj_dat.pl */
+#include "obj_dat.h"
+
+#ifndef NOPROTO
+static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+#else
+static int sn_cmp();
+static int ln_cmp();
+static int obj_cmp();
+#endif
+
+#define ADDED_DATA	0
+#define ADDED_SNAME	1
+#define ADDED_LNAME	2
+#define ADDED_NID	3
+
+typedef struct added_obj_st
+	{
+	int type;
+	ASN1_OBJECT *obj;
+	} ADDED_OBJ;
+
+static int new_nid=NUM_NID;
+static LHASH *added=NULL;
+
+static int sn_cmp(ap,bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+	{ return(strcmp((*ap)->sn,(*bp)->sn)); }
+
+static int ln_cmp(ap,bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+	{ return(strcmp((*ap)->ln,(*bp)->ln)); }
+
+static unsigned long add_hash(ca)
+ADDED_OBJ *ca;
+	{
+	ASN1_OBJECT *a;
+	int i;
+	unsigned long ret=0;
+	unsigned char *p;
+
+	a=ca->obj;
+	switch (ca->type)
+		{
+	case ADDED_DATA:
+		ret=a->length<<20L;
+		p=(unsigned char *)a->data;
+		for (i=0; i<a->length; i++)
+			ret^=p[i]<<((i*3)%24);
+		break;
+	case ADDED_SNAME:
+		ret=lh_strhash(a->sn);
+		break;
+	case ADDED_LNAME:
+		ret=lh_strhash(a->ln);
+		break;
+	case ADDED_NID:
+		ret=a->nid;
+		break;
+	default:
+		abort();
+		}
+	ret&=0x3fffffff;
+	ret|=ca->type<<30L;
+	return(ret);
+	}
+
+static int add_cmp(ca,cb)
+ADDED_OBJ *ca,*cb;
+	{
+	ASN1_OBJECT *a,*b;
+	int i;
+
+	i=ca->type-cb->type;
+	if (i) return(i);
+	a=ca->obj;
+	b=cb->obj;
+	switch (ca->type)
+		{
+	case ADDED_DATA:
+		i=(a->length - b->length);
+		if (i) return(i);
+		return(memcmp(a->data,b->data,a->length));
+	case ADDED_SNAME:
+		if (a->sn == NULL) return(-1);
+		else if (b->sn == NULL) return(1);
+		else return(strcmp(a->sn,b->sn));
+	case ADDED_LNAME:
+		if (a->ln == NULL) return(-1);
+		else if (b->ln == NULL) return(1);
+		else return(strcmp(a->ln,b->ln));
+	case ADDED_NID:
+		return(a->nid-b->nid);
+	default:
+		abort();
+		}
+	}
+
+static int init_added()
+	{
+	if (added != NULL) return(1);
+	added=lh_new(add_hash,add_cmp);
+	return(added != NULL);
+	}
+
+static void cleanup1(a)
+ADDED_OBJ *a;
+	{
+	a->obj->nid=0;
+	a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
+	                ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
+	}
+
+static void cleanup2(a)
+ADDED_OBJ *a;
+	{ a->obj->nid++; }
+
+static void cleanup3(a)
+ADDED_OBJ *a;
+	{
+	if (--a->obj->nid == 0)
+		ASN1_OBJECT_free(a->obj);
+	Free(a);
+	}
+
+void OBJ_cleanup()
+	{
+	if (added == NULL) return;
+	added->down_load=0;
+	lh_doall(added,cleanup1); /* zero counters */
+	lh_doall(added,cleanup2); /* set counters */
+	lh_doall(added,cleanup3); /* free objects */
+	lh_free(added);
+	}
+
+int OBJ_new_nid(num)
+int num;
+	{
+	int i;
+
+	i=new_nid;
+	new_nid+=num;
+	return(i);
+	}
+
+int OBJ_add_object(obj)
+ASN1_OBJECT *obj;
+	{
+	ASN1_OBJECT *o;
+	ADDED_OBJ *ao[4],*aop;
+	int i;
+
+	if (added == NULL)
+		if (!init_added()) return(0);
+	if ((o=OBJ_dup(obj)) == NULL) goto err;
+	ao[ADDED_DATA]=NULL;
+	ao[ADDED_SNAME]=NULL;
+	ao[ADDED_LNAME]=NULL;
+	ao[ADDED_NID]=NULL;
+	ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+	if ((o->length != 0) && (obj->data != NULL))
+		ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+	if (o->sn != NULL)
+		ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+	if (o->ln != NULL)
+		ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+
+	for (i=ADDED_DATA; i<=ADDED_NID; i++)
+		{
+		if (ao[i] != NULL)
+			{
+			ao[i]->type=i;
+			ao[i]->obj=o;
+			aop=(ADDED_OBJ *)lh_insert(added,(char *)ao[i]);
+			/* memory leak, buit should not normally matter */
+			if (aop != NULL)
+				Free(aop);
+			}
+		}
+	o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS);
+	return(o->nid);
+err:
+	for (i=ADDED_DATA; i<=ADDED_NID; i++)
+		if (ao[i] != NULL) Free(ao[i]);
+	if (o != NULL) Free(o);
+	return(0);
+	}
+
+ASN1_OBJECT *OBJ_nid2obj(n)
+int n;
+	{
+	ADDED_OBJ ad,*adp;
+	ASN1_OBJECT ob;
+
+	if ((n >= 0) && (n < NUM_NID))
+		{
+		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+			{
+			OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
+			return(NULL);
+			}
+		return((ASN1_OBJECT *)&(nid_objs[n]));
+		}
+	else if (added == NULL)
+		return(NULL);
+	else
+		{
+		ad.type=ADDED_NID;
+		ad.obj= &ob;
+		ob.nid=n;
+		adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+		if (adp != NULL)
+			return(adp->obj);
+		else
+			{
+			OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
+			return(NULL);
+			}
+		}
+	}
+
+char *OBJ_nid2sn(n)
+int n;
+	{
+	ADDED_OBJ ad,*adp;
+	ASN1_OBJECT ob;
+
+	if ((n >= 0) && (n < NUM_NID))
+		{
+		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+			{
+			OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
+			return(NULL);
+			}
+		return(nid_objs[n].sn);
+		}
+	else if (added == NULL)
+		return(NULL);
+	else
+		{
+		ad.type=ADDED_NID;
+		ad.obj= &ob;
+		ob.nid=n;
+		adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+		if (adp != NULL)
+			return(adp->obj->sn);
+		else
+			{
+			OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
+			return(NULL);
+			}
+		}
+	}
+
+char *OBJ_nid2ln(n)
+int n;
+	{
+	ADDED_OBJ ad,*adp;
+	ASN1_OBJECT ob;
+
+	if ((n >= 0) && (n < NUM_NID))
+		{
+		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+			{
+			OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
+			return(NULL);
+			}
+		return(nid_objs[n].ln);
+		}
+	else if (added == NULL)
+		return(NULL);
+	else
+		{
+		ad.type=ADDED_NID;
+		ad.obj= &ob;
+		ob.nid=n;
+		adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+		if (adp != NULL)
+			return(adp->obj->ln);
+		else
+			{
+			OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
+			return(NULL);
+			}
+		}
+	}
+
+int OBJ_obj2nid(a)
+ASN1_OBJECT *a;
+	{
+	ASN1_OBJECT **op;
+	ADDED_OBJ ad,*adp;
+
+	if (a == NULL)
+		return(NID_undef);
+	if (a->nid != 0)
+		return(a->nid);
+
+	if (added != NULL)
+		{
+		ad.type=ADDED_DATA;
+		ad.obj=a;
+		adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+		if (adp != NULL) return (adp->obj->nid);
+		}
+	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
+		sizeof(ASN1_OBJECT *),(int (*)())obj_cmp);
+	if (op == NULL)
+		return(NID_undef);
+	return((*op)->nid);
+	}
+
+int OBJ_txt2nid(s)
+char *s;
+	{
+	int ret;
+
+	ret=OBJ_sn2nid(s);
+	if (ret == NID_undef)
+		return(OBJ_ln2nid(s));
+	else
+		return(ret);
+	}
+
+int OBJ_ln2nid(s)
+char *s;
+	{
+	ASN1_OBJECT o,*oo= &o,**op;
+	ADDED_OBJ ad,*adp;
+
+	o.ln=s;
+	if (added != NULL)
+		{
+		ad.type=ADDED_LNAME;
+		ad.obj= &o;
+		adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+		if (adp != NULL) return (adp->obj->nid);
+		}
+	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
+		sizeof(ASN1_OBJECT *),(int (*)())ln_cmp);
+	if (op == NULL) return(NID_undef);
+	return((*op)->nid);
+	}
+
+int OBJ_sn2nid(s)
+char *s;
+	{
+	ASN1_OBJECT o,*oo= &o,**op;
+	ADDED_OBJ ad,*adp;
+
+	o.sn=s;
+	if (added != NULL)
+		{
+		ad.type=ADDED_SNAME;
+		ad.obj= &o;
+		adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+		if (adp != NULL) return (adp->obj->nid);
+		}
+	op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
+		sizeof(ASN1_OBJECT *),(int (*)())sn_cmp);
+	if (op == NULL) return(NID_undef);
+	return((*op)->nid);
+	}
+
+static int obj_cmp(ap, bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+	{
+	int j;
+	ASN1_OBJECT *a= *ap;
+	ASN1_OBJECT *b= *bp;
+
+	j=(a->length - b->length);
+        if (j) return(j);
+	return(memcmp(a->data,b->data,a->length));
+        }
+
+char *OBJ_bsearch(key,base,num,size,cmp)
+char *key;
+char *base;
+int num;
+int size;
+int (*cmp)();
+	{
+	int l,h,i,c;
+	char *p;
+
+	if (num == 0) return(NULL);
+	l=0;
+	h=num;
+	while (l < h)
+		{
+		i=(l+h)/2;
+		p= &(base[i*size]);
+		c=(*cmp)(key,p);
+		if (c < 0)
+			h=i;
+		else if (c > 0)
+			l=i+1;
+		else
+			return(p);
+		}
+	return(NULL);
+	}
+
+int OBJ_create_and_add_object(oid,sn,ln)
+char *oid;
+char *sn;
+char *ln;
+	{
+	int ok=0;
+	ASN1_OBJECT *op=NULL;
+	unsigned char *buf;
+	int i;
+
+	i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
+	if (i <= 0) return(0);
+
+	if ((buf=(unsigned char *)Malloc(i)) == NULL)
+		{
+		OBJerr(OBJ_F_OBJ_CREATE_AND_ADD_OBJECT,OBJ_R_MALLOC_FAILURE);
+		return(0);
+		}
+	i=a2d_ASN1_OBJECT(buf,i,oid,-1);
+	op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
+	if (op == NULL) 
+		goto err;
+	ok=OBJ_add_object(op);
+err:
+	ASN1_OBJECT_free(op);
+	Free((char *)buf);
+	return(ok);
+	}
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
new file mode 100644
index 0000000000..4b79abda8e
--- /dev/null
+++ b/crypto/objects/obj_dat.h
@@ -0,0 +1,541 @@
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+#define NUM_NID 97
+#define NUM_SN 70
+#define NUM_LN 96
+#define NUM_OBJ 78
+
+static unsigned char lvalues[515]={
+0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  0] OBJ_rsadsi */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  6] OBJ_pkcs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 13] OBJ_md2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05,     /* [ 21] OBJ_md5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04,     /* [ 29] OBJ_rc4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
+0x55,                                        /* [ 82] OBJ_X500 */
+0x55,0x04,                                   /* [ 83] OBJ_X509 */
+0x55,0x04,0x03,                              /* [ 85] OBJ_commonName */
+0x55,0x04,0x06,                              /* [ 88] OBJ_countryName */
+0x55,0x04,0x07,                              /* [ 91] OBJ_localityName */
+0x55,0x04,0x08,                              /* [ 94] OBJ_stateOrProvinceName */
+0x55,0x04,0x0A,                              /* [ 97] OBJ_organizationName */
+0x55,0x04,0x0B,                              /* [100] OBJ_organizationalUnitName */
+0x55,0x08,0x01,0x01,                         /* [103] OBJ_rsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,     /* [107] OBJ_pkcs7 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,     /* [169] OBJ_pkcs3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
+0x2B,0x0E,0x03,0x02,0x06,                    /* [186] OBJ_des_ecb */
+0x2B,0x0E,0x03,0x02,0x09,                    /* [191] OBJ_des_cfb64 */
+0x2B,0x0E,0x03,0x02,0x07,                    /* [196] OBJ_des_cbc */
+0x2B,0x0E,0x03,0x02,0x11,                    /* [201] OBJ_des_ede */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02,     /* [206] OBJ_rc2_cbc */
+0x2B,0x0E,0x03,0x02,0x12,                    /* [214] OBJ_sha */
+0x2B,0x0E,0x03,0x02,0x0F,                    /* [219] OBJ_shaWithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07,     /* [224] OBJ_des_ede3_cbc */
+0x2B,0x0E,0x03,0x02,0x08,                    /* [232] OBJ_des_ofb64 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,     /* [237] OBJ_pkcs9 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [245] OBJ_pkcs9_emailAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [254] OBJ_pkcs9_unstructuredName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [263] OBJ_pkcs9_contentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [272] OBJ_pkcs9_messageDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [281] OBJ_pkcs9_signingTime */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [290] OBJ_pkcs9_countersignature */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [299] OBJ_pkcs9_challengePassword */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [308] OBJ_pkcs9_unstructuredAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [317] OBJ_pkcs9_extCertAttributes */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,          /* [326] OBJ_netscape */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,     /* [333] OBJ_netscape_cert_extension */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,     /* [341] OBJ_netscape_data_type */
+0x2B,0x0E,0x03,0x02,0x1A,                    /* [349] OBJ_sha1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */
+0x2B,0x0E,0x03,0x02,0x0D,                    /* [363] OBJ_dsaWithSHA */
+0x2B,0x0E,0x03,0x02,0x0C,                    /* [368] OBJ_dsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */
+0x2B,0x0E,0x03,0x02,0x1B,                    /* [391] OBJ_dsaWithSHA1 */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [423] OBJ_netscape_ca_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [432] OBJ_netscape_renewal_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [441] OBJ_netscape_ca_policy_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [450] OBJ_netscape_ssl_server_name */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [459] OBJ_netscape_comment */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [468] OBJ_netscape_cert_sequence */
+0x55,0x1D,                                   /* [477] OBJ_ld_ce */
+0x55,0x1D,0x0E,                              /* [479] OBJ_subject_key_identifier */
+0x55,0x1D,0x0F,                              /* [482] OBJ_key_usage */
+0x55,0x1D,0x10,                              /* [485] OBJ_private_key_usage_period */
+0x55,0x1D,0x11,                              /* [488] OBJ_subject_alt_name */
+0x55,0x1D,0x12,                              /* [491] OBJ_issuer_alt_name */
+0x55,0x1D,0x13,                              /* [494] OBJ_basic_constraints */
+0x55,0x1D,0x14,                              /* [497] OBJ_crl_number */
+0x55,0x1D,0x20,                              /* [500] OBJ_certificate_policies */
+0x55,0x1D,0x23,                              /* [503] OBJ_authority_key_identifier */
+0x55,0x08,0x03,0x65,                         /* [506] OBJ_mdc2 */
+0x55,0x08,0x03,0x64,                         /* [510] OBJ_mdc2WithRSA */
+};
+
+static ASN1_OBJECT nid_objs[NUM_NID]={
+{"UNDEF","undefined",NID_undef,0,NULL},
+{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[0]),0},
+{"pkcs","pkcs",NID_pkcs,7,&(lvalues[6]),0},
+{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
+{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
+{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
+{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
+{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
+	&(lvalues[46]),0},
+{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
+	&(lvalues[55]),0},
+{"pbeWithMD2AndDES-CBC","pbeWithMD2AndDES-CBC",
+	NID_pbeWithMD2AndDES_CBC,9,&(lvalues[64]),0},
+{"pbeWithMD5AndDES-CBC","pbeWithMD5AndDES-CBC",
+	NID_pbeWithMD5AndDES_CBC,9,&(lvalues[73]),0},
+{"X500","X500",NID_X500,1,&(lvalues[82]),0},
+{"X509","X509",NID_X509,2,&(lvalues[83]),0},
+{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
+{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
+{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
+{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
+{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
+{"OU","organizationalUnitName",NID_organizationalUnitName,3,
+	&(lvalues[100]),0},
+{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
+{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
+{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
+{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
+	&(lvalues[124]),0},
+{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
+	&(lvalues[133]),0},
+{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
+	NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
+{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
+	&(lvalues[151]),0},
+{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
+	&(lvalues[160]),0},
+{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
+{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
+	&(lvalues[177]),0},
+{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
+{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
+{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
+{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[201]),0},
+{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL},
+{"IDEA-CBC","idea-cbc",NID_idea_cbc,0,NULL},
+{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
+{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
+{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[206]),0},
+{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
+{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
+{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
+{"SHA","sha",NID_sha,5,&(lvalues[214]),0},
+{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
+	&(lvalues[219]),0},
+{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
+{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[224]),0},
+{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[232]),0},
+{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
+{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[237]),0},
+{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[245]),0},
+{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
+	&(lvalues[254]),0},
+{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[263]),0},
+{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
+	&(lvalues[272]),0},
+{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[281]),0},
+{"countersignature","countersignature",NID_pkcs9_countersignature,9,
+	&(lvalues[290]),0},
+{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
+	9,&(lvalues[299]),0},
+{"unstructuredAddress","unstructuredAddress",
+	NID_pkcs9_unstructuredAddress,9,&(lvalues[308]),0},
+{"extendedCertificateAttributes","extendedCertificateAttributes",
+	NID_pkcs9_extCertAttributes,9,&(lvalues[317]),0},
+{"Netscape","Netscape Communications Corp.",NID_netscape,7,
+	&(lvalues[326]),0},
+{"nsCertExt","Netscape Certificate Extension",
+	NID_netscape_cert_extension,8,&(lvalues[333]),0},
+{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
+	&(lvalues[341]),0},
+{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
+{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
+{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
+{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
+{"SHA1","sha1",NID_sha1,5,&(lvalues[349]),0},
+{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
+	&(lvalues[354]),0},
+{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0},
+{"DSA","dsaEncryption",NID_dsa,5,&(lvalues[368]),0},
+{"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC",
+	NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0},
+{"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9,
+	&(lvalues[382]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,5,&(lvalues[391]),0},
+{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
+	&(lvalues[396]),0},
+{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
+	&(lvalues[405]),0},
+{"nsRevocationUrl","Netscape Revocation Url",
+	NID_netscape_revocation_url,9,&(lvalues[414]),0},
+{"nsCaRevocationUrl","Netscape CA Revocation Url",
+	NID_netscape_ca_revocation_url,9,&(lvalues[423]),0},
+{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
+	&(lvalues[432]),0},
+{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
+	9,&(lvalues[441]),0},
+{"nsSslServerName","Netscape SSL Server Name",
+	NID_netscape_ssl_server_name,9,&(lvalues[450]),0},
+{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[459]),0},
+{"nsCertSequence","Netscape Certificate Sequence",
+	NID_netscape_cert_sequence,9,&(lvalues[468]),0},
+{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
+{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[477]),0},
+{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
+	NID_subject_key_identifier,3,&(lvalues[479]),0},
+{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[482]),0},
+{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
+	NID_private_key_usage_period,3,&(lvalues[485]),0},
+{"subjectAltName","X509v3 Subject Alternative Name",
+	NID_subject_alt_name,3,&(lvalues[488]),0},
+{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
+	3,&(lvalues[491]),0},
+{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
+	3,&(lvalues[494]),0},
+{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[497]),0},
+{"certificatePolicies","X509v3 Certificate Policies",
+	NID_certificate_policies,3,&(lvalues[500]),0},
+{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
+	NID_authority_key_identifier,3,&(lvalues[503]),0},
+{"BF-CBC","bf-cbc",NID_bf_cbc,0,NULL},
+{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
+{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
+{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
+{"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0},
+{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0},
+};
+
+static ASN1_OBJECT *sn_objs[NUM_SN]={
+&(nid_objs[91]),/* "BF-CBC" */
+&(nid_objs[93]),/* "BF-CFB" */
+&(nid_objs[92]),/* "BF-ECB" */
+&(nid_objs[94]),/* "BF-OFB" */
+&(nid_objs[14]),/* "C" */
+&(nid_objs[13]),/* "CN" */
+&(nid_objs[31]),/* "DES-CBC" */
+&(nid_objs[30]),/* "DES-CFB" */
+&(nid_objs[29]),/* "DES-ECB" */
+&(nid_objs[32]),/* "DES-EDE" */
+&(nid_objs[43]),/* "DES-EDE-CBC" */
+&(nid_objs[60]),/* "DES-EDE-CFB" */
+&(nid_objs[62]),/* "DES-EDE-OFB" */
+&(nid_objs[33]),/* "DES-EDE3" */
+&(nid_objs[44]),/* "DES-EDE3-CBC" */
+&(nid_objs[61]),/* "DES-EDE3-CFB" */
+&(nid_objs[63]),/* "DES-EDE3-OFB" */
+&(nid_objs[45]),/* "DES-OFB" */
+&(nid_objs[80]),/* "DESX-CBC" */
+&(nid_objs[67]),/* "DSA" */
+&(nid_objs[66]),/* "DSA-SHA" */
+&(nid_objs[70]),/* "DSA-SHA1" */
+&(nid_objs[48]),/* "Email" */
+&(nid_objs[34]),/* "IDEA-CBC" */
+&(nid_objs[35]),/* "IDEA-CFB" */
+&(nid_objs[36]),/* "IDEA-ECB" */
+&(nid_objs[46]),/* "IDEA-OFB" */
+&(nid_objs[15]),/* "L" */
+&(nid_objs[ 3]),/* "MD2" */
+&(nid_objs[ 4]),/* "MD5" */
+&(nid_objs[95]),/* "MDC2" */
+&(nid_objs[57]),/* "Netscape" */
+&(nid_objs[17]),/* "O" */
+&(nid_objs[18]),/* "OU" */
+&(nid_objs[37]),/* "RC2-CBC" */
+&(nid_objs[39]),/* "RC2-CFB" */
+&(nid_objs[38]),/* "RC2-ECB" */
+&(nid_objs[40]),/* "RC2-OFB" */
+&(nid_objs[ 5]),/* "RC4" */
+&(nid_objs[19]),/* "RSA" */
+&(nid_objs[ 7]),/* "RSA-MD2" */
+&(nid_objs[ 8]),/* "RSA-MD5" */
+&(nid_objs[96]),/* "RSA-MDC2" */
+&(nid_objs[42]),/* "RSA-SHA" */
+&(nid_objs[65]),/* "RSA-SHA1" */
+&(nid_objs[41]),/* "SHA" */
+&(nid_objs[64]),/* "SHA1" */
+&(nid_objs[16]),/* "ST" */
+&(nid_objs[ 0]),/* "UNDEF" */
+&(nid_objs[90]),/* "authorityKeyIdentifier" */
+&(nid_objs[87]),/* "basicConstraints" */
+&(nid_objs[89]),/* "certificatePolicies" */
+&(nid_objs[88]),/* "crlNumber" */
+&(nid_objs[86]),/* "issuerAltName" */
+&(nid_objs[83]),/* "keyUsage" */
+&(nid_objs[81]),/* "ld-ce" */
+&(nid_objs[72]),/* "nsBaseUrl" */
+&(nid_objs[76]),/* "nsCaPolicyUrl" */
+&(nid_objs[74]),/* "nsCaRevocationUrl" */
+&(nid_objs[58]),/* "nsCertExt" */
+&(nid_objs[79]),/* "nsCertSequence" */
+&(nid_objs[71]),/* "nsCertType" */
+&(nid_objs[78]),/* "nsComment" */
+&(nid_objs[59]),/* "nsDataType" */
+&(nid_objs[75]),/* "nsRenewalUrl" */
+&(nid_objs[73]),/* "nsRevocationUrl" */
+&(nid_objs[77]),/* "nsSslServerName" */
+&(nid_objs[84]),/* "privateKeyUsagePeriod" */
+&(nid_objs[85]),/* "subjectAltName" */
+&(nid_objs[82]),/* "subjectKeyIdentifier" */
+};
+
+static ASN1_OBJECT *ln_objs[NUM_LN]={
+&(nid_objs[72]),/* "Netscape Base Url" */
+&(nid_objs[76]),/* "Netscape CA Policy Url" */
+&(nid_objs[74]),/* "Netscape CA Revocation Url" */
+&(nid_objs[71]),/* "Netscape Cert Type" */
+&(nid_objs[58]),/* "Netscape Certificate Extension" */
+&(nid_objs[79]),/* "Netscape Certificate Sequence" */
+&(nid_objs[78]),/* "Netscape Comment" */
+&(nid_objs[57]),/* "Netscape Communications Corp." */
+&(nid_objs[59]),/* "Netscape Data Type" */
+&(nid_objs[75]),/* "Netscape Renewal Url" */
+&(nid_objs[73]),/* "Netscape Revocation Url" */
+&(nid_objs[77]),/* "Netscape SSL Server Name" */
+&(nid_objs[11]),/* "X500" */
+&(nid_objs[12]),/* "X509" */
+&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
+&(nid_objs[87]),/* "X509v3 Basic Constraints" */
+&(nid_objs[88]),/* "X509v3 CRL Number" */
+&(nid_objs[89]),/* "X509v3 Certificate Policies" */
+&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
+&(nid_objs[83]),/* "X509v3 Key Usage" */
+&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
+&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
+&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
+&(nid_objs[91]),/* "bf-cbc" */
+&(nid_objs[93]),/* "bf-cfb" */
+&(nid_objs[92]),/* "bf-ecb" */
+&(nid_objs[94]),/* "bf-ofb" */
+&(nid_objs[54]),/* "challengePassword" */
+&(nid_objs[13]),/* "commonName" */
+&(nid_objs[50]),/* "contentType" */
+&(nid_objs[53]),/* "countersignature" */
+&(nid_objs[14]),/* "countryName" */
+&(nid_objs[31]),/* "des-cbc" */
+&(nid_objs[30]),/* "des-cfb" */
+&(nid_objs[29]),/* "des-ecb" */
+&(nid_objs[32]),/* "des-ede" */
+&(nid_objs[43]),/* "des-ede-cbc" */
+&(nid_objs[60]),/* "des-ede-cfb" */
+&(nid_objs[62]),/* "des-ede-ofb" */
+&(nid_objs[33]),/* "des-ede3" */
+&(nid_objs[44]),/* "des-ede3-cbc" */
+&(nid_objs[61]),/* "des-ede3-cfb" */
+&(nid_objs[63]),/* "des-ede3-ofb" */
+&(nid_objs[45]),/* "des-ofb" */
+&(nid_objs[80]),/* "desx-cbc" */
+&(nid_objs[28]),/* "dhKeyAgreement" */
+&(nid_objs[67]),/* "dsaEncryption" */
+&(nid_objs[66]),/* "dsaWithSHA" */
+&(nid_objs[70]),/* "dsaWithSHA1" */
+&(nid_objs[48]),/* "emailAddress" */
+&(nid_objs[56]),/* "extendedCertificateAttributes" */
+&(nid_objs[34]),/* "idea-cbc" */
+&(nid_objs[35]),/* "idea-cfb" */
+&(nid_objs[36]),/* "idea-ecb" */
+&(nid_objs[46]),/* "idea-ofb" */
+&(nid_objs[15]),/* "localityName" */
+&(nid_objs[ 3]),/* "md2" */
+&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
+&(nid_objs[ 4]),/* "md5" */
+&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
+&(nid_objs[95]),/* "mdc2" */
+&(nid_objs[96]),/* "mdc2withRSA" */
+&(nid_objs[51]),/* "messageDigest" */
+&(nid_objs[17]),/* "organizationName" */
+&(nid_objs[18]),/* "organizationalUnitName" */
+&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
+&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
+&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
+&(nid_objs[69]),/* "pbeWithSHA1AndRC4" */
+&(nid_objs[ 2]),/* "pkcs" */
+&(nid_objs[27]),/* "pkcs3" */
+&(nid_objs[20]),/* "pkcs7" */
+&(nid_objs[21]),/* "pkcs7-data" */
+&(nid_objs[25]),/* "pkcs7-digestData" */
+&(nid_objs[26]),/* "pkcs7-encryptedData" */
+&(nid_objs[23]),/* "pkcs7-envelopedData" */
+&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
+&(nid_objs[22]),/* "pkcs7-signedData" */
+&(nid_objs[47]),/* "pkcs9" */
+&(nid_objs[37]),/* "rc2-cbc" */
+&(nid_objs[39]),/* "rc2-cfb" */
+&(nid_objs[38]),/* "rc2-ecb" */
+&(nid_objs[40]),/* "rc2-ofb" */
+&(nid_objs[ 5]),/* "rc4" */
+&(nid_objs[19]),/* "rsa" */
+&(nid_objs[ 6]),/* "rsaEncryption" */
+&(nid_objs[ 1]),/* "rsadsi" */
+&(nid_objs[41]),/* "sha" */
+&(nid_objs[64]),/* "sha1" */
+&(nid_objs[65]),/* "sha1WithRSAEncryption" */
+&(nid_objs[42]),/* "shaWithRSAEncryption" */
+&(nid_objs[52]),/* "signingTime" */
+&(nid_objs[16]),/* "stateOrProvinceName" */
+&(nid_objs[ 0]),/* "undefined" */
+&(nid_objs[55]),/* "unstructuredAddress" */
+&(nid_objs[49]),/* "unstructuredName" */
+};
+
+static ASN1_OBJECT *obj_objs[NUM_OBJ]={
+&(nid_objs[11]),/* OBJ_X500                         2 5 */
+&(nid_objs[12]),/* OBJ_X509                         2 5 4 */
+&(nid_objs[81]),/* OBJ_ld_ce                        2 5 29 */
+&(nid_objs[13]),/* OBJ_commonName                   2 5 4 3 */
+&(nid_objs[14]),/* OBJ_countryName                  2 5 4 6 */
+&(nid_objs[15]),/* OBJ_localityName                 2 5 4 7 */
+&(nid_objs[16]),/* OBJ_stateOrProvinceName          2 5 4 8 */
+&(nid_objs[17]),/* OBJ_organizationName             2 5 4 10 */
+&(nid_objs[18]),/* OBJ_organizationalUnitName       2 5 4 11 */
+&(nid_objs[82]),/* OBJ_subject_key_identifier       2 5 29 14 */
+&(nid_objs[83]),/* OBJ_key_usage                    2 5 29 15 */
+&(nid_objs[84]),/* OBJ_private_key_usage_period     2 5 29 16 */
+&(nid_objs[85]),/* OBJ_subject_alt_name             2 5 29 17 */
+&(nid_objs[86]),/* OBJ_issuer_alt_name              2 5 29 18 */
+&(nid_objs[87]),/* OBJ_basic_constraints            2 5 29 19 */
+&(nid_objs[88]),/* OBJ_crl_number                   2 5 29 20 */
+&(nid_objs[89]),/* OBJ_certificate_policies         2 5 29 32 */
+&(nid_objs[90]),/* OBJ_authority_key_identifier     2 5 29 35 */
+&(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
+&(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
+&(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
+&(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
+&(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */
+&(nid_objs[45]),/* OBJ_des_ofb64                    1 3 14 3 2 8 */
+&(nid_objs[30]),/* OBJ_des_cfb64                    1 3 14 3 2 9 */
+&(nid_objs[67]),/* OBJ_dsa                          1 3 14 3 2 12 */
+&(nid_objs[66]),/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
+&(nid_objs[42]),/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
+&(nid_objs[32]),/* OBJ_des_ede                      1 3 14 3 2 17 */
+&(nid_objs[41]),/* OBJ_sha                          1 3 14 3 2 18 */
+&(nid_objs[64]),/* OBJ_sha1                         1 3 14 3 2 26 */
+&(nid_objs[70]),/* OBJ_dsaWithSHA1                  1 3 14 3 2 27 */
+&(nid_objs[ 1]),/* OBJ_rsadsi                       1 2 840 113549 */
+&(nid_objs[ 2]),/* OBJ_pkcs                         1 2 840 113549 1 */
+&(nid_objs[57]),/* OBJ_netscape                     2 16 840 1 113730 */
+&(nid_objs[27]),/* OBJ_pkcs3                        1 2 840 113549 1 3 */
+&(nid_objs[20]),/* OBJ_pkcs7                        1 2 840 113549 1 7 */
+&(nid_objs[47]),/* OBJ_pkcs9                        1 2 840 113549 1 9 */
+&(nid_objs[ 3]),/* OBJ_md2                          1 2 840 113549 2 2 */
+&(nid_objs[ 4]),/* OBJ_md5                          1 2 840 113549 2 5 */
+&(nid_objs[37]),/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
+&(nid_objs[ 5]),/* OBJ_rc4                          1 2 840 113549 3 4 */
+&(nid_objs[44]),/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
+&(nid_objs[58]),/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
+&(nid_objs[59]),/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
+&(nid_objs[ 6]),/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
+&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
+&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
+&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
+&(nid_objs[28]),/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
+&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
+&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
+&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11  */
+&(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4            1 2 840 113549 1 5 12  */
+&(nid_objs[21]),/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
+&(nid_objs[22]),/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
+&(nid_objs[23]),/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
+&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
+&(nid_objs[25]),/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
+&(nid_objs[26]),/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
+&(nid_objs[48]),/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
+&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
+&(nid_objs[50]),/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
+&(nid_objs[51]),/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
+&(nid_objs[52]),/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
+&(nid_objs[53]),/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
+&(nid_objs[54]),/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
+&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
+&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
+&(nid_objs[71]),/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
+&(nid_objs[72]),/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
+&(nid_objs[73]),/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
+&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
+&(nid_objs[75]),/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
+&(nid_objs[76]),/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
+&(nid_objs[77]),/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
+&(nid_objs[78]),/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
+&(nid_objs[79]),/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
+};
+
diff --git a/crypto/objects/obj_dat.pl b/crypto/objects/obj_dat.pl
new file mode 100644
index 0000000000..ebeb243d80
--- /dev/null
+++ b/crypto/objects/obj_dat.pl
@@ -0,0 +1,269 @@
+#!/usr/local/bin/perl
+
+sub obj_cmp
+	{
+	local(@a,@b,$_,$r);
+
+	$A=$obj_len{$obj{$nid{$a}}};
+	$B=$obj_len{$obj{$nid{$b}}};
+
+	$r=($A-$B);
+	return($r) if $r != 0;
+
+	$A=$obj_der{$obj{$nid{$a}}};
+	$B=$obj_der{$obj{$nid{$b}}};
+
+	return($A cmp $B);
+	}
+
+sub expand_obj
+	{
+	local(*v)=@_;
+	local($k,$d);
+	local($i);
+
+	do	{
+		$i=0;
+		foreach $k (keys %v)
+			{
+			if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
+				{ $i++; }
+			}
+		} while($i);
+	foreach $k (keys %v)
+		{
+		@a=split(/,/,$v{$k});
+		$objn{$k}=$#a+1;
+		}
+	return(%objn);
+	}
+
+while (<>)
+	{
+	next unless /^\#define\s+(\S+)\s+(.*)$/;
+	$v=$1;
+	$d=$2;
+	if ($v =~ /^SN_(.*)$/)
+		{ $sn{$1}=$d; }
+	elsif ($v =~ /^LN_(.*)$/)
+		{ $ln{$1}=$d; }
+	elsif ($v =~ /^NID_(.*)$/)
+		{ $nid{$d}=$1; }
+	elsif ($v =~ /^OBJ_(.*)$/)
+		{
+		$obj{$1}=$v;
+		$objd{$v}=$d;
+		}
+	}
+
+%ob=&expand_obj(*objd);
+
+@a=sort { $a <=> $b } keys %nid;
+$n=$a[$#a]+1;
+
+@lvalues=();
+$lvalues=0;
+
+for ($i=0; $i<$n; $i++)
+	{
+	if (!defined($nid{$i}))
+		{
+		push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
+		}
+	else
+		{
+		$sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
+		$ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
+		$sn=$ln if ($sn eq "NULL");
+		$ln=$sn if ($ln eq "NULL");
+		$out ="{";
+		$out.=$sn;
+		$out.=",".$ln;
+		$out.=",NID_$nid{$i},";
+		if (defined($obj{$nid{$i}}))
+			{
+			$v=$objd{$obj{$nid{$i}}};
+			$v =~ s/L//g;
+			$v =~ s/,/ /g;
+			$r=&der_it($v);
+			$z="";
+			$length=0;
+			foreach (unpack("C*",$r))
+				{
+				$z.=sprintf("0x%02X,",$_);
+				$length++;
+				}
+			$obj_der{$obj{$nid{$i}}}=$z;
+			$obj_len{$obj{$nid{$i}}}=$length;
+
+			push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
+				$z,$lvalues,$obj{$nid{$i}}));
+			$out.="$length,&(lvalues[$lvalues]),0";
+			$lvalues+=$length;
+			}
+		else
+			{
+			$out.="0,NULL";
+			}
+		$out.="},\n";
+		push(@out,$out);
+		}
+	}
+
+@a=grep(defined($sn{$nid{$_}}),0 .. $n);
+foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
+	{
+	push(@sn,sprintf("&(nid_objs[%2d]),/* $sn{$nid{$_}} */\n",$_));
+	}
+
+@a=grep(defined($ln{$nid{$_}}),0 .. $n);
+foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
+	{
+	push(@ln,sprintf("&(nid_objs[%2d]),/* $ln{$nid{$_}} */\n",$_));
+	}
+
+@a=grep(defined($obj{$nid{$_}}),0 .. $n);
+foreach (sort obj_cmp @a)
+	{
+	$m=$obj{$nid{$_}};
+	$v=$objd{$m};
+	$v =~ s/L//g;
+	$v =~ s/,/ /g;
+	push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
+	}
+
+print <<'EOF';
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+EOF
+
+printf "#define NUM_NID %d\n",$n;
+printf "#define NUM_SN %d\n",$#sn+1;
+printf "#define NUM_LN %d\n",$#ln+1;
+printf "#define NUM_OBJ %d\n\n",$#ob+1;
+
+printf "static unsigned char lvalues[%d]={\n",$lvalues+1;
+print @lvalues;
+print "};\n\n";
+
+printf "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
+foreach (@out)
+	{
+	if (length($_) > 75)
+		{
+		$out="";
+		foreach (split(/,/))
+			{
+			$t=$out.$_.",";
+			if (length($t) > 70)
+				{
+				print "$out\n";
+				$t="\t$_,";
+				}
+			$out=$t;
+			}
+		chop $out;
+		print "$out";
+		}
+	else
+		{ print $_; }
+	}
+print  "};\n\n";
+
+printf "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
+print  @sn;
+print  "};\n\n";
+
+printf "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
+print  @ln;
+print  "};\n\n";
+
+printf "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
+print  @ob;
+print  "};\n\n";
+
+sub der_it
+	{
+	local($v)=@_;
+	local(@a,$i,$ret,@r);
+
+	@a=split(/\s+/,$v);
+	$ret.=pack("C*",$a[0]*40+$a[1]);
+	shift @a;
+	shift @a;
+	while ($_=shift(@a))
+		{
+		@r=();
+		$t=0;
+		while ($_ >= 128)
+			{
+			$x=$_%128;
+			$_/=128;
+			push(@r,((($t++)?0x80:0)|$x));
+			}
+		push(@r,((($t++)?0x80:0)|$_));
+		$ret.=pack("C*",reverse(@r));
+		}
+	return($ret);
+	}
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
new file mode 100644
index 0000000000..bfc13d79a4
--- /dev/null
+++ b/crypto/objects/obj_err.c
@@ -0,0 +1,90 @@
+/* lib/obj/obj_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "objects.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA OBJ_str_functs[]=
+	{
+{ERR_PACK(0,OBJ_F_OBJ_CREATE_AND_ADD_OBJECT,0),	"OBJ_create_and_add_object"},
+{ERR_PACK(0,OBJ_F_OBJ_DUP,0),	"OBJ_dup"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0),	"OBJ_nid2ln"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0),	"OBJ_nid2obj"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0),	"OBJ_nid2sn"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA OBJ_str_reasons[]=
+	{
+{OBJ_R_MALLOC_FAILURE                    ,"malloc failure"},
+{OBJ_R_UNKNOWN_NID                       ,"unknown nid"},
+{0,NULL},
+	};
+
+void ERR_load_OBJ_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
+		ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
+		}
+	}
diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c
new file mode 100644
index 0000000000..35a8d70e09
--- /dev/null
+++ b/crypto/objects/obj_lib.c
@@ -0,0 +1,126 @@
+/* crypto/objects/obj_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "objects.h"
+#include "buffer.h"
+
+ASN1_OBJECT *OBJ_dup(o)
+ASN1_OBJECT *o;
+	{
+	ASN1_OBJECT *r;
+	int i;
+
+	if (o == NULL) return(NULL);
+	if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+		return(o);
+
+	r=(ASN1_OBJECT *)ASN1_OBJECT_new();
+	if (r == NULL)
+		{
+		OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
+		return(NULL);
+		}
+	r->data=(unsigned char *)Malloc(o->length);
+	if (r->data == NULL)
+		goto err;
+	memcpy(r->data,o->data,o->length);
+	r->length=o->length;
+	r->nid=o->nid;
+	r->ln=r->sn=NULL;
+	if (o->ln != NULL)
+		{
+		i=strlen(o->ln)+1;
+		r->ln=(char *)Malloc(i);
+		if (r->ln == NULL) goto err;
+		memcpy(r->ln,o->ln,i);
+		}
+
+	if (o->sn != NULL)
+		{
+		i=strlen(o->sn)+1;
+		r->sn=(char *)Malloc(i);
+		if (r->sn == NULL) goto err;
+		memcpy(r->sn,o->sn,i);
+		}
+	r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
+		ASN1_OBJECT_FLAG_DYNAMIC_STRINGS);
+	return(r);
+err:
+	OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
+	if (r != NULL)
+		{
+		if (r->ln != NULL) Free(r->ln);
+		if (r->data != NULL) Free(r->data);
+		Free(r);
+		}
+	return(NULL);
+	}
+
+int OBJ_cmp(a,b)
+ASN1_OBJECT *a;
+ASN1_OBJECT *b;
+	{
+	int ret;
+
+	ret=(a->length-b->length);
+	if (ret) return(ret);
+	return(memcmp(a->data,b->data,a->length));
+	}
diff --git a/crypto/objects/objects.err b/crypto/objects/objects.err
new file mode 100644
index 0000000000..3f8c54e2db
--- /dev/null
+++ b/crypto/objects/objects.err
@@ -0,0 +1,12 @@
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+#define OBJ_F_OBJ_CREATE_AND_ADD_OBJECT			 100
+#define OBJ_F_OBJ_DUP					 101
+#define OBJ_F_OBJ_NID2LN				 102
+#define OBJ_F_OBJ_NID2OBJ				 103
+#define OBJ_F_OBJ_NID2SN				 104
+
+/* Reason codes. */
+#define OBJ_R_MALLOC_FAILURE				 100
+#define OBJ_R_UNKNOWN_NID				 101
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
new file mode 100644
index 0000000000..e69cb7134a
--- /dev/null
+++ b/crypto/objects/objects.h
@@ -0,0 +1,584 @@
+/* crypto/objects/objects.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_OBJECTS_H
+#define HEADER_OBJECTS_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define SN_undef			"UNDEF"
+#define LN_undef			"undefined"
+#define NID_undef			0
+
+#define SN_Algorithm			"Algorithm"
+#define LN_algorithm			"algorithm"
+#define NID_algorithm			38
+#define OBJ_algorithm			1L,3L,14L,3L,2L
+
+#define LN_rsadsi			"rsadsi"
+#define NID_rsadsi			1
+#define OBJ_rsadsi			1L,2L,840L,113549L
+
+#define LN_pkcs				"pkcs"
+#define NID_pkcs			2
+#define OBJ_pkcs			OBJ_rsadsi,1L
+
+#define SN_md2				"MD2"
+#define LN_md2				"md2"
+#define NID_md2				3
+#define OBJ_md2				OBJ_rsadsi,2L,2L
+
+#define SN_md5				"MD5"
+#define LN_md5				"md5"
+#define NID_md5				4
+#define OBJ_md5				OBJ_rsadsi,2L,5L
+
+#define SN_rc4				"RC4"
+#define LN_rc4				"rc4"
+#define NID_rc4				5
+#define OBJ_rc4				OBJ_rsadsi,3L,4L
+
+#define LN_rsaEncryption		"rsaEncryption"
+#define NID_rsaEncryption		6
+#define OBJ_rsaEncryption		OBJ_pkcs,1L,1L
+
+#define SN_md2WithRSAEncryption		"RSA-MD2"
+#define LN_md2WithRSAEncryption		"md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption	7
+#define OBJ_md2WithRSAEncryption	OBJ_pkcs,1L,2L
+
+#define SN_md5WithRSAEncryption		"RSA-MD5"
+#define LN_md5WithRSAEncryption		"md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption	8
+#define OBJ_md5WithRSAEncryption	OBJ_pkcs,1L,4L
+
+#define LN_pbeWithMD2AndDES_CBC		"pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC	9
+#define OBJ_pbeWithMD2AndDES_CBC	OBJ_pkcs,5L,1L
+
+#define LN_pbeWithMD5AndDES_CBC		"pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC	10
+#define OBJ_pbeWithMD5AndDES_CBC	OBJ_pkcs,5L,3L
+
+#define LN_X500				"X500"
+#define NID_X500			11
+#define OBJ_X500			2L,5L
+
+#define LN_X509				"X509"
+#define NID_X509			12
+#define OBJ_X509			OBJ_X500,4L
+
+#define SN_commonName			"CN"
+#define LN_commonName			"commonName"
+#define NID_commonName			13
+#define OBJ_commonName			OBJ_X509,3L
+
+#define SN_countryName			"C"
+#define LN_countryName			"countryName"
+#define NID_countryName			14
+#define OBJ_countryName			OBJ_X509,6L
+
+#define SN_localityName			"L"
+#define LN_localityName			"localityName"
+#define NID_localityName		15
+#define OBJ_localityName		OBJ_X509,7L
+
+/* Postal Address? PA */
+
+/* should be "ST" (rfc1327) but MS uses 'S' */
+#define SN_stateOrProvinceName		"ST"
+#define LN_stateOrProvinceName		"stateOrProvinceName"
+#define NID_stateOrProvinceName		16
+#define OBJ_stateOrProvinceName		OBJ_X509,8L
+
+#define SN_organizationName		"O"
+#define LN_organizationName		"organizationName"
+#define NID_organizationName		17
+#define OBJ_organizationName		OBJ_X509,10L
+
+#define SN_organizationalUnitName	"OU"
+#define LN_organizationalUnitName	"organizationalUnitName"
+#define NID_organizationalUnitName	18
+#define OBJ_organizationalUnitName	OBJ_X509,11L
+
+#define SN_rsa				"RSA"
+#define LN_rsa				"rsa"
+#define NID_rsa				19
+#define OBJ_rsa				OBJ_X500,8L,1L,1L
+
+#define LN_pkcs7			"pkcs7"
+#define NID_pkcs7			20
+#define OBJ_pkcs7			OBJ_pkcs,7L
+
+#define LN_pkcs7_data			"pkcs7-data"
+#define NID_pkcs7_data			21
+#define OBJ_pkcs7_data			OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed			"pkcs7-signedData"
+#define NID_pkcs7_signed		22
+#define OBJ_pkcs7_signed		OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped		"pkcs7-envelopedData"
+#define NID_pkcs7_enveloped		23
+#define OBJ_pkcs7_enveloped		OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped	"pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped	24
+#define OBJ_pkcs7_signedAndEnveloped	OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest			"pkcs7-digestData"
+#define NID_pkcs7_digest		25
+#define OBJ_pkcs7_digest		OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted		"pkcs7-encryptedData"
+#define NID_pkcs7_encrypted		26
+#define OBJ_pkcs7_encrypted		OBJ_pkcs7,6L
+
+#define LN_pkcs3			"pkcs3"
+#define NID_pkcs3			27
+#define OBJ_pkcs3			OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement		"dhKeyAgreement"
+#define NID_dhKeyAgreement		28
+#define OBJ_dhKeyAgreement		OBJ_pkcs3,1L
+
+#define SN_des_ecb			"DES-ECB"
+#define LN_des_ecb			"des-ecb"
+#define NID_des_ecb			29
+#define OBJ_des_ecb			OBJ_algorithm,6L
+
+#define SN_des_cfb64			"DES-CFB"
+#define LN_des_cfb64			"des-cfb"
+#define NID_des_cfb64			30
+/* IV + num */
+#define OBJ_des_cfb64			OBJ_algorithm,9L
+
+#define SN_des_cbc			"DES-CBC"
+#define LN_des_cbc			"des-cbc"
+#define NID_des_cbc			31
+/* IV */
+#define OBJ_des_cbc			OBJ_algorithm,7L
+
+#define SN_des_ede			"DES-EDE"
+#define LN_des_ede			"des-ede"
+#define NID_des_ede			32
+/* ?? */
+#define OBJ_des_ede			OBJ_algorithm,17L
+
+#define SN_des_ede3			"DES-EDE3"
+#define LN_des_ede3			"des-ede3"
+#define NID_des_ede3			33
+
+#define SN_idea_cbc			"IDEA-CBC"
+#define LN_idea_cbc			"idea-cbc"
+#define NID_idea_cbc			34
+
+#define SN_idea_cfb64			"IDEA-CFB"
+#define LN_idea_cfb64			"idea-cfb"
+#define NID_idea_cfb64			35
+
+#define SN_idea_ecb			"IDEA-ECB"
+#define LN_idea_ecb			"idea-ecb"
+#define NID_idea_ecb			36
+
+#define SN_rc2_cbc			"RC2-CBC"
+#define LN_rc2_cbc			"rc2-cbc"
+#define NID_rc2_cbc			37
+#define OBJ_rc2_cbc			OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb			"RC2-ECB"
+#define LN_rc2_ecb			"rc2-ecb"
+#define NID_rc2_ecb			38
+
+#define SN_rc2_cfb64			"RC2-CFB"
+#define LN_rc2_cfb64			"rc2-cfb"
+#define NID_rc2_cfb64			39
+
+#define SN_rc2_ofb64			"RC2-OFB"
+#define LN_rc2_ofb64			"rc2-ofb"
+#define NID_rc2_ofb64			40
+
+#define SN_sha				"SHA"
+#define LN_sha				"sha"
+#define NID_sha				41
+#define OBJ_sha				OBJ_algorithm,18L
+
+#define SN_shaWithRSAEncryption		"RSA-SHA"
+#define LN_shaWithRSAEncryption		"shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption	42
+#define OBJ_shaWithRSAEncryption	OBJ_algorithm,15L
+
+#define SN_des_ede_cbc			"DES-EDE-CBC"
+#define LN_des_ede_cbc			"des-ede-cbc"
+#define NID_des_ede_cbc			43
+
+#define SN_des_ede3_cbc			"DES-EDE3-CBC"
+#define LN_des_ede3_cbc			"des-ede3-cbc"
+#define NID_des_ede3_cbc		44
+#define OBJ_des_ede3_cbc		OBJ_rsadsi,3L,7L
+
+#define SN_des_ofb64			"DES-OFB"
+#define LN_des_ofb64			"des-ofb"
+#define NID_des_ofb64			45
+#define OBJ_des_ofb64			OBJ_algorithm,8L
+
+#define SN_idea_ofb64			"IDEA-OFB"
+#define LN_idea_ofb64			"idea-ofb"
+#define NID_idea_ofb64			46
+
+#define LN_pkcs9			"pkcs9"
+#define NID_pkcs9			47
+#define OBJ_pkcs9			OBJ_pkcs,9L
+
+#define SN_pkcs9_emailAddress		"Email"
+#define LN_pkcs9_emailAddress		"emailAddress"
+#define NID_pkcs9_emailAddress		48
+#define OBJ_pkcs9_emailAddress		OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName	"unstructuredName"
+#define NID_pkcs9_unstructuredName	49
+#define OBJ_pkcs9_unstructuredName	OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType		"contentType"
+#define NID_pkcs9_contentType		50
+#define OBJ_pkcs9_contentType		OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest		"messageDigest"
+#define NID_pkcs9_messageDigest		51
+#define OBJ_pkcs9_messageDigest		OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime		"signingTime"
+#define NID_pkcs9_signingTime		52
+#define OBJ_pkcs9_signingTime		OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature	"countersignature"
+#define NID_pkcs9_countersignature	53
+#define OBJ_pkcs9_countersignature	OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword	"challengePassword"
+#define NID_pkcs9_challengePassword	54
+#define OBJ_pkcs9_challengePassword	OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress	"unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress	55
+#define OBJ_pkcs9_unstructuredAddress	OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes	"extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes	56
+#define OBJ_pkcs9_extCertAttributes	OBJ_pkcs9,9L
+
+#define SN_netscape			"Netscape"
+#define LN_netscape			"Netscape Communications Corp."
+#define NID_netscape			57
+#define OBJ_netscape			2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension	"nsCertExt"
+#define LN_netscape_cert_extension	"Netscape Certificate Extension"
+#define NID_netscape_cert_extension	58
+#define OBJ_netscape_cert_extension	OBJ_netscape,1L
+
+#define SN_netscape_data_type		"nsDataType"
+#define LN_netscape_data_type		"Netscape Data Type"
+#define NID_netscape_data_type		59
+#define OBJ_netscape_data_type		OBJ_netscape,2L
+
+#define SN_des_ede_cfb64		"DES-EDE-CFB"
+#define LN_des_ede_cfb64		"des-ede-cfb"
+#define NID_des_ede_cfb64		60
+
+#define SN_des_ede3_cfb64		"DES-EDE3-CFB"
+#define LN_des_ede3_cfb64		"des-ede3-cfb"
+#define NID_des_ede3_cfb64		61
+
+#define SN_des_ede_ofb64		"DES-EDE-OFB"
+#define LN_des_ede_ofb64		"des-ede-ofb"
+#define NID_des_ede_ofb64		62
+
+#define SN_des_ede3_ofb64		"DES-EDE3-OFB"
+#define LN_des_ede3_ofb64		"des-ede3-ofb"
+#define NID_des_ede3_ofb64		63
+
+/* I'm not sure about the object ID */
+#define SN_sha1				"SHA1"
+#define LN_sha1				"sha1"
+#define NID_sha1			64
+#define OBJ_sha1			OBJ_algorithm,26L
+/* 28 Jun 1996 - eay */
+/* #define OBJ_sha1			1L,3L,14L,2L,26L,05L <- wrong */
+
+#define SN_sha1WithRSAEncryption	"RSA-SHA1"
+#define LN_sha1WithRSAEncryption	"sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption	65
+#define OBJ_sha1WithRSAEncryption	OBJ_pkcs,1L,5L
+
+#define SN_dsaWithSHA			"DSA-SHA"
+#define LN_dsaWithSHA			"dsaWithSHA"
+#define NID_dsaWithSHA			66
+#define OBJ_dsaWithSHA			OBJ_algorithm,13L
+
+#define SN_dsa				"DSA"
+#define LN_dsa				"dsaEncryption"
+#define NID_dsa				67
+#define OBJ_dsa				OBJ_algorithm,12L
+
+/* proposed by microsoft to RSA */
+#define LN_pbeWithSHA1AndRC2_CBC	"pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC	68
+#define OBJ_pbeWithSHA1AndRC2_CBC	OBJ_pkcs,5L,11L 
+
+/* proposed by microsoft to RSA */
+#define LN_pbeWithSHA1AndRC4		"pbeWithSHA1AndRC4"
+#define NID_pbeWithSHA1AndRC4		69
+#define OBJ_pbeWithSHA1AndRC4		OBJ_pkcs,5L,12L 
+
+#define SN_dsaWithSHA1			"DSA-SHA1"
+#define LN_dsaWithSHA1			"dsaWithSHA1"
+#define NID_dsaWithSHA1			70
+/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
+#define OBJ_dsaWithSHA1			OBJ_algorithm,27L
+
+#define SN_netscape_cert_type		"nsCertType"
+#define LN_netscape_cert_type		"Netscape Cert Type"
+#define NID_netscape_cert_type		71
+#define OBJ_netscape_cert_type		OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url		"nsBaseUrl"
+#define LN_netscape_base_url		"Netscape Base Url"
+#define NID_netscape_base_url		72
+#define OBJ_netscape_base_url		OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url	"nsRevocationUrl"
+#define LN_netscape_revocation_url	"Netscape Revocation Url"
+#define NID_netscape_revocation_url	73
+#define OBJ_netscape_revocation_url	OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url	"nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url	"Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url	74
+#define OBJ_netscape_ca_revocation_url	OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url		"nsRenewalUrl"
+#define LN_netscape_renewal_url		"Netscape Renewal Url"
+#define NID_netscape_renewal_url	75
+#define OBJ_netscape_renewal_url	OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url	"nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url	"Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url	76
+#define OBJ_netscape_ca_policy_url	OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name	"nsSslServerName"
+#define LN_netscape_ssl_server_name	"Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name	77
+#define OBJ_netscape_ssl_server_name	OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment		"nsComment"
+#define LN_netscape_comment		"Netscape Comment"
+#define NID_netscape_comment		78
+#define OBJ_netscape_comment		OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence	"nsCertSequence"
+#define LN_netscape_cert_sequence	"Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence	79
+#define OBJ_netscape_cert_sequence	OBJ_netscape_data_type,5L
+
+#define SN_desx_cbc			"DESX-CBC"
+#define LN_desx_cbc			"desx-cbc"
+#define NID_desx_cbc			80
+
+#define SN_ld_ce			"ld-ce"
+#define NID_ld_ce			81
+#define OBJ_ld_ce			2L,5L,29L
+
+#define SN_subject_key_identifier	"subjectKeyIdentifier"
+#define LN_subject_key_identifier	"X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier	82
+#define OBJ_subject_key_identifier	OBJ_ld_ce,14L
+
+#define SN_key_usage			"keyUsage"
+#define LN_key_usage			"X509v3 Key Usage"
+#define NID_key_usage			83
+#define OBJ_key_usage			OBJ_ld_ce,15L
+
+#define SN_private_key_usage_period	"privateKeyUsagePeriod"
+#define LN_private_key_usage_period	"X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period	84
+#define OBJ_private_key_usage_period	OBJ_ld_ce,16L
+
+#define SN_subject_alt_name		"subjectAltName"
+#define LN_subject_alt_name		"X509v3 Subject Alternative Name"
+#define NID_subject_alt_name		85
+#define OBJ_subject_alt_name		OBJ_ld_ce,17L
+
+#define SN_issuer_alt_name		"issuerAltName"
+#define LN_issuer_alt_name		"X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name		86
+#define OBJ_issuer_alt_name		OBJ_ld_ce,18L
+
+#define SN_basic_constraints		"basicConstraints"
+#define LN_basic_constraints		"X509v3 Basic Constraints"
+#define NID_basic_constraints		87
+#define OBJ_basic_constraints		OBJ_ld_ce,19L
+
+#define SN_crl_number			"crlNumber"
+#define LN_crl_number			"X509v3 CRL Number"
+#define NID_crl_number			88
+#define OBJ_crl_number			OBJ_ld_ce,20L
+
+#define SN_certificate_policies		"certificatePolicies"
+#define LN_certificate_policies		"X509v3 Certificate Policies"
+#define NID_certificate_policies	89
+#define OBJ_certificate_policies	OBJ_ld_ce,32L
+
+#define SN_authority_key_identifier	"authorityKeyIdentifier"
+#define LN_authority_key_identifier	"X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier	90
+#define OBJ_authority_key_identifier	OBJ_ld_ce,35L
+
+#define SN_bf_cbc			"BF-CBC"
+#define LN_bf_cbc			"bf-cbc"
+#define NID_bf_cbc			91
+
+#define SN_bf_ecb			"BF-ECB"
+#define LN_bf_ecb			"bf-ecb"
+#define NID_bf_ecb			92
+
+#define SN_bf_cfb64			"BF-CFB"
+#define LN_bf_cfb64			"bf-cfb"
+#define NID_bf_cfb64			93
+
+#define SN_bf_ofb64			"BF-OFB"
+#define LN_bf_ofb64			"bf-ofb"
+#define NID_bf_ofb64			94
+
+#define SN_mdc2				"MDC2"
+#define LN_mdc2				"mdc2"
+#define NID_mdc2			95
+#define OBJ_mdc2			2L,5L,8L,3L,101L
+
+#define SN_mdc2WithRSA			"RSA-MDC2"
+#define LN_mdc2WithRSA			"mdc2withRSA"
+#define NID_mdc2WithRSA			96
+#define OBJ_mdc2WithRSA			2L,5L,8L,3L,100L
+
+#include "asn1.h"
+
+#ifndef NOPROTO
+
+ASN1_OBJECT *	OBJ_dup(ASN1_OBJECT *o);
+ASN1_OBJECT *	OBJ_nid2obj(int n);
+char *		OBJ_nid2ln(int n);
+char *		OBJ_nid2sn(int n);
+int		OBJ_obj2nid(ASN1_OBJECT *o);
+int		OBJ_txt2nid(char *s);
+int		OBJ_ln2nid(char *s);
+int		OBJ_sn2nid(char *s);
+int		OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b);
+char *		OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)());
+
+void		ERR_load_OBJ_strings(void );
+
+int		OBJ_new_nid(int num);
+int		OBJ_add_object(ASN1_OBJECT *obj);
+int		OBJ_create_and_add_object(char *oid,char *sn,char *ln);
+
+void		OBJ_cleanup(void );
+
+#else
+
+ASN1_OBJECT *	OBJ_dup();
+ASN1_OBJECT *	OBJ_nid2obj();
+char *		OBJ_nid2ln();
+char *		OBJ_nid2sn();
+int		OBJ_obj2nid();
+int		OBJ_txt2nid();
+int		OBJ_ln2nid();
+int		OBJ_sn2nid();
+int		OBJ_cmp();
+char *		OBJ_bsearch();
+
+void		ERR_load_OBJ_strings();
+
+int		OBJ_new_nid();
+int		OBJ_add_object();
+int		OBJ_create_and_add_object();
+void		OBJ_cleanup();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+#define OBJ_F_OBJ_CREATE_AND_ADD_OBJECT			 100
+#define OBJ_F_OBJ_DUP					 101
+#define OBJ_F_OBJ_NID2LN				 102
+#define OBJ_F_OBJ_NID2OBJ				 103
+#define OBJ_F_OBJ_NID2SN				 104
+
+/* Reason codes. */
+#define OBJ_R_MALLOC_FAILURE				 100
+#define OBJ_R_UNKNOWN_NID				 101
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
new file mode 100644
index 0000000000..cb276e90e9
--- /dev/null
+++ b/crypto/objects/objects.txt
@@ -0,0 +1,40 @@
+1 2			: ISO member bodies
+1 2 840			: US (ANSI)
+1 2 840 113549		: rsadsi	: RSA Data Security, Inc.
+1 2 840 113549 1	: pkcs		: RSA Data Security, Inc. PKCS
+1 2 840 113549 1 1 1	: rsaEncryption
+1 2 840 113549 1 1 2	: md2withRSAEncryption
+1 2 840 113549 1 1 4	: md5withRSAEncryption
+1 2 840 113549 1 7	: pkcs-7
+1 2 840 113549 1 7 1	: pkcs-7-data
+1 2 840 113549 1 7 2	: pkcs-7-signedData
+1 2 840 113549 1 7 3	: pkcs-7-envelopedData
+1 2 840 113549 1 7 4	: pkcs-7-signedAndEnvelopedData
+1 2 840 113549 1 7 5	: pkcs-7-digestData
+1 2 840 113549 1 7 6	: pkcs-7-encryptedData
+1 2 840 113549 2 2	: md2
+1 2 840 113549 2 4	: md4
+1 2 840 113549 2 5	: md5
+1 2 840 113549 3 4	: rc4
+1 2 840 113549 5 1	: pbeWithMD2AndDES_CBC
+1 2 840 113549 5 3	: pbeWithMD5AndDES_CBC
+2 5			: X500		: directory services (X.500)
+2 5 4			: X509
+2 5 4 3			: commonName
+2 5 4 6			: countryName
+2 5 4 7			: localityName
+2 5 4 8			: stateOrProvinceName
+2 5 4 10		: organizationName
+2 5 4 11		: organizationalUnitName
+2 5 8			: directory services - algorithms
+2 5 8 1 1		: rsa
+
+algorithm 18		: sha
+encryptionAlgorithm 1	: rsa
+algorithm 11		: rsaSignature
+
+algorithm 6		: desECB
+algorithm 7		: desCBC
+algorithm 8		: desOFB
+algorithm 9		: desCFB
+algorithm 17		: desEDE2
diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl
new file mode 100644
index 0000000000..447fcb4c0d
--- /dev/null
+++ b/crypto/pem/Makefile.ssl
@@ -0,0 +1,96 @@
+#
+# SSLeay/crypto/pem/Makefile
+#
+
+DIR=	pem
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=pem
+ERRC=pem_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+CTX_SIZE= ctx_size
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c $(ERRC).c
+
+LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pem.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	pem.h lib
+
+pem.h: $(CTX_SIZE)
+	./$(CTX_SIZE) <pem.org >pem.new
+	if [ -f pem.h ]; then mv -f pem.h pem.old; fi
+	mv -f pem.new pem.h
+
+$(CTX_SIZE): $(CTX_SIZE).o
+	$(CC) $(CFLAGS) -o $(CTX_SIZE) $(CTX_SIZE).o
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(CTX_SIZE).c $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(CTX_SIZE) *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # SPECIAL CASE .org
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/pem/ctx_size.c b/crypto/pem/ctx_size.c
new file mode 100644
index 0000000000..c9e2ce6d0d
--- /dev/null
+++ b/crypto/pem/ctx_size.c
@@ -0,0 +1,122 @@
+/* crypto/pem/ctx_size.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,j;
+	char buf[256];
+
+	for (;;)
+		{
+		char *str;
+		buf[0]='\0';
+		fgets(buf,256,stdin);
+		if (buf[0] == '\0') break;
+
+		str="#define EVP_ENCODE_CTX_SIZE ";
+		if (strncmp(buf,str,strlen(str)) == 0)
+			{
+			printf("%s %d\n",str,(int)sizeof(EVP_ENCODE_CTX));
+			continue;
+			}
+		str="#define EVP_MD_SIZE ";
+		if (strncmp(buf,str,strlen(str)) == 0)
+			{
+			printf("%s %d\n",str,(int)sizeof(EVP_MD));
+			continue;
+			}
+		str="#define EVP_MD_CTX_SIZE ";
+		if (strncmp(buf,str,strlen(str)) == 0)
+			{
+			printf("%s %d\n",str,(int)sizeof(EVP_MD_CTX));
+			continue;
+			}
+		str="#define EVP_CIPHER_SIZE ";
+		if (strncmp(buf,str,strlen(str)) == 0)
+			{
+			printf("%s %d\n",str,(int)sizeof(EVP_CIPHER));
+			continue;
+			}
+		str="#define EVP_CIPHER_CTX_SIZE ";
+		if (strncmp(buf,str,strlen(str)) == 0)
+			{
+			printf("%s %d\n",str,(int)sizeof(EVP_CIPHER_CTX));
+			continue;
+			}
+
+		str="#define EVP_MAX_MD_SIZE ";
+		if (strncmp(buf,str,strlen(str)) == 0)
+			{
+			i=MD2_DIGEST_LENGTH;
+			j=MD5_DIGEST_LENGTH;
+			if (j > i) i=j;
+			j=SHA_DIGEST_LENGTH;
+			if (j > i) i=j;
+			printf("%s %d\n",str,i);
+			continue;
+			}
+		fputs(buf,stdout);
+		}
+	exit(0);
+	}
diff --git a/crypto/pem/message b/crypto/pem/message
new file mode 100644
index 0000000000..e8bf9d7592
--- /dev/null
+++ b/crypto/pem/message
@@ -0,0 +1,16 @@
+-----BEGIN PRIVACY-ENHANCED MESSAGE-----
+Proc-Type: 4,ENCRYPTED
+Proc-Type: 4,MIC-ONLY
+Proc-Type: 4,MIC-CLEAR
+Content-Domain: RFC822
+DEK-Info: DES-CBC,0123456789abcdef
+Originator-Certificate
+ xxxx
+Issuer-Certificate
+ xxxx
+MIC-Info: RSA-MD5,RSA,
+ xxxx
+
+
+-----END PRIVACY-ENHANCED MESSAGE-----
+
diff --git a/crypto/pem/pem.err b/crypto/pem/pem.err
new file mode 100644
index 0000000000..0e523abf82
--- /dev/null
+++ b/crypto/pem/pem.err
@@ -0,0 +1,38 @@
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK				 100
+#define PEM_F_LOAD_IV					 101
+#define PEM_F_PEM_ASN1_READ				 102
+#define PEM_F_PEM_ASN1_READ_BIO				 103
+#define PEM_F_PEM_ASN1_WRITE				 104
+#define PEM_F_PEM_ASN1_WRITE_BIO			 105
+#define PEM_F_PEM_DO_HEADER				 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO			 107
+#define PEM_F_PEM_READ					 108
+#define PEM_F_PEM_READ_BIO				 109
+#define PEM_F_PEM_SEALFINAL				 110
+#define PEM_F_PEM_SEALINIT				 111
+#define PEM_F_PEM_SIGNFINAL				 112
+#define PEM_F_PEM_WRITE					 113
+#define PEM_F_PEM_WRITE_BIO				 114
+#define PEM_F_PEM_X509_INFO_READ			 115
+#define PEM_F_PEM_X509_INFO_READ_BIO			 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO			 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE				 100
+#define PEM_R_BAD_DECRYPT				 101
+#define PEM_R_BAD_END_LINE				 102
+#define PEM_R_BAD_IV_CHARS				 103
+#define PEM_R_BAD_PASSWORD_READ				 104
+#define PEM_R_NOT_DEK_INFO				 105
+#define PEM_R_NOT_ENCRYPTED				 106
+#define PEM_R_NOT_PROC_TYPE				 107
+#define PEM_R_NO_START_LINE				 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD			 109
+#define PEM_R_PUBLIC_KEY_NO_RSA				 110
+#define PEM_R_READ_KEY					 111
+#define PEM_R_SHORT_HEADER				 112
+#define PEM_R_UNSUPPORTED_CIPHER			 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION			 114
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
new file mode 100644
index 0000000000..38952509dd
--- /dev/null
+++ b/crypto/pem/pem.h
@@ -0,0 +1,562 @@
+/* crypto/pem/pem.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify pem.org since pem.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_PEM_H
+#define HEADER_PEM_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+#include "x509.h"
+
+#define PEM_OBJ_UNDEF		0
+#define PEM_OBJ_X509		1
+#define PEM_OBJ_X509_REQ	2
+#define PEM_OBJ_CRL		3
+#define PEM_OBJ_SSL_SESSION	4
+#define PEM_OBJ_PRIV_KEY	10
+#define PEM_OBJ_PRIV_RSA	11
+#define PEM_OBJ_PRIV_DSA	12
+#define PEM_OBJ_PRIV_DH		13
+#define PEM_OBJ_PUB_RSA		14
+#define PEM_OBJ_PUB_DSA		15
+#define PEM_OBJ_PUB_DH		16
+#define PEM_OBJ_DHPARAMS	17
+#define PEM_OBJ_DSAPARAMS	18
+#define PEM_OBJ_PRIV_RSA_PUBLIC	19
+
+#define PEM_ERROR		30
+#define PEM_DEK_DES_CBC         40
+#define PEM_DEK_IDEA_CBC        45
+#define PEM_DEK_DES_EDE         50
+#define PEM_DEK_DES_ECB         60
+#define PEM_DEK_RSA             70
+#define PEM_DEK_RSA_MD2         80
+#define PEM_DEK_RSA_MD5         90
+
+#define PEM_MD_MD2		NID_md2
+#define PEM_MD_MD5		NID_md5
+#define PEM_MD_SHA		NID_sha
+#define PEM_MD_MD2_RSA		NID_md2WithRSAEncryption
+#define PEM_MD_MD5_RSA		NID_md5WithRSAEncryption
+#define PEM_MD_SHA_RSA		NID_sha1WithRSAEncryption
+
+#define PEM_STRING_X509_OLD	"X509 CERTIFICATE"
+#define PEM_STRING_X509		"CERTIFICATE"
+#define PEM_STRING_X509_REQ_OLD	"NEW CERTIFICATE REQUEST"
+#define PEM_STRING_X509_REQ	"CERTIFICATE REQUEST"
+#define PEM_STRING_X509_CRL	"X509 CRL"
+#define PEM_STRING_EVP_PKEY	"PRIVATE KEY"
+#define PEM_STRING_RSA		"RSA PRIVATE KEY"
+#define PEM_STRING_RSA_PUBLIC	"RSA PUBLIC KEY"
+#define PEM_STRING_DSA		"DSA PRIVATE KEY"
+#define PEM_STRING_PKCS7	"PKCS7"
+#define PEM_STRING_DHPARAMS	"DH PARAMETERS"
+#define PEM_STRING_SSL_SESSION	"SSL SESSION PARAMETERS"
+#define PEM_STRING_DSAPARAMS	"DSA PARAMETERS"
+
+#ifndef HEADER_ENVELOPE_H
+
+#define EVP_ENCODE_CTX_SIZE  92
+#define EVP_MD_SIZE  48
+#define EVP_MD_CTX_SIZE  152
+#define EVP_CIPHER_SIZE  28
+#define EVP_CIPHER_CTX_SIZE  4212
+#define EVP_MAX_MD_SIZE  20
+
+typedef struct evp_encode_ctx_st
+	{
+	char data[EVP_ENCODE_CTX_SIZE];
+	} EVP_ENCODE_CTX;
+
+typedef struct env_md_ctx_st
+	{
+	char data[EVP_MD_CTX_SIZE];
+	} EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+	{
+	char data[EVP_CIPHER_SIZE];
+	} EVP_CIPHER;
+
+typedef struct evp_cipher_ctx_st
+	{
+	char data[EVP_CIPHER_CTX_SIZE];
+	} EVP_CIPHER_CTX;
+#endif
+
+
+typedef struct PEM_Encode_Seal_st
+	{
+	EVP_ENCODE_CTX encode;
+	EVP_MD_CTX md;
+	EVP_CIPHER_CTX cipher;
+	} PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+#define PEM_TYPE_ENCRYPTED      10
+#define PEM_TYPE_MIC_ONLY       20
+#define PEM_TYPE_MIC_CLEAR      30
+#define PEM_TYPE_CLEAR		40
+
+typedef struct pem_recip_st
+	{
+	char *name;
+	X509_NAME *dn;
+
+	int cipher;
+	int key_enc;
+	char iv[8];
+	} PEM_USER;
+
+typedef struct pem_ctx_st
+	{
+	int type;		/* what type of object */
+
+	struct	{
+		int version;	
+		int mode;		
+		} proc_type;
+
+	char *domain;
+
+	struct	{
+		int cipher;
+		unsigned char iv[8];
+		} DEK_info;
+		
+	PEM_USER *originator;
+
+	int num_recipient;
+	PEM_USER **recipient;
+
+#ifdef HEADER_STACK_H
+	STACK *x509_chain;	/* certificate chain */
+#else
+	char *x509_chain;	/* certificate chain */
+#endif
+	EVP_MD *md;		/* signature type */
+
+	int md_enc;		/* is the md encrypted or not? */
+	int md_len;		/* length of md_data */
+	char *md_data;		/* message digest, could be pkey encrypted */
+
+	EVP_CIPHER *dec;	/* date encryption cipher */
+	int key_len;		/* key length */
+	unsigned char *key;	/* key */
+	unsigned char iv[8];	/* the iv */
+
+	
+	int  data_enc;		/* is the data encrypted */
+	int data_len;
+	unsigned char *data;
+	} PEM_CTX;
+
+#ifdef SSLEAY_MACROS
+
+#define PEM_write_SSL_SESSION(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+			PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
+		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
+			NULL,NULL,0,NULL)
+#define PEM_write_X509_CRL(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
+			fp,(char *)x, NULL,NULL,0,NULL)
+#define	PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
+			(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_RSAPublicKey(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
+			PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL)
+#define	PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
+			(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write((int (*)())i2d_PrivateKey,\
+		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_PKCS7(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_DHparams(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
+			(char *)x,NULL,NULL,0,NULL)
+
+#define	PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define	PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \
+	(char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb)
+#define	PEM_read_X509_REQ(fp,x,cb) (X509_REQ *)PEM_ASN1_read( \
+	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb)
+#define	PEM_read_X509_CRL(fp,x,cb) (X509_CRL *)PEM_ASN1_read( \
+	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb)
+#define	PEM_read_RSAPrivateKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb)
+#define	PEM_read_RSAPublicKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)
+#define	PEM_read_DSAPrivateKey(fp,x,cb) (DSA *)PEM_ASN1_read( \
+	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb)
+#define	PEM_read_PrivateKey(fp,x,cb) (EVP_PKEY *)PEM_ASN1_read( \
+	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb)
+#define	PEM_read_PKCS7(fp,x,cb) (PKCS7 *)PEM_ASN1_read( \
+	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb)
+#define	PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \
+	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb)
+
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+			PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
+		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
+			NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_CRL(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
+			bp,(char *)x, NULL,NULL,0,NULL)
+#define	PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_bio_RSAPublicKey(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
+			PEM_STRING_RSA_PUBLIC,\
+			bp,(char *)x,NULL,NULL,0,NULL)
+#define	PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
+		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PKCS7(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_DHparams(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
+			bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAparams(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
+			PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL)
+
+#define	PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define	PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb)
+#define	PEM_read_bio_X509_REQ(bp,x,cb) (X509_REQ *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb)
+#define	PEM_read_bio_X509_CRL(bp,x,cb) (X509_CRL *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb)
+#define	PEM_read_bio_RSAPrivateKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb)
+#define	PEM_read_bio_RSAPublicKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)
+#define	PEM_read_bio_DSAPrivateKey(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb)
+#define	PEM_read_bio_PrivateKey(bp,x,cb) (EVP_PKEY *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb)
+
+#define	PEM_read_bio_PKCS7(bp,x,cb) (PKCS7 *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb)
+#define	PEM_read_bio_DHparams(bp,x,cb) (DH *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb)
+#define	PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb)
+
+#endif
+
+#ifndef NOPROTO
+int	PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int	PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+		int (*callback)());
+
+#ifdef HEADER_BIO_H
+int	PEM_read_bio(BIO *bp, char **name, char **header,
+		unsigned char **data,long *len);
+int	PEM_write_bio(BIO *bp,char *name,char *hdr,unsigned char *data,
+		long len);
+char *	PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,
+		int (*cb)());
+int	PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+		EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK *	PEM_X509_INFO_read_bio(BIO *bp, STACK *sk, int (*cb)());
+int	PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
+		unsigned char *kstr, int klen, int (*cb)());
+#endif
+
+#ifndef WIN16
+int	PEM_read(FILE *fp, char **name, char **header,
+		unsigned char **data,long *len);
+int	PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
+char *	PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,
+		int (*cb)());
+int	PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+		EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK *	PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+#endif
+
+int	PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+		EVP_MD *md_type, unsigned char **ek, int *ekl,
+		unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+		unsigned char *in, int inl);
+int	PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
+		unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void    PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int	PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+		unsigned int *siglen, EVP_PKEY *pkey);
+
+void	ERR_load_PEM_strings(void);
+
+void	PEM_proc_type(char *buf, int type);
+void	PEM_dek_info(char *buf, char *type, int len, char *str);
+
+#ifndef SSLEAY_MACROS
+
+#ifndef WIN16
+X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)());
+RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)());
+DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
+DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
+DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+int PEM_write_X509(FILE *fp,X509 *x);
+int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
+int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+        int klen,int (*cb)());
+int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
+int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+        int klen,int (*cb)());
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+	unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
+int PEM_write_DHparams(FILE *fp,DH *x);
+int PEM_write_DSAparams(FILE *fp,DSA *x);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)());
+RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
+DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
+int PEM_write_bio_X509(BIO *bp,X509 *x);
+int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
+int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x);
+int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,EVP_CIPHER *enc,
+        unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
+int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,EVP_CIPHER *enc,
+        unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+        unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
+int PEM_write_bio_DHparams(BIO *bp,DH *x);
+int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
+#endif
+
+#endif /* SSLEAY_MACROS */
+
+
+#else
+
+int	PEM_get_EVP_CIPHER_INFO();
+int	PEM_do_header();
+int	PEM_read_bio();
+int	PEM_write_bio();
+#ifndef WIN16
+int	PEM_read();
+int	PEM_write();
+STACK *	PEM_X509_INFO_read();
+char *	PEM_ASN1_read();
+int	PEM_ASN1_write();
+#endif
+STACK *	PEM_X509_INFO_read_bio();
+int	PEM_X509_INFO_write_bio();
+char *	PEM_ASN1_read_bio();
+int	PEM_ASN1_write_bio();
+int	PEM_SealInit();
+void	PEM_SealUpdate();
+int	PEM_SealFinal();
+int	PEM_SignFinal();
+
+void	ERR_load_PEM_strings();
+
+void	PEM_proc_type();
+void	PEM_dek_info();
+
+#ifndef SSLEAY_MACROS
+#ifndef WIN16
+X509 *PEM_read_X509();
+X509_REQ *PEM_read_X509_REQ();
+X509_CRL *PEM_read_X509_CRL();
+RSA *PEM_read_RSAPrivateKey();
+RSA *PEM_read_RSAPublicKey();
+DSA *PEM_read_DSAPrivateKey();
+EVP_PKEY *PEM_read_PrivateKey();
+PKCS7 *PEM_read_PKCS7();
+DH *PEM_read_DHparams();
+DSA *PEM_read_DSAparams();
+int PEM_write_X509();
+int PEM_write_X509_REQ();
+int PEM_write_X509_CRL();
+int PEM_write_RSAPrivateKey();
+int PEM_write_RSAPublicKey();
+int PEM_write_DSAPrivateKey();
+int PEM_write_PrivateKey();
+int PEM_write_PKCS7();
+int PEM_write_DHparams();
+int PEM_write_DSAparams();
+#endif
+
+X509 *PEM_read_bio_X509();
+X509_REQ *PEM_read_bio_X509_REQ();
+X509_CRL *PEM_read_bio_X509_CRL();
+RSA *PEM_read_bio_RSAPrivateKey();
+RSA *PEM_read_bio_RSAPublicKey();
+DSA *PEM_read_bio_DSAPrivateKey();
+EVP_PKEY *PEM_read_bio_PrivateKey();
+PKCS7 *PEM_read_bio_PKCS7();
+DH *PEM_read_bio_DHparams();
+DSA *PEM_read_bio_DSAparams();
+int PEM_write_bio_X509();
+int PEM_write_bio_X509_REQ();
+int PEM_write_bio_X509_CRL();
+int PEM_write_bio_RSAPrivateKey();
+int PEM_write_bio_RSAPublicKey();
+int PEM_write_bio_DSAPrivateKey();
+int PEM_write_bio_PrivateKey();
+int PEM_write_bio_PKCS7();
+int PEM_write_bio_DHparams();
+int PEM_write_bio_DSAparams();
+
+#endif /* SSLEAY_MACROS */
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK				 100
+#define PEM_F_LOAD_IV					 101
+#define PEM_F_PEM_ASN1_READ				 102
+#define PEM_F_PEM_ASN1_READ_BIO				 103
+#define PEM_F_PEM_ASN1_WRITE				 104
+#define PEM_F_PEM_ASN1_WRITE_BIO			 105
+#define PEM_F_PEM_DO_HEADER				 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO			 107
+#define PEM_F_PEM_READ					 108
+#define PEM_F_PEM_READ_BIO				 109
+#define PEM_F_PEM_SEALFINAL				 110
+#define PEM_F_PEM_SEALINIT				 111
+#define PEM_F_PEM_SIGNFINAL				 112
+#define PEM_F_PEM_WRITE					 113
+#define PEM_F_PEM_WRITE_BIO				 114
+#define PEM_F_PEM_X509_INFO_READ			 115
+#define PEM_F_PEM_X509_INFO_READ_BIO			 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO			 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE				 100
+#define PEM_R_BAD_DECRYPT				 101
+#define PEM_R_BAD_END_LINE				 102
+#define PEM_R_BAD_IV_CHARS				 103
+#define PEM_R_BAD_PASSWORD_READ				 104
+#define PEM_R_NOT_DEK_INFO				 105
+#define PEM_R_NOT_ENCRYPTED				 106
+#define PEM_R_NOT_PROC_TYPE				 107
+#define PEM_R_NO_START_LINE				 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD			 109
+#define PEM_R_PUBLIC_KEY_NO_RSA				 110
+#define PEM_R_READ_KEY					 111
+#define PEM_R_SHORT_HEADER				 112
+#define PEM_R_UNSUPPORTED_CIPHER			 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION			 114
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/pem/pem.org b/crypto/pem/pem.org
new file mode 100644
index 0000000000..38952509dd
--- /dev/null
+++ b/crypto/pem/pem.org
@@ -0,0 +1,562 @@
+/* crypto/pem/pem.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify pem.org since pem.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_PEM_H
+#define HEADER_PEM_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+#include "x509.h"
+
+#define PEM_OBJ_UNDEF		0
+#define PEM_OBJ_X509		1
+#define PEM_OBJ_X509_REQ	2
+#define PEM_OBJ_CRL		3
+#define PEM_OBJ_SSL_SESSION	4
+#define PEM_OBJ_PRIV_KEY	10
+#define PEM_OBJ_PRIV_RSA	11
+#define PEM_OBJ_PRIV_DSA	12
+#define PEM_OBJ_PRIV_DH		13
+#define PEM_OBJ_PUB_RSA		14
+#define PEM_OBJ_PUB_DSA		15
+#define PEM_OBJ_PUB_DH		16
+#define PEM_OBJ_DHPARAMS	17
+#define PEM_OBJ_DSAPARAMS	18
+#define PEM_OBJ_PRIV_RSA_PUBLIC	19
+
+#define PEM_ERROR		30
+#define PEM_DEK_DES_CBC         40
+#define PEM_DEK_IDEA_CBC        45
+#define PEM_DEK_DES_EDE         50
+#define PEM_DEK_DES_ECB         60
+#define PEM_DEK_RSA             70
+#define PEM_DEK_RSA_MD2         80
+#define PEM_DEK_RSA_MD5         90
+
+#define PEM_MD_MD2		NID_md2
+#define PEM_MD_MD5		NID_md5
+#define PEM_MD_SHA		NID_sha
+#define PEM_MD_MD2_RSA		NID_md2WithRSAEncryption
+#define PEM_MD_MD5_RSA		NID_md5WithRSAEncryption
+#define PEM_MD_SHA_RSA		NID_sha1WithRSAEncryption
+
+#define PEM_STRING_X509_OLD	"X509 CERTIFICATE"
+#define PEM_STRING_X509		"CERTIFICATE"
+#define PEM_STRING_X509_REQ_OLD	"NEW CERTIFICATE REQUEST"
+#define PEM_STRING_X509_REQ	"CERTIFICATE REQUEST"
+#define PEM_STRING_X509_CRL	"X509 CRL"
+#define PEM_STRING_EVP_PKEY	"PRIVATE KEY"
+#define PEM_STRING_RSA		"RSA PRIVATE KEY"
+#define PEM_STRING_RSA_PUBLIC	"RSA PUBLIC KEY"
+#define PEM_STRING_DSA		"DSA PRIVATE KEY"
+#define PEM_STRING_PKCS7	"PKCS7"
+#define PEM_STRING_DHPARAMS	"DH PARAMETERS"
+#define PEM_STRING_SSL_SESSION	"SSL SESSION PARAMETERS"
+#define PEM_STRING_DSAPARAMS	"DSA PARAMETERS"
+
+#ifndef HEADER_ENVELOPE_H
+
+#define EVP_ENCODE_CTX_SIZE  92
+#define EVP_MD_SIZE  48
+#define EVP_MD_CTX_SIZE  152
+#define EVP_CIPHER_SIZE  28
+#define EVP_CIPHER_CTX_SIZE  4212
+#define EVP_MAX_MD_SIZE  20
+
+typedef struct evp_encode_ctx_st
+	{
+	char data[EVP_ENCODE_CTX_SIZE];
+	} EVP_ENCODE_CTX;
+
+typedef struct env_md_ctx_st
+	{
+	char data[EVP_MD_CTX_SIZE];
+	} EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+	{
+	char data[EVP_CIPHER_SIZE];
+	} EVP_CIPHER;
+
+typedef struct evp_cipher_ctx_st
+	{
+	char data[EVP_CIPHER_CTX_SIZE];
+	} EVP_CIPHER_CTX;
+#endif
+
+
+typedef struct PEM_Encode_Seal_st
+	{
+	EVP_ENCODE_CTX encode;
+	EVP_MD_CTX md;
+	EVP_CIPHER_CTX cipher;
+	} PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+#define PEM_TYPE_ENCRYPTED      10
+#define PEM_TYPE_MIC_ONLY       20
+#define PEM_TYPE_MIC_CLEAR      30
+#define PEM_TYPE_CLEAR		40
+
+typedef struct pem_recip_st
+	{
+	char *name;
+	X509_NAME *dn;
+
+	int cipher;
+	int key_enc;
+	char iv[8];
+	} PEM_USER;
+
+typedef struct pem_ctx_st
+	{
+	int type;		/* what type of object */
+
+	struct	{
+		int version;	
+		int mode;		
+		} proc_type;
+
+	char *domain;
+
+	struct	{
+		int cipher;
+		unsigned char iv[8];
+		} DEK_info;
+		
+	PEM_USER *originator;
+
+	int num_recipient;
+	PEM_USER **recipient;
+
+#ifdef HEADER_STACK_H
+	STACK *x509_chain;	/* certificate chain */
+#else
+	char *x509_chain;	/* certificate chain */
+#endif
+	EVP_MD *md;		/* signature type */
+
+	int md_enc;		/* is the md encrypted or not? */
+	int md_len;		/* length of md_data */
+	char *md_data;		/* message digest, could be pkey encrypted */
+
+	EVP_CIPHER *dec;	/* date encryption cipher */
+	int key_len;		/* key length */
+	unsigned char *key;	/* key */
+	unsigned char iv[8];	/* the iv */
+
+	
+	int  data_enc;		/* is the data encrypted */
+	int data_len;
+	unsigned char *data;
+	} PEM_CTX;
+
+#ifdef SSLEAY_MACROS
+
+#define PEM_write_SSL_SESSION(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+			PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
+		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
+			NULL,NULL,0,NULL)
+#define PEM_write_X509_CRL(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
+			fp,(char *)x, NULL,NULL,0,NULL)
+#define	PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
+			(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_RSAPublicKey(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
+			PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL)
+#define	PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
+			(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write((int (*)())i2d_PrivateKey,\
+		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_PKCS7(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_DHparams(fp,x) \
+		PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
+			(char *)x,NULL,NULL,0,NULL)
+
+#define	PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define	PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \
+	(char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb)
+#define	PEM_read_X509_REQ(fp,x,cb) (X509_REQ *)PEM_ASN1_read( \
+	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb)
+#define	PEM_read_X509_CRL(fp,x,cb) (X509_CRL *)PEM_ASN1_read( \
+	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb)
+#define	PEM_read_RSAPrivateKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb)
+#define	PEM_read_RSAPublicKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)
+#define	PEM_read_DSAPrivateKey(fp,x,cb) (DSA *)PEM_ASN1_read( \
+	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb)
+#define	PEM_read_PrivateKey(fp,x,cb) (EVP_PKEY *)PEM_ASN1_read( \
+	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb)
+#define	PEM_read_PKCS7(fp,x,cb) (PKCS7 *)PEM_ASN1_read( \
+	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb)
+#define	PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \
+	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb)
+
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+			PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
+		(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
+			NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_CRL(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
+			bp,(char *)x, NULL,NULL,0,NULL)
+#define	PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_bio_RSAPublicKey(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
+			PEM_STRING_RSA_PUBLIC,\
+			bp,(char *)x,NULL,NULL,0,NULL)
+#define	PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define	PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) \
+		PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
+		(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+			bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PKCS7(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
+			(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_DHparams(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
+			bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAparams(bp,x) \
+		PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
+			PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL)
+
+#define	PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define	PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb)
+#define	PEM_read_bio_X509_REQ(bp,x,cb) (X509_REQ *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb)
+#define	PEM_read_bio_X509_CRL(bp,x,cb) (X509_CRL *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb)
+#define	PEM_read_bio_RSAPrivateKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb)
+#define	PEM_read_bio_RSAPublicKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)
+#define	PEM_read_bio_DSAPrivateKey(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb)
+#define	PEM_read_bio_PrivateKey(bp,x,cb) (EVP_PKEY *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb)
+
+#define	PEM_read_bio_PKCS7(bp,x,cb) (PKCS7 *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb)
+#define	PEM_read_bio_DHparams(bp,x,cb) (DH *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb)
+#define	PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+	(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb)
+
+#endif
+
+#ifndef NOPROTO
+int	PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int	PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+		int (*callback)());
+
+#ifdef HEADER_BIO_H
+int	PEM_read_bio(BIO *bp, char **name, char **header,
+		unsigned char **data,long *len);
+int	PEM_write_bio(BIO *bp,char *name,char *hdr,unsigned char *data,
+		long len);
+char *	PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,
+		int (*cb)());
+int	PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+		EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK *	PEM_X509_INFO_read_bio(BIO *bp, STACK *sk, int (*cb)());
+int	PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
+		unsigned char *kstr, int klen, int (*cb)());
+#endif
+
+#ifndef WIN16
+int	PEM_read(FILE *fp, char **name, char **header,
+		unsigned char **data,long *len);
+int	PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
+char *	PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,
+		int (*cb)());
+int	PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+		EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK *	PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+#endif
+
+int	PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+		EVP_MD *md_type, unsigned char **ek, int *ekl,
+		unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+		unsigned char *in, int inl);
+int	PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
+		unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void    PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int	PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+		unsigned int *siglen, EVP_PKEY *pkey);
+
+void	ERR_load_PEM_strings(void);
+
+void	PEM_proc_type(char *buf, int type);
+void	PEM_dek_info(char *buf, char *type, int len, char *str);
+
+#ifndef SSLEAY_MACROS
+
+#ifndef WIN16
+X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)());
+RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)());
+DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
+DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
+DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+int PEM_write_X509(FILE *fp,X509 *x);
+int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
+int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+        int klen,int (*cb)());
+int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
+int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+        int klen,int (*cb)());
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+	unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
+int PEM_write_DHparams(FILE *fp,DH *x);
+int PEM_write_DSAparams(FILE *fp,DSA *x);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)());
+RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
+DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
+int PEM_write_bio_X509(BIO *bp,X509 *x);
+int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
+int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x);
+int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,EVP_CIPHER *enc,
+        unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
+int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,EVP_CIPHER *enc,
+        unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+        unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
+int PEM_write_bio_DHparams(BIO *bp,DH *x);
+int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
+#endif
+
+#endif /* SSLEAY_MACROS */
+
+
+#else
+
+int	PEM_get_EVP_CIPHER_INFO();
+int	PEM_do_header();
+int	PEM_read_bio();
+int	PEM_write_bio();
+#ifndef WIN16
+int	PEM_read();
+int	PEM_write();
+STACK *	PEM_X509_INFO_read();
+char *	PEM_ASN1_read();
+int	PEM_ASN1_write();
+#endif
+STACK *	PEM_X509_INFO_read_bio();
+int	PEM_X509_INFO_write_bio();
+char *	PEM_ASN1_read_bio();
+int	PEM_ASN1_write_bio();
+int	PEM_SealInit();
+void	PEM_SealUpdate();
+int	PEM_SealFinal();
+int	PEM_SignFinal();
+
+void	ERR_load_PEM_strings();
+
+void	PEM_proc_type();
+void	PEM_dek_info();
+
+#ifndef SSLEAY_MACROS
+#ifndef WIN16
+X509 *PEM_read_X509();
+X509_REQ *PEM_read_X509_REQ();
+X509_CRL *PEM_read_X509_CRL();
+RSA *PEM_read_RSAPrivateKey();
+RSA *PEM_read_RSAPublicKey();
+DSA *PEM_read_DSAPrivateKey();
+EVP_PKEY *PEM_read_PrivateKey();
+PKCS7 *PEM_read_PKCS7();
+DH *PEM_read_DHparams();
+DSA *PEM_read_DSAparams();
+int PEM_write_X509();
+int PEM_write_X509_REQ();
+int PEM_write_X509_CRL();
+int PEM_write_RSAPrivateKey();
+int PEM_write_RSAPublicKey();
+int PEM_write_DSAPrivateKey();
+int PEM_write_PrivateKey();
+int PEM_write_PKCS7();
+int PEM_write_DHparams();
+int PEM_write_DSAparams();
+#endif
+
+X509 *PEM_read_bio_X509();
+X509_REQ *PEM_read_bio_X509_REQ();
+X509_CRL *PEM_read_bio_X509_CRL();
+RSA *PEM_read_bio_RSAPrivateKey();
+RSA *PEM_read_bio_RSAPublicKey();
+DSA *PEM_read_bio_DSAPrivateKey();
+EVP_PKEY *PEM_read_bio_PrivateKey();
+PKCS7 *PEM_read_bio_PKCS7();
+DH *PEM_read_bio_DHparams();
+DSA *PEM_read_bio_DSAparams();
+int PEM_write_bio_X509();
+int PEM_write_bio_X509_REQ();
+int PEM_write_bio_X509_CRL();
+int PEM_write_bio_RSAPrivateKey();
+int PEM_write_bio_RSAPublicKey();
+int PEM_write_bio_DSAPrivateKey();
+int PEM_write_bio_PrivateKey();
+int PEM_write_bio_PKCS7();
+int PEM_write_bio_DHparams();
+int PEM_write_bio_DSAparams();
+
+#endif /* SSLEAY_MACROS */
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK				 100
+#define PEM_F_LOAD_IV					 101
+#define PEM_F_PEM_ASN1_READ				 102
+#define PEM_F_PEM_ASN1_READ_BIO				 103
+#define PEM_F_PEM_ASN1_WRITE				 104
+#define PEM_F_PEM_ASN1_WRITE_BIO			 105
+#define PEM_F_PEM_DO_HEADER				 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO			 107
+#define PEM_F_PEM_READ					 108
+#define PEM_F_PEM_READ_BIO				 109
+#define PEM_F_PEM_SEALFINAL				 110
+#define PEM_F_PEM_SEALINIT				 111
+#define PEM_F_PEM_SIGNFINAL				 112
+#define PEM_F_PEM_WRITE					 113
+#define PEM_F_PEM_WRITE_BIO				 114
+#define PEM_F_PEM_X509_INFO_READ			 115
+#define PEM_F_PEM_X509_INFO_READ_BIO			 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO			 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE				 100
+#define PEM_R_BAD_DECRYPT				 101
+#define PEM_R_BAD_END_LINE				 102
+#define PEM_R_BAD_IV_CHARS				 103
+#define PEM_R_BAD_PASSWORD_READ				 104
+#define PEM_R_NOT_DEK_INFO				 105
+#define PEM_R_NOT_ENCRYPTED				 106
+#define PEM_R_NOT_PROC_TYPE				 107
+#define PEM_R_NO_START_LINE				 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD			 109
+#define PEM_R_PUBLIC_KEY_NO_RSA				 110
+#define PEM_R_READ_KEY					 111
+#define PEM_R_SHORT_HEADER				 112
+#define PEM_R_UNSUPPORTED_CIPHER			 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION			 114
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
new file mode 100644
index 0000000000..5485628f52
--- /dev/null
+++ b/crypto/pem/pem_all.c
@@ -0,0 +1,487 @@
+/* crypto/pem/pem_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SSLEAY_MACROS
+#include "bio.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+
+#ifndef WIN16
+/* The X509 functions */
+X509 *PEM_read_X509(fp,x,cb)
+FILE *fp;
+X509 **x;
+int (*cb)();
+	{
+	return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509,
+		PEM_STRING_X509,fp,(char **)x,cb));
+	}
+#endif
+
+X509 *PEM_read_bio_X509(bp,x,cb)
+BIO *bp;
+X509 **x;
+int (*cb)();
+	{
+	return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509,
+		PEM_STRING_X509,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_X509(fp,x)
+FILE *fp;
+X509 *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_X509(bp,x)
+BIO *bp;
+X509 *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+
+#ifndef WIN16
+/* The X509_REQ functions */
+X509_REQ *PEM_read_X509_REQ(fp,x,cb)
+FILE *fp;
+X509_REQ **x;
+int (*cb)();
+	{
+	return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ,
+		PEM_STRING_X509_REQ,fp,(char **)x,cb));
+	}
+#endif
+
+X509_REQ *PEM_read_bio_X509_REQ(bp,x,cb)
+BIO *bp;
+X509_REQ **x;
+int (*cb)();
+	{
+	return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ,
+		PEM_STRING_X509_REQ,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_X509_REQ(fp,x)
+FILE *fp;
+X509_REQ *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_X509_REQ(bp,x)
+BIO *bp;
+X509_REQ *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,
+		bp,(char *)x, NULL,NULL,0,NULL));
+	}
+
+#ifndef WIN16
+/* The X509_CRL functions */
+X509_CRL *PEM_read_X509_CRL(fp,x,cb)
+FILE *fp;
+X509_CRL **x;
+int (*cb)();
+	{
+	return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL,
+		PEM_STRING_X509_CRL,fp,(char **)x,cb));
+	}
+#endif
+
+X509_CRL *PEM_read_bio_X509_CRL(bp,x,cb)
+BIO *bp;
+X509_CRL **x;
+int (*cb)();
+	{
+	return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL,
+		PEM_STRING_X509_CRL,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_X509_CRL(fp,x)
+FILE *fp;
+X509_CRL *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_X509_CRL(bp,x)
+BIO *bp;
+X509_CRL *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,
+		bp,(char *)x, NULL,NULL,0,NULL));
+	}
+
+#ifndef NO_RSA
+#ifndef WIN16
+/* The RSAPrivateKey functions */
+RSA *PEM_read_RSAPrivateKey(fp,x,cb)
+FILE *fp;
+RSA **x;
+int (*cb)();
+	{
+	return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey,
+		PEM_STRING_RSA,fp,(char **)x,cb));
+	}
+
+RSA *PEM_read_RSAPublicKey(fp,x,cb)
+FILE *fp;
+RSA **x;
+int (*cb)();
+	{
+	return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey,
+		PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb));
+	}
+#endif
+
+RSA *PEM_read_bio_RSAPrivateKey(bp,x,cb)
+BIO *bp;
+RSA **x;
+int (*cb)();
+	{
+	return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey,
+		PEM_STRING_RSA,bp,(char **)x,cb));
+	}
+
+RSA *PEM_read_bio_RSAPublicKey(bp,x,cb)
+BIO *bp;
+RSA **x;
+int (*cb)();
+	{
+	return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey,
+		PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+RSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,
+		(char *)x,enc,kstr,klen,cb));
+	}
+
+int PEM_write_RSAPublicKey(fp,x)
+FILE *fp;
+RSA *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey,
+		PEM_STRING_RSA_PUBLIC,fp,
+		(char *)x,NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+RSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,
+		bp,(char *)x,enc,kstr,klen,cb));
+	}
+
+int PEM_write_bio_RSAPublicKey(bp,x)
+BIO *bp;
+RSA *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey,
+		PEM_STRING_RSA_PUBLIC,
+		bp,(char *)x,NULL,NULL,0,NULL));
+	}
+#endif /* !NO_RSA */
+
+#ifndef NO_DSA
+#ifndef WIN16
+/* The DSAPrivateKey functions */
+DSA *PEM_read_DSAPrivateKey(fp,x,cb)
+FILE *fp;
+DSA **x;
+int (*cb)();
+	{
+	return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey,
+		PEM_STRING_DSA,fp,(char **)x,cb));
+	}
+#endif
+
+DSA *PEM_read_bio_DSAPrivateKey(bp,x,cb)
+BIO *bp;
+DSA **x;
+int (*cb)();
+	{
+	return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey,
+		PEM_STRING_DSA,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+DSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,
+		(char *)x,enc,kstr,klen,cb));
+	}
+#endif
+
+int PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+DSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,
+		bp,(char *)x,enc,kstr,klen,cb));
+	}
+#endif
+
+#ifndef WIN16
+/* The PrivateKey functions */
+EVP_PKEY *PEM_read_PrivateKey(fp,x,cb)
+FILE *fp;
+EVP_PKEY **x;
+int (*cb)();
+	{
+	return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey,
+		PEM_STRING_EVP_PKEY,fp,(char **)x,cb));
+	}
+#endif
+
+EVP_PKEY *PEM_read_bio_PrivateKey(bp,x,cb)
+BIO *bp;
+EVP_PKEY **x;
+int (*cb)();
+	{
+	return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey,
+		PEM_STRING_EVP_PKEY,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_PrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+EVP_PKEY *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	return(PEM_ASN1_write((int (*)())i2d_PrivateKey,
+		((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+		fp,(char *)x,enc,kstr,klen,cb));
+	}
+#endif
+
+int PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+EVP_PKEY *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
+		((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+		bp,(char *)x,enc,kstr,klen,cb));
+	}
+
+#ifndef WIN16
+/* The PKCS7 functions */
+PKCS7 *PEM_read_PKCS7(fp,x,cb)
+FILE *fp;
+PKCS7 **x;
+int (*cb)();
+	{
+	return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7,
+		PEM_STRING_PKCS7,fp,(char **)x,cb));
+	}
+#endif
+
+PKCS7 *PEM_read_bio_PKCS7(bp,x,cb)
+BIO *bp;
+PKCS7 **x;
+int (*cb)();
+	{
+	return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7,
+		PEM_STRING_PKCS7,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_PKCS7(fp,x)
+FILE *fp;
+PKCS7 *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_PKCS7(bp,x)
+BIO *bp;
+PKCS7 *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+
+#ifndef NO_DH
+#ifndef WIN16
+/* The DHparams functions */
+DH *PEM_read_DHparams(fp,x,cb)
+FILE *fp;
+DH **x;
+int (*cb)();
+	{
+	return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams,
+		PEM_STRING_DHPARAMS,fp,(char **)x,cb));
+	}
+#endif
+
+DH *PEM_read_bio_DHparams(bp,x,cb)
+BIO *bp;
+DH **x;
+int (*cb)();
+	{
+	return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams,
+		PEM_STRING_DHPARAMS,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_DHparams(fp,x)
+FILE *fp;
+DH *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_DHparams(bp,x)
+BIO *bp;
+DH *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,
+		bp,(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+#ifndef NO_DSA
+#ifndef WIN16
+/* The DSAparams functions */
+DSA *PEM_read_DSAparams(fp,x,cb)
+FILE *fp;
+DSA **x;
+int (*cb)();
+	{
+	return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams,
+		PEM_STRING_DSAPARAMS,fp,(char **)x,cb));
+	}
+#endif
+
+DSA *PEM_read_bio_DSAparams(bp,x,cb)
+BIO *bp;
+DSA **x;
+int (*cb)();
+	{
+	return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams,
+		PEM_STRING_DSAPARAMS,bp,(char **)x,cb));
+	}
+
+#ifndef WIN16
+int PEM_write_DSAparams(fp,x)
+FILE *fp;
+DSA *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp,
+		(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_DSAparams(bp,x)
+BIO *bp;
+DSA *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,
+		bp,(char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
new file mode 100644
index 0000000000..b8d95204ea
--- /dev/null
+++ b/crypto/pem/pem_err.c
@@ -0,0 +1,116 @@
+/* lib/pem/pem_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "pem.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA PEM_str_functs[]=
+	{
+{ERR_PACK(0,PEM_F_DEF_CALLBACK,0),	"DEF_CALLBACK"},
+{ERR_PACK(0,PEM_F_LOAD_IV,0),	"LOAD_IV"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0),	"PEM_ASN1_read"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0),	"PEM_ASN1_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0),	"PEM_ASN1_write"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0),	"PEM_ASN1_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0),	"PEM_do_header"},
+{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0),	"PEM_get_EVP_CIPHER_INFO"},
+{ERR_PACK(0,PEM_F_PEM_READ,0),	"PEM_read"},
+{ERR_PACK(0,PEM_F_PEM_READ_BIO,0),	"PEM_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0),	"PEM_SealFinal"},
+{ERR_PACK(0,PEM_F_PEM_SEALINIT,0),	"PEM_SealInit"},
+{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0),	"PEM_SignFinal"},
+{ERR_PACK(0,PEM_F_PEM_WRITE,0),	"PEM_write"},
+{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0),	"PEM_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0),	"PEM_X509_INFO_read"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0),	"PEM_X509_INFO_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0),	"PEM_X509_INFO_write_bio"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA PEM_str_reasons[]=
+	{
+{PEM_R_BAD_BASE64_DECODE                 ,"bad base64 decode"},
+{PEM_R_BAD_DECRYPT                       ,"bad decrypt"},
+{PEM_R_BAD_END_LINE                      ,"bad end line"},
+{PEM_R_BAD_IV_CHARS                      ,"bad iv chars"},
+{PEM_R_BAD_PASSWORD_READ                 ,"bad password read"},
+{PEM_R_NOT_DEK_INFO                      ,"not dek info"},
+{PEM_R_NOT_ENCRYPTED                     ,"not encrypted"},
+{PEM_R_NOT_PROC_TYPE                     ,"not proc type"},
+{PEM_R_NO_START_LINE                     ,"no start line"},
+{PEM_R_PROBLEMS_GETTING_PASSWORD         ,"problems getting password"},
+{PEM_R_PUBLIC_KEY_NO_RSA                 ,"public key no rsa"},
+{PEM_R_READ_KEY                          ,"read key"},
+{PEM_R_SHORT_HEADER                      ,"short header"},
+{PEM_R_UNSUPPORTED_CIPHER                ,"unsupported cipher"},
+{PEM_R_UNSUPPORTED_ENCRYPTION            ,"unsupported encryption"},
+{0,NULL},
+	};
+
+void ERR_load_PEM_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
+		ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
+		}
+	}
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
new file mode 100644
index 0000000000..aafd9ce7be
--- /dev/null
+++ b/crypto/pem/pem_info.c
@@ -0,0 +1,365 @@
+/* crypto/pem/pem_info.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef WIN16
+STACK *PEM_X509_INFO_read(fp,sk,cb)
+FILE *fp;
+STACK *sk;
+int (*cb)();
+	{
+        BIO *b;
+        STACK *ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_X509_INFO_read_bio(b,sk,cb);
+        BIO_free(b);
+        return(ret);
+	}
+#endif
+
+STACK *PEM_X509_INFO_read_bio(bp,sk,cb)
+BIO *bp;
+STACK *sk;
+int (*cb)();
+	{
+	X509_INFO *xi=NULL;
+	char *name=NULL,*header=NULL,**pp;
+	unsigned char *data=NULL,*p;
+	long len,error=0;
+	int ok=0;
+	STACK *ret=NULL;
+	unsigned int i,raw;
+	char *(*d2i)();
+
+	if (sk == NULL)
+		{
+		if ((ret=sk_new_null()) == NULL)
+			{
+			PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		}
+	else
+		ret=sk;
+
+	if ((xi=X509_INFO_new()) == NULL) goto err;
+	for (;;)
+		{
+		raw=0;
+		i=PEM_read_bio(bp,&name,&header,&data,&len);
+		if (i == 0)
+			{
+			error=ERR_GET_REASON(ERR_peek_error());
+			if (error == PEM_R_NO_START_LINE)
+				{
+				ERR_clear_error();
+				break;
+				}
+			goto err;
+			}
+start:
+		if (	(strcmp(name,PEM_STRING_X509) == 0) ||
+			(strcmp(name,PEM_STRING_X509_OLD) == 0))
+			{
+			d2i=(char *(*)())d2i_X509;
+			if (xi->x509 != NULL)
+				{
+				if (!sk_push(ret,(char *)xi)) goto err;
+				if ((xi=X509_INFO_new()) == NULL) goto err;
+				goto start;
+				}
+			pp=(char **)&(xi->x509);
+			}
+		else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
+			{
+			d2i=(char *(*)())d2i_X509_CRL;
+			if (xi->crl != NULL)
+				{
+				if (!sk_push(ret,(char *)xi)) goto err;
+				if ((xi=X509_INFO_new()) == NULL) goto err;
+				goto start;
+				}
+			pp=(char **)&(xi->crl);
+			}
+		else
+#ifndef NO_RSA
+			if (strcmp(name,PEM_STRING_RSA) == 0)
+			{
+			d2i=(char *(*)())d2i_RSAPrivateKey;
+			if (xi->x_pkey != NULL) 
+				{
+				if (!sk_push(ret,(char *)xi)) goto err;
+				if ((xi=X509_INFO_new()) == NULL) goto err;
+				goto start;
+				}
+
+			xi->enc_data=NULL;
+			xi->enc_len=0;
+
+			xi->x_pkey=X509_PKEY_new();
+			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
+				goto err;
+			xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
+			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
+			if ((int)strlen(header) > 10) /* assume encrypted */
+				raw=1;
+			}
+		else
+#endif
+#ifndef NO_DSA
+			if (strcmp(name,PEM_STRING_DSA) == 0)
+			{
+			d2i=(char *(*)())d2i_DSAPrivateKey;
+			if (xi->x_pkey != NULL) 
+				{
+				if (!sk_push(ret,(char *)xi)) goto err;
+				if ((xi=X509_INFO_new()) == NULL) goto err;
+				goto start;
+				}
+
+			xi->enc_data=NULL;
+			xi->enc_len=0;
+
+			xi->x_pkey=X509_PKEY_new();
+			if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
+				goto err;
+			xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
+			pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
+			if ((int)strlen(header) > 10) /* assume encrypted */
+				raw=1;
+			}
+		else
+#endif
+			{
+			d2i=NULL;
+			pp=NULL;
+			}
+
+		if (d2i != NULL)
+			{
+			if (!raw)
+				{
+				EVP_CIPHER_INFO cipher;
+
+				if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
+					goto err;
+				if (!PEM_do_header(&cipher,data,&len,cb))
+					goto err;
+				p=data;
+				if (d2i(pp,&p,len) == NULL)
+					{
+					PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
+					goto err;
+					}
+				}
+			else
+				{ /* encrypted RSA data */
+				if (!PEM_get_EVP_CIPHER_INFO(header,
+					&xi->enc_cipher)) goto err;
+				xi->enc_data=(char *)data;
+				xi->enc_len=(int)len;
+				data=NULL;
+				}
+			}
+		else	{
+			/* unknown */
+			}
+		if (name != NULL) Free(name);
+		if (header != NULL) Free(header);
+		if (data != NULL) Free(data);
+		name=NULL;
+		header=NULL;
+		data=NULL;
+		}
+
+	/* if the last one hasn't been pushed yet and there is anything
+	 * in it then add it to the stack ... 
+	 */
+	if ((xi->x509 != NULL) || (xi->crl != NULL) ||
+		(xi->x_pkey != NULL) || (xi->enc_data != NULL))
+		{
+		if (!sk_push(ret,(char *)xi)) goto err;
+		xi=NULL;
+		}
+	ok=1;
+err:
+	if (xi != NULL) X509_INFO_free(xi);
+	if (!ok)
+		{
+		for (i=0; ((int)i)<sk_num(ret); i++)
+			{
+			xi=(X509_INFO *)sk_value(ret,i);
+			X509_INFO_free(xi);
+			}
+		if (ret != sk) sk_free(ret);
+		ret=NULL;
+		}
+		
+	if (name != NULL) Free(name);
+	if (header != NULL) Free(header);
+	if (data != NULL) Free(data);
+	return(ret);
+	}
+
+
+/* A TJH addition */
+int PEM_X509_INFO_write_bio(bp,xi,enc,kstr,klen,cb)
+BIO *bp;
+X509_INFO *xi;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+	{
+	EVP_CIPHER_CTX ctx;
+	int i,ret=0;
+	unsigned char *data=NULL;
+	char *objstr=NULL;
+#define PEM_BUFSIZE	1024
+	char buf[PEM_BUFSIZE];
+	unsigned char *iv=NULL;
+	
+	if (enc != NULL)
+		{
+		objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
+		if (objstr == NULL)
+			{
+			PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+			goto err;
+			}
+		}
+
+	/* now for the fun part ... if we have a private key then 
+	 * we have to be able to handle a not-yet-decrypted key
+	 * being written out correctly ... if it is decrypted or
+	 * it is non-encrypted then we use the base code
+	 */
+	if (xi->x_pkey!=NULL)
+		{
+		if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
+			{
+			/* copy from wierdo names into more normal things */
+			iv=xi->enc_cipher.iv;
+			data=(unsigned char *)xi->enc_data;
+			i=xi->enc_len;
+
+			/* we take the encryption data from the
+			 * internal stuff rather than what the
+			 * user has passed us ... as we have to 
+			 * match exactly for some strange reason
+			 */
+			objstr=OBJ_nid2sn(
+				EVP_CIPHER_nid(xi->enc_cipher.cipher));
+			if (objstr == NULL)
+				{
+				PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+				goto err;
+				}
+
+			/* create the right magic header stuff */
+			buf[0]='\0';
+			PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
+			PEM_dek_info(buf,objstr,8,(char *)iv);
+
+			/* use the normal code to write things out */
+			i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
+			if (i <= 0) goto err;
+			}
+		else
+			{
+			/* Add DSA/DH */
+#ifndef NO_RSA
+			/* normal optionally encrypted stuff */
+			if (PEM_write_bio_RSAPrivateKey(bp,
+				xi->x_pkey->dec_pkey->pkey.rsa,
+				enc,kstr,klen,cb)<=0)
+				goto err;
+#endif
+			}
+		}
+
+	/* if we have a certificate then write it out now */
+	if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
+		goto err;
+
+	/* we are ignoring anything else that is loaded into the X509_INFO
+	 * structure for the moment ... as I don't need it so I'm not
+	 * coding it here and Eric can do it when this makes it into the
+	 * base library --tjh
+	 */
+
+	ret=1;
+
+err:
+	memset((char *)&ctx,0,sizeof(ctx));
+	memset(buf,0,PEM_BUFSIZE);
+	return(ret);
+	}
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
new file mode 100644
index 0000000000..1397d83113
--- /dev/null
+++ b/crypto/pem/pem_lib.c
@@ -0,0 +1,757 @@
+/* crypto/pem/pem_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "evp.h"
+#include "rand.h"
+#include "x509.h"
+#include "pem.h"
+#ifndef NO_DES
+#include "des.h"
+#endif
+
+char *PEM_version="PEM part of SSLeay 0.8.1b 29-Jun-1998";
+
+#define MIN_LENGTH	4
+
+/* PEMerr(PEM_F_PEM_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+ * PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int def_callback(char *buf, int num, int w);
+static int load_iv(unsigned char **fromp,unsigned char *to, int num);
+#else
+static int def_callback();
+static int load_iv();
+#endif
+
+static int def_callback(buf, num, w)
+char *buf;
+int num;
+int w;
+	{
+#ifdef WIN16
+	/* We should not ever call the default callback routine from
+	 * windows. */
+	PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+	return(-1);
+#else
+	int i,j;
+	char *prompt;
+
+	prompt=EVP_get_pw_prompt();
+	if (prompt == NULL)
+		prompt="Enter PEM pass phrase:";
+
+	for (;;)
+		{
+		i=EVP_read_pw_string(buf,num,prompt,w);
+		if (i != 0)
+			{
+			PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
+			memset(buf,0,(unsigned int)num);
+			return(-1);
+			}
+		j=strlen(buf);
+		if (j < MIN_LENGTH)
+			{
+			fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
+			}
+		else
+			break;
+		}
+	return(j);
+#endif
+	}
+
+void PEM_proc_type(buf, type)
+char *buf;
+int type;
+	{
+	char *str;
+
+	if (type == PEM_TYPE_ENCRYPTED)
+		str="ENCRYPTED";
+	else if (type == PEM_TYPE_MIC_CLEAR)
+		str="MIC-CLEAR";
+	else if (type == PEM_TYPE_MIC_ONLY)
+		str="MIC-ONLY";
+	else
+		str="BAD-TYPE";
+		
+	strcat(buf,"Proc-Type: 4,");
+	strcat(buf,str);
+	strcat(buf,"\n");
+	}
+
+void PEM_dek_info(buf, type, len, str)
+char *buf;
+char *type;
+int len;
+char *str;
+	{
+	static unsigned char map[17]="0123456789ABCDEF";
+	long i;
+	int j;
+
+	strcat(buf,"DEK-Info: ");
+	strcat(buf,type);
+	strcat(buf,",");
+	j=strlen(buf);
+	for (i=0; i<len; i++)
+		{
+		buf[j+i*2]  =map[(str[i]>>4)&0x0f];
+		buf[j+i*2+1]=map[(str[i]   )&0x0f];
+		}
+	buf[j+i*2]='\n';
+	buf[j+i*2+1]='\0';
+	}
+
+#ifndef WIN16
+char *PEM_ASN1_read(d2i,name,fp, x, cb)
+char *(*d2i)();
+char *name;
+FILE *fp;
+char **x;
+int (*cb)();
+	{
+        BIO *b;
+        char *ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_ASN1_read_bio(d2i,name,b,x,cb);
+        BIO_free(b);
+        return(ret);
+	}
+#endif
+
+char *PEM_ASN1_read_bio(d2i,name,bp, x, cb)
+char *(*d2i)();
+char *name;
+BIO *bp;
+char **x;
+int (*cb)();
+	{
+	EVP_CIPHER_INFO cipher;
+	char *nm=NULL,*header=NULL;
+	unsigned char *p=NULL,*data=NULL;
+	long len;
+	char *ret=NULL;
+
+	for (;;)
+		{
+		if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);
+		if (	(strcmp(nm,name) == 0) ||
+			((strcmp(nm,PEM_STRING_RSA) == 0) &&
+			 (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+			((strcmp(nm,PEM_STRING_DSA) == 0) &&
+			 (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+			((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
+			 (strcmp(name,PEM_STRING_X509) == 0)) ||
+			((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
+			 (strcmp(name,PEM_STRING_X509_REQ) == 0))
+			)
+			break;
+		Free(nm);
+		Free(header);
+		Free(data);
+		}
+	if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
+	if (!PEM_do_header(&cipher,data,&len,cb)) goto err;
+	p=data;
+	if (strcmp(name,PEM_STRING_EVP_PKEY) == 0)
+		{
+		if (strcmp(nm,PEM_STRING_RSA) == 0)
+			ret=d2i(EVP_PKEY_RSA,x,&p,len);
+		else if (strcmp(nm,PEM_STRING_DSA) == 0)
+			ret=d2i(EVP_PKEY_DSA,x,&p,len);
+		}
+	else	
+		ret=d2i(x,&p,len);
+	if (ret == NULL)
+		PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
+err:
+	Free(nm);
+	Free(header);
+	Free(data);
+	return(ret);
+	}
+
+#ifndef WIN16
+int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback)
+int (*i2d)();
+char *name;
+FILE *fp;
+char *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*callback)();
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int PEM_ASN1_write_bio(i2d,name,bp, x, enc, kstr, klen, callback)
+int (*i2d)();
+char *name;
+BIO *bp;
+char *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*callback)();
+	{
+	EVP_CIPHER_CTX ctx;
+	int dsize=0,i,j,ret=0;
+	unsigned char *p,*data=NULL;
+	char *objstr=NULL;
+#define PEM_BUFSIZE	1024
+	char buf[PEM_BUFSIZE];
+	unsigned char key[EVP_MAX_KEY_LENGTH];
+	unsigned char iv[EVP_MAX_IV_LENGTH];
+	
+	if (enc != NULL)
+		{
+		objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
+		if (objstr == NULL)
+			{
+			PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+			goto err;
+			}
+		}
+
+	dsize=i2d(x,NULL);
+	/* dzise + 8 bytes are needed */
+	data=(unsigned char *)Malloc((unsigned int)dsize+20);
+	if (data == NULL)
+		{
+		PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p=data;
+	i=i2d(x,&p);
+
+	if (enc != NULL)
+		{
+		if (kstr == NULL)
+			{
+			if (callback == NULL)
+				klen=def_callback(buf,PEM_BUFSIZE,1);
+			else
+				klen=(*callback)(buf,PEM_BUFSIZE,1);
+			if (klen <= 0)
+				{
+				PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
+				goto err;
+				}
+			kstr=(unsigned char *)buf;
+			}
+		RAND_seed(data,i);/* put in the RSA key. */
+		RAND_bytes(iv,8);	/* Generate a salt */
+		/* The 'iv' is used as the iv and as a salt.  It is
+		 * NOT taken from the BytesToKey function */
+		EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
+
+		if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
+
+		buf[0]='\0';
+		PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
+		PEM_dek_info(buf,objstr,8,(char *)iv);
+		/* k=strlen(buf); */
+	
+		EVP_EncryptInit(&ctx,enc,key,iv);
+		EVP_EncryptUpdate(&ctx,data,&j,data,i);
+		EVP_EncryptFinal(&ctx,&(data[j]),&i);
+		i+=j;
+		ret=1;
+		}
+	else
+		{
+		ret=1;
+		buf[0]='\0';
+		}
+	i=PEM_write_bio(bp,name,buf,data,i);
+	if (i <= 0) ret=0;
+err:
+	memset(key,0,sizeof(key));
+	memset(iv,0,sizeof(iv));
+	memset((char *)&ctx,0,sizeof(ctx));
+	memset(buf,0,PEM_BUFSIZE);
+	memset(data,0,(unsigned int)dsize);
+	Free(data);
+	return(ret);
+	}
+
+int PEM_do_header(cipher, data, plen, callback)
+EVP_CIPHER_INFO *cipher;
+unsigned char *data;
+long *plen;
+int (*callback)();
+	{
+	int i,j,o,klen;
+	long len;
+	EVP_CIPHER_CTX ctx;
+	unsigned char key[EVP_MAX_KEY_LENGTH];
+	char buf[PEM_BUFSIZE];
+
+	len= *plen;
+
+	if (cipher->cipher == NULL) return(1);
+	if (callback == NULL)
+		klen=def_callback(buf,PEM_BUFSIZE,0);
+	else
+		klen=callback(buf,PEM_BUFSIZE,0);
+	if (klen <= 0)
+		{
+		PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
+		return(0);
+		}
+	EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
+		(unsigned char *)buf,klen,1,key,NULL);
+
+	j=(int)len;
+	EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
+	EVP_DecryptUpdate(&ctx,data,&i,data,j);
+	o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	memset((char *)buf,0,sizeof(buf));
+	memset((char *)key,0,sizeof(key));
+	j+=i;
+	if (!o)
+		{
+		PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
+		return(0);
+		}
+	*plen=j;
+	return(1);
+	}
+
+int PEM_get_EVP_CIPHER_INFO(header,cipher)
+char *header;
+EVP_CIPHER_INFO *cipher;
+	{
+	int o;
+	EVP_CIPHER *enc=NULL;
+	char *p,c;
+
+	cipher->cipher=NULL;
+	if ((header == NULL) || (*header == '\0') || (*header == '\n'))
+		return(1);
+	if (strncmp(header,"Proc-Type: ",11) != 0)
+		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
+	header+=11;
+	if (*header != '4') return(0); header++;
+	if (*header != ',') return(0); header++;
+	if (strncmp(header,"ENCRYPTED",9) != 0)
+		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
+	for (; (*header != '\n') && (*header != '\0'); header++)
+		;
+	if (*header == '\0')
+		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
+	header++;
+	if (strncmp(header,"DEK-Info: ",10) != 0)
+		{ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
+	header+=10;
+
+	p=header;
+	for (;;)
+		{
+		c= *header;
+		if (!(	((c >= 'A') && (c <= 'Z')) || (c == '-') ||
+			((c >= '0') && (c <= '9'))))
+			break;
+		header++;
+		}
+	*header='\0';
+	o=OBJ_sn2nid(p);
+	cipher->cipher=enc=EVP_get_cipherbyname(p);
+	*header=c;
+	header++;
+
+	if (enc == NULL)
+		{
+		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
+		return(0);
+		}
+	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+
+	return(1);
+	}
+
+static int load_iv(fromp,to,num)
+unsigned char **fromp,*to;
+int num;
+	{
+	int v,i;
+	unsigned char *from;
+
+	from= *fromp;
+	for (i=0; i<num; i++) to[i]=0;
+	num*=2;
+	for (i=0; i<num; i++)
+		{
+		if ((*from >= '0') && (*from <= '9'))
+			v= *from-'0';
+		else if ((*from >= 'A') && (*from <= 'F'))
+			v= *from-'A'+10;
+		else if ((*from >= 'a') && (*from <= 'f'))
+			v= *from-'a'+10;
+		else
+			{
+			PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
+			return(0);
+			}
+		from++;
+		to[i/2]|=v<<(long)((!(i&1))*4);
+		}
+
+	*fromp=from;
+	return(1);
+	}
+
+#ifndef WIN16
+int PEM_write(fp, name, header, data,len)
+FILE *fp;
+char *name;
+char *header;
+unsigned char *data;
+long len;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_write_bio(b, name, header, data,len);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int PEM_write_bio(bp, name, header, data,len)
+BIO *bp;
+char *name;
+char *header;
+unsigned char *data;
+long len;
+	{
+	int nlen,n,i,j,outl;
+	unsigned char *buf;
+	EVP_ENCODE_CTX ctx;
+	int reason=ERR_R_BUF_LIB;
+	
+	EVP_EncodeInit(&ctx);
+	nlen=strlen(name);
+
+	if (	(BIO_write(bp,"-----BEGIN ",11) != 11) ||
+		(BIO_write(bp,name,nlen) != nlen) ||
+		(BIO_write(bp,"-----\n",6) != 6))
+		goto err;
+		
+	i=strlen(header);
+	if (i > 0)
+		{
+		if (	(BIO_write(bp,header,i) != i) ||
+			(BIO_write(bp,"\n",1) != 1))
+			goto err;
+		}
+
+	buf=(unsigned char *)Malloc(PEM_BUFSIZE*8);
+	if (buf == NULL)
+		{
+		reason=ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+
+	i=j=0;
+	while (len > 0)
+		{
+		n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
+		EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
+		if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
+			goto err;
+		i+=outl;
+		len-=n;
+		j+=n;
+		}
+	EVP_EncodeFinal(&ctx,buf,&outl);
+	if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
+	Free(buf);
+	if (	(BIO_write(bp,"-----END ",9) != 9) ||
+		(BIO_write(bp,name,nlen) != nlen) ||
+		(BIO_write(bp,"-----\n",6) != 6))
+		goto err;
+	return(i+outl);
+err:
+	PEMerr(PEM_F_PEM_WRITE_BIO,reason);
+	return(0);
+	}
+
+#ifndef WIN16
+int PEM_read(fp, name, header, data,len)
+FILE *fp;
+char **name;
+char **header;
+unsigned char **data;
+long *len;
+        {
+        BIO *b;
+        int ret;
+
+        if ((b=BIO_new(BIO_s_file())) == NULL)
+		{
+		PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
+                return(0);
+		}
+        BIO_set_fp(b,fp,BIO_NOCLOSE);
+        ret=PEM_read_bio(b, name, header, data,len);
+        BIO_free(b);
+        return(ret);
+        }
+#endif
+
+int PEM_read_bio(bp, name, header, data, len)
+BIO *bp;
+char **name;
+char **header;
+unsigned char **data;
+long *len;
+	{
+	EVP_ENCODE_CTX ctx;
+	int end=0,i,k,bl=0,hl=0,nohead=0;
+	char buf[256];
+	BUF_MEM *nameB;
+	BUF_MEM *headerB;
+	BUF_MEM *dataB,*tmpB;
+	
+	nameB=BUF_MEM_new();
+	headerB=BUF_MEM_new();
+	dataB=BUF_MEM_new();
+	if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
+		{
+		PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+
+	buf[254]='\0';
+	for (;;)
+		{
+		i=BIO_gets(bp,buf,254);
+
+		if (i <= 0)
+			{
+			PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
+			goto err;
+			}
+
+		while ((i >= 0) && (buf[i] <= ' ')) i--;
+		buf[++i]='\n'; buf[++i]='\0';
+
+		if (strncmp(buf,"-----BEGIN ",11) == 0)
+			{
+			i=strlen(&(buf[11]));
+
+			if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
+				continue;
+			if (!BUF_MEM_grow(nameB,i+9))
+				{
+				PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			strncpy(nameB->data,&(buf[11]),(unsigned int)i-6);
+			nameB->data[i-6]='\0';
+			break;
+			}
+		}
+	hl=0;
+	if (!BUF_MEM_grow(headerB,256))
+		{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+	headerB->data[0]='\0';
+	for (;;)
+		{
+		i=BIO_gets(bp,buf,254);
+		if (i <= 0) break;
+
+		while ((i >= 0) && (buf[i] <= ' ')) i--;
+		buf[++i]='\n'; buf[++i]='\0';
+
+		if (buf[0] == '\n') break;
+		if (!BUF_MEM_grow(headerB,hl+i+9))
+			{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+		if (strncmp(buf,"-----END ",9) == 0)
+			{
+			nohead=1;
+			break;
+			}
+		strncpy(&(headerB->data[hl]),buf,(unsigned int)i);
+		headerB->data[hl+i]='\0';
+		hl+=i;
+		}
+
+	bl=0;
+	if (!BUF_MEM_grow(dataB,1024))
+		{ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+	dataB->data[0]='\0';
+	if (!nohead)
+		{
+		for (;;)
+			{
+			i=BIO_gets(bp,buf,254);
+			if (i <= 0) break;
+
+			while ((i >= 0) && (buf[i] <= ' ')) i--;
+			buf[++i]='\n'; buf[++i]='\0';
+
+			if (i != 65) end=1;
+			if (strncmp(buf,"-----END ",9) == 0)
+				break;
+			if (i > 65) break;
+			if (!BUF_MEM_grow(dataB,i+bl+9))
+				{
+				PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			strncpy(&(dataB->data[bl]),buf,(unsigned int)i);
+			dataB->data[bl+i]='\0';
+			bl+=i;
+			if (end)
+				{
+				buf[0]='\0';
+				i=BIO_gets(bp,buf,254);
+				if (i <= 0) break;
+
+				while ((i >= 0) && (buf[i] <= ' ')) i--;
+				buf[++i]='\n'; buf[++i]='\0';
+
+				break;
+				}
+			}
+		}
+	else
+		{
+		tmpB=headerB;
+		headerB=dataB;
+		dataB=tmpB;
+		bl=hl;
+		}
+	i=strlen(nameB->data);
+	if (	(strncmp(buf,"-----END ",9) != 0) ||
+		(strncmp(nameB->data,&(buf[9]),(unsigned int)i) != 0) ||
+		(strncmp(&(buf[9+i]),"-----\n",6) != 0))
+		{
+		PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
+		goto err;
+		}
+
+	EVP_DecodeInit(&ctx);
+	i=EVP_DecodeUpdate(&ctx,
+		(unsigned char *)dataB->data,&bl,
+		(unsigned char *)dataB->data,bl);
+	if (i < 0)
+		{
+		PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
+		goto err;
+		}
+	i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
+	if (i < 0)
+		{
+		PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
+		goto err;
+		}
+	bl+=k;
+
+	if (bl == 0) goto err;
+	*name=nameB->data;
+	*header=headerB->data;
+	*data=(unsigned char *)dataB->data;
+	*len=bl;
+	Free(nameB);
+	Free(headerB);
+	Free(dataB);
+	return(1);
+err:
+	BUF_MEM_free(nameB);
+	BUF_MEM_free(headerB);
+	BUF_MEM_free(dataB);
+	return(0);
+	}
diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
new file mode 100644
index 0000000000..6acb04ad77
--- /dev/null
+++ b/crypto/pem/pem_seal.c
@@ -0,0 +1,191 @@
+/* crypto/pem/pem_seal.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+int PEM_SealInit(ctx,type,md_type,ek,ekl,iv,pubk,npubk)
+PEM_ENCODE_SEAL_CTX *ctx;
+EVP_CIPHER *type;
+EVP_MD *md_type;
+unsigned char **ek;
+int *ekl;
+unsigned char *iv;
+EVP_PKEY **pubk;
+int npubk;
+	{
+	unsigned char key[EVP_MAX_KEY_LENGTH];
+	int ret= -1;
+	int i,j,max=0;
+	char *s=NULL;
+
+	for (i=0; i<npubk; i++)
+		{
+		if (pubk[i]->type != EVP_PKEY_RSA)
+			{
+			PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
+			goto err;
+			}
+		j=RSA_size(pubk[i]->pkey.rsa);
+		if (j > max) max=j;
+		}
+	s=(char *)Malloc(max*2);
+	if (s == NULL)
+		{
+		PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	EVP_EncodeInit(&(ctx->encode));
+	EVP_SignInit(&(ctx->md),md_type);
+
+	ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
+	if (!ret) goto err;
+
+	/* base64 encode the keys */
+	for (i=0; i<npubk; i++)
+		{
+		j=EVP_EncodeBlock((unsigned char *)s,ek[i],
+			RSA_size(pubk[i]->pkey.rsa));
+		ekl[i]=j;
+		memcpy(ek[i],s,j+1);
+		}
+
+	ret=npubk;
+err:
+	if (s != NULL) Free(s);
+	memset(key,0,EVP_MAX_KEY_LENGTH);
+	return(ret);
+	}
+
+void PEM_SealUpdate(ctx,out,outl,in,inl)
+PEM_ENCODE_SEAL_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+	{
+	unsigned char buffer[1600];
+	int i,j;
+
+	*outl=0;
+	EVP_SignUpdate(&(ctx->md),in,inl);
+	for (;;)
+		{
+		if (inl <= 0) break;
+		if (inl > 1200)
+			i=1200;
+		else
+			i=inl;
+		EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
+		EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
+		*outl+=j;
+		out+=j;
+		in+=i;
+		inl-=i;
+		}
+	}
+
+int PEM_SealFinal(ctx,sig,sigl,out,outl,priv)
+PEM_ENCODE_SEAL_CTX *ctx;
+unsigned char *sig;
+int *sigl;
+unsigned char *out;
+int *outl;
+EVP_PKEY *priv;
+	{
+	unsigned char *s=NULL;
+	int ret=0,j;
+	unsigned int i;
+
+	if (priv->type != EVP_PKEY_RSA)
+		{
+		PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
+		goto err;
+		}
+	i=RSA_size(priv->pkey.rsa);
+	if (i < 100) i=100;
+	s=(unsigned char *)Malloc(i*2);
+	if (s == NULL)
+		{
+		PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
+	EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
+	*outl=j;
+	out+=j;
+	EVP_EncodeFinal(&(ctx->encode),out,&j);
+	*outl+=j;
+
+	if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
+	*sigl=EVP_EncodeBlock(sig,s,i);
+
+	ret=1;
+err:
+	memset((char *)&(ctx->md),0,sizeof(ctx->md));
+	memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
+	if (s != NULL) Free(s);
+	return(ret);
+	}
diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
new file mode 100644
index 0000000000..0df99a3d84
--- /dev/null
+++ b/crypto/pem/pem_sign.c
@@ -0,0 +1,109 @@
+/* crypto/pem/pem_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+void PEM_SignInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+	{
+	EVP_DigestInit(ctx,type);
+	}
+
+void PEM_SignUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+	{
+	EVP_DigestUpdate(ctx,data,count);
+	}
+
+int PEM_SignFinal(ctx,sigret,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigret;
+unsigned int *siglen;
+EVP_PKEY *pkey;
+	{
+	unsigned char *m;
+	int i,ret=0;
+	unsigned int m_len;
+
+	m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2);
+	if (m == NULL)
+		{
+		PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
+
+	i=EVP_EncodeBlock(sigret,m,m_len);
+	*siglen=i;
+	ret=1;
+err:
+	/* ctx has been zeroed by EVP_SignFinal() */
+	if (m != NULL) Free(m);
+	return(ret);
+	}
+
diff --git a/crypto/pem/pkcs7.lis b/crypto/pem/pkcs7.lis
new file mode 100644
index 0000000000..be90c5d87f
--- /dev/null
+++ b/crypto/pem/pkcs7.lis
@@ -0,0 +1,22 @@
+21     0:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
+ 00     2:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
+ 21    13:d=0 hl=2 l=  0 cons: cont: 00			# explicit tag
+  21    15:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
+   00    17:d=0 hl=2 l=  1 prim: univ: INTEGER          # version 
+   20    20:d=0 hl=2 l=  0 cons: univ: SET               
+   21    22:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
+    00    24:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
+    00    35:d=0 hl=2 l=  0 prim: univ: EOC               
+   21    37:d=0 hl=2 l=  0 cons: cont: 00               # cert tag
+    20    39:d=0 hl=4 l=545 cons: univ: SEQUENCE          
+    20   588:d=0 hl=4 l=524 cons: univ: SEQUENCE          
+    00  1116:d=0 hl=2 l=  0 prim: univ: EOC               
+   21  1118:d=0 hl=2 l=  0 cons: cont: 01		# crl tag
+    20  1120:d=0 hl=4 l=653 cons: univ: SEQUENCE          
+    20  1777:d=0 hl=4 l=285 cons: univ: SEQUENCE          
+    00  2066:d=0 hl=2 l=  0 prim: univ: EOC               
+   21  2068:d=0 hl=2 l=  0 cons: univ: SET              # signers 
+    00  2070:d=0 hl=2 l=  0 prim: univ: EOC               
+  00  2072:d=0 hl=2 l=  0 prim: univ: EOC               
+ 00  2074:d=0 hl=2 l=  0 prim: univ: EOC               
+00  2076:d=0 hl=2 l=  0 prim: univ: EOC               
diff --git a/crypto/perlasm/x86ms.pl b/crypto/perlasm/x86ms.pl
new file mode 100644
index 0000000000..558112e082
--- /dev/null
+++ b/crypto/perlasm/x86ms.pl
@@ -0,0 +1,249 @@
+#!/usr/local/bin/perl
+
+package x86ms;
+
+$label="L000";
+
+%lb=(	'eax',	'al',
+	'ebx',	'bl',
+	'ecx',	'cl',
+	'edx',	'dl',
+	'ax',	'al',
+	'bx',	'bl',
+	'cx',	'cl',
+	'dx',	'dl',
+	);
+
+%hb=(	'eax',	'ah',
+	'ebx',	'bh',
+	'ecx',	'ch',
+	'edx',	'dh',
+	'ax',	'ah',
+	'bx',	'bh',
+	'cx',	'ch',
+	'dx',	'dh',
+	);
+
+sub main'LB
+	{
+	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+	return($lb{$_[0]});
+	}
+
+sub main'HB
+	{
+	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+	return($hb{$_[0]});
+	}
+
+sub main'DWP
+	{
+	local($addr,$reg1,$reg2,$idx)=@_;
+	local($t);
+	local($ret)="DWORD PTR ";
+
+	$addr =~ s/^\s+//;
+	if ($addr =~ /^(.+)\+(.+)$/)
+		{
+		$reg2=&conv($1);
+		$addr="_$2";
+		}
+	elsif ($addr =~ /^[_a-zA-Z]/)
+		{
+		$addr="_$addr";
+		}
+
+	$reg1="$regs{$reg1}" if defined($regs{$reg1});
+	$reg2="$regs{$reg2}" if defined($regs{$reg2});
+	$ret.=$addr if ($addr ne "") && ($addr ne 0);
+	if ($reg2 ne "")
+		{
+		$t="";
+		$t="*$idx" if ($idx != 0);
+		$ret.="[$reg2$t+$reg1]";
+		}
+	else
+		{
+		$ret.="[$reg1]"
+		}
+	return($ret);
+	}
+
+sub main'mov	{ &out2("mov",@_); }
+sub main'movb	{ &out2("mov",@_); }
+sub main'and	{ &out2("and",@_); }
+sub main'or	{ &out2("or",@_); }
+sub main'shl	{ &out2("shl",@_); }
+sub main'shr	{ &out2("shr",@_); }
+sub main'xor	{ &out2("xor",@_); }
+sub main'add	{ &out2("add",@_); }
+sub main'sub	{ &out2("sub",@_); }
+sub main'rotl	{ &out2("rol",@_); }
+sub main'rotr	{ &out2("ror",@_); }
+sub main'exch	{ &out2("xchg",@_); }
+sub main'cmp	{ &out2("cmp",@_); }
+sub main'dec	{ &out1("dec",@_); }
+sub main'jmp	{ &out1("jmp",@_); }
+sub main'je	{ &out1("je",@_); }
+sub main'jz	{ &out1("jz",@_); }
+sub main'jnz	{ &out1("jnz",@_); }
+sub main'push	{ &out1("push",@_); }
+sub main'call	{ &out1("call",'_'.$_[0]); }
+
+
+sub out2
+	{
+	local($name,$p1,$p2)=@_;
+	local($l,$t);
+
+	print "\t$name\t";
+	$t=&conv($p1).",";
+	$l=length($t);
+	print $t;
+	$l=4-($l+9)/8;
+	print "\t" x $l;
+	print &conv($p2);
+	print "\n";
+	}
+
+sub out1
+	{
+	local($name,$p1)=@_;
+	local($l,$t);
+
+	print "\t$name\t";
+	print &conv($p1);
+	print "\n";
+	}
+
+sub conv
+	{
+	local($p)=@_;
+
+	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+	return $p;
+	}
+
+sub main'file
+	{
+	local($file)=@_;
+
+	print <<"EOF";
+	TITLE	$file.asm
+        .386
+.model FLAT
+EOF
+	}
+
+sub main'function_begin
+	{
+	local($func,$num,$extra)=@_;
+
+	$params=$num*4;
+
+	print <<"EOF";
+_TEXT	SEGMENT
+PUBLIC	_$func
+$extra
+_$func PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+EOF
+	$stack=20;
+	}
+
+sub main'function_end
+	{
+	local($func)=@_;
+
+	print <<"EOF";
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_$func ENDP
+_TEXT	ENDS
+EOF
+	$stack=0;
+	%label=();
+	}
+
+sub main'function_end_A
+	{
+	local($func)=@_;
+
+	print <<"EOF";
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+EOF
+	}
+
+sub main'function_end_B
+	{
+	local($func)=@_;
+
+	print <<"EOF";
+_$func ENDP
+_TEXT	ENDS
+EOF
+	$stack=0;
+	%label=();
+	}
+
+sub main'file_end
+	{
+	print "END\n"
+	}
+
+sub main'wparam
+	{
+	local($num)=@_;
+
+	return(&main'DWP($stack+$num*4,"esp","",0));
+	}
+
+sub main'wtmp
+	{
+	local($num)=@_;
+
+	return(&main'DWP($stack+$params+$num*4,"esp","",0));
+	}
+
+sub main'comment
+	{
+	foreach (@_)
+		{
+		print "\t; $_\n";
+		}
+	}
+
+sub main'label
+	{
+	if (!defined($label{$_[0]}))
+		{
+		$label{$_[0]}="\$${label}${_[0]}";
+		$label++;
+		}
+	return($label{$_[0]});
+	}
+
+sub main'set_label
+	{
+	if (!defined($label{$_[0]}))
+		{
+		$label{$_[0]}="${label}${_[0]}";
+		$label++;
+		}
+	print "$label{$_[0]}:\n";
+	}
+
+sub main'file_end
+        {
+	print "END\n";
+        }
diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl
new file mode 100644
index 0000000000..3426563dca
--- /dev/null
+++ b/crypto/perlasm/x86unix.pl
@@ -0,0 +1,313 @@
+#!/usr/local/bin/perl
+
+package x86ms;
+
+$label="L000";
+
+$align=($main'aout)?"4":"16";
+$under=($main'aout)?"_":"";
+$com_start=($main'sol)?"/":"#";
+
+if ($main'cpp)
+	{
+	$align="ALIGN";
+	$under="";
+	$com_start='/*';
+	$com_end='*/';
+	}
+
+%lb=(	'eax',	'%al',
+	'ebx',	'%bl',
+	'ecx',	'%cl',
+	'edx',	'%dl',
+	'ax',	'%al',
+	'bx',	'%bl',
+	'cx',	'%cl',
+	'dx',	'%dl',
+	);
+
+%hb=(	'eax',	'%ah',
+	'ebx',	'%bh',
+	'ecx',	'%ch',
+	'edx',	'%dh',
+	'ax',	'%ah',
+	'bx',	'%bh',
+	'cx',	'%ch',
+	'dx',	'%dh',
+	);
+
+%regs=(	'eax',	'%eax',
+	'ebx',	'%ebx',
+	'ecx',	'%ecx',
+	'edx',	'%edx',
+	'esi',	'%esi',
+	'edi',	'%edi',
+	'ebp',	'%ebp',
+	'esp',	'%esp',
+	);
+
+sub main'LB
+	{
+	(defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+	return($lb{$_[0]});
+	}
+
+sub main'HB
+	{
+	(defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+	return($hb{$_[0]});
+	}
+
+sub main'DWP
+	{
+	local($addr,$reg1,$reg2,$idx)=@_;
+
+
+	$ret="";
+
+	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+
+	$reg1="$regs{$reg1}" if defined($regs{$reg1});
+	$reg2="$regs{$reg2}" if defined($regs{$reg2});
+	$ret.=$addr if ($addr ne "") && ($addr ne 0);
+	if ($reg2 ne "")
+		{
+		$ret.="($reg1,$reg2,$idx)";
+		}
+	else
+		{
+		$ret.="($reg1)"
+		}
+	return($ret);
+	}
+
+sub main'BP
+	{
+	local($addr,$reg1,$reg2,$idx)=@_;
+
+
+	$ret="";
+
+	$addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+
+	$reg1="$regs{$reg1}" if defined($regs{$reg1});
+	$reg2="$regs{$reg2}" if defined($regs{$reg2});
+	$ret.=$addr if ($addr ne "") && ($addr ne 0);
+	if ($reg2 ne "")
+		{
+		$ret.="($reg1,$reg2,$idx)";
+		}
+	else
+		{
+		$ret.="($reg1)"
+		}
+	return($ret);
+	}
+
+sub main'mov	{ &out2("movl",@_); }
+sub main'movb	{ &out2("movb",@_); }
+sub main'and	{ &out2("andl",@_); }
+sub main'or	{ &out2("orl",@_); }
+sub main'shl	{ &out2("sall",@_); }
+sub main'shr	{ &out2("shrl",@_); }
+sub main'xor	{ &out2("xorl",@_); }
+sub main'add	{ &out2("addl",@_); }
+sub main'sub	{ &out2("subl",@_); }
+sub main'rotl	{ &out2("roll",@_); }
+sub main'rotr	{ &out2("rorl",@_); }
+sub main'exch	{ &out2("xchg",@_); }
+sub main'cmp	{ &out2("cmpl",@_); }
+sub main'jmp	{ &out1("jmp",@_); }
+sub main'je	{ &out1("je",@_); }
+sub main'jne	{ &out1("jne",@_); }
+sub main'jnz	{ &out1("jnz",@_); }
+sub main'jz	{ &out1("jz",@_); }
+sub main'dec	{ &out1("decl",@_); }
+sub main'push	{ &out1("pushl",@_); }
+sub main'call	{ &out1("call",$under.$_[0]); }
+
+
+sub out2
+	{
+	local($name,$p1,$p2)=@_;
+	local($l,$ll,$t);
+
+	print "\t$name\t";
+	$t=&conv($p2).",";
+	$l=length($t);
+	print $t;
+	$ll=4-($l+9)/8;
+	print "\t" x $ll;
+	print &conv($p1);
+	print "\n";
+	}
+
+sub out1
+	{
+	local($name,$p1)=@_;
+	local($l,$t);
+
+	print "\t$name\t";
+	print &conv($p1);
+	print "\n";
+	}
+
+sub conv
+	{
+	local($p)=@_;
+
+#	$p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+
+	$p=$regs{$p} if (defined($regs{$p}));
+
+	$p =~ s/^([0-9A-Fa-f]+)$/\$$1/;
+	$p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
+	return $p;
+	}
+
+sub main'file
+	{
+	local($file)=@_;
+
+	print <<"EOF";
+	.file	"$file.s"
+	.version	"01.01"
+gcc2_compiled.:
+EOF
+	}
+
+sub main'function_begin
+	{
+	local($func,$num)=@_;
+
+	$params=$num*4;
+
+	$func=$under.$func;
+
+	print <<"EOF";
+.text
+	.align $align
+.globl $func
+EOF
+	if ($main'cpp)
+		{ printf("\tTYPE($func,\@function)\n"); }
+	else	{ printf("\t.type	$func,\@function\n"); }
+	print <<"EOF";
+$func:
+	pushl	%ebp
+	pushl	%ebx
+	pushl	%esi
+	pushl	%edi
+
+EOF
+	$stack=20;
+	}
+
+sub main'function_end
+	{
+	local($func)=@_;
+
+	$func=$under.$func;
+
+	print <<"EOF";
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+.${func}_end:
+EOF
+	if ($main'cpp)
+		{ printf("\tSIZE($func,.${func}_end-$func)\n"); }
+	else	{ printf("\t.size\t$func,.${func}_end-$func\n"); }
+	print ".ident	\"desasm.pl\"\n";
+	$stack=0;
+	%label=();
+	}
+
+sub main'function_end_A
+	{
+	local($func)=@_;
+
+	print <<"EOF";
+	popl	%edi
+	popl	%esi
+	popl	%ebx
+	popl	%ebp
+	ret
+EOF
+	}
+
+sub main'function_end_B
+	{
+	local($func)=@_;
+
+	$func=$under.$func;
+
+	print <<"EOF";
+.${func}_end:
+EOF
+	if ($main'cpp)
+		{ printf("\tSIZE($func,.${func}_end-$func)\n"); }
+	else	{ printf("\t.size\t$func,.${func}_end-$func\n"); }
+	print ".ident	\"desasm.pl\"\n";
+	$stack=0;
+	%label=();
+	}
+
+sub main'wparam
+	{
+	local($num)=@_;
+
+	return(&main'DWP($stack+$num*4,"esp","",0));
+	}
+
+sub main'wtmp_b
+	{
+	local($num,$b)=@_;
+
+	return(&main'BP(-(($num+1)*4)+$b,"esp","",0));
+	}
+
+sub main'wtmp
+	{
+	local($num)=@_;
+
+	return(&main'DWP(-($num+1)*4,"esp","",0));
+	}
+
+sub main'comment
+	{
+	foreach (@_)
+		{
+		if (/^\s*$/)
+			{ print "\n"; }
+		else
+			{ print "\t$com_start $_ $com_end\n"; }
+		}
+	}
+
+sub main'label
+	{
+	if (!defined($label{$_[0]}))
+		{
+		$label{$_[0]}=".${label}${_[0]}";
+		$label++;
+		}
+	return($label{$_[0]});
+	}
+
+sub main'set_label
+	{
+	if (!defined($label{$_[0]}))
+		{
+		$label{$_[0]}=".${label}${_[0]}";
+		$label++;
+		}
+	print ".align $align\n";
+	print "$label{$_[0]}:\n";
+	}
+
+sub main'file_end
+	{
+	}
diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl
new file mode 100644
index 0000000000..64a005a186
--- /dev/null
+++ b/crypto/pkcs7/Makefile.ssl
@@ -0,0 +1,86 @@
+#
+# SSLeay/crypto/asn1/Makefile
+#
+
+DIR=	pkcs7
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=pkcs7
+ERRC=pkcs7err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	pk7_lib.c pkcs7err.c pk7_doit.c
+LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs7.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/pkcs7/README b/crypto/pkcs7/README
new file mode 100644
index 0000000000..27001c6970
--- /dev/null
+++ b/crypto/pkcs7/README
@@ -0,0 +1,5 @@
+WARNING
+
+Everything in this directory is experimental and is subject to change.
+
+Do not rely on the stuff in here not changing in the next release
diff --git a/crypto/pkcs7/doc b/crypto/pkcs7/doc
new file mode 100644
index 0000000000..d2e8b7b2a3
--- /dev/null
+++ b/crypto/pkcs7/doc
@@ -0,0 +1,24 @@
+int PKCS7_set_content_type(PKCS7 *p7, int type);
+Call to set the type of PKCS7 object we are working on
+
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+	EVP_MD *dgst);
+Use this to setup a signer info
+There will also be functions to add signed and unsigned attributes.
+
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+Add a signer info to the content.
+
+int PKCS7_add_certificae(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+
+----
+
+p7=PKCS7_new();
+PKCS7_set_content_type(p7,NID_pkcs7_signed);
+
+signer=PKCS7_SINGNER_INFO_new();
+PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5());
+PKCS7_add_signer(py,signer);
+
+we are now setup.
diff --git a/crypto/pkcs7/mf.p7 b/crypto/pkcs7/mf.p7
new file mode 100644
index 0000000000..524335b4b3
--- /dev/null
+++ b/crypto/pkcs7/mf.p7
@@ -0,0 +1,18 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHAqCAMIIC2QIBATEMMAoGCCqGSIb3DQIFMIAGCSqGSIb3DQEH
+AQAAoIIB7TCCAekwggFSAgEAMA0GCSqGSIb3DQEBBAUAMFsxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpRdWVlbnNsYW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0
+ZDEbMBkGA1UEAxMSVGVzdCBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0NloX
+DTk4MDYwOTEzNTc0NlowYzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xh
+bmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYDVQQDExpTZXJ2ZXIg
+dGVzdCBjZXJ0ICg1MTIgYml0KTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCfs8OE
+J5X/EjFSDxXvRhHErYDmNlsP3YDXYY3g/HJFCTT+VWZFQ0xol2r+qKCl3194/+7X
+ZLg/BMtv/yr+/rntAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAeEzEdgr2nChPcALL
+vY8gl/GIlpoAjPmKD+pLeGZI9s+SEX5u1q8nCrJ6ZzkfrRnqgI5Anmev9+qPZfdU
+bz5zdVSf4sUL9nX9ChXjK9NCJA3UzQHSFqhZErGUwGNkAHYHp2+zAdY6Ho6rmMzt
+g0CDu/sKR4qzm6REsQGS8kgpjz4xgcUwgcICAQEwYDBbMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+GzAZBgNVBAMTElRlc3QgQ0EgKDEwMjQgYml0KQIBADAKBggqhkiG9w0CBTANBgkq
+hkiG9w0BAQQFAARALnrxJiOX9XZf2D+3vL8SKMQmMq55LltomwOLGUru/q1uVXzi
+ARg7FSCegOpA1nunsTURMUGgrPXKK4XmL4IseQAAAAA=
+-----END PKCS7-----
diff --git a/crypto/pkcs7/p7.tst b/crypto/pkcs7/p7.tst
new file mode 100644
index 0000000000..6d14dce163
--- /dev/null
+++ b/crypto/pkcs7/p7.tst
@@ -0,0 +1,33 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHAqCAMIIFsQIBATELMAkGBSsOAwIaBQAwgAYJKoZIhvcNAQcB
+AACgggQdMIICJTCCAc+gAwIBAgIBIjANBgkqhkiG9w0BAQQFADCBgjELMAkGA1UE
+BhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRow
+GAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEUMBIGA1UECxMLZGV2ZWxvcG1lbnQx
+GTAXBgNVBAMTEENyeXB0U29mdCBEZXYgQ0EwHhcNOTcwNjEzMTgxMDE3WhcNOTgw
+NjEzMTgxMDE3WjCBiDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+ETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEU
+MBIGA1UECxMLSUlTIHRlc3RpbmcxDjAMBgNVBAMTBXRlc3QxMQ8wDQYJKoZIhvcN
+AQkBFgAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAxtWiv59VH42+rotrmFAyDxTc
+J2osFt5uy/zEllx3vvjtwewqQxGUOwf6cjqFOTrnpEdVvwywpEhIQ5364bJqIwID
+AQABoygwJjAkBglghkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0G
+CSqGSIb3DQEBBAUAA0EAMnYkNV2AdpeHPy/qlcdZx6MDGIJgrLhklhcn6Or6KiAP
+t9+nv9XdOGHyMyQr9ufsweuQfAgJ9yjKPZR2/adTjTCCAfAwggGaAgEAMA0GCSqG
+SIb3DQEBBAUAMIGCMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDER
+MA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRQw
+EgYDVQQLEwtkZXZlbG9wbWVudDEZMBcGA1UEAxMQQ3J5cHRTb2Z0IERldiBDQTAe
+Fw05NzAzMjIxMzM0MDRaFw05ODAzMjIxMzM0MDRaMIGCMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoT
+EUNyeXB0U29mdCBQdHkgTHRkMRQwEgYDVQQLEwtkZXZlbG9wbWVudDEZMBcGA1UE
+AxMQQ3J5cHRTb2Z0IERldiBDQTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDgDgKq
+IBuUMAJi4c8juAqEZ8f8FcuDWT+HcScvNztRJy9K8DnbGpiSrzzix4El6N4A7vbl
+crwn/0CZmQJguZpfAgMBAAEwDQYJKoZIhvcNAQEEBQADQQA0UUvxlXXe6wKkVukn
+ZoCyXbjlNsqt2rwbvfZEam6fQP3S7uq+o1Pnj+KDgE33WxWbQAA9h8fY1LWN7X3a
+yTm/MYIBbTCCAWkCAQEwgYgwgYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVl
+bnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0
+eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQg
+RGV2IENBAgEiMAkGBSsOAwIaBQCgfTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
+MCMGCSqGSIb3DQEJBDEWBBSUVhbGkNE+KGqpOK13+FkfOkaoizAcBgkqhkiG9w0B
+CQUxDxcNOTcwNzAxMDE0MzM0WjAeBgkqhkiG9w0BCQ8xETAPMA0GCCqGSIb3DQMC
+AgEoMA0GCSqGSIb3DQEBAQUABECa9Jpo4w/fZOc3Vy78wZFAVF8kvpn7il99Ldsr
+AQ4JiBmcfiSwEBBY6WuKT+/SYtFwZl1oXkTwB5AVCFIC/IFNAAAAAA==
+-----END PKCS7-----
diff --git a/crypto/pkcs7/pk7_dgst.c b/crypto/pkcs7/pk7_dgst.c
new file mode 100644
index 0000000000..fa562a4816
--- /dev/null
+++ b/crypto/pkcs7/pk7_dgst.c
@@ -0,0 +1,66 @@
+/* crypto/pkcs7/pk7_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
new file mode 100644
index 0000000000..32a2a45226
--- /dev/null
+++ b/crypto/pkcs7/pk7_doit.c
@@ -0,0 +1,327 @@
+/* crypto/pkcs7/pk7_doit.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "x509.h"
+
+BIO *PKCS7_dataInit(p7,bio)
+PKCS7 *p7;
+BIO *bio;
+	{
+	int i,j;
+	BIO *out=NULL,*btmp;
+	X509_ALGOR *xa;
+	EVP_MD *evp_md;
+
+	i=OBJ_obj2nid(p7->type);
+	p7->state=PKCS7_S_HEADER;
+
+	switch (i)
+		{
+	case NID_pkcs7_signed:
+		for (i=0; i<sk_num(p7->d.sign->md_algs); i++)
+			{
+			xa=(X509_ALGOR *)sk_value(p7->d.sign->md_algs,i);
+			if ((btmp=BIO_new(BIO_f_md())) == NULL) goto err;
+
+			j=OBJ_obj2nid(xa->algorithm);
+			evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
+			if (evp_md == NULL)
+				{
+				PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
+				goto err;
+				}
+
+			BIO_set_md(btmp,evp_md);
+			if (out == NULL)
+				out=btmp;
+			else
+				BIO_push(out,btmp);
+			}
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+	        goto err;
+		}
+	if (bio == NULL)
+		{
+		if (p7->detached)
+			bio=BIO_new(BIO_s_null());
+		else
+			{
+			bio=BIO_new(BIO_s_mem());
+			if (PKCS7_type_is_signed(p7) &&
+				PKCS7_type_is_data(p7->d.sign->contents))
+				{
+				ASN1_OCTET_STRING *os;
+
+				os=p7->d.sign->contents->d.data;
+				if (os->length > 0)
+					BIO_write(bio,os->data,os->length);
+				}
+			}
+		}
+	BIO_push(out,bio);
+	return(out);
+err:
+	return(NULL);
+	}
+
+int PKCS7_dataSign(p7,bio)
+PKCS7 *p7;
+BIO *bio;
+	{
+	int ret=0;
+	int i,j;
+	BIO *btmp;
+	BUF_MEM *buf_mem=NULL;
+	BUF_MEM *buf=NULL;
+	PKCS7_SIGNER_INFO *si;
+	EVP_MD_CTX *mdc,ctx_tmp;
+	STACK *sk;
+	unsigned char *p,*pp=NULL;
+	int x;
+
+	i=OBJ_obj2nid(p7->type);
+	p7->state=PKCS7_S_HEADER;
+
+	switch (i)
+		{
+	case NID_pkcs7_signed:
+
+		if ((buf=BUF_MEM_new()) == NULL) goto err;
+		for (i=0; i<sk_num(p7->d.sign->signer_info); i++)
+			{
+			si=(PKCS7_SIGNER_INFO *)
+				sk_value(p7->d.sign->signer_info,i);
+			if (si->pkey == NULL)
+				continue;
+			j=OBJ_obj2nid(si->digest_enc_alg->algorithm);
+
+			btmp=bio;
+			for (;;)
+				{
+				if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) 
+					== NULL)
+					{
+					PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+					goto err;
+					}
+				BIO_get_md_ctx(btmp,&mdc);
+				if (mdc == NULL)
+					{
+					PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_INTERNAL_ERROR);
+					goto err;
+					}
+				if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j)
+					break;
+				else
+					btmp=btmp->next_bio;
+				}
+			
+			/* We now have the EVP_MD_CTX, lets do the
+			 * signing. */
+			memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
+			if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
+				goto err;
+
+			sk=si->auth_attr;
+			if ((sk != NULL) && (sk_num(sk) != 0))
+				{
+				x=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
+					V_ASN1_SET,V_ASN1_UNIVERSAL);
+				pp=(unsigned char *)Malloc(i);
+				p=pp;
+				i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
+					V_ASN1_SET,V_ASN1_UNIVERSAL);
+				EVP_SignUpdate(&ctx_tmp,pp,x);
+				Free(pp);
+				}
+
+			if (!EVP_SignFinal(&ctx_tmp,buf->data,
+				(unsigned int *)&buf->length,si->pkey))
+				goto err;
+			if (!ASN1_STRING_set(si->enc_digest,
+				(unsigned char *)buf->data,buf->length))
+				goto err;
+
+			}
+		if (p7->detached)
+			PKCS7_content_free(p7->d.sign->contents);
+		else
+			{
+			btmp=BIO_find_type(bio,BIO_TYPE_MEM);
+			if (btmp == NULL)
+				{
+				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+				goto err;
+				}
+			BIO_get_mem_ptr(btmp,&buf_mem);
+			ASN1_OCTET_STRING_set(p7->d.sign->contents->d.data,
+				(unsigned char *)buf_mem->data,buf_mem->length);
+			}
+		if (pp != NULL) Free(pp);
+		pp=NULL;
+		break;
+	default:
+		PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+	        goto err;
+		}
+
+	if (p7->detached)
+		{
+
+		}
+	ret=1;
+err:
+	if (buf != NULL) BUF_MEM_free(buf);
+	return(ret);
+	}
+
+int PKCS7_dataVerify(cert_store,ctx,bio,p7,si)
+X509_STORE *cert_store;
+X509_STORE_CTX *ctx;
+BIO *bio;
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *si;
+	{
+	PKCS7_SIGNED *s;
+	ASN1_OCTET_STRING *os;
+	EVP_MD_CTX mdc_tmp,*mdc;
+	unsigned char *pp,*p;
+	PKCS7_ISSUER_AND_SERIAL *ias;
+	int ret=0,md_type,i;
+	STACK *sk;
+	BIO *btmp;
+	X509 *x509;
+
+	if (!PKCS7_type_is_signed(p7)) abort();
+	ias=si->issuer_and_serial;
+	s=p7->d.sign;
+
+	x509=X509_find_by_issuer_and_serial(s->cert,ias->issuer,ias->serial);
+
+	/* were we able to find the cert in passed to us */
+	if (x509 == NULL)
+		{
+		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
+		goto err;
+		}
+
+	/* Lets verify */
+	X509_STORE_CTX_init(ctx,cert_store,x509,s->cert);
+	i=X509_verify_cert(ctx);
+	if (i <= 0) goto err;
+	X509_STORE_CTX_cleanup(ctx);
+
+	/* So we like 'x509', lets check the signature. */
+	md_type=OBJ_obj2nid(si->digest_alg->algorithm);
+
+	btmp=bio;
+	for (;;)
+		{
+		if ((btmp == NULL) ||
+			((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
+			{
+			PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+			goto err;
+			}
+		BIO_get_md_ctx(btmp,&mdc);
+		if (mdc == NULL)
+			{
+			PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_INTERNAL_ERROR);
+			goto err;
+			}
+		if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == md_type)
+			break;
+		btmp=btmp->next_bio;	
+		}
+
+	/* mdc is the digest ctx that we want */
+	memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
+
+	sk=si->auth_attr;
+	if ((sk != NULL) && (sk_num(sk) != 0))
+		{
+		i=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
+			V_ASN1_SET,V_ASN1_UNIVERSAL);
+		pp=(unsigned char *)malloc(i);
+		p=pp;
+		i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
+			V_ASN1_SET,V_ASN1_UNIVERSAL);
+		EVP_VerifyUpdate(&mdc_tmp,pp,i);
+		free(pp);
+		}
+
+	os=si->enc_digest;
+	i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length,
+		X509_get_pubkey(x509));
+	if (i <= 0)
+		{
+		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_SIGNATURE_FAILURE);
+		ret= -1;
+		goto err;
+		}
+	else
+		ret=1;
+err:
+	return(ret);
+	}
+
diff --git a/crypto/pkcs7/pk7_enc.c b/crypto/pkcs7/pk7_enc.c
new file mode 100644
index 0000000000..96a6dd94a8
--- /dev/null
+++ b/crypto/pkcs7/pk7_enc.c
@@ -0,0 +1,76 @@
+/* crypto/pkcs7/pk7_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+PKCS7_in_bio(PKCS7 *p7,BIO *in);
+PKCS7_out_bio(PKCS7 *p7,BIO *out);
+
+PKCS7_add_signer(PKCS7 *p7,X509 *cert,EVP_PKEY *key);
+PKCS7_cipher(PKCS7 *p7,EVP_CIPHER *cipher);
+
+PKCS7_Init(PKCS7 *p7);
+PKCS7_Update(PKCS7 *p7);
+PKCS7_Finish(PKCS7 *p7);
+
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
new file mode 100644
index 0000000000..aac133e639
--- /dev/null
+++ b/crypto/pkcs7/pk7_lib.c
@@ -0,0 +1,343 @@
+/* crypto/pkcs7/pk7_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "x509.h"
+
+long PKCS7_ctrl(p7,cmd,larg,parg)
+PKCS7 *p7;
+int cmd;
+long larg;
+char *parg;
+	{
+	int nid;
+	long ret;
+
+	nid=OBJ_obj2nid(p7->type);
+
+	switch (cmd)
+		{
+	case PKCS7_OP_SET_DETACHED_SIGNATURE:
+		if (nid == NID_pkcs7_signed)
+			{
+			ret=p7->detached=(int)larg;
+			}
+		else
+			{
+			PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+			ret=0;
+			}
+		break;
+	case PKCS7_OP_GET_DETACHED_SIGNATURE:
+		if (nid == NID_pkcs7_signed)
+			{
+			ret=p7->detached;
+			}
+		else
+			{
+			PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+			ret=0;
+			}
+			
+		break;
+	default:
+		abort();
+		}
+	return(ret);
+	}
+
+int PKCS7_content_new(p7,type)
+PKCS7 *p7;
+int type;
+	{
+	PKCS7 *ret=NULL;
+
+	if ((ret=PKCS7_new()) == NULL) goto err;
+	if (!PKCS7_set_type(ret,type)) goto err;
+	if (!PKCS7_set_content(p7,ret)) goto err;
+
+	return(1);
+err:
+	if (ret != NULL) PKCS7_free(ret);
+	return(0);
+	}
+
+int PKCS7_set_content(p7,p7_data)
+PKCS7 *p7;
+PKCS7 *p7_data;
+	{
+	int i;
+
+	i=OBJ_obj2nid(p7->type);
+	switch (i)
+		{
+	case NID_pkcs7_signed:
+		if (p7->d.sign->contents != NULL)
+			PKCS7_content_free(p7->d.sign->contents);
+		p7->d.sign->contents=p7_data;
+		break;
+	case NID_pkcs7_digest:
+	case NID_pkcs7_data:
+	case NID_pkcs7_enveloped:
+	case NID_pkcs7_signedAndEnveloped:
+	case NID_pkcs7_encrypted:
+	default:
+		PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+		goto err;
+		}
+	return(1);
+err:
+	return(0);
+	}
+
+int PKCS7_set_type(p7,type)
+PKCS7 *p7;
+int type;
+	{
+	ASN1_OBJECT *obj;
+
+	PKCS7_content_free(p7);
+	obj=OBJ_nid2obj(type); /* will not fail */
+
+	switch (type)
+		{
+	case NID_pkcs7_signed:
+		p7->type=obj;
+		if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
+			goto err;
+		ASN1_INTEGER_set(p7->d.sign->version,1);
+		break;
+	case NID_pkcs7_data:
+		p7->type=obj;
+		if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL)
+			goto err;
+		break;
+	case NID_pkcs7_digest:
+	case NID_pkcs7_enveloped:
+	case NID_pkcs7_signedAndEnveloped:
+	case NID_pkcs7_encrypted:
+	default:
+		PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+		goto err;
+		}
+	return(1);
+err:
+	return(0);
+	}
+
+int PKCS7_add_signer(p7,psi)
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *psi;
+	{
+	int i,j,nid;
+	X509_ALGOR *alg;
+	PKCS7_SIGNED *p7s;
+
+	i=OBJ_obj2nid(p7->type);
+	if (i != NID_pkcs7_signed)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+		return(0);
+		}
+
+	p7s=p7->d.sign;
+
+	nid=OBJ_obj2nid(psi->digest_alg->algorithm);
+
+	/* If the digest is not currently listed, add it */
+	j=0;
+	for (i=0; i<sk_num(p7s->md_algs); i++)
+		{
+		alg=(X509_ALGOR *)sk_value(p7s->md_algs,i);
+		if (OBJ_obj2nid(alg->algorithm) == nid)
+			{
+			j=1;
+			break;
+			}
+		}
+	if (!j) /* we need to add another algorithm */
+		{
+		alg=X509_ALGOR_new();
+		alg->algorithm=OBJ_nid2obj(nid);
+		sk_push(p7s->md_algs,(char *)alg);
+		}
+
+	sk_push(p7s->signer_info,(char *)psi);
+	return(1);
+	}
+
+int PKCS7_add_certificate(p7,x509)
+PKCS7 *p7;
+X509 *x509;
+	{
+	int i;
+
+	i=OBJ_obj2nid(p7->type);
+	if (i != NID_pkcs7_signed)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+		return(0);
+		}
+
+	if (p7->d.sign->cert == NULL)
+		p7->d.sign->cert=sk_new_null();
+	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+	sk_push(p7->d.sign->cert,(char *)x509);
+	return(1);
+	}
+
+int PKCS7_add_crl(p7,crl)
+PKCS7 *p7;
+X509_CRL *crl;
+	{
+	int i;
+	i=OBJ_obj2nid(p7->type);
+	if (i != NID_pkcs7_signed)
+		{
+		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+		return(0);
+		}
+
+	if (p7->d.sign->crl == NULL)
+		p7->d.sign->crl=sk_new_null();
+
+	CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
+	sk_push(p7->d.sign->crl,(char *)crl);
+	return(1);
+	}
+
+int PKCS7_SIGNER_INFO_set(p7i,x509,pkey,dgst)
+PKCS7_SIGNER_INFO *p7i;
+X509 *x509;
+EVP_PKEY *pkey;
+EVP_MD *dgst;
+	{
+	/* We now need to add another PKCS7_SIGNER_INFO entry */
+	ASN1_INTEGER_set(p7i->version,1);
+	X509_NAME_set(&p7i->issuer_and_serial->issuer,
+		X509_get_issuer_name(x509));
+
+	/* because ASN1_INTEGER_set is used to set a 'long' we will do
+	 * things the ugly way. */
+	ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+	p7i->issuer_and_serial->serial=
+		ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+
+	/* lets keep the pkey around for a while */
+	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+	p7i->pkey=pkey;
+
+	/* Set the algorithms */
+	p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
+	p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst));
+
+#if 1
+	if (p7i->digest_enc_alg->parameter != NULL)
+		ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
+	if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL)
+		goto err;
+	p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+#endif
+
+
+	return(1);
+err:
+	return(0);
+	}
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(p7,x509,pkey,dgst)
+PKCS7 *p7;
+X509 *x509;
+EVP_PKEY *pkey;
+EVP_MD *dgst;
+	{
+	PKCS7_SIGNER_INFO *si;
+
+	if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
+	if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
+	if (!PKCS7_add_signer(p7,si)) goto err;
+	return(si);
+err:
+	return(NULL);
+	}
+
+STACK *PKCS7_get_signer_info(p7)
+PKCS7 *p7;
+	{
+	if (PKCS7_type_is_signed(p7))
+		{
+		return(p7->d.sign->signer_info);
+		}
+	else
+		return(NULL);
+	}
+
+X509 *PKCS7_cert_from_signer_info(p7,si)
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *si;
+	{
+	if (PKCS7_type_is_signed(p7))
+		return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
+			si->issuer_and_serial->issuer,
+			si->issuer_and_serial->serial));
+	else
+		return(NULL);
+	}
+
diff --git a/crypto/pkcs7/pkcs7.err b/crypto/pkcs7/pkcs7.err
new file mode 100644
index 0000000000..500f9b3de4
--- /dev/null
+++ b/crypto/pkcs7/pkcs7.err
@@ -0,0 +1,21 @@
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+#define PKCS7_F_PKCS7_ADD_SIGNER			 100
+#define PKCS7_F_PKCS7_CTRL				 101
+#define PKCS7_F_PKCS7_DATAFINAL				 102
+#define PKCS7_F_PKCS7_DATAINIT				 103
+#define PKCS7_F_PKCS7_DATAVERIFY			 104
+#define PKCS7_F_PKCS7_SET_CONTENT			 105
+#define PKCS7_F_PKCS7_SET_TYPE				 106
+
+/* Reason codes. */
+#define PKCS7_R_INTERNAL_ERROR				 100
+#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE	 101
+#define PKCS7_R_SIGNATURE_FAILURE			 102
+#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE		 103
+#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO			 104
+#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST		 105
+#define PKCS7_R_UNKNOWN_DIGEST_TYPE			 106
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 107
+#define PKCS7_R_WRONG_CONTENT_TYPE			 108
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
new file mode 100644
index 0000000000..061f1f0709
--- /dev/null
+++ b/crypto/pkcs7/pkcs7.h
@@ -0,0 +1,416 @@
+/* crypto/pkcs7/pkcs7.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PKCS7_H
+#define HEADER_PKCS7_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "bio.h"
+#include "x509.h"
+
+/*
+Encryption_ID		DES-CBC
+Digest_ID		MD5
+Digest_Encryption_ID	rsaEncryption
+Key_Encryption_ID	rsaEncryption
+*/
+
+typedef struct pkcs7_issuer_and_serial_st
+	{
+	X509_NAME *issuer;
+	ASN1_INTEGER *serial;
+	} PKCS7_ISSUER_AND_SERIAL;
+
+typedef struct pkcs7_signer_info_st
+	{
+	ASN1_INTEGER 			*version;	/* version 1 */
+	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
+	X509_ALGOR			*digest_alg;
+	STACK /* X509_ATTRIBUTE */	*auth_attr;	/* [ 0 ] */
+	X509_ALGOR			*digest_enc_alg;
+	ASN1_OCTET_STRING		*enc_digest;
+	STACK /* X509_ATTRIBUTE */	*unauth_attr;	/* [ 1 ] */
+
+	/* The private key to sign with */
+	EVP_PKEY			*pkey;
+	} PKCS7_SIGNER_INFO;
+
+typedef struct pkcs7_recip_info_st
+	{
+	ASN1_INTEGER			*version;	/* version 0 */
+	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
+	X509_ALGOR			*key_enc_algor;
+	ASN1_OCTET_STRING		*enc_key;
+	} PKCS7_RECIP_INFO;
+
+typedef struct pkcs7_signed_st
+	{
+	ASN1_INTEGER			*version;	/* version 1 */
+	STACK /* X509_ALGOR's */	*md_algs;	/* md used */
+	struct pkcs7_st			*contents;
+	STACK /* X509 */		*cert;		/* [ 0 ] */
+	STACK /* X509_CRL */		*crl;		/* [ 1 ] */
+	STACK /* PKCS7_SIGNER_INFO */	*signer_info;
+	} PKCS7_SIGNED;
+/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
+ * How about merging the two */
+
+typedef struct pkcs7_enc_content_st
+	{
+	ASN1_OBJECT			*content_type;
+	X509_ALGOR			*algorithm;
+	ASN1_OCTET_STRING		*enc_data;	/* [ 0 ] */
+	} PKCS7_ENC_CONTENT;
+
+typedef struct pkcs7_enveloped_st
+	{
+	ASN1_INTEGER			*version;	/* version 0 */
+	STACK /* PKCS7_RECIP_INFO */	*recipientinfo;
+	PKCS7_ENC_CONTENT		*enc_data;
+	} PKCS7_ENVELOPE;
+	
+typedef struct pkcs7_signedandenveloped_st
+	{
+	ASN1_INTEGER			*version;	/* version 1 */
+	STACK /* PKCS7_RECIP_INFO */	*recipientinfo;
+	STACK /* X509_ALGOR's */	*md_algs;	/* md used */
+	PKCS7_ENC_CONTENT		*enc_data;
+	STACK /* X509 */		*cert;		/* [ 0 ] */
+	STACK /* X509_CRL */		*crl;		/* [ 1 ] */
+	STACK /* PKCS7_SIGNER_INFO */	*signer_info;
+	} PKCS7_SIGN_ENVELOPE;
+
+typedef struct pkcs7_digest_st
+	{
+	ASN1_INTEGER			*version;	/* version 0 */
+	X509_ALGOR			*md;		/* md used */
+	struct pkcs7_st 		*contents;
+	ASN1_OCTET_STRING		*digest;
+	} PKCS7_DIGEST;
+
+typedef struct pkcs7_encrypted_st
+	{
+	ASN1_INTEGER			*version;	/* version 0 */
+	PKCS7_ENC_CONTENT		*enc_data;
+	} PKCS7_ENCRYPT;
+
+typedef struct pkcs7_st
+	{
+	/* The following is non NULL if it contains ASN1 encoding of
+	 * this structure */
+	unsigned char *asn1;
+	long length;
+
+#define PKCS7_S_HEADER	0
+#define PKCS7_S_BODY	1
+#define PKCS7_S_TAIL	2
+	int state; /* used during processing */
+
+	int detached;
+
+	ASN1_OBJECT *type;
+	/* content as defined by the type */
+	/* all encryption/message digests are applied to the 'contents',
+	 * leaving out the 'type' field. */
+	union	{
+		char *ptr;
+
+		/* NID_pkcs7_data */
+		ASN1_OCTET_STRING *data;
+
+		/* NID_pkcs7_signed */
+		PKCS7_SIGNED *sign;
+
+		/* NID_pkcs7_enveloped */
+		PKCS7_ENVELOPE *enveloped;
+
+		/* NID_pkcs7_signedAndEnveloped */
+		PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
+
+		/* NID_pkcs7_digest */
+		PKCS7_DIGEST *digest;
+
+		/* NID_pkcs7_encrypted */
+		PKCS7_ENCRYPT *encrypted;
+		} d;
+	} PKCS7;
+
+#define PKCS7_OP_SET_DETACHED_SIGNATURE	1
+#define PKCS7_OP_GET_DETACHED_SIGNATURE	2
+
+#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+#define PKCS7_type_is_data(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+
+#define PKCS7_set_detached(p,v) \
+		PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
+#define PKCS7_get_detached(p) \
+		PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+
+#ifndef NOPROTO
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
+void			PKCS7_ISSUER_AND_SERIAL_free(
+				PKCS7_ISSUER_AND_SERIAL *a);
+int 			i2d_PKCS7_ISSUER_AND_SERIAL(
+				PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
+				PKCS7_ISSUER_AND_SERIAL **a,
+				unsigned char **pp, long length);
+
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type,
+	unsigned char *md,unsigned int *len);
+
+PKCS7_SIGNER_INFO	*PKCS7_SIGNER_INFO_new(void);
+void			PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
+int 			i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
+				unsigned char **pp);
+PKCS7_SIGNER_INFO	*d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
+				unsigned char **pp,long length);
+
+PKCS7_RECIP_INFO	*PKCS7_RECIP_INFO_new(void);
+void			PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
+int 			i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
+				unsigned char **pp);
+PKCS7_RECIP_INFO	*d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
+				unsigned char **pp,long length);
+
+PKCS7_SIGNED		*PKCS7_SIGNED_new(void);
+void			PKCS7_SIGNED_free(PKCS7_SIGNED *a);
+int 			i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
+				unsigned char **pp);
+PKCS7_SIGNED		*d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
+				unsigned char **pp,long length);
+
+PKCS7_ENC_CONTENT	*PKCS7_ENC_CONTENT_new(void);
+void			PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
+int 			i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
+				unsigned char **pp);
+PKCS7_ENC_CONTENT	*d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
+				unsigned char **pp,long length);
+
+PKCS7_ENVELOPE		*PKCS7_ENVELOPE_new(void);
+void			PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
+int 			i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
+				unsigned char **pp);
+PKCS7_ENVELOPE		*d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
+				unsigned char **pp,long length);
+
+PKCS7_SIGN_ENVELOPE	*PKCS7_SIGN_ENVELOPE_new(void);
+void			PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
+int 			i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
+				unsigned char **pp);
+PKCS7_SIGN_ENVELOPE	*d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
+				unsigned char **pp,long length);
+
+PKCS7_DIGEST		*PKCS7_DIGEST_new(void);
+void			PKCS7_DIGEST_free(PKCS7_DIGEST *a);
+int 			i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
+				unsigned char **pp);
+PKCS7_DIGEST		*d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
+				unsigned char **pp,long length);
+
+PKCS7_ENCRYPT		*PKCS7_ENCRYPT_new(void);
+void			PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
+int 			i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
+				unsigned char **pp);
+PKCS7_ENCRYPT		*d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
+				unsigned char **pp,long length);
+
+PKCS7			*PKCS7_new(void);
+void			PKCS7_free(PKCS7 *a);
+void			PKCS7_content_free(PKCS7 *a);
+int 			i2d_PKCS7(PKCS7 *a,
+				unsigned char **pp);
+PKCS7			*d2i_PKCS7(PKCS7 **a,
+				unsigned char **pp,long length);
+
+void ERR_load_PKCS7_strings(void);
+
+#ifndef WIN16
+PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
+int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
+#endif
+PKCS7 *PKCS7_dup(PKCS7 *p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
+int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+
+int PKCS7_set_type(PKCS7 *p7, int type);
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+	EVP_MD *dgst);
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+int PKCS7_content_new(PKCS7 *p7, int nid);
+int PKCS7_dataSign(PKCS7 *p7, BIO *bio);
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
+	BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); 
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
+/*int PKCS7_DataFinal(PKCS7 *p7, BIO *bio); */
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
+	EVP_PKEY *pkey, EVP_MD *dgst);
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+STACK *PKCS7_get_signer_info(PKCS7 *p7);
+
+#else
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new();
+void			PKCS7_ISSUER_AND_SERIAL_free();
+int 			i2d_PKCS7_ISSUER_AND_SERIAL();
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL();
+
+int			PKCS7_ISSUER_AND_SERIAL_digest();
+
+PKCS7_SIGNER_INFO	*PKCS7_SIGNER_INFO_new();
+void			PKCS7_SIGNER_INFO_free();
+int 			i2d_PKCS7_SIGNER_INFO();
+PKCS7_SIGNER_INFO	*d2i_PKCS7_SIGNER_INFO();
+PKCS7_RECIP_INFO	*PKCS7_RECIP_INFO_new();
+void			PKCS7_RECIP_INFO_free();
+int 			i2d_PKCS7_RECIP_INFO();
+PKCS7_RECIP_INFO	*d2i_PKCS7_RECIP_INFO();
+PKCS7_SIGNED		*PKCS7_SIGNED_new();
+void			PKCS7_SIGNED_free();
+int 			i2d_PKCS7_SIGNED();
+PKCS7_SIGNED		*d2i_PKCS7_SIGNED();
+PKCS7_ENC_CONTENT	*PKCS7_ENC_CONTENT_new();
+void			PKCS7_ENC_CONTENT_free();
+int 			i2d_PKCS7_ENC_CONTENT();
+PKCS7_ENC_CONTENT	*d2i_PKCS7_ENC_CONTENT();
+PKCS7_ENVELOPE		*PKCS7_ENVELOPE_new();
+void			PKCS7_ENVELOPE_free();
+int 			i2d_PKCS7_ENVELOPE();
+PKCS7_ENVELOPE		*d2i_PKCS7_ENVELOPE();
+PKCS7_SIGN_ENVELOPE	*PKCS7_SIGN_ENVELOPE_new();
+void			PKCS7_SIGN_ENVELOPE_free();
+int 			i2d_PKCS7_SIGN_ENVELOPE();
+PKCS7_SIGN_ENVELOPE	*d2i_PKCS7_SIGN_ENVELOPE();
+PKCS7_DIGEST		*PKCS7_DIGEST_new();
+void			PKCS7_DIGEST_free();
+int 			i2d_PKCS7_DIGEST();
+PKCS7_DIGEST		*d2i_PKCS7_DIGEST();
+PKCS7_ENCRYPT		*PKCS7_ENCRYPT_new();
+void			PKCS7_ENCRYPT_free();
+int 			i2d_PKCS7_ENCRYPT();
+PKCS7_ENCRYPT		*d2i_PKCS7_ENCRYPT();
+PKCS7			*PKCS7_new();
+void			PKCS7_free();
+void			PKCS7_content_free();
+int 			i2d_PKCS7();
+PKCS7			*d2i_PKCS7();
+
+void ERR_load_PKCS7_strings();
+
+#ifndef WIN16
+PKCS7 *d2i_PKCS7_fp();
+int i2d_PKCS7_fp();
+#endif
+PKCS7 *PKCS7_dup();
+PKCS7 *d2i_PKCS7_bio();
+int i2d_PKCS7_bio();
+long PKCS7_ctrl();
+int PKCS7_set_type();
+int PKCS7_set_content();
+int PKCS7_SIGNER_INFO_set();
+int PKCS7_add_signer();
+int PKCS7_add_certificate();
+int PKCS7_add_crl();
+int PKCS7_content_new();
+int PKCS7_dataSign();
+int PKCS7_dataVerify();
+BIO *PKCS7_dataInit();
+PKCS7_SIGNER_INFO *PKCS7_add_signature();
+X509 *PKCS7_cert_from_signer_info();
+STACK *PKCS7_get_signer_info();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+#define PKCS7_F_PKCS7_ADD_SIGNER			 100
+#define PKCS7_F_PKCS7_CTRL				 101
+#define PKCS7_F_PKCS7_DATAFINAL				 102
+#define PKCS7_F_PKCS7_DATAINIT				 103
+#define PKCS7_F_PKCS7_DATAVERIFY			 104
+#define PKCS7_F_PKCS7_SET_CONTENT			 105
+#define PKCS7_F_PKCS7_SET_TYPE				 106
+
+/* Reason codes. */
+#define PKCS7_R_INTERNAL_ERROR				 100
+#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE	 101
+#define PKCS7_R_SIGNATURE_FAILURE			 102
+#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE		 103
+#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO			 104
+#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST		 105
+#define PKCS7_R_UNKNOWN_DIGEST_TYPE			 106
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 107
+#define PKCS7_R_WRONG_CONTENT_TYPE			 108
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
new file mode 100644
index 0000000000..851691da6a
--- /dev/null
+++ b/crypto/pkcs7/pkcs7err.c
@@ -0,0 +1,99 @@
+/* lib/pkcs7/pkcs7_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "pkcs7.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA PKCS7_str_functs[]=
+	{
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0),	"PKCS7_add_signer"},
+{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0),	"PKCS7_ctrl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAFINAL,0),	"PKCS7_DATAFINAL"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0),	"PKCS7_dataInit"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0),	"PKCS7_dataVerify"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0),	"PKCS7_set_content"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0),	"PKCS7_set_type"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA PKCS7_str_reasons[]=
+	{
+{PKCS7_R_INTERNAL_ERROR                  ,"internal error"},
+{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
+{PKCS7_R_SIGNATURE_FAILURE               ,"signature failure"},
+{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE      ,"unable to find certificate"},
+{PKCS7_R_UNABLE_TO_FIND_MEM_BIO          ,"unable to find mem bio"},
+{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST   ,"unable to find message digest"},
+{PKCS7_R_UNKNOWN_DIGEST_TYPE             ,"unknown digest type"},
+{PKCS7_R_UNSUPPORTED_CONTENT_TYPE        ,"unsupported content type"},
+{PKCS7_R_WRONG_CONTENT_TYPE              ,"wrong content type"},
+{0,NULL},
+	};
+
+void ERR_load_PKCS7_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
+		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
+		}
+	}
diff --git a/crypto/pkcs7/server.pem b/crypto/pkcs7/server.pem
new file mode 100644
index 0000000000..750aac2094
--- /dev/null
+++ b/crypto/pkcs7/server.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/crypto/pkcs7/sign.c b/crypto/pkcs7/sign.c
new file mode 100644
index 0000000000..9400fe30ba
--- /dev/null
+++ b/crypto/pkcs7/sign.c
@@ -0,0 +1,83 @@
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+	{
+	X509 *x509;
+	EVP_PKEY *pkey;
+	PKCS7 *p7;
+	PKCS7 *p7_data;
+	PKCS7_SIGNER_INFO *si;
+	BIO *in;
+	BIO *data,*p7bio;
+	char buf[1024*4];
+	int i,j;
+	int nodetach=0;
+
+	EVP_add_digest(EVP_md2());
+	EVP_add_digest(EVP_md5());
+	EVP_add_digest(EVP_sha1());
+	EVP_add_digest(EVP_mdc2());
+
+	data=BIO_new(BIO_s_file());
+again:
+	if (argc > 1)
+		{
+		if (strcmp(argv[1],"-nd") == 0)
+			{
+			nodetach=1;
+			argv++; argc--;
+			goto again;
+			}
+		if (!BIO_read_filename(data,argv[1]))
+			goto err;
+		}
+	else
+		BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+	if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+	if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+	BIO_reset(in);
+	if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+	BIO_free(in);
+
+	p7=PKCS7_new();
+	PKCS7_set_type(p7,NID_pkcs7_signed);
+	 
+	if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+	/* we may want to add more */
+	PKCS7_add_certificate(p7,x509);
+
+	/* Set the content of the signed to 'data' */
+	PKCS7_content_new(p7,NID_pkcs7_data);
+
+	if (!nodetach)
+		PKCS7_set_detached(p7,1);
+
+	if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+	for (;;)
+		{
+		i=BIO_read(data,buf,sizeof(buf));
+		if (i <= 0) break;
+		BIO_write(p7bio,buf,i);
+		}
+
+	if (!PKCS7_dataSign(p7,p7bio)) goto err;
+	BIO_free(p7bio);
+
+	PEM_write_PKCS7(stdout,p7);
+	PKCS7_free(p7);
+
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors_fp(stderr);
+	exit(1);
+	}
+
diff --git a/crypto/pkcs7/verify.c b/crypto/pkcs7/verify.c
new file mode 100644
index 0000000000..bce20ee20f
--- /dev/null
+++ b/crypto/pkcs7/verify.c
@@ -0,0 +1,181 @@
+#include <stdio.h>
+#include "asn1.h"
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+BIO *bio_err=NULL;
+
+main(argc,argv)
+int argc;
+char *argv[];
+	{
+	X509 *x509,*x;
+	PKCS7 *p7;
+	PKCS7_SIGNED *s;
+	PKCS7_SIGNER_INFO *si;
+	PKCS7_ISSUER_AND_SERIAL *ias;
+	X509_STORE_CTX cert_ctx;
+	X509_STORE *cert_store=NULL;
+	X509_LOOKUP *lookup=NULL;
+	BIO *data,*detached=NULL,*p7bio=NULL;
+	char buf[1024*4];
+	unsigned char *p,*pp;
+	int i,j,printit=0;
+	STACK *sk;
+
+	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+	EVP_add_digest(EVP_md2());
+	EVP_add_digest(EVP_md5());
+	EVP_add_digest(EVP_sha1());
+	EVP_add_digest(EVP_mdc2());
+
+	data=BIO_new(BIO_s_file());
+again:
+	pp=NULL;
+	while (argc > 1)
+		{
+		argc--;
+		argv++;
+		if (strcmp(argv[0],"-p") == 0)
+			{
+			printit=1;
+			}
+		else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
+			{
+			detached=BIO_new(BIO_s_file());
+			if (!BIO_read_filename(detached,argv[1]))
+				goto err;
+			argc--;
+			argv++;
+			}
+		else
+			{
+			pp=argv[0];
+			if (!BIO_read_filename(data,argv[0]))
+				goto err;
+			}
+		}
+
+	if (pp == NULL)
+		BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+
+	/* Load the PKCS7 object from a file */
+	if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err;
+
+	/* This stuff is being setup for certificate verification.
+	 * When using SSL, it could be replaced with a 
+	 * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
+	cert_store=X509_STORE_new();
+	X509_STORE_set_default_paths(cert_store);
+	X509_STORE_load_locations(cert_store,NULL,"../../certs");
+	X509_STORE_set_verify_cb_func(cert_store,verify_callback);
+
+	ERR_clear_errors();
+
+	/* We need to process the data */
+	if (PKCS7_get_detached(p7))
+		{
+		if (detached == NULL)
+			{
+			printf("no data to verify the signature on\n");
+			exit(1);
+			}
+		else
+			p7bio=PKCS7_dataInit(p7,detached);
+		}
+	else
+		{
+		p7bio=PKCS7_dataInit(p7,NULL);
+		}
+
+	/* We now have to 'read' from p7bio to calculate digests etc. */
+	for (;;)
+		{
+		i=BIO_read(p7bio,buf,sizeof(buf));
+		/* print it? */
+		if (i <= 0) break;
+		}
+
+	/* We can now verify signatures */
+	sk=PKCS7_get_signer_info(p7);
+	if (sk == NULL)
+		{
+		printf("there are no signatures on this data\n");
+		exit(1);
+		}
+
+	/* Ok, first we need to, for each subject entry, see if we can verify */
+	for (i=0; i<sk_num(sk); i++)
+		{
+		si=(PKCS7_SIGNER_INFO *)sk_value(sk,i);
+		i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
+		if (i <= 0)
+			goto err;
+		}
+
+	X509_STORE_free(cert_store);
+
+	printf("done\n");
+	exit(0);
+err:
+	ERR_load_crypto_strings();
+	ERR_print_errors_fp(stderr);
+	exit(1);
+	}
+
+/* should be X509 * but we can just have them as char *. */
+int verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+	{
+	char buf[256];
+	X509 *err_cert;
+	int err,depth;
+
+	err_cert=X509_STORE_CTX_get_current_cert(ctx);
+	err=	X509_STORE_CTX_get_error(ctx);
+	depth=	X509_STORE_CTX_get_error_depth(ctx);
+
+	X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+	BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+	if (!ok)
+		{
+		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+			X509_verify_cert_error_string(err));
+		if (depth < 6)
+			{
+			ok=1;
+			X509_STORE_CTX_set_error(ctx,X509_V_OK);
+			}
+		else
+			{
+			ok=0;
+			X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
+			}
+		}
+	switch (ctx->error)
+		{
+	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+		BIO_printf(bio_err,"issuer= %s\n",buf);
+		break;
+	case X509_V_ERR_CERT_NOT_YET_VALID:
+	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+		BIO_printf(bio_err,"notBefore=");
+		ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+		BIO_printf(bio_err,"\n");
+		break;
+	case X509_V_ERR_CERT_HAS_EXPIRED:
+	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+		BIO_printf(bio_err,"notAfter=");
+		ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+		BIO_printf(bio_err,"\n");
+		break;
+		}
+	BIO_printf(bio_err,"verify return:%d\n",ok);
+	return(ok);
+	}
diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl
new file mode 100644
index 0000000000..d04f0a9b43
--- /dev/null
+++ b/crypto/rand/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/rand/Makefile
+#
+
+DIR=	rand
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= randtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md_rand.c randfile.c
+LIBOBJ=md_rand.o randfile.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rand.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
new file mode 100644
index 0000000000..6c8e65a05c
--- /dev/null
+++ b/crypto/rand/md_rand.c
@@ -0,0 +1,406 @@
+/* crypto/rand/md_rand.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/types.h>
+#include <time.h>
+
+
+#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#ifndef NO_MD5
+#define USE_MD5_RAND
+#elif !defined(NO_SHA1)
+#define USE_SHA1_RAND
+#elif !defined(NO_MDC2)
+#define USE_MDC2_RAND
+#elif !defined(NO_MD2)
+#define USE_MD2_RAND
+#else
+We need a message digest of some type 
+#endif
+#endif
+
+/* Changed how the state buffer used.  I now attempt to 'wrap' such
+ * that I don't run over the same locations the next time  go through
+ * the 1023 bytes - many thanks to
+ * Robert J. LeBlanc <rjl@renaissoft.com> for his comments
+ */
+
+#if defined(USE_MD5_RAND)
+#include "md5.h"
+#define MD_DIGEST_LENGTH	MD5_DIGEST_LENGTH
+#define MD_CTX			MD5_CTX
+#define MD_Init(a)		MD5_Init(a)
+#define MD_Update(a,b,c)	MD5_Update(a,b,c)
+#define	MD_Final(a,b)		MD5_Final(a,b)
+#elif defined(USE_SHA1_RAND)
+#include "sha.h"
+#define MD_DIGEST_LENGTH	SHA_DIGEST_LENGTH
+#define MD_CTX			SHA_CTX
+#define MD_Init(a)		SHA1_Init(a)
+#define MD_Update(a,b,c)	SHA1_Update(a,b,c)
+#define	MD_Final(a,b)		SHA1_Final(a,b)
+#elif defined(USE_MDC2_RAND)
+#include "mdc2.h"
+#define MD_DIGEST_LENGTH	MDC2_DIGEST_LENGTH
+#define MD_CTX			MDC2_CTX
+#define MD_Init(a)		MDC2_Init(a)
+#define MD_Update(a,b,c)	MDC2_Update(a,b,c)
+#define	MD_Final(a,b)		MDC2_Final(a,b)
+#elif defined(USE_MD2_RAND)
+#include "md2.h"
+#define MD_DIGEST_LENGTH	MD2_DIGEST_LENGTH
+#define MD_CTX			MD2_CTX
+#define MD_Init(a)		MD2_Init(a)
+#define MD_Update(a,b,c)	MD2_Update(a,b,c)
+#define	MD_Final(a,b)		MD2_Final(a,b)
+#endif
+
+#include "rand.h"
+
+/*#define NORAND	1 */
+/*#define PREDICT	1 */
+
+#define STATE_SIZE	1023
+static int state_num=0,state_index=0;
+static unsigned char state[STATE_SIZE];
+static unsigned char md[MD_DIGEST_LENGTH];
+static int count=0;
+
+char *RAND_version="RAND part of SSLeay 0.8.1b 29-Jun-1998";
+
+void RAND_cleanup()
+	{
+	memset(state,0,STATE_SIZE);
+	state_num=0;
+	state_index=0;
+	memset(md,0,MD_DIGEST_LENGTH);
+	count=0;
+	}
+
+void RAND_seed(buf,num)
+unsigned char *buf;
+int num;
+	{
+	int i,j,k,st_idx,st_num;
+	MD_CTX m;
+
+#ifdef NORAND
+	return;
+#endif
+
+	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+	st_idx=state_index;
+	st_num=state_num;
+
+	state_index=(state_index+num);
+	if (state_index > STATE_SIZE)
+		{
+		state_index%=STATE_SIZE;
+		state_num=STATE_SIZE;
+		}
+	else if (state_num < STATE_SIZE)	
+		{
+		if (state_index > state_num)
+			state_num=state_index;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
+		{
+		j=(num-i);
+		j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
+
+		MD_Init(&m);
+		MD_Update(&m,md,MD_DIGEST_LENGTH);
+		k=(st_idx+j)-STATE_SIZE;
+		if (k > 0)
+			{
+			MD_Update(&m,&(state[st_idx]),j-k);
+			MD_Update(&m,&(state[0]),k);
+			}
+		else
+			MD_Update(&m,&(state[st_idx]),j);
+			
+		MD_Update(&m,buf,j);
+		MD_Final(md,&m);
+
+		buf+=j;
+
+		for (k=0; k<j; k++)
+			{
+			state[st_idx++]^=md[k];
+			if (st_idx >= STATE_SIZE)
+				{
+				st_idx=0;
+				st_num=STATE_SIZE;
+				}
+			}
+		}
+	memset((char *)&m,0,sizeof(m));
+	}
+
+void RAND_bytes(buf,num)
+unsigned char *buf;
+int num;
+	{
+	int i,j,k,st_num,st_idx;
+	MD_CTX m;
+	static int init=1;
+	unsigned long l;
+#ifdef DEVRANDOM
+	FILE *fh;
+#endif
+
+#ifdef PREDICT
+	{
+	static unsigned char val=0;
+
+	for (i=0; i<num; i++)
+		buf[i]=val++;
+	return;
+	}
+#endif
+
+	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+	if (init)
+		{
+		init=0;
+		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+		/* put in some default random data, we need more than
+		 * just this */
+		RAND_seed((unsigned char *)&m,sizeof(m));
+#ifndef MSDOS
+		l=getpid();
+		RAND_seed((unsigned char *)&l,sizeof(l));
+		l=getuid();
+		RAND_seed((unsigned char *)&l,sizeof(l));
+#endif
+		l=time(NULL);
+		RAND_seed((unsigned char *)&l,sizeof(l));
+
+#ifdef DEVRANDOM
+		/* 
+		 * Use a random entropy pool device.
+		 * Linux 1.3.x and FreeBSD-Current has 
+		 * this. Use /dev/urandom if you can
+		 * as /dev/random will block if it runs out
+		 * of random entries.
+		 */
+		if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+			{
+			unsigned char buf[32];
+
+			fread((unsigned char *)buf,1,32,fh);
+			/* we don't care how many bytes we read,
+			 * we will just copy the 'stack' if there is
+			 * nothing else :-) */
+			fclose(fh);
+			RAND_seed(buf,32);
+			memset(buf,0,32);
+			}
+#endif
+#ifdef PURIFY
+		memset(state,0,STATE_SIZE);
+		memset(md,0,MD_DIGEST_LENGTH);
+#endif
+		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+		}
+
+	st_idx=state_index;
+	st_num=state_num;
+	state_index+=num;
+	if (state_index > state_num)
+		state_index=(state_index%state_num);
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+	while (num > 0)
+		{
+		j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
+		num-=j;
+		MD_Init(&m);
+		MD_Update(&m,&(md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
+#ifndef PURIFY
+		MD_Update(&m,buf,j); /* purify complains */
+#endif
+		k=(st_idx+j)-st_num;
+		if (k > 0)
+			{
+			MD_Update(&m,&(state[st_idx]),j-k);
+			MD_Update(&m,&(state[0]),k);
+			}
+		else
+			MD_Update(&m,&(state[st_idx]),j);
+		MD_Final(md,&m);
+
+		for (i=0; i<j; i++)
+			{
+			if (st_idx >= st_num)
+				st_idx=0;
+			state[st_idx++]^=md[i];
+			*(buf++)=md[i+MD_DIGEST_LENGTH/2];
+			}
+		}
+
+	MD_Init(&m);
+	MD_Update(&m,(unsigned char *)&count,sizeof(count)); count++;
+	MD_Update(&m,md,MD_DIGEST_LENGTH);
+	MD_Final(md,&m);
+	memset(&m,0,sizeof(m));
+	}
+
+#ifdef WINDOWS
+#include <windows.h>
+#include <rand.h>
+
+/*****************************************************************************
+ * Initialisation function for the SSL random generator.  Takes the contents
+ * of the screen as random seed.
+ *
+ * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
+ *
+ * Code adapted from
+ * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
+ * the original copyright message is:
+ *
+//   (C) Copyright Microsoft Corp. 1993.  All rights reserved.
+//
+//   You have a royalty-free right to use, modify, reproduce and
+//   distribute the Sample Files (and/or any modified version) in
+//   any way you find useful, provided that you agree that
+//   Microsoft has no warranty obligations or liability for any
+//   Sample Application Files which are modified.
+ */
+/*
+ * I have modified the loading of bytes via RAND_seed() mechanism since
+ * the origional would have been very very CPU intensive since RAND_seed()
+ * does an MD5 per 16 bytes of input.  The cost to digest 16 bytes is the same
+ * as that to digest 56 bytes.  So under the old system, a screen of
+ * 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5
+ * digests or digesting 2.7 mbytes.  What I have put in place would
+ * be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes
+ * or about 3.5 times as much.
+ * - eric 
+ */
+void RAND_screen(void)
+{
+  HDC		hScrDC;		/* screen DC */
+  HDC		hMemDC;		/* memory DC */
+  HBITMAP	hBitmap;	/* handle for our bitmap */
+  HBITMAP	hOldBitmap;	/* handle for previous bitmap */
+  BITMAP	bm;		/* bitmap properties */
+  unsigned int	size;		/* size of bitmap */
+  char		*bmbits;	/* contents of bitmap */
+  int		w;		/* screen width */
+  int		h;		/* screen height */
+  int		y;		/* y-coordinate of screen lines to grab */
+  int		n = 16;		/* number of screen lines to grab at a time */
+
+  /* Create a screen DC and a memory DC compatible to screen DC */
+  hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+  hMemDC = CreateCompatibleDC(hScrDC);
+
+  /* Get screen resolution */
+  w = GetDeviceCaps(hScrDC, HORZRES);
+  h = GetDeviceCaps(hScrDC, VERTRES);
+
+  /* Create a bitmap compatible with the screen DC */
+  hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
+
+  /* Select new bitmap into memory DC */
+  hOldBitmap = SelectObject(hMemDC, hBitmap);
+
+  /* Get bitmap properties */
+  GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
+  size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
+
+  bmbits = Malloc(size);
+  if (bmbits) {
+    /* Now go through the whole screen, repeatedly grabbing n lines */
+    for (y = 0; y < h-n; y += n)
+    	{
+	unsigned char md[MD_DIGEST_LENGTH];
+
+	/* Bitblt screen DC to memory DC */
+	BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
+
+	/* Copy bitmap bits from memory DC to bmbits */
+	GetBitmapBits(hBitmap, size, bmbits);
+
+	/* Get the MD5 of the bitmap */
+	MD5(bmbits,size,md);
+
+	/* Seed the random generator with the MD5 digest */
+	RAND_seed(md, MD_DIGEST_LENGTH);
+	}
+
+    Free(bmbits);
+  }
+
+  /* Select old bitmap back into memory DC */
+  hBitmap = SelectObject(hMemDC, hOldBitmap);
+
+  /* Clean up */
+  DeleteObject(hBitmap);
+  DeleteDC(hMemDC);
+  DeleteDC(hScrDC);
+}
+#endif
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
new file mode 100644
index 0000000000..99ca47d6cf
--- /dev/null
+++ b/crypto/rand/rand.h
@@ -0,0 +1,92 @@
+/* crypto/rand/rand.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RAND_H
+#define HEADER_RAND_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifndef NOPROTO
+void RAND_cleanup(void );
+void RAND_bytes( unsigned char *buf,int num);
+void RAND_seed( unsigned char *buf,int num);
+int  RAND_load_file(char *file,long max_bytes);
+int  RAND_write_file(char *file);
+char *RAND_file_name(char *file,int num);
+#ifdef WINDOWS
+void RAND_screen(void);
+#endif
+#else
+void RAND_cleanup();
+void RAND_bytes();
+void RAND_seed();
+int  RAND_load_file();
+int  RAND_write_file();
+char *RAND_file_name();
+#ifdef WINDOWS
+void RAND_screen();
+#endif
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
new file mode 100644
index 0000000000..ad0e55db90
--- /dev/null
+++ b/crypto/rand/randfile.c
@@ -0,0 +1,166 @@
+/* crypto/rand/randfile.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "rand.h"
+
+#undef BUFSIZE
+#define BUFSIZE	1024
+#define RAND_DATA 1024
+
+/* #define RFILE ".rand" - defined in ../../e_os.h */
+
+int RAND_load_file(file,bytes)
+char *file;
+long bytes;
+	{
+	MS_STATIC unsigned char buf[BUFSIZE];
+	struct stat sb;
+	int i,ret=0,n;
+	FILE *in;
+
+	if (file == NULL) return(0);
+
+	i=stat(file,&sb);
+	/* If the state fails, put some crap in anyway */
+	RAND_seed((unsigned char *)&sb,sizeof(sb));
+	ret+=sizeof(sb);
+	if (i < 0) return(0);
+	if (bytes <= 0) return(ret);
+
+	in=fopen(file,"r");
+	if (in == NULL) goto err;
+	for (;;)
+		{
+		n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+		i=fread(buf,1,n,in);
+		if (i <= 0) break;
+		/* even if n != i, use the full array */
+		RAND_seed(buf,n);
+		ret+=i;
+		bytes-=n;
+		if (bytes <= 0) break;
+		}
+	fclose(in);
+	memset(buf,0,BUFSIZE);
+err:
+	return(ret);
+	}
+
+int RAND_write_file(file)
+char *file;
+	{
+	unsigned char buf[BUFSIZE];
+	int i,ret=0;
+	FILE *out;
+	int n;
+
+	out=fopen(file,"w");
+	if (out == NULL) goto err;
+	chmod(file,0600);
+	n=RAND_DATA;
+	for (;;)
+		{
+		i=(n > BUFSIZE)?BUFSIZE:n;
+		n-=BUFSIZE;
+		RAND_bytes(buf,i);
+		i=fwrite(buf,1,i,out);
+		if (i <= 0)
+			{
+			ret=0;
+			break;
+			}
+		ret+=i;
+		if (n <= 0) break;
+		}
+	fclose(out);
+	memset(buf,0,BUFSIZE);
+err:
+	return(ret);
+	}
+
+char *RAND_file_name(buf,size)
+char *buf;
+int size;
+	{
+	char *s;
+	char *ret=NULL;
+
+	s=getenv("RANDFILE");
+	if (s != NULL)
+		{
+		strncpy(buf,s,size-1);
+		buf[size-1]='\0';
+		ret=buf;
+		}
+	else
+		{
+		s=getenv("HOME");
+		if (s == NULL) return(RFILE);
+		if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
+			return(RFILE);
+		strcpy(buf,s);
+		strcat(buf,"/");
+		strcat(buf,RFILE);
+		ret=buf;
+		}
+	return(ret);
+	}
diff --git a/crypto/rand/randtest.c b/crypto/rand/randtest.c
new file mode 100644
index 0000000000..ac3f0d7097
--- /dev/null
+++ b/crypto/rand/randtest.c
@@ -0,0 +1,207 @@
+/* crypto/rand/randtest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rand.h"
+
+/* some FIPS 140-1 random number test */
+/* some simple tests */
+
+int main()
+	{
+	unsigned char buf[2500];
+	int i,j,k,s,sign,nsign,err=0;
+	unsigned long n1;
+	unsigned long n2[16];
+	unsigned long runs[2][34];
+	/*double d; */
+	long d;
+
+	RAND_bytes(buf,2500);
+
+	n1=0;
+	for (i=0; i<16; i++) n2[i]=0;
+	for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
+
+	/* test 1 and 2 */
+	sign=0;
+	nsign=0;
+	for (i=0; i<2500; i++)
+		{
+		j=buf[i];
+
+		n2[j&0x0f]++;
+		n2[(j>>4)&0x0f]++;
+
+		for (k=0; k<8; k++)
+			{
+			s=(j&0x01);
+			if (s == sign)
+				nsign++;
+			else
+				{
+				if (nsign > 34) nsign=34;
+				if (nsign != 0)
+					{
+					runs[sign][nsign-1]++;
+					if (nsign > 6)
+						runs[sign][5]++;
+					}
+				sign=s;
+				nsign=1;
+				}
+
+			if (s) n1++;
+			j>>=1;
+			}
+		}
+		if (nsign > 34) nsign=34;
+		if (nsign != 0) runs[sign][nsign-1]++;
+
+	/* test 1 */
+	if (!((9654 < n1) && (n1 < 10346)))
+		{
+		printf("test 1 failed, X=%ld\n",n1);
+		err++;
+		}
+	printf("test 1 done\n");
+
+	/* test 2 */
+#ifdef undef
+	d=0;
+	for (i=0; i<16; i++)
+		d+=n2[i]*n2[i];
+	d=d*16.0/5000.0-5000.0;
+	if (!((1.03 < d) && (d < 57.4)))
+		{
+		printf("test 2 failed, X=%.2f\n",d);
+		err++;
+		}
+#endif
+	d=0;
+	for (i=0; i<16; i++)
+		d+=n2[i]*n2[i];
+	d=(d*8)/25-500000;
+	if (!((103 < d) && (d < 5740)))
+		{
+		printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
+		err++;
+		}
+	printf("test 2 done\n");
+
+	/* test 3 */
+	for (i=0; i<2; i++)
+		{
+		if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
+			{
+			printf("test 3 failed, bit=%d run=%d num=%ld\n",
+				i,1,runs[i][0]);
+			err++;
+			}
+		if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
+			{
+			printf("test 3 failed, bit=%d run=%d num=%ld\n",
+				i,2,runs[i][1]);
+			err++;
+			}
+		if (!(( 502 < runs[i][2]) && (runs[i][2] <  748)))
+			{
+			printf("test 3 failed, bit=%d run=%d num=%ld\n",
+				i,3,runs[i][2]);
+			err++;
+			}
+		if (!(( 223 < runs[i][3]) && (runs[i][3] <  402)))
+			{
+			printf("test 3 failed, bit=%d run=%d num=%ld\n",
+				i,4,runs[i][3]);
+			err++;
+			}
+		if (!((  90 < runs[i][4]) && (runs[i][4] <  223)))
+			{
+			printf("test 3 failed, bit=%d run=%d num=%ld\n",
+				i,5,runs[i][4]);
+			err++;
+			}
+		if (!((  90 < runs[i][5]) && (runs[i][5] <  223)))
+			{
+			printf("test 3 failed, bit=%d run=%d num=%ld\n",
+				i,6,runs[i][5]);
+			err++;
+			}
+		}
+	printf("test 3 done\n");
+	
+	/* test 4 */
+	if (runs[0][33] != 0)
+		{
+		printf("test 4 failed, bit=%d run=%d num=%ld\n",
+			0,34,runs[0][33]);
+		err++;
+		}
+	if (runs[1][33] != 0)
+		{
+		printf("test 4 failed, bit=%d run=%d num=%ld\n",
+			1,34,runs[1][33]);
+		err++;
+		}
+	printf("test 4 done\n");
+	err=((err)?1:0);
+	exit(err);
+	return(err);
+	}
diff --git a/crypto/rc2/Makefile.ssl b/crypto/rc2/Makefile.ssl
new file mode 100644
index 0000000000..c5138f13e2
--- /dev/null
+++ b/crypto/rc2/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/rc2/Makefile
+#
+
+DIR=	rc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER=	rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h
new file mode 100644
index 0000000000..0903417fc3
--- /dev/null
+++ b/crypto/rc2/rc2.h
@@ -0,0 +1,116 @@
+/* crypto/rc2/rc2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify rc2.org since rc2.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_RC2_H
+#define HEADER_RC2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define RC2_ENCRYPT	1
+#define RC2_DECRYPT	0
+
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+
+#define RC2_BLOCK	8
+#define RC2_KEY_LENGTH	16
+
+typedef struct rc2_key_st
+	{
+	RC2_INT data[64];
+	} RC2_KEY;
+
+#ifndef NOPROTO
+ 
+void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
+void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
+	int enc);
+void RC2_encrypt(unsigned long *data,RC2_KEY *key,int enc);
+void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC2_KEY *ks, unsigned char *iv, int enc);
+void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC2_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC2_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC2_set_key();
+void RC2_ecb_encrypt();
+void RC2_encrypt();
+void RC2_cbc_encrypt();
+void RC2_cfb64_encrypt();
+void RC2_ofb64_encrypt();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc2/rc2.org b/crypto/rc2/rc2.org
new file mode 100644
index 0000000000..af9310f13e
--- /dev/null
+++ b/crypto/rc2/rc2.org
@@ -0,0 +1,116 @@
+/* crypto/rc2/rc2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ *
+ * Always modify rc2.org since rc2.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_RC2_H
+#define HEADER_RC2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define RC2_ENCRYPT	1
+#define RC2_DECRYPT	0
+
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned short
+
+#define RC2_BLOCK	8
+#define RC2_KEY_LENGTH	16
+
+typedef struct rc2_key_st
+	{
+	RC2_INT data[64];
+	} RC2_KEY;
+
+#ifndef NOPROTO
+ 
+void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
+void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
+	int enc);
+void RC2_encrypt(unsigned long *data,RC2_KEY *key,int enc);
+void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC2_KEY *ks, unsigned char *iv, int enc);
+void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC2_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	RC2_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC2_set_key();
+void RC2_ecb_encrypt();
+void RC2_encrypt();
+void RC2_cbc_encrypt();
+void RC2_cfb64_encrypt();
+void RC2_ofb64_encrypt();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c
new file mode 100644
index 0000000000..24e7759357
--- /dev/null
+++ b/crypto/rc2/rc2_cbc.c
@@ -0,0 +1,140 @@
+/* crypto/rc2/rc2_cbc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+void RC2_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *ks;
+unsigned char *iv;
+int encrypt;
+	{
+	register unsigned long tin0,tin1;
+	register unsigned long tout0,tout1,xor0,xor1;
+	register long l=length;
+	unsigned long tin[2];
+
+	if (encrypt)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			RC2_encrypt(tin,ks,RC2_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			RC2_encrypt(tin,ks,RC2_ENCRYPT);
+			tout0=tin[0]; l2c(tout0,out);
+			tout1=tin[1]; l2c(tout1,out);
+			}
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			RC2_encrypt(tin,ks,RC2_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0); tin[0]=tin0;
+			c2l(in,tin1); tin[1]=tin1;
+			RC2_encrypt(tin,ks,RC2_DECRYPT);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c
new file mode 100644
index 0000000000..65b5d3536a
--- /dev/null
+++ b/crypto/rc2/rc2_ecb.c
@@ -0,0 +1,163 @@
+/* crypto/rc2/rc2_ecb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+char *RC2_version="RC2 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* RC2 as implemented frm a posting from
+ * Newsgroups: sci.crypt
+ * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+ * Subject: Specification for Ron Rivests Cipher No.2
+ * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+ * Date: 11 Feb 1996 06:45:03 GMT
+ */
+
+void RC2_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+RC2_KEY *ks;
+int encrypt;
+	{
+	unsigned long l,d[2];
+
+	c2l(in,l); d[0]=l;
+	c2l(in,l); d[1]=l;
+	RC2_encrypt(d,ks,encrypt);
+	l=d[0]; l2c(l,out);
+	l=d[1]; l2c(l,out);
+	l=d[0]=d[1]=0;
+	}
+
+void RC2_encrypt(d,key,encrypt)
+unsigned long *d;
+RC2_KEY *key;
+int encrypt;
+	{
+	int i,n;
+	register RC2_INT *p0,*p1;
+	register RC2_INT x0,x1,x2,x3,t;
+	unsigned long l;
+
+	l=d[0];
+	x0=(RC2_INT)l&0xffff;
+	x1=(RC2_INT)(l>>16L);
+	l=d[1];
+	x2=(RC2_INT)l&0xffff;
+	x3=(RC2_INT)(l>>16L);
+
+	n=3;
+	i=5;
+	if (encrypt)
+		{
+		p0=p1= &(key->data[0]);
+		for (;;)
+			{
+			t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
+			x0=(t<<1)|(t>>15);
+			t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
+			x1=(t<<2)|(t>>14);
+			t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
+			x2=(t<<3)|(t>>13);
+			t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
+			x3=(t<<5)|(t>>11);
+
+			if (--i == 0)
+				{
+				if (--n == 0) break;
+				i=(n == 2)?6:5;
+
+				x0+=p1[x3&0x3f];
+				x1+=p1[x0&0x3f];
+				x2+=p1[x1&0x3f];
+				x3+=p1[x2&0x3f];
+				}
+			}
+		}
+	else
+		{
+		p0= &(key->data[63]);
+		p1= &(key->data[0]);
+		for (;;)
+			{
+			t=((x3<<11)|(x3>>5))&0xffff;
+			x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
+			t=((x2<<13)|(x2>>3))&0xffff;
+			x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
+			t=((x1<<14)|(x1>>2))&0xffff;
+			x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
+			t=((x0<<15)|(x0>>1))&0xffff;
+			x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
+
+			if (--i == 0)
+				{
+				if (--n == 0) break;
+				i=(n == 2)?6:5;
+
+				x3=(x3-p1[x2&0x3f])&0xffff;
+				x2=(x2-p1[x1&0x3f])&0xffff;
+				x1=(x1-p1[x0&0x3f])&0xffff;
+				x0=(x0-p1[x3&0x3f])&0xffff;
+				}
+			}
+		}
+
+	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
+	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
+	}
diff --git a/crypto/rc2/rc2_locl.h b/crypto/rc2/rc2_locl.h
new file mode 100644
index 0000000000..05f45b0573
--- /dev/null
+++ b/crypto/rc2/rc2_locl.h
@@ -0,0 +1,146 @@
+/* crypto/rc2/rc2_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c
new file mode 100644
index 0000000000..cfc8a50cd9
--- /dev/null
+++ b/crypto/rc2/rc2_skey.c
@@ -0,0 +1,142 @@
+/* crypto/rc2/rc2_skey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+static unsigned char key_table[256]={
+	0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
+	0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
+	0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
+	0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
+	0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
+	0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
+	0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
+	0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
+	0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
+	0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
+	0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
+	0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
+	0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
+	0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
+	0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
+	0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
+	0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
+	0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
+	0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
+	0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
+	0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
+	0xfe,0x7f,0xc1,0xad,
+	};
+
+/* It has come to my attention that there are 2 versions of the RC2
+ * key schedule.  One which is normal, and anther which has a hook to
+ * use a reduced key length.
+ * BSAFE uses the 'retarded' version.  What I previously shipped is
+ * the same as specifying 1024 for the 'bits' parameter.  Bsafe uses
+ * a version where the bits parameter is the same as len*8 */
+void RC2_set_key(key,len,data,bits)
+RC2_KEY *key;
+int len;
+unsigned char *data;
+int bits;
+	{
+	int i,j;
+	unsigned char *k;
+	RC2_INT *ki;
+	unsigned int c,d;
+
+	k= (unsigned char *)&(key->data[0]);
+	*k=0; /* for if there is a zero length key */
+
+	if (len > 128) len=128;
+	if (bits <= 0) bits=1024;
+	if (bits > 1024) bits=1024;
+
+	for (i=0; i<len; i++)
+		k[i]=data[i];
+
+	/* expand table */
+	d=k[len-1];
+	j=0;
+	for (i=len; i < 128; i++,j++)
+		{
+		d=key_table[(k[j]+d)&0xff];
+		k[i]=d;
+		}
+
+	/* hmm.... key reduction to 'bits' bits */
+
+	j=(bits+7)>>3;
+	i=128-j;
+	c= (0xff>>(-bits & 0x07));
+
+	d=key_table[k[i]&c];
+	k[i]=d;
+	while (i--)
+		{
+		d=key_table[k[i+j]^d];
+		k[i]=d;
+		}
+
+	/* copy from bytes into RC2_INT's */
+	ki= &(key->data[63]);
+	for (i=127; i>=0; i-=2)
+		*(ki--)=((k[i]<<8)|k[i-1])&0xffff;
+	}
+
diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c
new file mode 100644
index 0000000000..44df3dc951
--- /dev/null
+++ b/crypto/rc2/rc2cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/rc2/rc2cfb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void RC2_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+	{
+	register unsigned long v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned long ti[2];
+	unsigned char *iv,c,cc;
+
+	iv=(unsigned char *)ivec;
+	if (encrypt)
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0); ti[0]=v0;
+				c2l(iv,v1); ti[1]=v1;
+				RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2c(t,iv);
+				t=ti[1]; l2c(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			c= *(in++)^iv[n];
+			*(out++)=c;
+			iv[n]=c;
+			n=(n+1)&0x07;
+			}
+		}
+	else
+		{
+		while (l--)
+			{
+			if (n == 0)
+				{
+				c2l(iv,v0); ti[0]=v0;
+				c2l(iv,v1); ti[1]=v1;
+				RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+				iv=(unsigned char *)ivec;
+				t=ti[0]; l2c(t,iv);
+				t=ti[1]; l2c(t,iv);
+				iv=(unsigned char *)ivec;
+				}
+			cc= *(in++);
+			c=iv[n];
+			iv[n]=cc;
+			*(out++)=c^cc;
+			n=(n+1)&0x07;
+			}
+		}
+	v0=v1=ti[0]=ti[1]=t=c=cc=0;
+	*num=n;
+	}
+
diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c
new file mode 100644
index 0000000000..5df004bcec
--- /dev/null
+++ b/crypto/rc2/rc2ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/rc2/rc2ofb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void RC2_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *schedule;
+unsigned char *ivec;
+int *num;
+	{
+	register unsigned long v0,v1,t;
+	register int n= *num;
+	register long l=length;
+	unsigned char d[8];
+	register char *dp;
+	unsigned long ti[2];
+	unsigned char *iv;
+	int save=0;
+
+	iv=(unsigned char *)ivec;
+	c2l(iv,v0);
+	c2l(iv,v1);
+	ti[0]=v0;
+	ti[1]=v1;
+	dp=(char *)d;
+	l2c(v0,dp);
+	l2c(v1,dp);
+	while (l--)
+		{
+		if (n == 0)
+			{
+			RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+			dp=(char *)d;
+			t=ti[0]; l2c(t,dp);
+			t=ti[1]; l2c(t,dp);
+			save++;
+			}
+		*(out++)= *(in++)^d[n];
+		n=(n+1)&0x07;
+		}
+	if (save)
+		{
+		v0=ti[0];
+		v1=ti[1];
+		iv=(unsigned char *)ivec;
+		l2c(v0,iv);
+		l2c(v1,iv);
+		}
+	t=v0=v1=ti[0]=ti[1]=0;
+	*num=n;
+	}
+
diff --git a/crypto/rc2/rc2test.c b/crypto/rc2/rc2test.c
new file mode 100644
index 0000000000..00e21ddd3a
--- /dev/null
+++ b/crypto/rc2/rc2test.c
@@ -0,0 +1,270 @@
+/* crypto/rc2/rc2test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'.  When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "rc2.h"
+
+unsigned char RC2key[4][16]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+	 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F},
+	};
+
+unsigned char RC2plain[4][8]={
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	};
+
+unsigned char RC2cipher[4][8]={
+	{0x1C,0x19,0x8A,0x83,0x8D,0xF0,0x28,0xB7},
+	{0x21,0x82,0x9C,0x78,0xA9,0xF9,0xC0,0x74},
+	{0x13,0xDB,0x35,0x17,0xD3,0x21,0x86,0x9E},
+	{0x50,0xDC,0x01,0x62,0xBD,0x75,0x7F,0x31},
+	};
+/************/
+#ifdef undef
+unsigned char k[16]={
+	0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
+	0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
+
+unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
+unsigned char  c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
+unsigned char out[80];
+
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+	0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+	0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+	};
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+        {
+        0x4e,0x6f,0x77,0x20,0x69,0x73,
+        0x20,0x74,0x68,0x65,0x20,0x74,
+        0x69,0x6d,0x65,0x20,0x66,0x6f,
+        0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+	0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+	0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+	0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/*	0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+	0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+	0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+	}; 
+
+
+#ifndef NOPROTO
+/*static int cfb64_test(unsigned char *cfb_cipher);*/
+static char *pt(unsigned char *p);
+#else
+/*static int cfb64_test(); */
+static char *pt();
+#endif
+
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,n,err=0;
+	RC2_KEY key; 
+	unsigned char buf[8],buf2[8];
+
+	for (n=0; n<4; n++)
+		{
+		RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */);
+
+		RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT);
+		if (memcmp(&(RC2cipher[n][0]),buf,8) != 0)
+			{
+			printf("ecb rc2 error encrypting\n");
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",buf[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",RC2cipher[n][i]);
+			err=20;
+			printf("\n");
+			}
+
+		RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT);
+		if (memcmp(&(RC2plain[n][0]),buf2,8) != 0)
+			{
+			printf("ecb RC2 error decrypting\n");
+			printf("got     :");
+			for (i=0; i<8; i++)
+				printf("%02X ",buf[i]);
+			printf("\n");
+			printf("expected:");
+			for (i=0; i<8; i++)
+				printf("%02X ",RC2plain[n][i]);
+			printf("\n");
+			err=3;
+			}
+		}
+
+	if (err == 0) printf("ecb RC2 ok\n");
+#ifdef undef
+	memcpy(iv,k,8);
+	idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
+	memcpy(iv,k,8);
+	idea_cbc_encrypt(out,out,8,&dkey,iv,0);
+	idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
+	if (memcmp(text,out,strlen(text)+1) != 0)
+		{
+		printf("cbc idea bad\n");
+		err=4;
+		}
+	else
+		printf("cbc idea ok\n");
+
+	printf("cfb64 idea ");
+	if (cfb64_test(cfb_cipher64))
+		{
+		printf("bad\n");
+		err=5;
+		}
+	else
+		printf("ok\n");
+#endif
+
+	exit(err);
+	return(err);
+	}
+
+#ifdef undef
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+        {
+        IDEA_KEY_SCHEDULE eks,dks;
+        int err=0,i,n;
+
+        idea_set_encrypt_key(cfb_key,&eks);
+        idea_set_decrypt_key(&eks,&dks);
+        memcpy(cfb_tmp,cfb_iv,8);
+        n=0;
+        idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+                cfb_tmp,&n,IDEA_ENCRYPT);
+        idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+                (long)CFB_TEST_SIZE-12,&eks,
+                cfb_tmp,&n,IDEA_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+                {
+                err=1;
+                printf("idea_cfb64_encrypt encrypt error\n");
+                for (i=0; i<CFB_TEST_SIZE; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,8);
+        n=0;
+        idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+                cfb_tmp,&n,IDEA_DECRYPT);
+        idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                (long)CFB_TEST_SIZE-17,&dks,
+                cfb_tmp,&n,IDEA_DECRYPT);
+        if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+                {
+                err=1;
+                printf("idea_cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+static char *pt(p)
+unsigned char *p;
+	{
+	static char bufs[10][20];
+	static int bnum=0;
+	char *ret;
+	int i;
+	static char *f="0123456789ABCDEF";
+
+	ret= &(bufs[bnum++][0]);
+	bnum%=10;
+	for (i=0; i<8; i++)
+		{
+		ret[i*2]=f[(p[i]>>4)&0xf];
+		ret[i*2+1]=f[p[i]&0xf];
+		}
+	ret[16]='\0';
+	return(ret);
+	}
+	
+#endif
diff --git a/crypto/rc2/rrc2.doc b/crypto/rc2/rrc2.doc
new file mode 100644
index 0000000000..f93ee003d2
--- /dev/null
+++ b/crypto/rc2/rrc2.doc
@@ -0,0 +1,219 @@
+>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
+Article 23601 of sci.crypt:
+Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
+>From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Newsgroups: sci.crypt
+Subject: Specification for Ron Rivests Cipher No.2
+Date: 11 Feb 1996 06:45:03 GMT
+Organization: University of Auckland
+Lines: 203
+Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+NNTP-Posting-Host: cs26.cs.auckland.ac.nz
+X-Newsreader: NN version 6.5.0 #3 (NOV)
+
+
+
+
+                           Ron Rivest's Cipher No.2
+                           ------------------------
+ 
+Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
+refer to it by other names) is word oriented, operating on a block of 64 bits
+divided into four 16-bit words, with a key table of 64 words.  All data units
+are little-endian.  This functional description of the algorithm is based in
+the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
+the same general layout, terminology, and pseudocode style.
+ 
+ 
+Notation and RRC.2 Primitive Operations
+ 
+RRC.2 uses the following primitive operations:
+ 
+1. Two's-complement addition of words, denoted by "+".  The inverse operation,
+   subtraction, is denoted by "-".
+2. Bitwise exclusive OR, denoted by "^".
+3. Bitwise AND, denoted by "&".
+4. Bitwise NOT, denoted by "~".
+5. A left-rotation of words; the rotation of word x left by y is denoted
+   x <<< y.  The inverse operation, right-rotation, is denoted x >>> y.
+ 
+These operations are directly and efficiently supported by most processors.
+ 
+ 
+The RRC.2 Algorithm
+ 
+RRC.2 consists of three components, a *key expansion* algorithm, an
+*encryption* algorithm, and a *decryption* algorithm.
+ 
+ 
+Key Expansion
+ 
+The purpose of the key-expansion routine is to expand the user's key K to fill
+the expanded key array S, so S resembles an array of random binary words
+determined by the user's secret key K.
+ 
+Initialising the S-box
+ 
+RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
+Beale Cipher No.1 XOR'd with a one-time pad.  The Beale Ciphers predate modern
+cryptography by enough time that there should be no concerns about trapdoors
+hidden in the data.  They have been published widely, and the S-box can be
+easily recreated from the one-time pad values and the Beale Cipher data taken
+from a standard source.  To initialise the S-box:
+ 
+  for i = 0 to 255 do
+    sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
+ 
+The contents of Beale Cipher No.1 and the necessary one-time pad are given as
+an appendix at the end of this document.  For efficiency, implementors may wish
+to skip the Beale Cipher expansion and store the sBox table directly.
+ 
+Expanding the Secret Key to 128 Bytes
+ 
+The secret key is first expanded to fill 128 bytes (64 words).  The expansion
+consists of taking the sum of the first and last bytes in the user key, looking
+up the sum (modulo 256) in the S-box, and appending the result to the key.  The
+operation is repeated with the second byte and new last byte of the key until
+all 128 bytes have been generated.  Note that the following pseudocode treats
+the S array as an array of 128 bytes rather than 64 words.
+ 
+  for j = 0 to length-1 do
+    S[ j ] = K[ j ]
+  for j = length to 127 do
+    s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
+ 
+At this point it is possible to perform a truncation of the effective key
+length to ease the creation of espionage-enabled software products.  However
+since the author cannot conceive why anyone would want to do this, it will not
+be considered further.
+ 
+The final phase of the key expansion involves replacing the first byte of S
+with the entry selected from the S-box:
+ 
+  S[ 0 ] = sBox[ S[ 0 ] ]
+ 
+ 
+Encryption
+ 
+The cipher has 16 full rounds, each divided into 4 subrounds.  Two of the full
+rounds perform an additional transformation on the data.  Note that the
+following pseudocode treats the S array as an array of 64 words rather than 128
+bytes.
+ 
+  for i = 0 to 15 do
+    j = i * 4;
+    word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
+    word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
+    word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
+    word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
+ 
+In addition the fifth and eleventh rounds add the contents of the S-box indexed
+by one of the data words to another of the data words following the four
+subrounds as follows:
+ 
+    word0 = word0 + S[ word3 & 63 ];
+    word1 = word1 + S[ word0 & 63 ];
+    word2 = word2 + S[ word1 & 63 ];
+    word3 = word3 + S[ word2 & 63 ];
+ 
+ 
+Decryption
+ 
+The decryption operation is simply the inverse of the encryption operation.
+Note that the following pseudocode treats the S array as an array of 64 words
+rather than 128 bytes.
+ 
+  for i = 15 downto 0 do
+    j = i * 4;
+    word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
+    word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
+    word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
+    word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
+ 
+In addition the fifth and eleventh rounds subtract the contents of the S-box
+indexed by one of the data words from another one of the data words following
+the four subrounds as follows:
+ 
+    word3 = word3 - S[ word2 & 63 ]
+    word2 = word2 - S[ word1 & 63 ]
+    word1 = word1 - S[ word0 & 63 ]
+    word0 = word0 - S[ word3 & 63 ]
+ 
+ 
+Test Vectors
+ 
+The following test vectors may be used to test the correctness of an RRC.2
+implementation:
+ 
+  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Cipher:   0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
+ 
+  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Cipher:   0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
+ 
+  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Plain:    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+  Cipher:   0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
+ 
+  Key:      0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+            0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Cipher:   0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
+ 
+ 
+Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
+          Creating the S-Box
+ 
+Beale Cipher No.1.
+ 
+  71, 194,  38,1701,  89,  76,  11,  83,1629,  48,  94,  63, 132,  16, 111,  95,
+  84, 341, 975,  14,  40,  64,  27,  81, 139, 213,  63,  90,1120,   8,  15,   3,
+ 126,2018,  40,  74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
+ 124, 211, 486, 225, 401, 370,  11, 101, 305, 139, 189,  17,  33,  88, 208, 193,
+ 145,   1,  94,  73, 416, 918, 263,  28, 500, 538, 356, 117, 136, 219,  27, 176,
+ 130,  10, 460,  25, 485,  18, 436,  65,  84, 200, 283, 118, 320, 138,  36, 416,
+ 280,  15,  71, 224, 961,  44,  16, 401,  39,  88,  61, 304,  12,  21,  24, 283,
+ 134,  92,  63, 246, 486, 682,   7, 219, 184, 360, 780,  18,  64, 463, 474, 131,
+ 160,  79,  73, 440,  95,  18,  64, 581,  34,  69, 128, 367, 460,  17,  81,  12,
+ 103, 820,  62, 110,  97, 103, 862,  70,  60,1317, 471, 540, 208, 121, 890, 346,
+  36, 150,  59, 568, 614,  13, 120,  63, 219, 812,2160,1780,  99,  35,  18,  21,
+ 136, 872,  15,  28, 170,  88,   4,  30,  44, 112,  18, 147, 436, 195, 320,  37,
+ 122, 113,   6, 140,   8, 120, 305,  42,  58, 461,  44, 106, 301,  13, 408, 680,
+  93,  86, 116, 530,  82, 568,   9, 102,  38, 416,  89,  71, 216, 728, 965, 818,
+   2,  38, 121, 195,  14, 326, 148, 234,  18,  55, 131, 234, 361, 824,   5,  81,
+ 623,  48, 961,  19,  26,  33,  10,1101, 365,  92,  88, 181, 275, 346, 201, 206
+ 
+One-time Pad.
+ 
+ 158, 186, 223,  97,  64, 145, 190, 190, 117, 217, 163,  70, 206, 176, 183, 194,
+ 146,  43, 248, 141,   3,  54,  72, 223, 233, 153,  91, 210,  36, 131, 244, 161,
+ 105, 120, 113, 191, 113,  86,  19, 245, 213, 221,  43,  27, 242, 157,  73, 213,
+ 193,  92, 166,  10,  23, 197, 112, 110, 193,  30, 156,  51, 125,  51, 158,  67,
+ 197, 215,  59, 218, 110, 246, 181,   0, 135,  76, 164,  97,  47,  87, 234, 108,
+ 144, 127,   6,   6, 222, 172,  80, 144,  22, 245, 207,  70, 227, 182, 146, 134,
+ 119, 176,  73,  58, 135,  69,  23, 198,   0, 170,  32, 171, 176, 129,  91,  24,
+ 126,  77, 248,   0, 118,  69,  57,  60, 190, 171, 217,  61, 136, 169, 196,  84,
+ 168, 167, 163, 102, 223,  64, 174, 178, 166, 239, 242, 195, 249,  92,  59,  38,
+ 241,  46, 236,  31,  59, 114,  23,  50, 119, 186,   7,  66, 212,  97, 222, 182,
+ 230, 118, 122,  86, 105,  92, 179, 243, 255, 189, 223, 164, 194, 215,  98,  44,
+  17,  20,  53, 153, 137, 224, 176, 100, 208, 114,  36, 200, 145, 150, 215,  20,
+  87,  44, 252,  20, 235, 242, 163, 132,  63,  18,   5, 122,  74,  97,  34,  97,
+ 142,  86, 146, 221, 179, 166, 161,  74,  69, 182,  88, 120, 128,  58,  76, 155,
+  15,  30,  77, 216, 165, 117, 107,  90, 169, 127, 143, 181, 208, 137, 200, 127,
+ 170, 195,  26,  84, 255, 132, 150,  58, 103, 250, 120, 221, 237,  37,   8,  99
+ 
+ 
+Implementation
+ 
+A non-US based programmer who has never seen any encryption code before will
+shortly be implementing RRC.2 based solely on this specification and not on
+knowledge of any other encryption algorithms.  Stand by.
+
+
+
diff --git a/crypto/rc2/version b/crypto/rc2/version
new file mode 100644
index 0000000000..6f89d595f1
--- /dev/null
+++ b/crypto/rc2/version
@@ -0,0 +1,22 @@
+1.1 23/08/96 - eay
+	Changed RC2_set_key() so it now takes another argument.  Many
+	thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
+	clarification and origional specification of RC2.  BSAFE uses
+	this last parameter, 'bits'.  It the key is 128 bits, BSAFE
+	also sets this parameter to 128.  The old behaviour can be
+	duplicated by setting this parameter to 1024.
+
+1.0 08/04/96 - eay
+	First version of SSLeay with rc2.  This has been written from the spec
+	posted sci.crypt.  It is in this directory under rrc2.doc
+	I have no test values for any mode other than ecb, my wrappers for the
+	other modes should be ok since they are basically the same as
+	the ones taken from idea and des :-).  I have implemented them as
+	little-endian operators.
+	While rc2 is included because it is used with SSL, I don't know how
+	far I trust it.  It is about the same speed as IDEA and DES.
+	So if you are paranoid, used Tripple DES, else IDEA.  If RC2
+	does get used more, perhaps more people will look for weaknesses in
+	it.
+	
+
diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl
new file mode 100644
index 0000000000..2f40d4ed90
--- /dev/null
+++ b/crypto/rc4/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/rc4/Makefile
+#
+
+DIR=	rc4
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc4test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc4_enc.c
+LIBOBJ=rc4_enc.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c
new file mode 100644
index 0000000000..37965d5262
--- /dev/null
+++ b/crypto/rc4/rc4.c
@@ -0,0 +1,194 @@
+/* crypto/rc4/rc4.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+char *usage[]={
+"usage: rc4 args\n",
+"\n",
+" -in arg         - input file - default stdin\n",
+" -out arg        - output file - default stdout\n",
+" -key key        - password\n",
+NULL
+};
+
+int main(argc, argv)
+int argc;
+char *argv[];
+	{
+	FILE *in=NULL,*out=NULL;
+	char *infile=NULL,*outfile=NULL,*keystr=NULL;
+	RC4_KEY key;
+	char buf[BUFSIZ];
+	int badops=0,i;
+	char **pp;
+	unsigned char md[MD5_DIGEST_LENGTH];
+
+	argc--;
+	argv++;
+	while (argc >= 1)
+		{
+		if 	(strcmp(*argv,"-in") == 0)
+			{
+			if (--argc < 1) goto bad;
+			infile= *(++argv);
+			}
+		else if (strcmp(*argv,"-out") == 0)
+			{
+			if (--argc < 1) goto bad;
+			outfile= *(++argv);
+			}
+		else if (strcmp(*argv,"-key") == 0)
+			{
+			if (--argc < 1) goto bad;
+			keystr= *(++argv);
+			}
+		else
+			{
+			fprintf(stderr,"unknown option %s\n",*argv);
+			badops=1;
+			break;
+			}
+		argc--;
+		argv++;
+		}
+
+	if (badops)
+		{
+bad:
+		for (pp=usage; (*pp != NULL); pp++)
+			fprintf(stderr,*pp);
+		exit(1);
+		}
+
+	if (infile == NULL)
+		in=stdin;
+	else
+		{
+		in=fopen(infile,"r");
+		if (in == NULL)
+			{
+			perror("open");
+			exit(1);
+			}
+
+		}
+	if (outfile == NULL)
+		out=stdout;
+	else
+		{
+		out=fopen(outfile,"w");
+		if (out == NULL)
+			{
+			perror("open");
+			exit(1);
+			}
+		}
+		
+#ifdef MSDOS
+	/* This should set the file to binary mode. */
+	{
+#include <fcntl.h>
+	setmode(fileno(in),O_BINARY);
+	setmode(fileno(out),O_BINARY);
+	}
+#endif
+
+	if (keystr == NULL)
+		{ /* get key */
+		i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
+		if (i != 0)
+			{
+			memset(buf,0,BUFSIZ);
+			fprintf(stderr,"bad password read\n");
+			exit(1);
+			}
+		keystr=buf;
+		}
+
+	MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md);
+	memset(keystr,0,strlen(keystr));
+	RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
+	
+	for(;;)
+		{
+		i=fread(buf,1,BUFSIZ,in);
+		if (i == 0) break;
+		if (i < 0)
+			{
+			perror("read");
+			exit(1);
+			}
+		RC4(&key,(unsigned int)i,(unsigned char *)buf,
+			(unsigned char *)buf);
+		i=fwrite(buf,(unsigned int)i,1,out);
+		if (i != 1)
+			{
+			perror("write");
+			exit(1);
+			}
+		}
+	fclose(out);
+	fclose(in);
+	exit(0);
+	return(1);
+	}
+
diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h
new file mode 100644
index 0000000000..c558651af8
--- /dev/null
+++ b/crypto/rc4/rc4.h
@@ -0,0 +1,103 @@
+/* crypto/rc4/rc4.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4.org since rc4.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ */
+
+#ifndef HEADER_RC4_H
+#define HEADER_RC4_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+#define RC4_INT unsigned int
+
+typedef struct rc4_key_st
+	{
+	RC4_INT x,y;
+	RC4_INT data[256];
+	} RC4_KEY;
+
+#ifndef NOPROTO
+ 
+char *RC4_options(void);
+void RC4_set_key(RC4_KEY *key, int len, unsigned char *data);
+void RC4(RC4_KEY *key, unsigned long len, unsigned char *indata,
+		unsigned char *outdata);
+
+#else
+
+char *RC4_options();
+void RC4_set_key();
+void RC4();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc4/rc4.org b/crypto/rc4/rc4.org
new file mode 100644
index 0000000000..c558651af8
--- /dev/null
+++ b/crypto/rc4/rc4.org
@@ -0,0 +1,103 @@
+/* crypto/rc4/rc4.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4.org since rc4.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ */
+
+#ifndef HEADER_RC4_H
+#define HEADER_RC4_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+#define RC4_INT unsigned int
+
+typedef struct rc4_key_st
+	{
+	RC4_INT x,y;
+	RC4_INT data[256];
+	} RC4_KEY;
+
+#ifndef NOPROTO
+ 
+char *RC4_options(void);
+void RC4_set_key(RC4_KEY *key, int len, unsigned char *data);
+void RC4(RC4_KEY *key, unsigned long len, unsigned char *indata,
+		unsigned char *outdata);
+
+#else
+
+char *RC4_options();
+void RC4_set_key();
+void RC4();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
new file mode 100644
index 0000000000..de57a970bf
--- /dev/null
+++ b/crypto/rc4/rc4_enc.c
@@ -0,0 +1,195 @@
+/* crypto/rc4/rc4_enc.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4_enc.org since rc4_enc.c is automatically generated from
+ * it during SSLeay configuration.
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ */
+
+#include "rc4.h"
+
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+
+char *RC4_version="RC4 part of SSLeay 0.8.1a 24-Jun-1998";
+
+char *RC4_options()
+	{
+#ifdef RC4_INDEX
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(idx,char)");
+	else
+		return("rc4(idx,int)");
+#else
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(ptr,char)");
+	else
+		return("rc4(ptr,int)");
+#endif
+	}
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(key, len, data)
+RC4_KEY *key;
+int len;
+register unsigned char *data;
+	{
+        register RC4_INT tmp;
+        register int id1,id2;
+        register RC4_INT *d;
+        unsigned int i;
+        
+        d= &(key->data[0]);
+	for (i=0; i<256; i++)
+		d[i]=i;
+        key->x = 0;     
+        key->y = 0;     
+        id1=id2=0;     
+
+#define SK_LOOP(n) { \
+		tmp=d[(n)]; \
+		id2 = (data[id1] + tmp + id2) & 0xff; \
+		if (++id1 == len) id1=0; \
+		d[(n)]=d[id2]; \
+		d[id2]=tmp; }
+
+	for (i=0; i < 256; i+=4)
+		{
+		SK_LOOP(i+0);
+		SK_LOOP(i+1);
+		SK_LOOP(i+2);
+		SK_LOOP(i+3);
+		}
+	}
+    
+void RC4(key, len, indata, outdata)
+RC4_KEY *key;
+unsigned long len;
+unsigned char *indata;
+unsigned char *outdata;
+	{
+        register RC4_INT *d;
+        register RC4_INT x,y,tx,ty;
+	int i;
+        
+        x=key->x;     
+        y=key->y;     
+        d=key->data; 
+
+#define LOOP(in,out) \
+		x=((x+1)&0xff); \
+		tx=d[x]; \
+		y=(tx+y)&0xff; \
+		d[x]=ty=d[y]; \
+		d[y]=tx; \
+		(out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+#define RC4_LOOP(a,b,i)	LOOP(*((a)++),*((b)++))
+#else
+#define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
+#endif
+
+	i= -(int)len;
+	i=(int)(len>>3L);
+	if (i)
+		{
+		for (;;)
+			{
+			RC4_LOOP(indata,outdata,0);
+			RC4_LOOP(indata,outdata,1);
+			RC4_LOOP(indata,outdata,2);
+			RC4_LOOP(indata,outdata,3);
+			RC4_LOOP(indata,outdata,4);
+			RC4_LOOP(indata,outdata,5);
+			RC4_LOOP(indata,outdata,6);
+			RC4_LOOP(indata,outdata,7);
+#ifdef RC4_INDEX
+			indata+=8;
+			outdata+=8;
+#endif
+			if (--i == 0) break;
+			}
+		}
+	i=(int)len&0x07;
+	if (i)
+		{
+		for (;;)
+			{
+			RC4_LOOP(indata,outdata,0); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,1); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,2); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,3); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,4); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,5); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,6); if (--i == 0) break;
+			}
+		}               
+	key->x=x;     
+	key->y=y;
+	}
diff --git a/crypto/rc4/rc4_enc.org b/crypto/rc4/rc4_enc.org
new file mode 100644
index 0000000000..c83b9aca85
--- /dev/null
+++ b/crypto/rc4/rc4_enc.org
@@ -0,0 +1,195 @@
+/* crypto/rc4/rc4_enc.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4_enc.org since rc4_enc.c is automatically generated from
+ * it during SSLeay configuration.
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 
+ */
+
+#include "rc4.h"
+
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+
+char *RC4_version="RC4 part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *RC4_options()
+	{
+#ifdef RC4_INDEX
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(idx,char)");
+	else
+		return("rc4(idx,int)");
+#else
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(ptr,char)");
+	else
+		return("rc4(ptr,int)");
+#endif
+	}
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(key, len, data)
+RC4_KEY *key;
+int len;
+register unsigned char *data;
+	{
+        register RC4_INT tmp;
+        register int id1,id2;
+        register RC4_INT *d;
+        unsigned int i;
+        
+        d= &(key->data[0]);
+	for (i=0; i<256; i++)
+		d[i]=i;
+        key->x = 0;     
+        key->y = 0;     
+        id1=id2=0;     
+
+#define SK_LOOP(n) { \
+		tmp=d[(n)]; \
+		id2 = (data[id1] + tmp + id2) & 0xff; \
+		if (++id1 == len) id1=0; \
+		d[(n)]=d[id2]; \
+		d[id2]=tmp; }
+
+	for (i=0; i < 256; i+=4)
+		{
+		SK_LOOP(i+0);
+		SK_LOOP(i+1);
+		SK_LOOP(i+2);
+		SK_LOOP(i+3);
+		}
+	}
+    
+void RC4(key, len, indata, outdata)
+RC4_KEY *key;
+unsigned long len;
+unsigned char *indata;
+unsigned char *outdata;
+	{
+        register RC4_INT *d;
+        register RC4_INT x,y,tx,ty;
+	int i;
+        
+        x=key->x;     
+        y=key->y;     
+        d=key->data; 
+
+#define LOOP(in,out) \
+		x=((x+1)&0xff); \
+		tx=d[x]; \
+		y=(tx+y)&0xff; \
+		d[x]=ty=d[y]; \
+		d[y]=tx; \
+		(out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+#define RC4_LOOP(a,b,i)	LOOP(*((a)++),*((b)++))
+#else
+#define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
+#endif
+
+	i= -(int)len;
+	i=(int)(len>>3L);
+	if (i)
+		{
+		for (;;)
+			{
+			RC4_LOOP(indata,outdata,0);
+			RC4_LOOP(indata,outdata,1);
+			RC4_LOOP(indata,outdata,2);
+			RC4_LOOP(indata,outdata,3);
+			RC4_LOOP(indata,outdata,4);
+			RC4_LOOP(indata,outdata,5);
+			RC4_LOOP(indata,outdata,6);
+			RC4_LOOP(indata,outdata,7);
+#ifdef RC4_INDEX
+			indata+=8;
+			outdata+=8;
+#endif
+			if (--i == 0) break;
+			}
+		}
+	i=(int)len&0x07;
+	if (i)
+		{
+		for (;;)
+			{
+			RC4_LOOP(indata,outdata,0); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,1); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,2); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,3); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,4); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,5); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,6); if (--i == 0) break;
+			}
+		}               
+	key->x=x;     
+	key->y=y;
+	}
diff --git a/crypto/rc4/rc4test.c b/crypto/rc4/rc4test.c
new file mode 100644
index 0000000000..aa4053e644
--- /dev/null
+++ b/crypto/rc4/rc4test.c
@@ -0,0 +1,124 @@
+/* crypto/rc4/rc4test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+unsigned char keys[6][11]={
+	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{4,0xef,0x01,0x23,0x45},
+	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+	};
+
+unsigned char data[6][11]={
+	{8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+	{0},
+	};
+
+unsigned char output[6][11]={
+	{0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96},
+	{0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79},
+	{0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a},
+	{0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61},
+	{0},
+	};
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	unsigned int j;
+	unsigned char *p;
+	RC4_KEY key;
+	unsigned char buf[512],obuf[512];
+
+	for (i=0; i<512; i++) buf[i]=0x01;
+
+	for (i=0; i<4; i++)
+		{
+		RC4_set_key(&key,keys[i][0],&(keys[i][1]));
+		RC4(&key,data[i][0],&(data[i][1]),obuf);
+		if (memcmp(obuf,output[i],data[i][0]) != 0)
+			{
+			printf("error calculating RC4\n");
+			printf("output:");
+			for (j=0; j<data[i][0]; j++)
+				printf(" %02x",obuf[j]);
+			printf("\n");
+			printf("expect:");
+			p= &(output[i][0]);
+			for (j=0; j<data[i][0]; j++)
+				printf(" %02x",*(p++));
+			printf("\n");
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		}
+	exit(err);
+	return(0);
+	}
+
diff --git a/crypto/rc4/rrc4.doc b/crypto/rc4/rrc4.doc
new file mode 100644
index 0000000000..2f9a953c12
--- /dev/null
+++ b/crypto/rc4/rrc4.doc
@@ -0,0 +1,278 @@
+Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
+Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
+From: sterndark@netcom.com (David Sterndark)
+Subject: RC4 Algorithm revealed.
+Message-ID: <sternCvKL4B.Hyy@netcom.com>
+Sender: sterndark@netcom.com 
+Organization: NETCOM On-line Communication Services (408 261-4700 guest)
+X-Newsreader: TIN [version 1.2 PL1]
+Date: Wed, 14 Sep 1994 06:35:31 GMT
+Lines: 263
+Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
+
+I am shocked,  shocked, I tell you,  shocked, to discover
+that the cypherpunks have illegaly and criminally revealed
+a crucial RSA trade secret and harmed the security of
+America by reverse engineering the RC4 algorithm and
+publishing it to the world.
+ 
+On Saturday morning an anonymous cypherpunk wrote:
+ 
+ 
+   SUBJECT:  RC4 Source Code
+ 
+ 
+   I've tested this.  It is compatible with the RC4 object module
+   that comes in the various RSA toolkits.  
+ 
+   /* rc4.h */
+   typedef struct rc4_key
+   {      
+        unsigned char state[256];       
+        unsigned char x;        
+        unsigned char y;
+   } rc4_key;
+   void prepare_key(unsigned char *key_data_ptr,int key_data_len,
+   rc4_key *key);
+   void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
+   
+   
+   /*rc4.c */
+   #include "rc4.h"
+   static void swap_byte(unsigned char *a, unsigned char *b);
+   void prepare_key(unsigned char *key_data_ptr, int key_data_len,
+   rc4_key *key)
+   {
+        unsigned char swapByte;
+        unsigned char index1;
+        unsigned char index2;
+        unsigned char* state;
+        short counter;     
+        
+        state = &key->state[0];         
+        for(counter = 0; counter < 256; counter++)              
+        state[counter] = counter;               
+        key->x = 0;     
+        key->y = 0;     
+        index1 = 0;     
+        index2 = 0;             
+        for(counter = 0; counter < 256; counter++)      
+        {               
+             index2 = (key_data_ptr[index1] + state[counter] +
+                index2) % 256;                
+             swap_byte(&state[counter], &state[index2]);            
+   
+             index1 = (index1 + 1) % key_data_len;  
+        }       
+    }
+    
+    void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
+    { 
+        unsigned char x;
+        unsigned char y;
+        unsigned char* state;
+        unsigned char xorIndex;
+        short counter;              
+        
+        x = key->x;     
+        y = key->y;     
+        
+        state = &key->state[0];         
+        for(counter = 0; counter < buffer_len; counter ++)      
+        {               
+             x = (x + 1) % 256;                      
+             y = (state[x] + y) % 256;               
+             swap_byte(&state[x], &state[y]);                        
+                  
+             xorIndex = (state[x] + state[y]) % 256;                 
+                  
+             buffer_ptr[counter] ^= state[xorIndex];         
+         }               
+         key->x = x;     
+         key->y = y;
+    }
+    
+    static void swap_byte(unsigned char *a, unsigned char *b)
+    {
+        unsigned char swapByte; 
+        
+        swapByte = *a; 
+        *a = *b;      
+        *b = swapByte;
+    }
+ 
+ 
+ 
+Another cypherpunk, this one not anonymous, tested the
+output from this algorithm against the output from
+official RC4 object code
+ 
+ 
+   Date: Tue, 13 Sep 94 18:37:56 PDT
+   From: ekr@eit.COM (Eric Rescorla)
+   Message-Id: <9409140137.AA17743@eitech.eit.com>
+   Subject: RC4 compatibility testing
+   Cc: cypherpunks@toad.com
+   
+   One data point:
+   
+   I can't say anything about the internals of RC4 versus the
+   algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
+   since I don't know anything about RC4's internals. 
+   
+   However, I do have a (legitimately acquired) copy of BSAFE2 and
+   so I'm able to compare the output of this algorithm to the output
+   of genuine RC4 as found in BSAFE. I chose a set of test vectors
+   and ran them through both algorithms. The algorithms appear to
+   give identical results, at least with these key/plaintext pairs.
+   
+   I note that this is the algorithm _without_ Hal Finney's
+   proposed modification
+   
+   (see <199409130605.XAA24133@jobe.shell.portal.com>).
+   
+   The vectors I used (together with the ciphertext they produce)
+   follow at the end of this message.
+   
+   -Ekr
+   
+   Disclaimer: This posting does not reflect the opinions of EIT.
+   
+   --------------------results follow--------------
+   Test vector 0
+   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96 
+   
+   Test vector 1
+   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79 
+   
+   Test vector 2
+   Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a 
+   
+   Test vector 3
+   Key: 0xef 0x01 0x23 0x45 
+   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61 
+   
+   Test vector 4
+   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 
+   0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4 
+   0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f 
+   0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca 
+   0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d 
+   0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1 
+   0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6 
+   0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95 
+   0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a 
+   0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3 
+   0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56 
+   0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa 
+   0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd 
+   0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5 
+   0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6 
+   0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a 
+   0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6 
+   0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53 
+   0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32 
+   0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8 
+   0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0 
+   0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10 
+   0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62 
+   0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e 
+   0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef 
+   0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90 
+   0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29 
+   0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b 
+   0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16 
+   0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64 
+   0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86 
+   0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26 
+   0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91 
+   0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3 
+   0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35 
+   0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b 
+   0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8 
+   0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80 
+   0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2 
+   0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8 
+   0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d 
+   0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6 
+   0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c 
+   0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37 
+   0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00 
+   0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd 
+   0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f 
+   0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58 
+   0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12 
+   0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58 
+   0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4 
+   0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0 
+   0xc0 
+   
+
+
+-- 
+ ---------------------------------------------------------------------
+We have the right to defend ourselves and our
+property, because of the kind of animals that we              James A. Donald
+are.  True law derives from this right, not from
+the arbitrary power of the omnipotent state.                jamesd@netcom.com
+
+
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
new file mode 100644
index 0000000000..5e04ec4484
--- /dev/null
+++ b/crypto/rsa/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/rsa/Makefile
+#
+
+DIR=	rsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=rsa
+ERRC=rsa_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c $(ERRC).c
+LIBOBJ= rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rsa.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rsa/rsa.err b/crypto/rsa/rsa.err
new file mode 100644
index 0000000000..29f1496693
--- /dev/null
+++ b/crypto/rsa/rsa.err
@@ -0,0 +1,33 @@
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+#define RSA_F_RSA_EAY_PRIVATE_DECRYPT			 100
+#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT			 101
+#define RSA_F_RSA_EAY_PUBLIC_DECRYPT			 102
+#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 103
+#define RSA_F_RSA_GENERATE_KEY				 104
+#define RSA_F_RSA_NEW_METHOD				 105
+#define RSA_F_RSA_PRINT					 106
+#define RSA_F_RSA_PRINT_FP				 107
+#define RSA_F_RSA_SIGN					 108
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 109
+#define RSA_F_RSA_VERIFY				 110
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 111
+
+/* Reason codes. */
+#define RSA_R_ALGORITHM_MISMATCH			 100
+#define RSA_R_BAD_E_VALUE				 101
+#define RSA_R_BAD_FIXED_HEADER_DECRYPT			 102
+#define RSA_R_BAD_PAD_BYTE_COUNT			 103
+#define RSA_R_BAD_SIGNATURE				 104
+#define RSA_R_BLOCK_TYPE_IS_NOT_01			 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_02			 106
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 107
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 108
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 109
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 110
+#define RSA_R_SSLV3_ROLLBACK_ATTACK			 111
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 112
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 113
+#define RSA_R_UNKNOWN_PADDING_TYPE			 114
+#define RSA_R_WRONG_SIGNATURE_LENGTH			 115
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
new file mode 100644
index 0000000000..821e928a1c
--- /dev/null
+++ b/crypto/rsa/rsa.h
@@ -0,0 +1,243 @@
+/* crypto/rsa/rsa.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RSA_H
+#define HEADER_RSA_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "bn.h"
+
+typedef struct rsa_meth_st
+	{
+	char *name;
+	int (*rsa_pub_enc)();
+	int (*rsa_pub_dec)();
+	int (*rsa_priv_enc)();
+	int (*rsa_priv_dec)();
+	int (*rsa_mod_exp)();
+	int (*bn_mod_exp)();
+	int (*init)(/* RSA * */);	/* called at new */
+	int (*finish)(/* RSA * */);	/* called at free */
+	} RSA_METHOD;
+
+typedef struct rsa_st
+	{
+	/* The first parameter is used to pickup errors where
+	 * this is passed instead of aEVP_PKEY, it is set to 0 */
+	int pad;
+	int version;
+	RSA_METHOD *meth;
+	BIGNUM *n;
+	BIGNUM *e;
+	BIGNUM *d;
+	BIGNUM *p;
+	BIGNUM *q;
+	BIGNUM *dmp1;
+	BIGNUM *dmq1;
+	BIGNUM *iqmp;
+	/* be carefull using this if the RSA structure is shared */
+	char *app_data;
+	int references;
+	} RSA;
+
+#define RSA_3	0x3L
+#define RSA_F4	0x10001L
+
+#define RSA_PKCS1_PADDING	11
+#define RSA_SSLV23_PADDING	12
+
+#ifndef NOPROTO
+RSA *	RSA_new(void);
+RSA *	RSA_new_method(RSA_METHOD *method);
+int	RSA_size(RSA *);
+RSA *	RSA_generate_key(int bits, unsigned long e,void
+		(*callback)(int,int));
+	/* next 4 return -1 on error */
+int	RSA_public_encrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+int	RSA_private_encrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+int	RSA_public_decrypt(int flen, unsigned char *from, 
+		unsigned char *to, RSA *rsa,int padding);
+int	RSA_private_decrypt(int flen, unsigned char *from, 
+		unsigned char *to, RSA *rsa,int padding);
+void	RSA_free (RSA *r);
+
+void RSA_set_default_method(RSA_METHOD *meth);
+
+/* If you have RSAref compiled in. */
+/* RSA_METHOD *RSA_PKCS1_RSAref(void); */
+
+/* these are the actual SSLeay RSA functions */
+RSA_METHOD *RSA_PKCS1_SSLeay(void);
+
+void	ERR_load_RSA_strings(void );
+
+RSA *	d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
+int	i2d_RSAPublicKey(RSA *a, unsigned char **pp);
+RSA *	d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
+int 	i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
+#ifndef WIN16
+int	RSA_print_fp(FILE *fp, RSA *r,int offset);
+#endif
+
+#ifdef HEADER_BIO_H
+int	RSA_print(BIO *bp, RSA *r,int offset);
+#endif
+
+int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+
+/* The following 2 functions sign and verify a X509_SIG ASN1 object
+ * inside PKCS#1 padded RSA encryption */
+int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+	unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify(int type, unsigned char *m, unsigned int m_len,
+	unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+/* The following 2 function sign and verify a ASN1_OCTET_STRING
+ * object inside PKCS#1 padded RSA encryption */
+int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
+	unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
+	unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+#else
+
+RSA *	RSA_new();
+RSA *	RSA_new_method();
+int	RSA_size();
+RSA *	RSA_generate_key();
+int	RSA_public_encrypt();
+int	RSA_private_encrypt();
+int	RSA_public_decrypt();
+int	RSA_private_decrypt();
+void	RSA_free ();
+
+void RSA_set_default_method();
+
+/* RSA_METHOD *RSA_PKCS1_RSAref(); */
+RSA_METHOD *RSA_PKCS1_SSLeay();
+
+void	ERR_load_RSA_strings();
+
+RSA *	d2i_RSAPublicKey();
+int	i2d_RSAPublicKey();
+RSA *	d2i_RSAPrivateKey();
+int 	i2d_RSAPrivateKey();
+#ifndef WIN16
+int	RSA_print_fp();
+#endif
+
+int	RSA_print();
+
+int i2d_Netscape_RSA();
+RSA *d2i_Netscape_RSA();
+
+int RSA_sign();
+int RSA_verify();
+
+int RSA_sign_ASN1_OCTET_STRING();
+int RSA_verify_ASN1_OCTET_STRING();
+
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+#define RSA_F_RSA_EAY_PRIVATE_DECRYPT			 100
+#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT			 101
+#define RSA_F_RSA_EAY_PUBLIC_DECRYPT			 102
+#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 103
+#define RSA_F_RSA_GENERATE_KEY				 104
+#define RSA_F_RSA_NEW_METHOD				 105
+#define RSA_F_RSA_PRINT					 106
+#define RSA_F_RSA_PRINT_FP				 107
+#define RSA_F_RSA_SIGN					 108
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 109
+#define RSA_F_RSA_VERIFY				 110
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 111
+
+/* Reason codes. */
+#define RSA_R_ALGORITHM_MISMATCH			 100
+#define RSA_R_BAD_E_VALUE				 101
+#define RSA_R_BAD_FIXED_HEADER_DECRYPT			 102
+#define RSA_R_BAD_PAD_BYTE_COUNT			 103
+#define RSA_R_BAD_SIGNATURE				 104
+#define RSA_R_BLOCK_TYPE_IS_NOT_01			 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_02			 106
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 107
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 108
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 109
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 110
+#define RSA_R_SSLV3_ROLLBACK_ATTACK			 111
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 112
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 113
+#define RSA_R_UNKNOWN_PADDING_TYPE			 114
+#define RSA_R_WRONG_SIGNATURE_LENGTH			 115
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/rsa/rsa_enc.c b/crypto/rsa/rsa_enc.c
new file mode 100644
index 0000000000..c4a4ad5a60
--- /dev/null
+++ b/crypto/rsa/rsa_enc.c
@@ -0,0 +1,538 @@
+/* crypto/rsa/rsa_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+#ifndef NOPROTO
+static int RSA_eay_public_encrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_encrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_public_decrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_decrypt(int flen, unsigned char *from,
+		unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
+#else
+static int RSA_eay_public_encrypt();
+static int RSA_eay_private_encrypt();
+static int RSA_eay_public_decrypt();
+static int RSA_eay_private_decrypt();
+static int RSA_eay_mod_exp();
+#endif
+
+static RSA_METHOD rsa_pkcs1_eay_meth={
+	"Eric Young's PKCS#1 RSA",
+	RSA_eay_public_encrypt,
+	RSA_eay_public_decrypt,
+	RSA_eay_private_encrypt,
+	RSA_eay_private_decrypt,
+	RSA_eay_mod_exp,
+	BN_mod_exp,
+	NULL,
+	NULL,
+	};
+
+RSA_METHOD *RSA_PKCS1_SSLeay()
+	{
+	return(&rsa_pkcs1_eay_meth);
+	}
+
+static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,j,k,num=0,r= -1;
+	unsigned char *p;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	if (	(padding != RSA_PKCS1_PADDING) &&
+		(padding != RSA_SSLV23_PADDING))
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	num=BN_num_bytes(rsa->n);
+	if (flen > (num-11))
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		goto err;
+		}
+	
+	buf=(unsigned char *)Malloc(num);
+	if (buf == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p=(unsigned char *)buf;
+
+	*(p++)=0;
+	*(p++)=2; /* Public Key BT (Block Type) */
+
+	/* pad out with non-zero random data */
+	j=num-3-flen;
+
+	RAND_bytes(p,j);
+	for (i=0; i<j; i++)
+		{
+		if (*p == '\0')
+			do	{
+				RAND_bytes(p,1);
+				} while (*p == '\0');
+		p++;
+		}
+
+	if (padding == RSA_SSLV23_PADDING)
+		memset(&(p[-8]),3,8);
+
+	*(p++)='\0';
+
+	memcpy(p,from,(unsigned int)flen);
+
+	f=BN_new();
+	ret=BN_new();
+	if ((f == NULL) || (ret == NULL)) goto err;
+
+	if (BN_bin2bn(buf,num,f) == NULL) goto err;
+	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
+
+	/* put in leading 0 bytes if the number is less than the
+	 * length of the modulus */
+	j=BN_num_bytes(ret);
+	i=BN_bn2bin(ret,&(to[num-j]));
+	for (k=0; k<(num-i); k++)
+		to[k]=0;
+
+	r=num;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (f != NULL) BN_free(f);
+	if (ret != NULL) BN_free(ret);
+	if (buf != NULL) 
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,j,k,num=0,r= -1;
+	unsigned char *p;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	if (padding != RSA_PKCS1_PADDING)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	num=BN_num_bytes(rsa->n);
+	if (flen > (num-11))
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+		goto err;
+		}
+	buf=(unsigned char *)Malloc(num);
+	if (buf == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	p=buf;
+
+	*(p++)=0;
+	*(p++)=1; /* Private Key BT (Block Type) */
+
+	/* padd out with 0xff data */
+	j=num-3-flen;
+	for (i=0; i<j; i++)
+		*(p++)=0xff;
+	*(p++)='\0';
+	memcpy(p,from,(unsigned int)flen);
+	ret=BN_new();
+	f=BN_new();
+	if ((ret == NULL) || (f == NULL)) goto err;
+	if (BN_bin2bn(buf,num,f) == NULL) goto err;
+	if (	(rsa->p != NULL) &&
+		(rsa->q != NULL) &&
+		(rsa->dmp1 != NULL) &&
+		(rsa->dmq1 != NULL) &&
+		(rsa->iqmp != NULL))
+		{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
+	else
+		{ if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
+
+	p=buf;
+	BN_bn2bin(ret,p);
+
+	/* put in leading 0 bytes if the number is less than the
+	 * length of the modulus */
+	j=BN_num_bytes(ret);
+	i=BN_bn2bin(ret,&(to[num-j]));
+	for (k=0; k<(num-i); k++)
+		to[k]=0;
+
+	r=num;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (ret != NULL) BN_free(ret);
+	if (f != NULL) BN_free(f);
+	if (buf != NULL)
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,j,num=0,r= -1;
+	unsigned char *p;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	if ((padding != RSA_PKCS1_PADDING) && (padding != RSA_SSLV23_PADDING))
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	num=BN_num_bytes(rsa->n);
+
+	buf=(unsigned char *)Malloc(num);
+	if (buf == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* This check was for equallity but PGP does evil things
+	 * and chops off the top '0' bytes */
+	if (flen > num)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
+		goto err;
+		}
+
+	/* make data into a big number */
+	ret=BN_new();
+	f=BN_new();
+	if ((ret == NULL) || (f == NULL)) goto err;
+	if (BN_bin2bn(from,(int)flen,f) == NULL) goto err;
+	/* do the decrypt */
+	if (	(rsa->p != NULL) &&
+		(rsa->q != NULL) &&
+		(rsa->dmp1 != NULL) &&
+		(rsa->dmq1 != NULL) &&
+		(rsa->iqmp != NULL))
+		{ if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
+	else
+		{ if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
+
+	p=buf;
+	BN_bn2bin(ret,p);
+
+	/* BT must be 02 */
+	if (*(p++) != 02)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_02);
+		goto err;
+		}
+
+	/* scan over padding data */
+	j=num-2; /* one for type and one for the prepended 0. */
+	for (i=0; i<j; i++)
+		if (*(p++) == 0) break;
+
+	if (i == j)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+		goto err;
+		}
+
+	if (i < 8)
+		{
+		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
+		goto err;
+		}
+
+#undef RSA_DEBUG
+#ifdef RSA_DEBUG
+	{
+	int z;
+	unsigned char *q;
+	q= &(p[-9]);
+	fprintf(stderr,"\n");
+	for (z=0; z<8; z++) fprintf(stderr,"%02X",q[z]);
+	fprintf(stderr,"\n");
+	}
+#endif
+
+	if (padding == RSA_SSLV23_PADDING)
+		{
+		int z;
+		unsigned char *q;
+
+		/* -9 because we have jumped the '\0' */
+		q= &(p[-9]);
+		for (z=0; z<8; z++)
+			{
+			if (*(q++) != 0x03)
+				break;
+			}
+		if (z == 8)
+			{
+			RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_SSLV3_ROLLBACK_ATTACK);
+			goto err;
+			}
+		}
+
+	/* skip over the '\0' */
+	i++;	
+	j-=i;
+
+	/* output data */
+	memcpy(to,p,(unsigned int)j);
+	r=j;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (f != NULL) BN_free(f);
+	if (ret != NULL) BN_free(ret);
+	if (buf != NULL)
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	BIGNUM *f=NULL,*ret=NULL;
+	int i,j,num=0,r= -1;
+	unsigned char *p;
+	unsigned char *buf=NULL;
+	BN_CTX *ctx=NULL;
+
+	if (padding != RSA_PKCS1_PADDING)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+		goto err;
+		}
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+
+	num=BN_num_bytes(rsa->n);
+	buf=(unsigned char *)Malloc(num);
+	if (buf == NULL)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* This check was for equallity but PGP does evil things
+	 * and chops off the top '0' bytes */
+	if (flen > num)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
+		goto err;
+		}
+
+	/* make data into a big number */
+	f=BN_new();
+	ret=BN_new();
+	if ((f == NULL) || (ret == NULL)) goto err;
+
+	if (BN_bin2bn(from,flen,f) == NULL) goto err;
+	/* do the decrypt */
+	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
+
+	p=buf;
+	i=BN_bn2bin(ret,p);
+
+	/* BT must be 01 */
+	if (*(p++) != 01)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_01);
+		goto err;
+		}
+
+	/* scan over padding data */
+	j=num-2; /* one for type and one for the prepended 0. */
+	for (i=0; i<j; i++)
+		{
+		if (*p != 0xff) /* should decrypt to 0xff */
+			{
+			if (*p == 0)
+				{ p++; break; }
+			else	{
+				RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_FIXED_HEADER_DECRYPT);
+				goto err;
+				}
+			}
+		p++;
+		}
+	if (i == j)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+		goto err;
+		}
+	if (i < 8)
+		{
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
+		goto err;
+		}
+
+	/* skip over the '\0' */
+	i++;	
+	j-=i;
+
+	/* output data */
+	memcpy(to,p,(unsigned int)j);
+	r=j;
+err:
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (f != NULL) BN_free(f);
+	if (ret != NULL) BN_free(ret);
+	if (buf != NULL)
+		{
+		memset(buf,0,num);
+		Free(buf);
+		}
+	return(r);
+	}
+
+static int RSA_eay_mod_exp(r0, I, rsa)
+BIGNUM *r0;
+BIGNUM *I;
+RSA *rsa;
+	{
+	BIGNUM *r1=NULL,*m1=NULL;
+	int ret=0;
+	BN_CTX *ctx;
+
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	m1=BN_new();
+	r1=BN_new();
+	if ((m1 == NULL) || (r1 == NULL)) goto err;
+
+	if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
+	if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx)) goto err;
+
+	if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
+	if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx)) goto err;
+
+	if (!BN_add(r1,r0,rsa->p)) goto err;
+	if (!BN_sub(r0,r1,m1)) goto err;
+
+	if (!BN_mul(r1,r0,rsa->iqmp)) goto err;
+	if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
+	if (!BN_mul(r1,r0,rsa->q)) goto err;
+	if (!BN_add(r0,r1,m1)) goto err;
+	
+	ret=1;
+err:
+	if (m1 != NULL) BN_free(m1);
+	if (r1 != NULL) BN_free(r1);
+	BN_CTX_free(ctx);
+	return(ret);
+	}
+
+
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
new file mode 100644
index 0000000000..04a5ba201f
--- /dev/null
+++ b/crypto/rsa/rsa_err.c
@@ -0,0 +1,111 @@
+/* lib/rsa/rsa_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "rsa.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA RSA_str_functs[]=
+	{
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0),	"RSA_EAY_PRIVATE_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0),	"RSA_EAY_PRIVATE_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0),	"RSA_EAY_PUBLIC_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0),	"RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0),	"RSA_generate_key"},
+{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0),	"RSA_new_method"},
+{ERR_PACK(0,RSA_F_RSA_PRINT,0),	"RSA_print"},
+{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0),	"RSA_print_fp"},
+{ERR_PACK(0,RSA_F_RSA_SIGN,0),	"RSA_sign"},
+{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0),	"RSA_sign_ASN1_OCTET_STRING"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY,0),	"RSA_verify"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0),	"RSA_verify_ASN1_OCTET_STRING"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA RSA_str_reasons[]=
+	{
+{RSA_R_ALGORITHM_MISMATCH                ,"algorithm mismatch"},
+{RSA_R_BAD_E_VALUE                       ,"bad e value"},
+{RSA_R_BAD_FIXED_HEADER_DECRYPT          ,"bad fixed header decrypt"},
+{RSA_R_BAD_PAD_BYTE_COUNT                ,"bad pad byte count"},
+{RSA_R_BAD_SIGNATURE                     ,"bad signature"},
+{RSA_R_BLOCK_TYPE_IS_NOT_01              ,"block type is not 01"},
+{RSA_R_BLOCK_TYPE_IS_NOT_02              ,"block type is not 02"},
+{RSA_R_DATA_GREATER_THAN_MOD_LEN         ,"data greater than mod len"},
+{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
+{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
+{RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
+{RSA_R_SSLV3_ROLLBACK_ATTACK             ,"sslv3 rollback attack"},
+{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{RSA_R_UNKNOWN_ALGORITHM_TYPE            ,"unknown algorithm type"},
+{RSA_R_UNKNOWN_PADDING_TYPE              ,"unknown padding type"},
+{RSA_R_WRONG_SIGNATURE_LENGTH            ,"wrong signature length"},
+{0,NULL},
+	};
+
+void ERR_load_RSA_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
+		ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
+		}
+	}
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
new file mode 100644
index 0000000000..0cab3a5d73
--- /dev/null
+++ b/crypto/rsa/rsa_gen.c
@@ -0,0 +1,186 @@
+/* crypto/rsa/rsa_gen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+
+RSA *RSA_generate_key(bits, e_value, callback)
+int bits;
+unsigned long e_value;
+void (*callback)(P_I_I);
+	{
+	RSA *rsa=NULL;
+	BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
+	int bitsp,bitsq,ok= -1,n=0;
+	BN_CTX *ctx=NULL,*ctx2=NULL;
+
+	ctx=BN_CTX_new();
+	if (ctx == NULL) goto err;
+	ctx2=BN_CTX_new();
+	if (ctx2 == NULL) goto err;
+	r0=ctx->bn[0];
+	r1=ctx->bn[1];
+	r2=ctx->bn[2];
+	r3=ctx->bn[3];
+	ctx->tos+=4;
+
+	bitsp=(bits+1)/2;
+	bitsq=bits-bitsp;
+	rsa=RSA_new();
+	if (rsa == NULL) goto err;
+
+	/* set e */ 
+	rsa->e=BN_new();
+	if (rsa->e == NULL) goto err;
+	if (!BN_set_word(rsa->e,e_value)) goto err;
+
+	/* generate p and q */
+	for (;;)
+		{
+		rsa->p=BN_generate_prime(bitsp,0,NULL,NULL,callback);
+		if (rsa->p == NULL) goto err;
+		if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
+		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
+		if (BN_is_one(r1)) break;
+		if (callback != NULL) callback(2,n++);
+		BN_free(rsa->p);
+		}
+	if (callback != NULL) callback(3,0);
+	for (;;)
+		{
+		rsa->q=BN_generate_prime(bitsq,0,NULL,NULL,callback);
+		if (rsa->q == NULL) goto err;
+		if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
+		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
+		if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
+			break;
+		if (callback != NULL) callback(2,n++);
+		BN_free(rsa->q);
+		}
+	if (callback != NULL) callback(3,1);
+	if (BN_cmp(rsa->p,rsa->q) < 0)
+		{
+		tmp=rsa->p;
+		rsa->p=rsa->q;
+		rsa->q=tmp;
+		}
+
+	/* calculate n */
+	rsa->n=BN_new();
+	if (rsa->n == NULL) goto err;
+	if (!BN_mul(rsa->n,rsa->p,rsa->q)) goto err;
+
+	/* calculate d */
+	if (!BN_sub(r1,rsa->p,BN_value_one())) goto err;	/* p-1 */
+	if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;	/* q-1 */
+	if (!BN_mul(r0,r1,r2)) goto err;	/* (p-1)(q-1) */
+
+/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
+/*	for (;;)
+		{
+		if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
+		if (BN_is_one(r3)) break;
+
+		if (1)
+			{
+			if (!BN_add_word(rsa->e,2L)) goto err;
+			continue;
+			}
+		RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
+		goto err;
+		}
+*/
+	rsa->d=(BIGNUM *)BN_mod_inverse(rsa->e,r0,ctx2);	/* d */
+	if (rsa->d == NULL) goto err;
+
+	/* calculate d mod (p-1) */
+	rsa->dmp1=BN_new();
+	if (rsa->dmp1 == NULL) goto err;
+	if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
+
+	/* calculate d mod (q-1) */
+	rsa->dmq1=BN_new();
+	if (rsa->dmq1 == NULL) goto err;
+	if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
+
+	/* calculate inverse of q mod p */
+	rsa->iqmp=BN_mod_inverse(rsa->q,rsa->p,ctx2);
+	if (rsa->iqmp == NULL) goto err;
+
+	ok=1;
+err:
+	if (ok == -1)
+		{
+		RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
+		ok=0;
+		}
+	BN_CTX_free(ctx);
+	BN_CTX_free(ctx2);
+	
+	if (!ok)
+		{
+		if (rsa != NULL) RSA_free(rsa);
+		return(NULL);
+		}
+	else
+		return(rsa);
+	}
+
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
new file mode 100644
index 0000000000..c49d0ee0c3
--- /dev/null
+++ b/crypto/rsa/rsa_lib.c
@@ -0,0 +1,200 @@
+/* crypto/rsa/rsa_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+
+char *RSA_version="RSA part of SSLeay 0.8.1b 29-Jun-1998";
+
+static RSA_METHOD *default_RSA_meth=NULL;
+
+RSA *RSA_new()
+	{
+	return(RSA_new_method(NULL));
+	}
+
+void RSA_set_default_method(meth)
+RSA_METHOD *meth;
+	{
+	default_RSA_meth=meth;
+	}
+
+RSA *RSA_new_method(meth)
+RSA_METHOD *meth;
+	{
+	RSA *ret;
+
+	if (default_RSA_meth == NULL)
+		{
+#ifdef RSAref
+		default_RSA_meth=RSA_PKCS1_RSAref();
+#else
+		default_RSA_meth=RSA_PKCS1_SSLeay();
+#endif
+		}
+	ret=(RSA *)Malloc(sizeof(RSA));
+	if (ret == NULL)
+		{
+		RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+
+	if (meth == NULL)
+		ret->meth=default_RSA_meth;
+	else
+		ret->meth=meth;
+
+	ret->pad=0;
+	ret->version=0;
+	ret->n=NULL;
+	ret->e=NULL;
+	ret->d=NULL;
+	ret->p=NULL;
+	ret->q=NULL;
+	ret->dmp1=NULL;
+	ret->dmq1=NULL;
+	ret->iqmp=NULL;
+	ret->references=1;
+	ret->app_data=NULL;
+	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+		{
+		Free(ret);
+		ret=NULL;
+		}
+	return(ret);
+	}
+
+void RSA_free(r)
+RSA *r;
+	{
+	int i;
+
+	if (r == NULL) return;
+
+	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+		{
+		fprintf(stderr,"RSA_free, bad reference count\n");
+		abort();
+		}
+#endif
+
+	if (r->meth->finish != NULL)
+		r->meth->finish(r);
+
+	if (r->n != NULL) BN_clear_free(r->n);
+	if (r->e != NULL) BN_clear_free(r->e);
+	if (r->d != NULL) BN_clear_free(r->d);
+	if (r->p != NULL) BN_clear_free(r->p);
+	if (r->q != NULL) BN_clear_free(r->q);
+	if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
+	if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
+	if (r->iqmp != NULL) BN_clear_free(r->iqmp);
+	Free(r);
+	}
+
+int RSA_size(r)
+RSA *r;
+	{
+	return(BN_num_bytes(r->n));
+	}
+
+int RSA_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
+	}
+
+int RSA_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
+	}
+
+int RSA_private_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
+	}
+
+int RSA_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+	{
+	return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
+	}
+
diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
new file mode 100644
index 0000000000..62c211231a
--- /dev/null
+++ b/crypto/rsa/rsa_saos.c
@@ -0,0 +1,153 @@
+/* crypto/rsa/rsa_saos.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "x509.h"
+
+int RSA_sign_ASN1_OCTET_STRING(type,m,m_len,sigret,siglen,rsa)
+int type;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigret;
+unsigned int *siglen;
+RSA *rsa;
+	{
+	ASN1_OCTET_STRING sig;
+	int i,j,ret=1;
+	unsigned char *p,*s;
+
+	sig.type=V_ASN1_OCTET_STRING;
+	sig.length=m_len;
+	sig.data=m;
+
+	i=i2d_ASN1_OCTET_STRING(&sig,NULL);
+	j=RSA_size(rsa);
+	if ((i-RSA_PKCS1_PADDING) > j)
+		{
+		RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+		return(0);
+		}
+	s=(unsigned char *)Malloc((unsigned int)j+1);
+	if (s == NULL)
+		{
+		RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	p=s;
+	i2d_ASN1_OCTET_STRING(&sig,&p);
+	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
+	if (i <= 0)
+		ret=0;
+	else
+		*siglen=i;
+
+	memset(s,0,(unsigned int)j+1);
+	Free(s);
+	return(ret);
+	}
+
+int RSA_verify_ASN1_OCTET_STRING(dtype, m, m_len, sigbuf, siglen, rsa)
+int dtype;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigbuf;
+unsigned int siglen;
+RSA *rsa;
+	{
+	int i,ret=0;
+	unsigned char *p,*s;
+	ASN1_OCTET_STRING *sig=NULL;
+
+	if (siglen != (unsigned int)RSA_size(rsa))
+		{
+		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
+		return(0);
+		}
+
+	s=(unsigned char *)Malloc((unsigned int)siglen);
+	if (s == NULL)
+		{
+		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+	if (i <= 0) goto err;
+
+	p=s;
+	sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
+	if (sig == NULL) goto err;
+
+	if (	((unsigned int)sig->length != m_len) ||
+		(memcmp(m,sig->data,m_len) != 0))
+		{
+		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
+		}
+	else
+		ret=1;
+err:
+	if (sig != NULL) ASN1_OCTET_STRING_free(sig);
+	memset(s,0,(unsigned int)siglen);
+	Free(s);
+	return(ret);
+	}
+
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
new file mode 100644
index 0000000000..7c815ed257
--- /dev/null
+++ b/crypto/rsa/rsa_sign.c
@@ -0,0 +1,196 @@
+/* crypto/rsa/rsa_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "x509.h"
+
+int RSA_sign(type,m,m_len,sigret,siglen,rsa)
+int type;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigret;
+unsigned int *siglen;
+RSA *rsa;
+	{
+	X509_SIG sig;
+	ASN1_TYPE parameter;
+	int i,j,ret=1;
+	unsigned char *p,*s;
+	X509_ALGOR algor;
+	ASN1_OCTET_STRING digest;
+
+	sig.algor= &algor;
+	sig.algor->algorithm=OBJ_nid2obj(type);
+	if (sig.algor->algorithm == NULL)
+		{
+		RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+		return(0);
+		}
+	if (sig.algor->algorithm->length == 0)
+		{
+		RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+		return(0);
+		}
+	parameter.type=V_ASN1_NULL;
+	parameter.value.ptr=NULL;
+	sig.algor->parameter= &parameter;
+
+	sig.digest= &digest;
+	sig.digest->data=m;
+	sig.digest->length=m_len;
+
+	i=i2d_X509_SIG(&sig,NULL);
+	j=RSA_size(rsa);
+	if ((i-RSA_PKCS1_PADDING) > j)
+		{
+		RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+		return(0);
+		}
+	s=(unsigned char *)Malloc((unsigned int)j+1);
+	if (s == NULL)
+		{
+		RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	p=s;
+	i2d_X509_SIG(&sig,&p);
+	i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
+	if (i <= 0)
+		ret=0;
+	else
+		*siglen=i;
+
+	memset(s,0,(unsigned int)j+1);
+	Free(s);
+	return(ret);
+	}
+
+int RSA_verify(dtype, m, m_len, sigbuf, siglen, rsa)
+int dtype;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigbuf;
+unsigned int siglen;
+RSA *rsa;
+	{
+	int i,ret=0,sigtype;
+	unsigned char *p,*s;
+	X509_SIG *sig=NULL;
+
+	if (siglen != (unsigned int)RSA_size(rsa))
+		{
+		RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
+		return(0);
+		}
+
+	s=(unsigned char *)Malloc((unsigned int)siglen);
+	if (s == NULL)
+		{
+		RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+	if (i <= 0) goto err;
+
+	p=s;
+	sig=d2i_X509_SIG(NULL,&p,(long)i);
+	if (sig == NULL) goto err;
+	sigtype=OBJ_obj2nid(sig->algor->algorithm);
+
+#ifdef RSA_DEBUG
+	/* put a backward compatability flag in EAY */
+	fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
+		OBJ_nid2ln(dtype));
+#endif
+	if (sigtype != dtype)
+		{
+		if (((dtype == NID_md5) &&
+			(sigtype == NID_md5WithRSAEncryption)) ||
+			((dtype == NID_md2) &&
+			(sigtype == NID_md2WithRSAEncryption)))
+			{
+			/* ok, we will let it through */
+#ifndef WIN16
+			fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
+#endif
+			}
+		else
+			{
+			RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);
+			goto err;
+			}
+		}
+	if (	((unsigned int)sig->digest->length != m_len) ||
+		(memcmp(m,sig->digest->data,m_len) != 0))
+		{
+		RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+		}
+	else
+		ret=1;
+err:
+	if (sig != NULL) X509_SIG_free(sig);
+	memset(s,0,(unsigned int)siglen);
+	Free(s);
+	return(ret);
+	}
+
diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl
new file mode 100644
index 0000000000..3c3a9abd46
--- /dev/null
+++ b/crypto/sha/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/sha/Makefile
+#
+
+DIR=	sha
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=shatest.c sha1test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER=	sha_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/sha/sha.c b/crypto/sha/sha.c
new file mode 100644
index 0000000000..2fcd9636ee
--- /dev/null
+++ b/crypto/sha/sha.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE	1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+	{
+	int i,err=0;
+	FILE *IN;
+
+	if (argc == 1)
+		{
+		do_fp(stdin);
+		}
+	else
+		{
+		for (i=1; i<argc; i++)
+			{
+			IN=fopen(argv[i],"r");
+			if (IN == NULL)
+				{
+				perror(argv[i]);
+				err++;
+				continue;
+				}
+			printf("SHA(%s)= ",argv[i]);
+			do_fp(IN);
+			fclose(IN);
+			}
+		}
+	exit(err);
+	}
+
+void do_fp(f)
+FILE *f;
+	{
+	SHA_CTX c;
+	unsigned char md[SHA_DIGEST_LENGTH];
+	int fd;
+	int i;
+	unsigned char buf[BUFSIZE];
+
+	fd=fileno(f);
+	SHA_Init(&c);
+	for (;;)
+		{
+		i=read(fd,buf,BUFSIZE);
+		if (i <= 0) break;
+		SHA_Update(&c,buf,(unsigned long)i);
+		}
+	SHA_Final(&(md[0]),&c);
+	pt(md);
+	}
+
+void pt(md)
+unsigned char *md;
+	{
+	int i;
+
+	for (i=0; i<SHA_DIGEST_LENGTH; i++)
+		printf("%02x",md[i]);
+	printf("\n");
+	}
+
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
new file mode 100644
index 0000000000..9e22fa87c0
--- /dev/null
+++ b/crypto/sha/sha.h
@@ -0,0 +1,105 @@
+/* crypto/sha/sha.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SHA_H
+#define HEADER_SHA_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#define SHA_CBLOCK	64
+#define SHA_LBLOCK	16
+#define SHA_BLOCK	16
+#define SHA_LAST_BLOCK  56
+#define SHA_LENGTH_BLOCK 8
+#define SHA_DIGEST_LENGTH 20
+
+typedef struct SHAstate_st
+	{
+	unsigned long h0,h1,h2,h3,h4;
+	unsigned long Nl,Nh;
+	unsigned long data[SHA_LBLOCK];
+	int num;
+	} SHA_CTX;
+
+#ifndef NOPROTO
+void SHA_Init(SHA_CTX *c);
+void SHA_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
+void SHA_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA(unsigned char *d, unsigned long n,unsigned char *md);
+void SHA1_Init(SHA_CTX *c);
+void SHA1_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
+void SHA1_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA1(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+void SHA_Init();
+void SHA_Update();
+void SHA_Final();
+unsigned char *SHA();
+void SHA1_Init();
+void SHA1_Update();
+void SHA1_Final();
+unsigned char *SHA1();
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c
new file mode 100644
index 0000000000..cf381fa393
--- /dev/null
+++ b/crypto/sha/sha1_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha1_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "sha.h"
+
+unsigned char *SHA1(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	SHA_CTX c;
+	static unsigned char m[SHA_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	SHA1_Init(&c);
+	SHA1_Update(&c,d,n);
+	SHA1_Final(md,&c);
+	memset(&c,0,sizeof(c));
+	return(md);
+	}
diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c
new file mode 100644
index 0000000000..1a181263ad
--- /dev/null
+++ b/crypto/sha/sha1dgst.c
@@ -0,0 +1,373 @@
+/* crypto/sha/sha1dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef  SHA_0
+#define SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA1_version="SHA1 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from SHA-1 document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19	0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+static void sha1_block(SHA_CTX *c, register unsigned long *p);
+#else
+static void sha1_block();
+#endif
+
+void SHA1_Init(c)
+SHA_CTX *c;
+	{
+	c->h0=INIT_DATA_h0;
+	c->h1=INIT_DATA_h1;
+	c->h2=INIT_DATA_h2;
+	c->h3=INIT_DATA_h3;
+	c->h4=INIT_DATA_h4;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	}
+
+void SHA1_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register ULONG *p;
+	int ew,ec,sw,sc;
+	ULONG l;
+
+	if (len == 0) return;
+
+	l=(c->Nl+(len<<3))&0xffffffff;
+	if (l < c->Nl) /* overflow */
+		c->Nh++;
+	c->Nh+=(len>>29);
+	c->Nl=l;
+
+	if (c->num != 0)
+		{
+		p=c->data;
+		sw=c->num>>2;
+		sc=c->num&0x03;
+
+		if ((c->num+len) >= SHA_CBLOCK)
+			{
+			l= p[sw];
+			p_c2nl(data,l,sc);
+			p[sw++]=l;
+			for (; sw<SHA_LBLOCK; sw++)
+				{
+				c2nl(data,l);
+				p[sw]=l;
+				}
+			len-=(SHA_CBLOCK-c->num);
+
+			sha1_block(c,p);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			c->num+=(int)len;
+			if ((sc+len) < 4) /* ugly, add char's to a word */
+				{
+				l= p[sw];
+				p_c2nl_p(data,l,sc,len);
+				p[sw]=l;
+				}
+			else
+				{
+				ew=(c->num>>2);
+				ec=(c->num&0x03);
+				l= p[sw];
+				p_c2nl(data,l,sc);
+				p[sw++]=l;
+				for (; sw < ew; sw++)
+					{ c2nl(data,l); p[sw]=l; }
+				if (ec)
+					{
+					c2nl_p(data,l,ec);
+					p[sw]=l;
+					}
+				}
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of SHA_CBLOCK
+	 * chars and save the leftovers to c->data. */
+	p=c->data;
+	while (len >= SHA_CBLOCK)
+		{
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+		memcpy(p,data,SHA_CBLOCK);
+		data+=SHA_CBLOCK;
+#ifdef L_ENDIAN
+		for (sw=(SHA_LBLOCK/4); sw; sw--)
+			{
+			Endian_Reverse32(p[0]);
+			Endian_Reverse32(p[1]);
+			Endian_Reverse32(p[2]);
+			Endian_Reverse32(p[3]);
+			p+=4;
+			}
+#endif
+#else
+		for (sw=(SHA_BLOCK/4); sw; sw--)
+			{
+			c2nl(data,l); *(p++)=l;
+			c2nl(data,l); *(p++)=l;
+			c2nl(data,l); *(p++)=l;
+			c2nl(data,l); *(p++)=l;
+			}
+#endif
+		p=c->data;
+		sha1_block(c,p);
+		len-=SHA_CBLOCK;
+		}
+	ec=(int)len;
+	c->num=ec;
+	ew=(ec>>2);
+	ec&=0x03;
+
+	for (sw=0; sw < ew; sw++)
+		{ c2nl(data,l); p[sw]=l; }
+	c2nl_p(data,l,ec);
+	p[sw]=l;
+	}
+
+static void sha1_block(c, X)
+SHA_CTX *c;
+register unsigned long *X;
+	{
+	register ULONG A,B,C,D,E,T;
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+	BODY_00_15( 0,A,B,C,D,E,T);
+	BODY_00_15( 1,T,A,B,C,D,E);
+	BODY_00_15( 2,E,T,A,B,C,D);
+	BODY_00_15( 3,D,E,T,A,B,C);
+	BODY_00_15( 4,C,D,E,T,A,B);
+	BODY_00_15( 5,B,C,D,E,T,A);
+	BODY_00_15( 6,A,B,C,D,E,T);
+	BODY_00_15( 7,T,A,B,C,D,E);
+	BODY_00_15( 8,E,T,A,B,C,D);
+	BODY_00_15( 9,D,E,T,A,B,C);
+	BODY_00_15(10,C,D,E,T,A,B);
+	BODY_00_15(11,B,C,D,E,T,A);
+	BODY_00_15(12,A,B,C,D,E,T);
+	BODY_00_15(13,T,A,B,C,D,E);
+	BODY_00_15(14,E,T,A,B,C,D);
+	BODY_00_15(15,D,E,T,A,B,C);
+	BODY_16_19(16,C,D,E,T,A,B);
+	BODY_16_19(17,B,C,D,E,T,A);
+	BODY_16_19(18,A,B,C,D,E,T);
+	BODY_16_19(19,T,A,B,C,D,E);
+
+	BODY_20_39(20,E,T,A,B,C,D);
+	BODY_20_39(21,D,E,T,A,B,C);
+	BODY_20_39(22,C,D,E,T,A,B);
+	BODY_20_39(23,B,C,D,E,T,A);
+	BODY_20_39(24,A,B,C,D,E,T);
+	BODY_20_39(25,T,A,B,C,D,E);
+	BODY_20_39(26,E,T,A,B,C,D);
+	BODY_20_39(27,D,E,T,A,B,C);
+	BODY_20_39(28,C,D,E,T,A,B);
+	BODY_20_39(29,B,C,D,E,T,A);
+	BODY_20_39(30,A,B,C,D,E,T);
+	BODY_20_39(31,T,A,B,C,D,E);
+	BODY_20_39(32,E,T,A,B,C,D);
+	BODY_20_39(33,D,E,T,A,B,C);
+	BODY_20_39(34,C,D,E,T,A,B);
+	BODY_20_39(35,B,C,D,E,T,A);
+	BODY_20_39(36,A,B,C,D,E,T);
+	BODY_20_39(37,T,A,B,C,D,E);
+	BODY_20_39(38,E,T,A,B,C,D);
+	BODY_20_39(39,D,E,T,A,B,C);
+
+	BODY_40_59(40,C,D,E,T,A,B);
+	BODY_40_59(41,B,C,D,E,T,A);
+	BODY_40_59(42,A,B,C,D,E,T);
+	BODY_40_59(43,T,A,B,C,D,E);
+	BODY_40_59(44,E,T,A,B,C,D);
+	BODY_40_59(45,D,E,T,A,B,C);
+	BODY_40_59(46,C,D,E,T,A,B);
+	BODY_40_59(47,B,C,D,E,T,A);
+	BODY_40_59(48,A,B,C,D,E,T);
+	BODY_40_59(49,T,A,B,C,D,E);
+	BODY_40_59(50,E,T,A,B,C,D);
+	BODY_40_59(51,D,E,T,A,B,C);
+	BODY_40_59(52,C,D,E,T,A,B);
+	BODY_40_59(53,B,C,D,E,T,A);
+	BODY_40_59(54,A,B,C,D,E,T);
+	BODY_40_59(55,T,A,B,C,D,E);
+	BODY_40_59(56,E,T,A,B,C,D);
+	BODY_40_59(57,D,E,T,A,B,C);
+	BODY_40_59(58,C,D,E,T,A,B);
+	BODY_40_59(59,B,C,D,E,T,A);
+
+	BODY_60_79(60,A,B,C,D,E,T);
+	BODY_60_79(61,T,A,B,C,D,E);
+	BODY_60_79(62,E,T,A,B,C,D);
+	BODY_60_79(63,D,E,T,A,B,C);
+	BODY_60_79(64,C,D,E,T,A,B);
+	BODY_60_79(65,B,C,D,E,T,A);
+	BODY_60_79(66,A,B,C,D,E,T);
+	BODY_60_79(67,T,A,B,C,D,E);
+	BODY_60_79(68,E,T,A,B,C,D);
+	BODY_60_79(69,D,E,T,A,B,C);
+	BODY_60_79(70,C,D,E,T,A,B);
+	BODY_60_79(71,B,C,D,E,T,A);
+	BODY_60_79(72,A,B,C,D,E,T);
+	BODY_60_79(73,T,A,B,C,D,E);
+	BODY_60_79(74,E,T,A,B,C,D);
+	BODY_60_79(75,D,E,T,A,B,C);
+	BODY_60_79(76,C,D,E,T,A,B);
+	BODY_60_79(77,B,C,D,E,T,A);
+	BODY_60_79(78,A,B,C,D,E,T);
+	BODY_60_79(79,T,A,B,C,D,E);
+
+	c->h0=(c->h0+E)&0xffffffff; 
+	c->h1=(c->h1+T)&0xffffffff;
+	c->h2=(c->h2+A)&0xffffffff;
+	c->h3=(c->h3+B)&0xffffffff;
+	c->h4=(c->h4+C)&0xffffffff;
+	}
+
+void SHA1_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+	{
+	register int i,j;
+	register ULONG l;
+	register ULONG *p;
+	static unsigned char end[4]={0x80,0x00,0x00,0x00};
+	unsigned char *cp=end;
+
+	/* c->num should definitly have room for at least one more byte. */
+	p=c->data;
+	j=c->num;
+	i=j>>2;
+#ifdef PURIFY
+	if ((j&0x03) == 0) p[i]=0;
+#endif
+	l=p[i];
+	p_c2nl(cp,l,j&0x03);
+	p[i]=l;
+	i++;
+	/* i is the next 'undefined word' */
+	if (c->num >= SHA_LAST_BLOCK)
+		{
+		for (; i<SHA_LBLOCK; i++)
+			p[i]=0;
+		sha1_block(c,p);
+		i=0;
+		}
+	for (; i<(SHA_LBLOCK-2); i++)
+		p[i]=0;
+	p[SHA_LBLOCK-2]=c->Nh;
+	p[SHA_LBLOCK-1]=c->Nl;
+	sha1_block(c,p);
+	cp=md;
+	l=c->h0; nl2c(l,cp);
+	l=c->h1; nl2c(l,cp);
+	l=c->h2; nl2c(l,cp);
+	l=c->h3; nl2c(l,cp);
+	l=c->h4; nl2c(l,cp);
+
+	/* clear stuff, sha1_block may be leaving some stuff on the stack
+	 * but I'm not worried :-) */
+	c->num=0;
+/*	memset((char *)&c,0,sizeof(c));*/
+	}
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c
new file mode 100644
index 0000000000..9c172c0241
--- /dev/null
+++ b/crypto/sha/sha1test.c
@@ -0,0 +1,155 @@
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#undef SHA_0 /* FIPS 180 */
+#define  SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+	"abc",
+	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+	NULL,
+	};
+
+#ifdef SHA_0
+char *ret[]={
+	"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+	"d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+	};
+char *bigret=
+	"3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+	"a9993e364706816aba3e25717850c26c9cd0d89d",
+	"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+	};
+char *bigret=
+	"34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	unsigned char **P,**R;
+	static unsigned char buf[1000];
+	char *p,*r;
+	SHA_CTX c;
+	unsigned char md[SHA_DIGEST_LENGTH];
+
+	P=(unsigned char **)test;
+	R=(unsigned char **)ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL));
+		if (strcmp(p,(char *)*R) != 0)
+			{
+			printf("error calculating SHA1 on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+
+	memset(buf,'a',1000);
+	SHA1_Init(&c);
+	for (i=0; i<1000; i++)
+		SHA1_Update(&c,buf,1000);
+	SHA1_Final(md,&c);
+	p=pt(md);
+
+	r=bigret;
+	if (strcmp(p,r) != 0)
+		{
+		printf("error calculating SHA1 on '%s'\n",p);
+		printf("got %s instead of %s\n",p,r);
+		err++;
+		}
+	else
+		printf("test 3 ok\n");
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<SHA_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c
new file mode 100644
index 0000000000..311aa6fcc5
--- /dev/null
+++ b/crypto/sha/sha_dgst.c
@@ -0,0 +1,374 @@
+/* crypto/sha/sha_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#define SHA_0
+#undef  SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA_version="SHA part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from SHA document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19	0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+static void sha_block(SHA_CTX *c, register unsigned long *p);
+#else
+static void sha_block();
+#endif
+
+void SHA_Init(c)
+SHA_CTX *c;
+	{
+	c->h0=INIT_DATA_h0;
+	c->h1=INIT_DATA_h1;
+	c->h2=INIT_DATA_h2;
+	c->h3=INIT_DATA_h3;
+	c->h4=INIT_DATA_h4;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	}
+
+void SHA_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+	{
+	register ULONG *p;
+	int sw,sc,ew,ec;
+	ULONG l;
+
+	if (len == 0) return;
+
+	l=(c->Nl+(len<<3))&0xffffffff;
+	if (l < c->Nl) /* overflow */
+		c->Nh++;
+	c->Nh+=(len>>29);
+	c->Nl=l;
+
+	if (c->num != 0)
+		{
+		p=c->data;
+		sw=c->num>>2;
+		sc=c->num&0x03;
+
+		if ((c->num+len) >= SHA_CBLOCK)
+			{
+			l= p[sw];
+			p_c2nl(data,l,sc);
+			p[sw++]=l;
+			for (; sw<SHA_LBLOCK; sw++)
+				{
+				c2nl(data,l);
+				p[sw]=l;
+				}
+			len-=(SHA_CBLOCK-c->num);
+
+			sha_block(c,p);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			c->num+=(int)len;
+			if ((sc+len) < 4) /* ugly, add char's to a word */
+				{
+				l= p[sw];
+				p_c2nl_p(data,l,sc,len);
+				p[sw]=l;
+				}
+			else
+				{
+				ew=(c->num>>2);
+				ec=(c->num&0x03);
+				l= p[sw];
+				p_c2nl(data,l,sc);
+				p[sw++]=l;
+				for (; sw < ew; sw++)
+					{ c2nl(data,l); p[sw]=l; }
+				if (ec)
+					{
+					c2nl_p(data,l,ec);
+					p[sw]=l;
+					}
+				}
+			return;
+			}
+		}
+	/* we now can process the input data in blocks of SHA_CBLOCK
+	 * chars and save the leftovers to c->data. */
+	p=c->data;
+	while (len >= SHA_CBLOCK)
+		{
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+		memcpy(p,data,SHA_CBLOCK);
+		data+=SHA_CBLOCK;
+#ifdef L_ENDIAN
+		for (sw=(SHA_LBLOCK/4); sw; sw--)
+			{
+			Endian_Reverse32(p[0]);
+			Endian_Reverse32(p[1]);
+			Endian_Reverse32(p[2]);
+			Endian_Reverse32(p[3]);
+			p+=4;
+			}
+#endif
+#else
+		for (sw=(SHA_LBLOCK/4); sw; sw--)
+			{
+			c2nl(data,l); *(p++)=l;
+			c2nl(data,l); *(p++)=l;
+			c2nl(data,l); *(p++)=l;
+			c2nl(data,l); *(p++)=l;
+			}
+#endif
+		p=c->data;
+		sha_block(c,p);
+		len-=SHA_CBLOCK;
+		}
+	ec=(int)len;
+	c->num=ec;
+	ew=(ec>>2);
+	ec&=0x03;
+
+	for (sw=0; sw < ew; sw++)
+		{ c2nl(data,l); p[sw]=l; }
+	c2nl_p(data,l,ec);
+	p[sw]=l;
+	}
+
+static void sha_block(c, X)
+SHA_CTX *c;
+register unsigned long *X;
+	{
+	register ULONG A,B,C,D,E,T;
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+	BODY_00_15( 0,A,B,C,D,E,T);
+	BODY_00_15( 1,T,A,B,C,D,E);
+	BODY_00_15( 2,E,T,A,B,C,D);
+	BODY_00_15( 3,D,E,T,A,B,C);
+	BODY_00_15( 4,C,D,E,T,A,B);
+	BODY_00_15( 5,B,C,D,E,T,A);
+	BODY_00_15( 6,A,B,C,D,E,T);
+	BODY_00_15( 7,T,A,B,C,D,E);
+	BODY_00_15( 8,E,T,A,B,C,D);
+	BODY_00_15( 9,D,E,T,A,B,C);
+	BODY_00_15(10,C,D,E,T,A,B);
+	BODY_00_15(11,B,C,D,E,T,A);
+	BODY_00_15(12,A,B,C,D,E,T);
+	BODY_00_15(13,T,A,B,C,D,E);
+	BODY_00_15(14,E,T,A,B,C,D);
+	BODY_00_15(15,D,E,T,A,B,C);
+	BODY_16_19(16,C,D,E,T,A,B);
+	BODY_16_19(17,B,C,D,E,T,A);
+	BODY_16_19(18,A,B,C,D,E,T);
+	BODY_16_19(19,T,A,B,C,D,E);
+
+	BODY_20_39(20,E,T,A,B,C,D);
+	BODY_20_39(21,D,E,T,A,B,C);
+	BODY_20_39(22,C,D,E,T,A,B);
+	BODY_20_39(23,B,C,D,E,T,A);
+	BODY_20_39(24,A,B,C,D,E,T);
+	BODY_20_39(25,T,A,B,C,D,E);
+	BODY_20_39(26,E,T,A,B,C,D);
+	BODY_20_39(27,D,E,T,A,B,C);
+	BODY_20_39(28,C,D,E,T,A,B);
+	BODY_20_39(29,B,C,D,E,T,A);
+	BODY_20_39(30,A,B,C,D,E,T);
+	BODY_20_39(31,T,A,B,C,D,E);
+	BODY_20_39(32,E,T,A,B,C,D);
+	BODY_20_39(33,D,E,T,A,B,C);
+	BODY_20_39(34,C,D,E,T,A,B);
+	BODY_20_39(35,B,C,D,E,T,A);
+	BODY_20_39(36,A,B,C,D,E,T);
+	BODY_20_39(37,T,A,B,C,D,E);
+	BODY_20_39(38,E,T,A,B,C,D);
+	BODY_20_39(39,D,E,T,A,B,C);
+
+	BODY_40_59(40,C,D,E,T,A,B);
+	BODY_40_59(41,B,C,D,E,T,A);
+	BODY_40_59(42,A,B,C,D,E,T);
+	BODY_40_59(43,T,A,B,C,D,E);
+	BODY_40_59(44,E,T,A,B,C,D);
+	BODY_40_59(45,D,E,T,A,B,C);
+	BODY_40_59(46,C,D,E,T,A,B);
+	BODY_40_59(47,B,C,D,E,T,A);
+	BODY_40_59(48,A,B,C,D,E,T);
+	BODY_40_59(49,T,A,B,C,D,E);
+	BODY_40_59(50,E,T,A,B,C,D);
+	BODY_40_59(51,D,E,T,A,B,C);
+	BODY_40_59(52,C,D,E,T,A,B);
+	BODY_40_59(53,B,C,D,E,T,A);
+	BODY_40_59(54,A,B,C,D,E,T);
+	BODY_40_59(55,T,A,B,C,D,E);
+	BODY_40_59(56,E,T,A,B,C,D);
+	BODY_40_59(57,D,E,T,A,B,C);
+	BODY_40_59(58,C,D,E,T,A,B);
+	BODY_40_59(59,B,C,D,E,T,A);
+
+	BODY_60_79(60,A,B,C,D,E,T);
+	BODY_60_79(61,T,A,B,C,D,E);
+	BODY_60_79(62,E,T,A,B,C,D);
+	BODY_60_79(63,D,E,T,A,B,C);
+	BODY_60_79(64,C,D,E,T,A,B);
+	BODY_60_79(65,B,C,D,E,T,A);
+	BODY_60_79(66,A,B,C,D,E,T);
+	BODY_60_79(67,T,A,B,C,D,E);
+	BODY_60_79(68,E,T,A,B,C,D);
+	BODY_60_79(69,D,E,T,A,B,C);
+	BODY_60_79(70,C,D,E,T,A,B);
+	BODY_60_79(71,B,C,D,E,T,A);
+	BODY_60_79(72,A,B,C,D,E,T);
+	BODY_60_79(73,T,A,B,C,D,E);
+	BODY_60_79(74,E,T,A,B,C,D);
+	BODY_60_79(75,D,E,T,A,B,C);
+	BODY_60_79(76,C,D,E,T,A,B);
+	BODY_60_79(77,B,C,D,E,T,A);
+	BODY_60_79(78,A,B,C,D,E,T);
+	BODY_60_79(79,T,A,B,C,D,E);
+
+	c->h0=(c->h0+E)&0xffffffff; 
+	c->h1=(c->h1+T)&0xffffffff;
+	c->h2=(c->h2+A)&0xffffffff;
+	c->h3=(c->h3+B)&0xffffffff;
+	c->h4=(c->h4+C)&0xffffffff;
+	}
+
+void SHA_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+	{
+	register int i,j;
+	register ULONG l;
+	register ULONG *p;
+	static unsigned char end[4]={0x80,0x00,0x00,0x00};
+	unsigned char *cp=end;
+
+	/* c->num should definitly have room for at least one more byte. */
+	p=c->data;
+	j=c->num;
+	i=j>>2;
+#ifdef PURIFY
+	if ((j&0x03) == 0) p[i]=0;
+#endif
+	l=p[i];
+	p_c2nl(cp,l,j&0x03);
+	p[i]=l;
+	i++;
+	/* i is the next 'undefined word' */
+	if (c->num >= SHA_LAST_BLOCK)
+		{
+		for (; i<SHA_LBLOCK; i++)
+			p[i]=0;
+		sha_block(c,p);
+		i=0;
+		}
+	for (; i<(SHA_LBLOCK-2); i++)
+		p[i]=0;
+	p[SHA_LBLOCK-2]=c->Nh;
+	p[SHA_LBLOCK-1]=c->Nl;
+	sha_block(c,p);
+	cp=md;
+	l=c->h0; nl2c(l,cp);
+	l=c->h1; nl2c(l,cp);
+	l=c->h2; nl2c(l,cp);
+	l=c->h3; nl2c(l,cp);
+	l=c->h4; nl2c(l,cp);
+	/* clear stuff, sha_block may be leaving some stuff on the stack
+	 * but I'm not worried :-) */
+	c->num=0;
+/*	memset((char *)&c,0,sizeof(c));*/
+	}
+
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
+
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
new file mode 100644
index 0000000000..0a5cf46990
--- /dev/null
+++ b/crypto/sha/sha_locl.h
@@ -0,0 +1,198 @@
+/* crypto/sha/sha_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef undef
+/* one or the other needs to be defined */
+#ifndef SHA_1 /* FIPE 180-1 */
+#define SHA_0 /* FIPS 180   */
+#endif
+#endif
+
+#define ULONG	unsigned long
+#define UCHAR	unsigned char
+#define UINT	unsigned int
+
+#ifdef NOCONST
+#define const
+#endif
+
+#undef c2nl
+#define c2nl(c,l)	(l =(((unsigned long)(*((c)++)))<<24), \
+			 l|=(((unsigned long)(*((c)++)))<<16), \
+			 l|=(((unsigned long)(*((c)++)))<< 8), \
+			 l|=(((unsigned long)(*((c)++)))    ))
+
+#undef p_c2nl
+#define p_c2nl(c,l,n)	{ \
+			switch (n) { \
+			case 0: l =((unsigned long)(*((c)++)))<<24; \
+			case 1: l|=((unsigned long)(*((c)++)))<<16; \
+			case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+			case 3: l|=((unsigned long)(*((c)++))); \
+				} \
+			}
+
+#undef c2nl_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2nl_p(c,l,n)	{ \
+			l=0; \
+			(c)+=n; \
+			switch (n) { \
+			case 3: l =((unsigned long)(*(--(c))))<< 8; \
+			case 2: l|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+#undef p_c2nl_p
+#define p_c2nl_p(c,l,sc,len) { \
+			switch (sc) \
+				{ \
+			case 0: l =((unsigned long)(*((c)++)))<<24; \
+				if (--len == 0) break; \
+			case 1: l|=((unsigned long)(*((c)++)))<<16; \
+				if (--len == 0) break; \
+			case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+				} \
+			}
+
+#undef nl2c
+#define nl2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+			 *((c)++)=(unsigned char)(((l)    )&0xff))
+
+/* I have taken some of this code from my MD5 implementation */
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n)     _lrotl(a,n)
+#else
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	(a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+	}
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+	{ \
+	unsigned long l=(a); \
+	l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+	(a)=ROTATE(l,16L); \
+	}
+#endif
+
+/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19.  Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
+#define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
+#define	F_60_79(b,c,d)	F_20_39(b,c,d)
+
+#ifdef SHA_0
+#undef Xupdate
+#define Xupdate(a,i) \
+	X[(i)&0x0f]=(a)=\
+		(X[(i)&0x0f]^X[((i)+2)&0x0f]^X[((i)+8)&0x0f]^X[((i)+13)&0x0f]);
+#endif
+#ifdef SHA_1
+#undef Xupdate
+#define Xupdate(a,i) \
+	(a)=(X[(i)&0x0f]^X[((i)+2)&0x0f]^X[((i)+8)&0x0f]^X[((i)+13)&0x0f]); \
+	X[(i)&0x0f]=(a)=ROTATE((a),1);
+#endif
+
+#define BODY_00_15(i,a,b,c,d,e,f) \
+	(f)=X[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f) \
+	Xupdate(f,i); \
+	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_20_39(i,a,b,c,d,e,f) \
+	Xupdate(f,i); \
+	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f) \
+	Xupdate(f,i); \
+	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f) \
+	Xupdate(f,i); \
+	(f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c
new file mode 100644
index 0000000000..87da617bec
--- /dev/null
+++ b/crypto/sha/sha_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "sha.h"
+
+unsigned char *SHA(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	{
+	SHA_CTX c;
+	static unsigned char m[SHA_DIGEST_LENGTH];
+
+	if (md == NULL) md=m;
+	SHA_Init(&c);
+	SHA_Update(&c,d,n);
+	SHA_Final(md,&c);
+	memset(&c,0,sizeof(c));
+	return(md);
+	}
diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c
new file mode 100644
index 0000000000..28c2e19236
--- /dev/null
+++ b/crypto/sha/shatest.c
@@ -0,0 +1,155 @@
+/* crypto/sha/shatest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define SHA_0 /* FIPS 180 */
+#undef  SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+	"abc",
+	"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+	NULL,
+	};
+
+#ifdef SHA_0
+char *ret[]={
+	"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+	"d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+	};
+char *bigret=
+	"3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+	"a9993e364706816aba3e25717850c26c9cd0d89d",
+	"84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+	};
+char *bigret=
+	"34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+	{
+	int i,err=0;
+	unsigned char **P,**R;
+	static unsigned char buf[1000];
+	char *p,*r;
+	SHA_CTX c;
+	unsigned char md[SHA_DIGEST_LENGTH];
+
+	P=(unsigned char **)test;
+	R=(unsigned char **)ret;
+	i=1;
+	while (*P != NULL)
+		{
+		p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL));
+		if (strcmp(p,(char *)*R) != 0)
+			{
+			printf("error calculating SHA on '%s'\n",*P);
+			printf("got %s instead of %s\n",p,*R);
+			err++;
+			}
+		else
+			printf("test %d ok\n",i);
+		i++;
+		R++;
+		P++;
+		}
+
+	memset(buf,'a',1000);
+	SHA_Init(&c);
+	for (i=0; i<1000; i++)
+		SHA_Update(&c,buf,1000);
+	SHA_Final(md,&c);
+	p=pt(md);
+
+	r=bigret;
+	if (strcmp(p,r) != 0)
+		{
+		printf("error calculating SHA on '%s'\n",p);
+		printf("got %s instead of %s\n",p,r);
+		err++;
+		}
+	else
+		printf("test 3 ok\n");
+	exit(err);
+	return(0);
+	}
+
+static char *pt(md)
+unsigned char *md;
+	{
+	int i;
+	static char buf[80];
+
+	for (i=0; i<SHA_DIGEST_LENGTH; i++)
+		sprintf(&(buf[i*2]),"%02x",md[i]);
+	return(buf);
+	}
diff --git a/crypto/stack/Makefile.ssl b/crypto/stack/Makefile.ssl
new file mode 100644
index 0000000000..0d232c08cf
--- /dev/null
+++ b/crypto/stack/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/stack/Makefile
+#
+
+DIR=	stack
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=stack.c
+LIBOBJ=stack.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= stack.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
new file mode 100644
index 0000000000..712089ef31
--- /dev/null
+++ b/crypto/stack/stack.c
@@ -0,0 +1,299 @@
+/* crypto/stack/stack.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Code for stacks
+ * Author - Eric Young v 1.0
+ * 1.2 eay 12-Mar-97 -	Modified sk_find so that it _DOES_ return the
+ *			lowest index for the seached item.
+ *
+ * 1.1 eay - Take from netdb and added to SSLeay
+ *
+ * 1.0 eay - First version 29/07/92
+ */
+#include <stdio.h>
+#include "cryptlib.h"
+#include "stack.h"
+
+#undef MIN_NODES
+#define MIN_NODES	4
+
+char *STACK_version="STACK part of SSLeay 0.8.1b 29-Jun-1998";
+
+#ifndef NOPROTO
+#define	FP_ICC	(int (*)(const void *,const void *))
+#else
+#define FP_ICC
+#endif
+
+#include <errno.h>
+
+void sk_set_cmp_func(sk,c)
+STACK *sk;
+int (*c)();
+	{
+	if (sk->comp != c)
+		sk->sorted=0;
+	sk->comp=c;
+	}
+
+STACK *sk_dup(sk)
+STACK *sk;
+	{
+	STACK *ret;
+	char **s;
+
+	if ((ret=sk_new(sk->comp)) == NULL) goto err;
+	s=(char **)Realloc((char *)ret->data,
+		(unsigned int)sizeof(char *)*sk->num_alloc);
+	if (s == NULL) goto err;
+	ret->data=s;
+
+	ret->num=sk->num;
+	memcpy(ret->data,sk->data,sizeof(char *)*sk->num);
+	ret->sorted=sk->sorted;
+	ret->num_alloc=sk->num_alloc;
+	ret->comp=sk->comp;
+	return(ret);
+err:
+	return(NULL);
+	}
+
+STACK *sk_new(c)
+int (*c)();
+	{
+	STACK *ret;
+	int i;
+
+	if ((ret=(STACK *)Malloc(sizeof(STACK))) == NULL)
+		goto err0;
+	if ((ret->data=(char **)Malloc(sizeof(char *)*MIN_NODES)) == NULL)
+		goto err1;
+	for (i=0; i<MIN_NODES; i++)
+		ret->data[i]=NULL;
+	ret->comp=c;
+	ret->num_alloc=MIN_NODES;
+	ret->num=0;
+	ret->sorted=0;
+	return(ret);
+err1:
+	Free((char *)ret);
+err0:
+	return(NULL);
+	}
+
+int sk_insert(st,data,loc)
+STACK *st;
+char *data;
+int loc;
+	{
+	char **s;
+
+	if (st->num_alloc <= st->num+1)
+		{
+		s=(char **)Realloc((char *)st->data,
+			(unsigned int)sizeof(char *)*st->num_alloc*2);
+		if (s == NULL)
+			return(0);
+		st->data=s;
+		st->num_alloc*=2;
+		}
+	if ((loc >= (int)st->num) || (loc < 0))
+		st->data[st->num]=data;
+	else
+		{
+		int i;
+		char **f,**t;
+
+		f=(char **)st->data;
+		t=(char **)&(st->data[1]);
+		for (i=st->num; i>loc; i--)
+			t[i]=f[i];
+			
+#ifdef undef /* no memmove on sunos :-( */
+		memmove( (char *)&(st->data[loc+1]),
+			(char *)&(st->data[loc]),
+			sizeof(char *)*(st->num-loc));
+#endif
+		st->data[loc]=data;
+		}
+	st->num++;
+	st->sorted=0;
+	return(st->num);
+	}
+
+char *sk_delete_ptr(st,p)
+STACK *st;
+char *p;
+	{
+	int i;
+
+	for (i=0; i<st->num; i++)
+		if (st->data[i] == p)
+			return(sk_delete(st,i));
+	return(NULL);
+	}
+
+char *sk_delete(st,loc)
+STACK *st;
+int loc;
+	{
+	char *ret;
+
+	if ((st->num == 0) || (loc < 0) || (loc >= st->num)) return(NULL);
+
+	ret=st->data[loc];
+	if (loc != st->num-1)
+		memcpy( &(st->data[loc]),
+			&(st->data[loc+1]),
+			sizeof(char *)*(st->num-loc-1));
+	st->num--;
+	return(ret);
+	}
+
+int sk_find(st,data)
+STACK *st;
+char *data;
+	{
+	char **r;
+	int i;
+	int (*comp_func)();
+
+	if (st->comp == NULL)
+		{
+		for (i=0; i<st->num; i++)
+			if (st->data[i] == data)
+				return(i);
+		return(-1);
+		}
+	comp_func=(int (*)())st->comp;
+	if (!st->sorted)
+		{
+		qsort((char *)st->data,st->num,sizeof(char *),FP_ICC comp_func);
+		st->sorted=1;
+		}
+	if (data == NULL) return(-1);
+	r=(char **)bsearch(&data,(char *)st->data,
+		st->num,sizeof(char *),FP_ICC comp_func);
+	if (r == NULL) return(-1);
+	i=(int)(r-st->data);
+	for ( ; i>0; i--)
+		if ((*st->comp)(&(st->data[i-1]),&data) < 0)
+			break;
+	return(i);
+	}
+
+int sk_push(st,data)
+STACK *st;
+char *data;
+	{
+	return(sk_insert(st,data,st->num));
+	}
+
+int sk_unshift(st,data)
+STACK *st;
+char *data;
+	{
+	return(sk_insert(st,data,0));
+	}
+
+char *sk_shift(st)
+STACK *st;
+	{
+	if (st == NULL) return(NULL);
+	if (st->num <= 0) return(NULL);
+	return(sk_delete(st,0));
+	}
+
+char *sk_pop(st)
+STACK *st;
+	{
+	if (st == NULL) return(NULL);
+	if (st->num <= 0) return(NULL);
+	return(sk_delete(st,st->num-1));
+	}
+
+void sk_zero(st)
+STACK *st;
+	{
+	if (st == NULL) return;
+	if (st->num <= 0) return;
+	memset((char *)st->data,0,sizeof(st->data)*st->num);
+	st->num=0;
+	}
+
+void sk_pop_free(st,func)
+STACK *st;
+void (*func)();
+	{
+	int i;
+
+	if (st == NULL) return;
+	for (i=0; i<st->num; i++)
+		if (st->data[i] != NULL)
+			func(st->data[i]);
+	sk_free(st);
+	}
+
+void sk_free(st)
+STACK *st;
+	{
+	if (st == NULL) return;
+	if (st->data != NULL) Free((char *)st->data);
+	Free((char *)st);
+	}
+
diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h
new file mode 100644
index 0000000000..66ba83ec40
--- /dev/null
+++ b/crypto/stack/stack.h
@@ -0,0 +1,120 @@
+/* crypto/stack/stack.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_STACK_H
+#define HEADER_STACK_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct stack_st
+	{
+	int num;
+	char **data;
+	int sorted;
+
+	int num_alloc;
+	int (*comp)();
+	} STACK;
+
+#define sk_num(sk)	((sk)->num)
+#define sk_value(sk,n)	((sk)->data[n])
+
+#define sk_new_null()	sk_new(NULL)
+#ifndef NOPROTO
+
+STACK *sk_new(int (*cmp)());
+void sk_free(STACK *);
+void sk_pop_free(STACK *st, void (*func)());
+int sk_insert(STACK *sk,char *data,int where);
+char *sk_delete(STACK *st,int loc);
+char *sk_delete_ptr(STACK *st, char *p);
+int sk_find(STACK *st,char *data);
+int sk_push(STACK *st,char *data);
+int sk_unshift(STACK *st,char *data);
+char *sk_shift(STACK *st);
+char *sk_pop(STACK *st);
+void sk_zero(STACK *st);
+void sk_set_cmp_func(STACK *sk, int (*c)());
+STACK *sk_dup(STACK *st);
+
+#else
+
+STACK *sk_new();
+void sk_free();
+void sk_pop_free();
+int sk_insert();
+char *sk_delete();
+char *sk_delete_ptr();
+int sk_find();
+int sk_push();
+int sk_unshift();
+char *sk_shift();
+char *sk_pop();
+void sk_zero();
+void sk_set_cmp_func();
+STACK *sk_dup();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/txt_db/Makefile.ssl b/crypto/txt_db/Makefile.ssl
new file mode 100644
index 0000000000..76e511534f
--- /dev/null
+++ b/crypto/txt_db/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/txt_db/Makefile
+#
+
+DIR=	txt_db
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=txt_db.c
+LIBOBJ=txt_db.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= txt_db.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
new file mode 100644
index 0000000000..ae8db3917b
--- /dev/null
+++ b/crypto/txt_db/txt_db.c
@@ -0,0 +1,394 @@
+/* crypto/txt_db/txt_db.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "txt_db.h"
+
+#undef BUFSIZE
+#define BUFSIZE	512
+
+char *TXT_DB_version="TXT_DB part of SSLeay 0.8.1b 29-Jun-1998";
+
+TXT_DB *TXT_DB_read(in,num)
+BIO *in;
+int num;
+	{
+	TXT_DB *ret=NULL;
+	int er=1;
+	int esc=0;
+	long ln=0;
+	int i,add,n;
+	int size=BUFSIZE;
+	int offset=0;
+	char *p,**pp,*f;
+	BUF_MEM *buf=NULL;
+
+	if ((buf=BUF_MEM_new()) == NULL) goto err;
+	if (!BUF_MEM_grow(buf,size)) goto err;
+
+	if ((ret=(TXT_DB *)Malloc(sizeof(TXT_DB))) == NULL)
+		goto err;
+	ret->num_fields=num;
+	ret->index=NULL;
+	ret->qual=NULL;
+	if ((ret->data=sk_new_null()) == NULL)
+		goto err;
+	if ((ret->index=(LHASH **)Malloc(sizeof(LHASH *)*num)) == NULL)
+		goto err;
+	if ((ret->qual=(int (**)())Malloc(sizeof(int (**)())*num)) == NULL)
+		goto err;
+	for (i=0; i<num; i++)
+		{
+		ret->index[i]=NULL;
+		ret->qual[i]=NULL;
+		}
+
+	add=(num+1)*sizeof(char *);
+	buf->data[size-1]='\0';
+	offset=0;
+	for (;;)
+		{
+		if (offset != 0)
+			{
+			size+=BUFSIZE;
+			if (!BUF_MEM_grow(buf,size)) goto err;
+			}
+		buf->data[offset]='\0';
+		BIO_gets(in,&(buf->data[offset]),size-offset);
+		ln++;
+		if (buf->data[offset] == '\0') break;
+		if ((offset == 0) && (buf->data[0] == '#')) continue;
+		i=strlen(&(buf->data[offset]));
+		offset+=i;
+		if (buf->data[offset-1] != '\n')
+			continue;
+		else
+			{
+			buf->data[offset-1]='\0'; /* blat the '\n' */
+			p=(char *)Malloc(add+offset);
+			offset=0;
+			}
+		pp=(char **)p;
+		p+=add;
+		n=0;
+		pp[n++]=p;
+		i=0;
+		f=buf->data;
+
+		esc=0;
+		for (;;)
+			{
+			if (*f == '\0') break;
+			if (*f == '\t')
+				{
+				if (esc)
+					p--;
+				else
+					{	
+					*(p++)='\0';
+					f++;
+					if (n >=  num) break;
+					pp[n++]=p;
+					continue;
+					}
+				}
+			esc=(*f == '\\');
+			*(p++)= *(f++);
+			}
+		*(p++)='\0';
+		if ((n != num) || (*f != '\0'))
+			{
+#ifndef WIN16	/* temporaty fix :-( */
+			fprintf(stderr,"wrong number of fields on line %ld\n",ln);
+#endif
+			er=2;
+			goto err;
+			}
+		pp[n]=p;
+		if (!sk_push(ret->data,(char *)pp))
+			{
+#ifndef WIN16	/* temporaty fix :-( */
+			fprintf(stderr,"failure in sk_push\n");
+#endif
+			er=2;
+			goto err;
+			}
+		}
+	er=0;
+err:
+	BUF_MEM_free(buf);
+	if (er)
+		{
+#ifndef WIN16
+		if (er == 1) fprintf(stderr,"Malloc failure\n");
+#endif
+		if (ret->data != NULL) sk_free(ret->data);
+		if (ret->index != NULL) Free(ret->index);
+		if (ret->qual != NULL) Free((char *)ret->qual);
+		if (ret != NULL) Free(ret);
+		return(NULL);
+		}
+	else
+		return(ret);
+	}
+
+char **TXT_DB_get_by_index(db,idx,value)
+TXT_DB *db;
+int idx;
+char **value;
+	{
+	char **ret;
+	LHASH *lh;
+
+	if (idx >= db->num_fields)
+		{
+		db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
+		return(NULL);
+		}
+	lh=db->index[idx];
+	if (lh == NULL)
+		{
+		db->error=DB_ERROR_NO_INDEX;
+		return(NULL);
+		}
+	ret=(char **)lh_retrieve(lh,(char *)value);
+	db->error=DB_ERROR_OK;
+	return(ret);
+	}
+
+int TXT_DB_create_index(db,field,qual,hash,cmp)
+TXT_DB *db;
+int field;
+int (*qual)();
+unsigned long (*hash)();
+int (*cmp)();
+	{
+	LHASH *idx;
+	char *r;
+	int i,n;
+
+	if (field >= db->num_fields)
+		{
+		db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
+		return(0);
+		}
+	if ((idx=lh_new(hash,cmp)) == NULL)
+		{
+		db->error=DB_ERROR_MALLOC;
+		return(0);
+		}
+	n=sk_num(db->data);
+	for (i=0; i<n; i++)
+		{
+		r=(char *)sk_value(db->data,i);
+		if ((qual != NULL) && (qual(r) == 0)) continue;
+		if ((r=lh_insert(idx,r)) != NULL)
+			{
+			db->error=DB_ERROR_INDEX_CLASH;
+			db->arg1=sk_find(db->data,r);
+			db->arg2=i;
+			lh_free(idx);
+			return(0);
+			}
+		}
+	if (db->index[field] != NULL) lh_free(db->index[field]);
+	db->index[field]=idx;
+	db->qual[field]=qual;
+	return(1);
+	}
+
+long TXT_DB_write(out,db)
+BIO *out;
+TXT_DB *db;
+	{
+	long i,j,n,nn,l,tot=0;
+	char *p,**pp,*f;
+	BUF_MEM *buf=NULL;
+	long ret= -1;
+
+	if ((buf=BUF_MEM_new()) == NULL)
+		goto err;
+	n=sk_num(db->data);
+	nn=db->num_fields;
+	for (i=0; i<n; i++)
+		{
+		pp=(char **)sk_value(db->data,i);
+
+		l=0;
+		for (j=0; j<nn; j++)
+			{
+			if (pp[j] != NULL)
+				l+=strlen(pp[j]);
+			}
+		if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err;
+
+		p=buf->data;
+		for (j=0; j<nn; j++)
+			{
+			f=pp[j];
+			if (f != NULL)
+				for (;;) 
+					{
+					if (*f == '\0') break;
+					if (*f == '\t') *(p++)='\\';
+					*(p++)= *(f++);
+					}
+			*(p++)='\t';
+			}
+		p[-1]='\n';
+		j=p-buf->data;
+		if (BIO_write(out,buf->data,(int)j) != j)
+			goto err;
+		tot+=j;
+		}
+	ret=tot;
+err:
+	if (buf != NULL) BUF_MEM_free(buf);
+	return(ret);
+	}
+
+int TXT_DB_insert(db,row)
+TXT_DB *db;
+char **row;
+	{
+	int i;
+	char **r;
+
+	for (i=0; i<db->num_fields; i++)
+		{
+		if (db->index[i] != NULL)
+			{
+			if ((db->qual[i] != NULL) &&
+				(db->qual[i](row) == 0)) continue;
+			r=(char **)lh_retrieve(db->index[i],(char *)row);
+			if (r != NULL)
+				{
+				db->error=DB_ERROR_INDEX_CLASH;
+				db->arg1=i;
+				db->arg_row=r;
+				goto err;
+				}
+			}
+		}
+	/* We have passed the index checks, now just append and insert */
+	if (!sk_push(db->data,(char *)row))
+		{
+		db->error=DB_ERROR_MALLOC;
+		goto err;
+		}
+
+	for (i=0; i<db->num_fields; i++)
+		{
+		if (db->index[i] != NULL)
+			{
+			if ((db->qual[i] != NULL) &&
+				(db->qual[i](row) == 0)) continue;
+			lh_insert(db->index[i],(char *)row);
+			}
+		}
+	return(1);
+err:
+	return(0);
+	}
+
+void TXT_DB_free(db)
+TXT_DB *db;
+	{
+	int i,n;
+	char **p,*max;
+
+	if (db->index != NULL)
+		{
+		for (i=db->num_fields-1; i>=0; i--)
+			if (db->index[i] != NULL) lh_free(db->index[i]);
+		Free(db->index);
+		}
+	if (db->qual != NULL)
+		Free(db->qual);
+	if (db->data != NULL)
+		{
+		for (i=sk_num(db->data)-1; i>=0; i--)
+			{
+			/* check if any 'fields' have been allocated
+			 * from outside of the initial block */
+			p=(char **)sk_value(db->data,i);
+			max=p[db->num_fields]; /* last address */
+			if (max == NULL) /* new row */
+				{
+				for (n=0; n<db->num_fields; n++)
+					if (p[n] != NULL) Free(p[n]);
+				}
+			else
+				{
+				for (n=0; n<db->num_fields; n++)
+					{
+					if (((p[n] < (char *)p) || (p[n] > max))
+						&& (p[n] != NULL))
+						Free(p[n]);
+					}
+				}
+			Free(sk_value(db->data,i));
+			}
+		sk_free(db->data);
+		}
+	Free(db);
+	}
diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h
new file mode 100644
index 0000000000..4775d5ecce
--- /dev/null
+++ b/crypto/txt_db/txt_db.h
@@ -0,0 +1,117 @@
+/* crypto/txt_db/txt_db.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TXT_DB_H
+#define HEADER_TXT_DB_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "lhash.h"
+
+#define DB_ERROR_OK			0
+#define DB_ERROR_MALLOC			1
+#define DB_ERROR_INDEX_CLASH    	2
+#define DB_ERROR_INDEX_OUT_OF_RANGE	3
+#define DB_ERROR_NO_INDEX		4
+#define DB_ERROR_INSERT_INDEX_CLASH    	5
+
+typedef struct txt_db_st
+	{
+	int num_fields;
+	STACK /* char ** */ *data;
+	LHASH **index;
+	int (**qual)();
+	long error;
+	long arg1;
+	long arg2;
+	char **arg_row;
+	} TXT_DB;
+
+#ifndef NOPROTO
+#ifdef HEADER_BIO_H
+TXT_DB *TXT_DB_read(BIO *in, int num);
+long TXT_DB_write(BIO *out, TXT_DB *db);
+#else
+TXT_DB *TXT_DB_read(char *in, int num);
+long TXT_DB_write(char *out, TXT_DB *db);
+#endif
+int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
+	 unsigned long (*hash)(),int (*cmp)());
+void TXT_DB_free(TXT_DB *db);
+char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
+int TXT_DB_insert(TXT_DB *db,char **value);
+
+#else
+
+TXT_DB *TXT_DB_read();
+long TXT_DB_write();
+int TXT_DB_create_index();
+void TXT_DB_free();
+char **TXT_DB_get_by_index();
+int TXT_DB_insert();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
new file mode 100644
index 0000000000..e54a74d1e8
--- /dev/null
+++ b/crypto/x509/Makefile.ssl
@@ -0,0 +1,96 @@
+#
+# SSLeay/crypto/x509/Makefile
+#
+
+DIR=	x509
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=x509
+ERRC=x509_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+	x509_obj.c x509_req.c x509_vfy.c \
+	x509_set.c x509rset.c $(ERRC).c \
+	x509name.c x509_v3.c x509_ext.c x509pack.c \
+	x509type.c x509_lu.c x_all.c x509_txt.c \
+	by_file.c by_dir.c \
+	v3_net.c v3_x509.c
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+	x509_obj.o x509_req.o x509_vfy.o \
+	x509_set.o x509rset.o $(ERRC).o \
+	x509name.o x509_v3.o x509_ext.o x509pack.o \
+	x509type.o x509_lu.o x_all.o x509_txt.o \
+	by_file.o by_dir.o \
+	v3_net.o v3_x509.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	sh $(TOP)/util/ranlib.sh $(LIB)
+	@touch lib
+
+files:
+	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	/bin/rm -f Makefile
+	$(TOP)/util/point.sh Makefile.ssl Makefile ;
+	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
+	$(TOP)/util/mklink.sh ../../test $(TEST)
+	$(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALLTOP)/include/$$i; \
+	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+	perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/x509/attrib b/crypto/x509/attrib
new file mode 100644
index 0000000000..37f6cd755f
--- /dev/null
+++ b/crypto/x509/attrib
@@ -0,0 +1,38 @@
+
+PKCS7
+	STACK of X509_ATTRIBUTES
+		ASN1_OBJECT
+		STACK of ASN1_TYPE
+
+So it is
+
+p7.xa[].obj
+p7.xa[].data[]
+
+get_obj_by_nid(STACK , nid)
+get_num_by_nid(STACK , nid)
+get_data_by_nid(STACK , nid, index)
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void		X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
+			int nid, STACK *value);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
+			int nid, STACK *value);
+
+int		X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
+int		X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
+			ASN1_TYPE *value);
+
+ASN1_OBJECT *	X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
+int 		X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
+ASN1_TYPE *	X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
+
+ASN1_TYPE *	X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
+			ASN1_OBJECT *obj);
+
+X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
+X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
+
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
new file mode 100644
index 0000000000..6676a2e404
--- /dev/null
+++ b/crypto/x509/by_dir.c
@@ -0,0 +1,320 @@
+/* crypto/x509/by_dir.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+#include "pem.h"
+
+typedef struct lookup_dir_st
+	{
+	BUF_MEM *buffer;
+	int num_dirs;
+	char **dirs;
+	int *dirs_type;
+	int num_dirs_alloced;
+	} BY_DIR;
+
+#ifndef NOPROTO
+static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret);
+static int new_dir(X509_LOOKUP *lu);
+static void free_dir(X509_LOOKUP *lu);
+static int add_cert_dir(BY_DIR *ctx,char *dir,int type);
+static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
+	X509_OBJECT *ret);
+#else
+static int dir_ctrl();
+static int new_dir();
+static void free_dir();
+static int add_cert_dir();
+static int get_cert_by_subject();
+#endif
+
+X509_LOOKUP_METHOD x509_dir_lookup=
+	{
+	"Load certs from files in a directory",
+	new_dir,		/* new */
+	free_dir,		/* free */
+	NULL, 			/* init */
+	NULL,			/* shutdown */
+	dir_ctrl,		/* ctrl */
+	get_cert_by_subject,	/* get_by_subject */
+	NULL,			/* get_by_issuer_serial */
+	NULL,			/* get_by_fingerprint */
+	NULL,			/* get_by_alias */
+	};
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir()
+	{
+	return(&x509_dir_lookup);
+	}
+
+static int dir_ctrl(ctx,cmd,argp,argl,retp)
+X509_LOOKUP *ctx;
+int cmd;
+long argl;
+char *argp;
+char **retp;
+	{
+	int ret=0;
+	BY_DIR *ld;
+	char *dir;
+
+	ld=(BY_DIR *)ctx->method_data;
+
+	switch (cmd)
+		{
+	case X509_L_ADD_DIR:
+		if (argl == X509_FILETYPE_DEFAULT)
+			{
+			ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+				X509_FILETYPE_PEM);
+			if (!ret)
+				{
+				X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
+				}
+			else
+				{
+				dir=(char *)Getenv(X509_get_default_cert_dir_env());
+				ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+				}
+			}
+		else
+			ret=add_cert_dir(ld,argp,(int)argl);
+		break;
+		}
+	return(ret);
+	}
+
+static int new_dir(lu)
+X509_LOOKUP *lu;
+	{
+	BY_DIR *a;
+
+	if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
+		return(0);
+	if ((a->buffer=BUF_MEM_new()) == NULL)
+		{
+		Free(a);
+		return(0);
+		}
+	a->num_dirs=0;
+	a->dirs=NULL;
+	a->dirs_type=NULL;
+	a->num_dirs_alloced=0;
+	lu->method_data=(char *)a;
+	return(1);
+	}
+
+static void free_dir(lu)
+X509_LOOKUP *lu;
+	{
+	BY_DIR *a;
+	int i;
+
+	a=(BY_DIR *)lu->method_data;
+	for (i=0; i<a->num_dirs; i++)
+		if (a->dirs[i] != NULL) Free(a->dirs[i]);
+	if (a->dirs != NULL) Free(a->dirs);
+	if (a->dirs_type != NULL) Free(a->dirs_type);
+	if (a->buffer != NULL) BUF_MEM_free(a->buffer);
+	Free(a);
+	}
+
+static int add_cert_dir(ctx,dir, type)
+BY_DIR *ctx;
+char *dir;
+int type;
+	{
+	int j,len;
+	int *ip;
+	char *s,*ss,*p;
+	char **pp;
+
+	if (dir == NULL) return(0);
+
+	s=dir;
+	p=s;
+	for (;;)
+		{
+		if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
+			{
+			ss=s;
+			s=p+1;
+			len=(int)(p-ss);
+			if (len == 0) continue;
+			for (j=0; j<ctx->num_dirs; j++)
+				if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
+					continue;
+			if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
+				{
+				ctx->num_dirs_alloced+=10;
+				pp=(char **)Malloc(ctx->num_dirs_alloced*
+					sizeof(char *));
+				ip=(int *)Malloc(ctx->num_dirs_alloced*
+					sizeof(int));
+				if ((pp == NULL) || (ip == NULL))
+					{
+					X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
+					return(0);
+					}
+				memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
+					sizeof(char *));
+				memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
+					sizeof(int));
+				if (ctx->dirs != NULL)
+					Free((char *)ctx->dirs);
+				if (ctx->dirs_type != NULL)
+					Free((char *)ctx->dirs_type);
+				ctx->dirs=pp;
+				ctx->dirs_type=ip;
+				}
+			ctx->dirs_type[ctx->num_dirs]=type;
+			ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
+			if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
+			strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
+			ctx->dirs[ctx->num_dirs][len]='\0';
+			ctx->num_dirs++;
+			}
+		if (*p == '\0') break;
+		p++;
+		}
+	return(1);
+	}
+
+static int get_cert_by_subject(xl,type,name,ret)
+X509_LOOKUP *xl;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+	{
+	BY_DIR *ctx;
+	X509 st_x509;
+	X509_CINF st_x509_cinf;
+	int ok=0;
+	int i,j,k;
+	unsigned long h;
+	BUF_MEM *b=NULL;
+	struct stat st;
+	X509_OBJECT stmp,*tmp;
+
+	if (name == NULL) return(0);
+
+	st_x509.cert_info= &st_x509_cinf;
+	st_x509_cinf.subject=name;
+	stmp.data.x509= &st_x509;
+	stmp.type=type;
+
+	if ((b=BUF_MEM_new()) == NULL)
+		{
+		X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
+		goto finish;
+		}
+	
+	ctx=(BY_DIR *)xl->method_data;
+
+	h=X509_NAME_hash(name);
+	for (i=0; i<ctx->num_dirs; i++)
+		{
+		j=strlen(ctx->dirs[i])+1+8+6+1;
+		if (!BUF_MEM_grow(b,j))
+			{
+			X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+			goto finish;
+			}
+		k=0;
+		for (;;)
+			{
+			sprintf(b->data,"%s/%08lx.%d",ctx->dirs[i],h,k);
+			k++;
+			if (stat(b->data,&st) < 0)
+				break;
+			/* found one. */
+			if ((X509_load_cert_file(xl,b->data,
+				ctx->dirs_type[i])) == 0)
+					break;
+			}
+
+		/* we have added it to the cache so now pull
+		 * it out again */
+		CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+		tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,
+			(char *)&stmp);
+		CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+
+		if (tmp != NULL)
+			{
+			ok=1;
+			ret->type=tmp->type;
+			ret->data.x509=tmp->data.x509;
+	/*		CRYPTO_add(&tmp->data.x509->references,1,
+				CRYPTO_LOCK_X509);*/
+			goto finish;
+			}
+		}
+finish:
+	if (b != NULL) BUF_MEM_free(b);
+	return(ok);
+	}
+
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
new file mode 100644
index 0000000000..2dac28f542
--- /dev/null
+++ b/crypto/x509/by_file.c
@@ -0,0 +1,205 @@
+/* crypto/x509/by_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef NOPROTO
+static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,
+	long argl,char **ret);
+#else
+static int by_file_ctrl();
+#endif
+
+X509_LOOKUP_METHOD x509_file_lookup=
+	{
+	"Load file into cache",
+	NULL,		/* new */
+	NULL,		/* free */
+	NULL, 		/* init */
+	NULL,		/* shutdown */
+	by_file_ctrl,	/* ctrl */
+	NULL,		/* get_by_subject */
+	NULL,		/* get_by_issuer_serial */
+	NULL,		/* get_by_fingerprint */
+	NULL,		/* get_by_alias */
+	};
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file()
+	{
+	return(&x509_file_lookup);
+	}
+
+static int by_file_ctrl(ctx,cmd,argp,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argp;
+long argl;
+char **ret;
+	{
+	int ok=0;
+	char *file;
+
+	switch (cmd)
+		{
+	case X509_L_FILE_LOAD:
+		if (argl == X509_FILETYPE_DEFAULT)
+			{
+			ok=X509_load_cert_file(ctx,X509_get_default_cert_file(),
+				X509_FILETYPE_PEM);
+			if (!ok)
+				{
+				X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
+				}
+			else
+				{
+				file=(char *)Getenv(X509_get_default_cert_file_env());
+				ok=X509_load_cert_file(ctx,file,
+					X509_FILETYPE_PEM);
+				}
+			}
+		else
+			ok=X509_load_cert_file(ctx,argp,(int)argl);
+		break;
+		}
+	return(ok);
+	}
+
+int X509_load_cert_file(ctx,file,type)
+X509_LOOKUP *ctx;
+char *file;
+int type;
+	{
+	int ret=0;
+	BIO *in=NULL;
+	int i,count=0;
+	X509 *x=NULL;
+
+	if (file == NULL) return(1);
+#ifndef WIN16
+	in=BIO_new(BIO_s_file());
+#else
+	in=BIO_new(BIO_s_file_internal_w16());
+#endif
+
+	if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
+		{
+		X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
+		goto err;
+		}
+
+	if (type == X509_FILETYPE_PEM)
+		{
+		for (;;)
+			{
+			x=PEM_read_bio_X509(in,NULL,NULL);
+			if (x == NULL)
+				{
+				if ((ERR_GET_REASON(ERR_peek_error()) ==
+					PEM_R_NO_START_LINE) && (count > 0))
+					{
+					ERR_clear_error();
+					break;
+					}
+				else
+					{
+					X509err(X509_F_X509_LOAD_CERT_FILE,
+						ERR_R_PEM_LIB);
+					goto err;
+					}
+				}
+			i=X509_STORE_add_cert(ctx->store_ctx,x);
+			if (!i) goto err;
+			count++;
+			X509_free(x);
+			x=NULL;
+			}
+		ret=count;
+		}
+	else if (type == X509_FILETYPE_ASN1)
+		{
+		x=d2i_X509_bio(in,NULL);
+		if (x == NULL)
+			{
+			X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
+			goto err;
+			}
+		i=X509_STORE_add_cert(ctx->store_ctx,x);
+		if (!i) goto err;
+		ret=i;
+		}
+	else
+		{
+		X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
+		goto err;
+		}
+err:
+	if (x != NULL) X509_free(x);
+	if (in != NULL) BIO_free(in);
+	return(ret);
+	}
+
diff --git a/crypto/x509/f b/crypto/x509/f
new file mode 100644
index 0000000000..6ec986db87
--- /dev/null
+++ b/crypto/x509/f
@@ -0,0 +1,465 @@
+*** x509name.c	Wed Jul  2 09:35:35 1997
+--- /home/eay/play/x	Sat Jul  5 01:39:56 1997
+***************
+*** 1,202 ****
+! /* crypto/x509/x509name.c */
+! /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+!  * All rights reserved.
+!  *
+!  * This package is an SSL implementation written
+!  * by Eric Young (eay@cryptsoft.com).
+!  * The implementation was written so as to conform with Netscapes SSL.
+!  * 
+!  * This library is free for commercial and non-commercial use as long as
+!  * the following conditions are aheared to.  The following conditions
+!  * apply to all code found in this distribution, be it the RC4, RSA,
+!  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+!  * included with this distribution is covered by the same copyright terms
+!  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+!  * 
+!  * Copyright remains Eric Young's, and as such any Copyright notices in
+!  * the code are not to be removed.
+!  * If this package is used in a product, Eric Young should be given attribution
+!  * as the author of the parts of the library used.
+!  * This can be in the form of a textual message at program startup or
+!  * in documentation (online or textual) provided with the package.
+!  * 
+!  * Redistribution and use in source and binary forms, with or without
+!  * modification, are permitted provided that the following conditions
+!  * are met:
+!  * 1. Redistributions of source code must retain the copyright
+!  *    notice, this list of conditions and the following disclaimer.
+!  * 2. Redistributions in binary form must reproduce the above copyright
+!  *    notice, this list of conditions and the following disclaimer in the
+!  *    documentation and/or other materials provided with the distribution.
+!  * 3. All advertising materials mentioning features or use of this software
+!  *    must display the following acknowledgement:
+!  *    "This product includes cryptographic software written by
+!  *     Eric Young (eay@cryptsoft.com)"
+!  *    The word 'cryptographic' can be left out if the rouines from the library
+!  *    being used are not cryptographic related :-).
+!  * 4. If you include any Windows specific code (or a derivative thereof) from 
+!  *    the apps directory (application code) you must include an acknowledgement:
+!  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+!  * 
+!  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+!  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+!  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+!  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+!  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+!  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+!  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+!  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+!  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+!  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+!  * SUCH DAMAGE.
+!  * 
+!  * The licence and distribution terms for any publically available version or
+!  * derivative of this code cannot be changed.  i.e. this code cannot simply be
+!  * copied and put under another distribution licence
+!  * [including the GNU Public Licence.]
+!  */
+! 
+! #include <stdio.h>
+! #include "stack.h"
+! #include "cryptlib.h"
+! #include "asn1.h"
+! #include "objects.h"
+! #include "evp.h"
+! #include "x509.h"
+! 
+! int X509_NAME_get_text_by_NID(name,nid,buf,len)
+! X509_NAME *name;
+! int nid;
+! char *buf;
+! int len;
+  	{
+  	ASN1_OBJECT *obj;
+  
+  	obj=OBJ_nid2obj(nid);
+! 	if (obj == NULL) return(-1);
+! 	return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
+  	}
+  
+- int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
+- X509_NAME *name;
+- ASN1_OBJECT *obj;
+- char *buf;
+- int len;
+- 	{
+- 	int i;
+- 	ASN1_STRING *data;
+  
+! 	i=X509_NAME_get_index_by_OBJ(name,obj,0);
+! 	if (i < 0) return(-1);
+! 	data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+! 	i=(data->length > (len-1))?(len-1):data->length;
+! 	if (buf == NULL) return(data->length);
+! 	memcpy(buf,data->data,i);
+! 	buf[i]='\0';
+! 	return(i);
+! 	}
+  
+! int X509_NAME_entry_count(name)
+! X509_NAME *name;
+  	{
+! 	if (name == NULL) return(0);
+! 	return(sk_num(name->entries));
+  	}
+  
+! int X509_NAME_get_index_by_NID(name,nid,oldpos)
+! X509_NAME *name;
+! int nid;
+! int oldpos;
+! 	{
+! 	ASN1_OBJECT *obj;
+  
+! 	obj=OBJ_nid2obj(nid);
+! 	if (obj == NULL) return(-2);
+! 	return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
+  	}
+  
+- int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
+- X509_NAME *name;
+- ASN1_OBJECT *obj;
+- int oldpos;
+- 	{
+- 	int n;
+- 	X509_NAME_ENTRY *ne;
+- 	STACK *sk;
+  
+! 	if (name == NULL) return(-1);
+! 	if (oldpos < 0)
+! 		oldpos= -1;
+! 	sk=name->entries;
+! 	n=sk_num(sk);
+! 	for (oldpos++; oldpos < n; oldpos++)
+  		{
+! 		ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
+! 		if (OBJ_cmp(ne->object,obj) == 0)
+! 			return(oldpos);
+  		}
+! 	return(-1);
+  	}
+  
+- X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
+- X509_NAME *name;
+- int loc;
+- 	{
+- 	if (	(name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+- 		return(NULL);
+- 	else
+- 		return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
+- 	}
+  
+! X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
+! X509_NAME *name;
+! int loc;
+  	{
+! 	X509_NAME_ENTRY *ret;
+! 	int i,j,n,set_prev,set_next;
+! 	STACK *sk;
+! 
+! 	if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+! 		return(NULL);
+! 	sk=name->entries;
+! 	ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
+! 	n=sk_num(sk);
+! 	name->modified=1;
+! 	if (loc == n) return(ret);
+! 
+! 	/* else we need to fixup the set field */
+! 	if (loc != 0)
+! 		set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+! 	else
+! 		set_prev=ret->set-1;
+! 	set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+  
+! 	/* set_prev is the previous set
+! 	 * set is the current set
+! 	 * set_next is the following
+! 	 * prev  1 1	1 1	1 1	1 1
+! 	 * set   1	1	2	2
+! 	 * next  1 1	2 2	2 2	3 2
+! 	 * so basically only if prev and next differ by 2, then
+! 	 * re-number down by 1 */
+! 	if (set_prev+1 < set_next)
+! 		{
+! 		j=set_next-set_prev-1;
+! 		for (i=loc; i<n; i++)
+! 			((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
+! 		}
+! 	return(ret);
+  	}
+  
+  /* if set is -1, append to previous set, 0 'a new one', and 1,
+   * prepend to the guy we are about to stomp on. */
+! int X509_NAME_add_entry(name,ne,loc,set)
+! X509_NAME *name;
+! X509_NAME_ENTRY *ne;
+! int loc;
+! int set;
+  	{
+! 	X509_NAME_ENTRY *new_name=NULL;
+  	int n,i,inc;
+  	STACK *sk;
+  
+--- 1,77 ----
+! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+! 			int type,unsigned char *bytes, int len)
+  	{
+  	ASN1_OBJECT *obj;
+  
+  	obj=OBJ_nid2obj(nid);
+! 	if (obj == NULL)
+! 		{
+! 		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+! 		return(NULL);
+! 		}
+! 	return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+  	}
+  
+  
+! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+! 			ASN1_OBJECT *obj, int type,unsigned char *bytes,
+! 			int len)
+! 	{
+! 	X509_NAME_ENTRY *ret;
+  
+! 	if ((ne == NULL) || (*ne == NULL))
+  		{
+! 		if ((ret=X509_NAME_ENTRY_new()) == NULL)
+! 			return(NULL);
+  		}
++ 	else
++ 		ret= *ne;
+  
+! 	if (!X509_NAME_ENTRY_set_object(ret,obj))
+! 		goto err;
+! 	if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+! 		goto err;
+  
+! 	if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+! 	return(ret);
+! err:
+! 	if ((ne == NULL) || (ret != *ne))
+! 		X509_NAME_ENTRY_free(ret);
+! 	return(NULL);
+  	}
+  
+  
+! int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
+! 	{
+! 	if ((ne == NULL) || (obj == NULL))
+  		{
+! 		X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+! 		return(0);
+  		}
+! 	ASN1_OBJECT_free(ne->object);
+! 	ne->object=OBJ_dup(obj);
+! 	return((ne->object == NULL)?0:1);
+  	}
+  
+  
+! int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne,int type,unsigned char *bytes,int len)
+  	{
+! 	int i;
+  
+! 	if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+! 	if (len < 0) len=strlen((char *)bytes);
+! 	i=ASN1_STRING_set(ne->value,bytes,len);
+! 	if (!i) return(0);
+!     ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+! 	return(1);
+  	}
+  
+  /* if set is -1, append to previous set, 0 'a new one', and 1,
+   * prepend to the guy we are about to stomp on. */
+! int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,int loc,int set)
+  	{
+! 	/* ERIC: renamed new to nenew for C++ users --tjh */
+! 	X509_NAME_ENTRY *nenew;
+  	int n,i,inc;
+      STACK *sk;
+  
+***************
+*** 206,213 ****
+  	if (loc > n) loc=n;
+  	else if (loc < 0) loc=n;
+  
+- 	name->modified=1;
+- 
+  	if (set == -1)
+  		{
+  		if (loc == 0)
+--- 81,86 ----
+***************
+*** 223,245 ****
+  		}
+  	else /* if (set >= 0) */
+  		{
+- 		inc=(set == 0)?1:0;
+  		if (loc >= n)
+  			{
+  			if (loc != 0)
+  				set=((X509_NAME_ENTRY *)
+! 					sk_value(sk,n-1))->set+1;
+  			else
+  				set=0;
+  			}
+  		else
+  			set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+  		}
+  
+! 	if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
+  		goto err;
+! 	new_name->set=set;
+! 	if (!sk_insert(sk,(char *)new_name,loc))
+  		{
+  		X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+  		goto err;
+--- 96,122 ----
+  		}
+  	else /* if (set >= 0) */
+  		{
+  		if (loc >= n)
+  			{
+  			if (loc != 0)
+  				set=((X509_NAME_ENTRY *)
+! 					sk_value(sk,loc-1))->set+1;
+  			else
+  				set=0;
+  			}
+  		else
+  			set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
++ 		inc=(set == 0)?1:0;
+  		}
+  
+! 	if ((nenew=X509_NAME_ENTRY_dup(ne)) == NULL)
+  		goto err;
+!         /* eric forgot to put this in when he cut the nice
+! 	 * interface so that I don't have to do the icky things
+! 	 * that req.c does --tjh :-)
+! 	 */
+! 	nenew->set=set;
+! 	if (!sk_insert(sk,(char *)nenew,loc))
+  		{
+  		X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+  		goto err;
+***************
+*** 252,357 ****
+  		}	
+  	return(1);
+  err:
+! 	if (new_name != NULL)
+  		X509_NAME_ENTRY_free(ne);
+  	return(0);
+- 	}
+- 
+- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
+- X509_NAME_ENTRY **ne;
+- int nid;
+- int type;
+- unsigned char *bytes;
+- int len;
+- 	{
+- 	ASN1_OBJECT *obj;
+- 
+- 	obj=OBJ_nid2obj(nid);
+- 	if (obj == NULL)
+- 		{
+- 		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+- 		return(NULL);
+- 		}
+- 	return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+- 	}
+- 
+- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
+- X509_NAME_ENTRY **ne;
+- ASN1_OBJECT *obj;
+- int type;
+- unsigned char *bytes;
+- int len;
+- 	{
+- 	X509_NAME_ENTRY *ret;
+- 
+- 	if ((ne == NULL) || (*ne == NULL))
+- 		{
+- 		if ((ret=X509_NAME_ENTRY_new()) == NULL)
+- 			return(NULL);
+- 		}
+- 	else
+- 		ret= *ne;
+- 
+- 	if (!X509_NAME_ENTRY_set_object(ret,obj))
+- 		goto err;
+- 	if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+- 		goto err;
+- 	
+- 	if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+- 	return(ret);
+- err:
+- 	if ((ne == NULL) || (ret != *ne))
+- 		X509_NAME_ENTRY_free(ret);
+- 	return(NULL);
+- 	}
+- 
+- int X509_NAME_ENTRY_set_object(ne,obj)
+- X509_NAME_ENTRY *ne;
+- ASN1_OBJECT *obj;
+- 	{
+- 	if ((ne == NULL) || (obj == NULL))
+- 		{
+- 		X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+- 		return(0);
+- 		}
+- 	ASN1_OBJECT_free(ne->object);
+- 	ne->object=OBJ_dup(obj);
+- 	return((ne->object == NULL)?0:1);
+- 	}
+- 
+- int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
+- X509_NAME_ENTRY *ne;
+- int type;
+- unsigned char *bytes;
+- int len;
+- 	{
+- 	int i;
+- 
+- 	if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+- 	if (len < 0) len=strlen((char *)bytes);
+- 	i=ASN1_STRING_set(ne->value,bytes,len);
+- 	if (!i) return(0);
+- 	if (type != V_ASN1_UNDEF)
+- 		{
+- 		if (type == V_ASN1_APP_CHOOSE)
+- 			ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+- 		else
+- 			ne->value->type=type;
+- 		}
+- 	return(1);
+- 	}
+- 
+- ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
+- X509_NAME_ENTRY *ne;
+- 	{
+- 	if (ne == NULL) return(NULL);
+- 	return(ne->object);
+- 	}
+- 
+- ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
+- X509_NAME_ENTRY *ne;
+- 	{
+- 	if (ne == NULL) return(NULL);
+- 	return(ne->value);
+  	}
+  
+--- 129,136 ----
+  		}
+  	return(1);
+  err:
+! 	if (nenew != NULL)
+  		X509_NAME_ENTRY_free(ne);
+  	return(0);
+  	}
+  
diff --git a/crypto/x509/v3_net.c b/crypto/x509/v3_net.c
new file mode 100644
index 0000000000..5e79a57f03
--- /dev/null
+++ b/crypto/x509/v3_net.c
@@ -0,0 +1,87 @@
+/* crypto/x509/v3_net.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+#define NETSCAPE_X509_EXT_NUM	8
+
+static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={
+{NID_netscape_ca_policy_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_ssl_server_name,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
+{NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_renewal_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_comment,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+	};
+
+int X509v3_add_netscape_extensions()
+	{
+	int i;
+
+	for (i=0; i<NETSCAPE_X509_EXT_NUM; i++)
+		if (!X509v3_add_extension(&(netscape_x509_ext[i])))
+			return(0);
+	return(1);
+	}
diff --git a/crypto/x509/v3_x509.c b/crypto/x509/v3_x509.c
new file mode 100644
index 0000000000..57a7b17df1
--- /dev/null
+++ b/crypto/x509/v3_x509.c
@@ -0,0 +1,88 @@
+/* crypto/x509/v3_x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+#define STD_X509_EXT_NUM	9
+
+static X509_EXTENSION_METHOD std_x509_ext[STD_X509_EXT_NUM]={
+{NID_subject_key_identifier,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_key_usage,			V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_private_key_usage_period,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_subject_alt_name,		V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_issuer_alt_name,		V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
+{NID_basic_constraints,		V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_crl_number,		V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_certificate_policies,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_authority_key_identifier,  V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+	};
+
+int X509v3_add_standard_extensions()
+	{
+	int i;
+
+	for (i=0; i<STD_X509_EXT_NUM; i++)
+		if (!X509v3_add_extension(&(std_x509_ext[i])))
+			return(0);
+	return(1);
+	}
diff --git a/crypto/x509/x509.doc b/crypto/x509/x509.doc
new file mode 100644
index 0000000000..73cfc9f034
--- /dev/null
+++ b/crypto/x509/x509.doc
@@ -0,0 +1,27 @@
+X509_verify()
+X509_sign()
+
+X509_get_version()
+X509_get_serialNumber()
+X509_get_issuer()
+X509_get_subject()
+X509_get_notBefore()
+X509_get_notAfter()
+X509_get_pubkey()
+
+X509_set_version()
+X509_set_serialNumber()
+X509_set_issuer()
+X509_set_subject()
+X509_set_notBefore()
+X509_set_notAfter()
+X509_set_pubkey()
+
+X509_get_extensions()
+X509_set_extensions()
+
+X509_EXTENSIONS_clear()
+X509_EXTENSIONS_retrieve()
+X509_EXTENSIONS_add()
+X509_EXTENSIONS_delete()
+
diff --git a/crypto/x509/x509.err b/crypto/x509/x509.err
new file mode 100644
index 0000000000..7f8b33ed89
--- /dev/null
+++ b/crypto/x509/x509.err
@@ -0,0 +1,43 @@
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+#define X509_F_ADD_CERT_DIR				 100
+#define X509_F_BY_FILE_CTRL				 101
+#define X509_F_DIR_CTRL					 102
+#define X509_F_GET_CERT_BY_SUBJECT			 103
+#define X509_F_X509V3_ADD_EXT				 104
+#define X509_F_X509V3_ADD_EXTENSION			 105
+#define X509_F_X509V3_PACK_STRING			 106
+#define X509_F_X509V3_UNPACK_STRING			 107
+#define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
+#define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
+#define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
+#define X509_F_X509_LOAD_CERT_FILE			 111
+#define X509_F_X509_NAME_ADD_ENTRY			 112
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 113
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 114
+#define X509_F_X509_NAME_ONELINE			 115
+#define X509_F_X509_NAME_PRINT				 116
+#define X509_F_X509_PRINT_FP				 117
+#define X509_F_X509_PUBKEY_GET				 118
+#define X509_F_X509_PUBKEY_SET				 119
+#define X509_F_X509_REQ_PRINT				 120
+#define X509_F_X509_REQ_PRINT_FP			 121
+#define X509_F_X509_REQ_TO_X509				 122
+#define X509_F_X509_STORE_ADD_CERT			 123
+#define X509_F_X509_TO_X509_REQ				 124
+#define X509_F_X509_VERIFY_CERT				 125
+
+/* Reason codes. */
+#define X509_R_BAD_X509_FILETYPE			 100
+#define X509_R_CERT_ALREADY_IN_HASH_TABLE		 101
+#define X509_R_ERR_ASN1_LIB				 102
+#define X509_R_LOADING_CERT_DIR				 103
+#define X509_R_LOADING_DEFAULTS				 104
+#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY		 105
+#define X509_R_SHOULD_RETRY				 106
+#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN	 107
+#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
+#define X509_R_UNKNOWN_NID				 109
+#define X509_R_UNKNOWN_STRING_TYPE			 110
+#define X509_R_UNSUPPORTED_ALGORITHM			 111
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
new file mode 100644
index 0000000000..a1f7556818
--- /dev/null
+++ b/crypto/x509/x509.h
@@ -0,0 +1,1113 @@
+/* crypto/x509/x509.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_H
+#define HEADER_X509_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "asn1.h"
+
+#ifndef NO_RSA
+#include "rsa.h"
+#else
+#define RSA	long
+#endif
+
+#ifndef NO_DSA
+#include "dsa.h"
+#else
+#define DSA	long
+#endif
+
+#ifndef NO_DH
+#include "dh.h"
+#else
+#define DH	long
+#endif
+
+#include "evp.h"
+
+#define X509_FILETYPE_PEM	1
+#define X509_FILETYPE_ASN1	2
+#define X509_FILETYPE_DEFAULT	3
+
+typedef struct X509_algor_st
+	{
+	ASN1_OBJECT *algorithm;
+	ASN1_TYPE *parameter;
+	} X509_ALGOR;
+
+typedef struct X509_val_st
+	{
+	ASN1_UTCTIME *notBefore;
+	ASN1_UTCTIME *notAfter;
+	} X509_VAL;
+
+typedef struct X509_pubkey_st
+	{
+	X509_ALGOR *algor;
+	ASN1_BIT_STRING *public_key;
+	struct evp_pkey_st /* EVP_PKEY*/ *pkey;
+	} X509_PUBKEY;
+
+typedef struct X509_sig_st
+	{
+	X509_ALGOR *algor;
+	ASN1_OCTET_STRING *digest;
+	} X509_SIG;
+
+typedef struct X509_name_entry_st
+	{
+	ASN1_OBJECT *object;
+	ASN1_STRING *value;
+	int set;
+	int size; 	/* temp variable */
+	} X509_NAME_ENTRY;
+
+/* we always keep X509_NAMEs in 2 forms. */
+typedef struct X509_name_st
+	{
+	STACK *entries; /* of X509_NAME_ENTRY */
+	int modified;	/* true if 'bytes' needs to be built */
+#ifdef HEADER_BUFFER_H
+	BUF_MEM *bytes;
+#else
+	char *bytes;
+#endif
+	} X509_NAME;
+
+typedef struct X509_extension_st
+	{
+	ASN1_OBJECT *object;
+	short critical;
+	short netscape_hack;
+	ASN1_OCTET_STRING *value;
+	} X509_EXTENSION;
+
+#define X509_EXT_PACK_UNKNOWN	0
+#define X509_EXT_PACK_STRING	1 /* X509v3_pack_string() */
+
+typedef struct x509_extension_method_st
+	{
+	int nid;
+	int data_type;
+	int pack_type;
+	} X509_EXTENSION_METHOD;
+
+typedef struct X509_req_info_st
+	{
+	ASN1_INTEGER *version;
+	X509_NAME *subject;
+	X509_PUBKEY *pubkey;
+	/*  d=2 hl=2 l=  0 cons: cont: 00 */
+	STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+	int req_kludge;
+	} X509_REQ_INFO;
+
+typedef struct X509_req_st
+	{
+	X509_REQ_INFO *req_info;
+	X509_ALGOR *sig_alg;
+	ASN1_BIT_STRING *signature;
+	int references;
+	} X509_REQ;
+
+typedef struct x509_cinf_st
+	{
+	ASN1_INTEGER *version;		/* [ 0 ] default of v1 */
+	ASN1_INTEGER *serialNumber;
+	X509_ALGOR *signature;
+	X509_NAME *issuer;
+	X509_VAL *validity;
+	X509_NAME *subject;
+	X509_PUBKEY *key;
+	ASN1_BIT_STRING *issuerUID;		/* [ 1 ] optional in v2 */
+	ASN1_BIT_STRING *subjectUID;		/* [ 2 ] optional in v2 */
+	STACK /* X509_EXTENSION */ *extensions;	/* [ 3 ] optional in v3 */
+	} X509_CINF;
+
+typedef struct x509_st
+	{
+	X509_CINF *cert_info;
+	X509_ALGOR *sig_alg;
+	ASN1_BIT_STRING *signature;
+	int valid;
+	int references;
+	char *name;
+	} X509;
+
+typedef struct X509_revoked_st
+	{
+	ASN1_INTEGER *serialNumber;
+	ASN1_UTCTIME *revocationDate;
+	STACK /* optional X509_EXTENSION */ *extensions;
+	int sequence; /* load sequence */
+	} X509_REVOKED;
+
+typedef struct X509_crl_info_st
+	{
+	ASN1_INTEGER *version;
+	X509_ALGOR *sig_alg;
+	X509_NAME *issuer;
+	ASN1_UTCTIME *lastUpdate;
+	ASN1_UTCTIME *nextUpdate;
+	STACK /* X509_REVOKED */ *revoked;
+	STACK /* [0] X509_EXTENSION */ *extensions;
+	} X509_CRL_INFO;
+
+typedef struct X509_crl_st
+	{
+	/* actual signature */
+	X509_CRL_INFO *crl;
+	X509_ALGOR *sig_alg;
+	ASN1_BIT_STRING *signature;
+	int references;
+	} X509_CRL;
+
+/* a sequence of these are used */
+typedef struct x509_attributes_st
+	{
+	ASN1_OBJECT *object;
+	int set; /* 1 for a set, 0 for a single item (which is wrong) */
+	union	{
+		char		*ptr;
+/* 1 */		STACK /* ASN1_TYPE */ *set;
+/* 0 */		ASN1_TYPE	*single;
+		} value;
+	} X509_ATTRIBUTE;
+
+typedef struct private_key_st
+	{
+	int version;
+	/* The PKCS#8 data types */
+	X509_ALGOR *enc_algor;
+	ASN1_OCTET_STRING *enc_pkey;	/* encrypted pub key */
+
+	/* When decrypted, the following will not be NULL */
+	EVP_PKEY *dec_pkey;
+
+	/* used to encrypt and decrypt */
+	int key_length;
+	char *key_data;
+	int key_free;	/* true if we should auto free key_data */
+
+	/* expanded version of 'enc_algor' */
+	EVP_CIPHER_INFO cipher;
+
+	int references;
+	} X509_PKEY;
+
+#ifdef HEADER_ENVELOPE_H
+typedef struct X509_info_st
+	{
+	X509 *x509;
+	X509_CRL *crl;
+	X509_PKEY *x_pkey;
+
+	EVP_CIPHER_INFO enc_cipher;
+	int enc_len;
+	char *enc_data;
+
+	int references;
+	} X509_INFO;
+#endif
+
+/* The next 2 structures and their 8 routines were sent to me by
+ * Pat Richard <patr@x509.com> and are used to manipulate
+ * Netscapes spki strucutres - usefull if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st
+	{
+	X509_PUBKEY *pubkey;
+	ASN1_IA5STRING *challenge;	/* challenge sent in atlas >= PR2 */
+	} NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st
+	{
+	NETSCAPE_SPKAC *spkac;	/* signed public key and challenge */
+	X509_ALGOR *sig_algor;
+	ASN1_BIT_STRING *signature;
+	} NETSCAPE_SPKI;
+
+#ifndef HEADER_BN_H
+#define BIGNUM 		char
+#endif
+
+typedef struct CBCParameter_st
+	{
+	unsigned char iv[8];
+	} CBC_PARAM;
+
+#include "x509_vfy.h"
+#include "pkcs7.h"
+
+#ifdef SSLEAY_MACROS
+#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
+	a->signature,(char *)a->cert_info,r)
+#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
+	a->sig_alg,a->signature,(char *)a->req_info,r)
+#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
+	a->sig_alg, a->signature,(char *)a->crl,r)
+#define NETSCAPE_SPKI_verify(a,r) ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, \
+		a->sig_algor,a->signature, (char *)a->spkac,r)
+
+#define X509_sign(x,pkey,md) \
+	ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
+		x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
+#define X509_REQ_sign(x,pkey,md) \
+	ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
+		x->signature, (char *)x->req_info,pkey,md)
+#define X509_CRL_sign(x,pkey,md) \
+	ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
+		x->signature, (char *)x->crl,pkey,md)
+#define NETSCAPE_SPKI_sign(x,pkey,md) \
+	ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
+		x->signature, (char *)x->spkac,pkey,md)
+
+#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
+		(char *(*)())d2i_X509,(char *)x509)
+#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
+		(int (*)())i2d_X509_EXTENSION, \
+		(char *(*)())d2i_X509_EXTENSION,(char *)ex)
+#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
+		(char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
+#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
+#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
+		(char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
+#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
+
+#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
+		(char *(*)())d2i_X509_CRL,(char *)crl)
+#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
+		X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
+		(unsigned char **)(crl))
+#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
+		(unsigned char *)crl)
+#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
+		X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
+		(unsigned char **)(crl))
+#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
+		(unsigned char *)crl)
+
+#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
+		(char *(*)())d2i_PKCS7,(char *)p7)
+#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
+		PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
+		(unsigned char **)(p7))
+#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
+		(unsigned char *)p7)
+#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
+		PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
+		(unsigned char **)(p7))
+#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
+		(unsigned char *)p7)
+
+#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
+		(char *(*)())d2i_X509_REQ,(char *)req)
+#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
+		X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
+		(unsigned char **)(req))
+#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
+		(unsigned char *)req)
+#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
+		X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
+		(unsigned char **)(req))
+#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
+		(unsigned char *)req)
+
+#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
+		(char *(*)())d2i_RSAPublicKey,(char *)rsa)
+#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
+		(char *(*)())d2i_RSAPrivateKey,(char *)rsa)
+
+#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
+		RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
+		(unsigned char **)(rsa))
+#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
+		(unsigned char *)rsa)
+#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
+		RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
+		(unsigned char **)(rsa))
+#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
+		(unsigned char *)rsa)
+
+#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
+		RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
+		(unsigned char **)(rsa))
+#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
+		(unsigned char *)rsa)
+#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
+		RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
+		(unsigned char **)(rsa))
+#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
+		(unsigned char *)rsa)
+
+#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
+		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
+		(unsigned char **)(dsa))
+#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
+		(unsigned char *)dsa)
+#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
+		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
+		(unsigned char **)(dsa))
+#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
+		(unsigned char *)dsa)
+
+#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
+		(char *(*)())d2i_X509_NAME,(char *)xn)
+#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
+		(int (*)())i2d_X509_NAME_ENTRY, \
+		(char *(*)())d2i_X509_NAME_ENTRY,\
+		(char *)ne)
+
+#define X509_digest(data,type,md,len) \
+	ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
+#define X509_NAME_digest(data,type,md,len) \
+	ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
+#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
+	ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
+		(char *)data,md,len)
+#endif
+
+#define		X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
+/* #define	X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
+#define		X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
+#define		X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
+#define		X509_extract_key(x)	X509_get_pubkey(x) /*****/
+#define		X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
+#define		X509_REQ_get_subject_name(x) ((x)->req_info->subject)
+#define		X509_REQ_extract_key(a)	X509_REQ_get_pubkey(a)
+#define		X509_name_cmp(a,b)	X509_NAME_cmp((a),(b))
+#define		X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
+
+/* This one is only used so that a binary form can output, as in
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
+#define 	X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
+
+#ifndef NOPROTO
+
+#ifndef SSLEAY_MACROS
+#ifdef HEADER_ENVELOPE_H
+int X509_verify(X509 *a, EVP_PKEY *r);
+char *X509_verify_cert_error_string(int n);
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, EVP_MD *md);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, EVP_MD *md);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, EVP_MD *md);
+
+int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len);
+int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
+	unsigned char *md,unsigned int *len);
+#endif
+
+#ifndef WIN16
+X509 *d2i_X509_fp(FILE *fp, X509 *x509);
+int i2d_X509_fp(FILE *fp,X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl);
+int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req);
+int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
+RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa);
+int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *d2i_X509_bio(BIO *bp,X509 *x509);
+int i2d_X509_bio(BIO *bp,X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl);
+int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req);
+int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
+RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa);
+int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
+#endif
+
+X509 *X509_dup(X509 *x509);
+X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
+X509_CRL *X509_CRL_dup(X509_CRL *crl);
+X509_REQ *X509_REQ_dup(X509_REQ *req);
+X509_NAME *X509_NAME_dup(X509_NAME *xn);
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
+RSA *RSAPublicKey_dup(RSA *rsa);
+RSA *RSAPrivateKey_dup(RSA *rsa);
+
+#endif /* !SSLEAY_MACROS */
+
+int		X509_cmp_current_time(ASN1_UTCTIME *s);
+ASN1_UTCTIME *	X509_gmtime_adj(ASN1_UTCTIME *s, long adj);
+
+char *		X509_get_default_cert_area(void );
+char *		X509_get_default_cert_dir(void );
+char *		X509_get_default_cert_file(void );
+char *		X509_get_default_cert_dir_env(void );
+char *		X509_get_default_cert_file_env(void );
+char *		X509_get_default_private_dir(void );
+
+X509_REQ *	X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey);
+X509 *		X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
+void ERR_load_X509_strings(void );
+
+X509_ALGOR *	X509_ALGOR_new(void );
+void		X509_ALGOR_free(X509_ALGOR *a);
+int		i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
+X509_ALGOR *	d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
+			long length);
+
+X509_VAL *	X509_VAL_new(void );
+void		X509_VAL_free(X509_VAL *a);
+int		i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
+X509_VAL *	d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
+			long length);
+
+X509_PUBKEY *	X509_PUBKEY_new(void );
+void		X509_PUBKEY_free(X509_PUBKEY *a);
+int		i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
+X509_PUBKEY *	d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
+			long length);
+int		X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY *	X509_PUBKEY_get(X509_PUBKEY *key);
+int		X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain);
+
+
+X509_SIG *	X509_SIG_new(void );
+void		X509_SIG_free(X509_SIG *a);
+int		i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
+X509_SIG *	d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
+
+X509_REQ_INFO *X509_REQ_INFO_new(void);
+void		X509_REQ_INFO_free(X509_REQ_INFO *a);
+int		i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
+X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
+			long length);
+
+X509_REQ *	X509_REQ_new(void);
+void		X509_REQ_free(X509_REQ *a);
+int		i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
+X509_REQ *	d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void		X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+int		i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
+			long length);
+
+X509_EXTENSION *X509_EXTENSION_new(void );
+void		X509_EXTENSION_free(X509_EXTENSION *a);
+int		i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
+X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
+			long length);
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
+void		X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
+int		i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
+			long length);
+
+X509_NAME *	X509_NAME_new(void);
+void		X509_NAME_free(X509_NAME *a);
+int		i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
+X509_NAME *	d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
+int		X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+
+X509_CINF *	X509_CINF_new(void);
+void		X509_CINF_free(X509_CINF *a);
+int		i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
+X509_CINF *	d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
+
+X509 *		X509_new(void);
+void		X509_free(X509 *a);
+int		i2d_X509(X509 *a,unsigned char **pp);
+X509 *		d2i_X509(X509 **a,unsigned char **pp,long length);
+
+X509_REVOKED *	X509_REVOKED_new(void);
+void		X509_REVOKED_free(X509_REVOKED *a);
+int		i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
+X509_REVOKED *	d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
+
+X509_CRL_INFO *X509_CRL_INFO_new(void);
+void		X509_CRL_INFO_free(X509_CRL_INFO *a);
+int		i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
+X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
+			long length);
+
+X509_CRL *	X509_CRL_new(void);
+void		X509_CRL_free(X509_CRL *a);
+int		i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
+X509_CRL *	d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
+
+X509_PKEY *	X509_PKEY_new(void );
+void		X509_PKEY_free(X509_PKEY *a);
+int		i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
+X509_PKEY *	d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
+
+NETSCAPE_SPKI *	NETSCAPE_SPKI_new(void );
+void		NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
+int		i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
+NETSCAPE_SPKI *	d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
+			long length);
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
+void		NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
+int		i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
+		long length);
+
+#ifdef HEADER_ENVELOPE_H
+X509_INFO *	X509_INFO_new(void);
+void		X509_INFO_free(X509_INFO *a);
+char *		X509_NAME_oneline(X509_NAME *a,char *buf,int size);
+
+int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
+	ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
+
+int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data,
+	unsigned char *md,unsigned int *len);
+
+int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
+	ASN1_BIT_STRING *signature,
+	char *data,EVP_PKEY *pkey, EVP_MD *type);
+#endif
+
+int 		X509_set_version(X509 *x,long version);
+int 		X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER *	X509_get_serialNumber(X509 *x);
+int 		X509_set_issuer_name(X509 *x, X509_NAME *name);
+X509_NAME *	X509_get_issuer_name(X509 *a);
+int 		X509_set_subject_name(X509 *x, X509_NAME *name);
+X509_NAME *	X509_get_subject_name(X509 *a);
+int 		X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm);
+int 		X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm);
+int 		X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+EVP_PKEY *	X509_get_pubkey(X509 *x);
+int		X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
+
+int		X509_REQ_set_version(X509_REQ *x,long version);
+int		X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
+int		X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY *	X509_REQ_get_pubkey(X509_REQ *req);
+
+int		X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
+
+int		X509_issuer_and_serial_cmp(X509 *a, X509 *b);
+unsigned long	X509_issuer_and_serial_hash(X509 *a);
+
+int		X509_issuer_name_cmp(X509 *a, X509 *b);
+unsigned long	X509_issuer_name_hash(X509 *a);
+
+int		X509_subject_name_cmp(X509 *a,X509 *b);
+unsigned long	X509_subject_name_hash(X509 *x);
+
+int		X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
+unsigned long	X509_NAME_hash(X509_NAME *x);
+
+int		X509_CRL_cmp(X509_CRL *a,X509_CRL *b);
+#ifndef WIN16
+int		X509_print_fp(FILE *bp,X509 *x);
+int		X509_REQ_print_fp(FILE *bp,X509_REQ *req);
+#endif
+
+#ifdef HEADER_BIO_H
+int		X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+int		X509_print(BIO *bp,X509 *x);
+int		X509_REQ_print(BIO *bp,X509_REQ *req);
+#endif
+
+int 		X509_NAME_entry_count(X509_NAME *name);
+int 		X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
+			char *buf,int len);
+int		X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+			char *buf,int len);
+
+int 		X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int oldpos);
+int 		X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
+			int oldpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int 		X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
+			int loc, int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+			int type,unsigned char *bytes, int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+			ASN1_OBJECT *obj, int type,unsigned char *bytes,
+			int len);
+int 		X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
+			ASN1_OBJECT *obj);
+int 		X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+			unsigned char *bytes, int len);
+ASN1_OBJECT *	X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ASN1_STRING *	X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+
+int		X509v3_get_ext_count(STACK *x);
+int		X509v3_get_ext_by_NID(STACK *x, int nid, int oldpos);
+int		X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int oldpos);
+int		X509v3_get_ext_by_critical(STACK *x, int crit, int oldpos);
+X509_EXTENSION *X509v3_get_ext(STACK *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc);
+STACK *		X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc);
+int		X509v3_data_type_by_OBJ(ASN1_OBJECT *obj);
+int		X509v3_data_type_by_NID(int nid);
+int		X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj);
+int		X509v3_pack_type_by_NID(int nid);
+
+int		X509_get_ext_count(X509 *x);
+int		X509_get_ext_by_NID(X509 *x, int nid, int oldpos);
+int		X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int oldpos);
+int		X509_get_ext_by_critical(X509 *x, int crit, int oldpos);
+X509_EXTENSION *X509_get_ext(X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int		X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+int		X509_CRL_get_ext_count(X509_CRL *x);
+int		X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int oldpos);
+int		X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int oldpos);
+int		X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int oldpos);
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int		X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+int		X509_REVOKED_get_ext_count(X509_REVOKED *x);
+int		X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int oldpos);
+int		X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int oldpos);
+int		X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int oldpos);
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int		X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+			int nid, int crit, ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+			ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
+int		X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
+int		X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int		X509_EXTENSION_set_data(X509_EXTENSION *ex,
+			ASN1_OCTET_STRING *data);
+ASN1_OBJECT *	X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int		X509_EXTENSION_get_critical(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type,
+			unsigned char *bytes, int len);
+ASN1_STRING *	X509v3_unpack_string(ASN1_STRING **ex,int type,
+			ASN1_OCTET_STRING *os);
+
+int		X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK *sk,X509_NAME *name,
+                ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK *sk,X509_NAME *name);
+
+#else
+
+#ifndef SSLEAY_MACROS
+#ifdef HEADER_ENVELOPE_H
+int X509_verify();
+int X509_REQ_verify();
+int X509_CRL_verify();
+int NETSCAPE_SPKI_verify();
+
+int X509_sign();
+int X509_REQ_sign();
+int X509_CRL_sign();
+int NETSCAPE_SPKI_sign();
+
+int X509_digest();
+int X509_NAME_digest();
+#endif
+
+#ifndef WIN16
+X509 *d2i_X509_fp();
+int i2d_X509_fp();
+X509_CRL *d2i_X509_CRL_fp();
+int i2d_X509_CRL_fp();
+X509_REQ *d2i_X509_REQ_fp();
+int i2d_X509_REQ_fp();
+RSA *d2i_RSAPrivateKey_fp();
+int i2d_RSAPrivateKey_fp();
+DSA *d2i_DSAPrivateKey_fp();
+int i2d_DSAPrivateKey_fp();
+RSA *d2i_RSAPublicKey_fp();
+int i2d_RSAPublicKey_fp();
+#endif
+
+X509 *d2i_X509_bio();
+int i2d_X509_bio();
+X509_CRL *d2i_X509_CRL_bio();
+int i2d_X509_CRL_bio();
+X509_REQ *d2i_X509_REQ_bio();
+int i2d_X509_REQ_bio();
+RSA *d2i_RSAPrivateKey_bio();
+int i2d_RSAPrivateKey_bio();
+DSA *d2i_DSAPrivateKey_bio();
+int i2d_DSAPrivateKey_bio();
+RSA *d2i_RSAPublicKey_bio();
+int i2d_RSAPublicKey_bio();
+
+X509 *X509_dup();
+X509_EXTENSION *X509_EXTENSION_dup();
+X509_CRL *X509_CRL_dup();
+X509_REQ *X509_REQ_dup();
+X509_NAME *X509_NAME_dup();
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup();
+RSA *RSAPublicKey_dup();
+RSA *RSAPrivateKey_dup();
+
+#endif /* !SSLEAY_MACROS */
+
+int		X509_cmp_current_time();
+ASN1_UTCTIME *	X509_gmtime_adj();
+
+char *		X509_get_default_cert_area();
+char *		X509_get_default_cert_dir();
+char *		X509_get_default_cert_file();
+char *		X509_get_default_cert_dir_env();
+char *		X509_get_default_cert_file_env();
+char *		X509_get_default_private_dir();
+
+X509_REQ *	X509_to_X509_REQ();
+X509 *		X509_REQ_to_X509();
+void ERR_load_X509_strings();
+
+X509_ALGOR *	X509_ALGOR_new();
+void		X509_ALGOR_free();
+int		i2d_X509_ALGOR();
+X509_ALGOR *	d2i_X509_ALGOR();
+
+X509_VAL *	X509_VAL_new();
+void		X509_VAL_free();
+int		i2d_X509_VAL();
+X509_VAL *	d2i_X509_VAL();
+
+X509_PUBKEY *	X509_PUBKEY_new();
+void		X509_PUBKEY_free();
+int		i2d_X509_PUBKEY();
+X509_PUBKEY *	d2i_X509_PUBKEY();
+int		X509_PUBKEY_set();
+EVP_PKEY *	X509_PUBKEY_get();
+int		X509_get_pubkey_parameters();
+
+X509_SIG *	X509_SIG_new();
+void		X509_SIG_free();
+int		i2d_X509_SIG();
+X509_SIG *	d2i_X509_SIG();
+
+X509_REQ_INFO *X509_REQ_INFO_new();
+void		X509_REQ_INFO_free();
+int		i2d_X509_REQ_INFO();
+X509_REQ_INFO *d2i_X509_REQ_INFO();
+
+X509_REQ *	X509_REQ_new();
+void		X509_REQ_free();
+int		i2d_X509_REQ();
+X509_REQ *	d2i_X509_REQ();
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new();
+void		X509_ATTRIBUTE_free();
+int		i2d_X509_ATTRIBUTE();
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE();
+
+X509_EXTENSION *X509_EXTENSION_new();
+void		X509_EXTENSION_free();
+int		i2d_X509_EXTENSION();
+X509_EXTENSION *d2i_X509_EXTENSION();
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new();
+void		X509_NAME_ENTRY_free();
+int		i2d_X509_NAME_ENTRY();
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY();
+
+X509_NAME *	X509_NAME_new();
+void		X509_NAME_free();
+int		i2d_X509_NAME();
+X509_NAME *	d2i_X509_NAME();
+int		X509_NAME_set();
+
+
+X509_CINF *	X509_CINF_new();
+void		X509_CINF_free();
+int		i2d_X509_CINF();
+X509_CINF *	d2i_X509_CINF();
+
+X509 *		X509_new();
+void		X509_free();
+int		i2d_X509();
+X509 *		d2i_X509();
+
+X509_REVOKED *	X509_REVOKED_new();
+void		X509_REVOKED_free();
+int		i2d_X509_REVOKED();
+X509_REVOKED *	d2i_X509_REVOKED();
+
+X509_CRL_INFO *X509_CRL_INFO_new();
+void		X509_CRL_INFO_free();
+int		i2d_X509_CRL_INFO();
+X509_CRL_INFO *d2i_X509_CRL_INFO();
+
+X509_CRL *	X509_CRL_new();
+void		X509_CRL_free();
+int		i2d_X509_CRL();
+X509_CRL *	d2i_X509_CRL();
+
+X509_PKEY *	X509_PKEY_new();
+void		X509_PKEY_free();
+int		i2d_X509_PKEY();
+X509_PKEY *	d2i_X509_PKEY();
+
+NETSCAPE_SPKI *	NETSCAPE_SPKI_new();
+void		NETSCAPE_SPKI_free();
+int		i2d_NETSCAPE_SPKI();
+NETSCAPE_SPKI *	d2i_NETSCAPE_SPKI();
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new();
+void		NETSCAPE_SPKAC_free();
+int		i2d_NETSCAPE_SPKAC();
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC();
+
+#ifdef HEADER_ENVELOPE_H
+X509_INFO *	X509_INFO_new();
+void		X509_INFO_free();
+#endif
+
+char *		X509_NAME_oneline();
+
+int ASN1_verify();
+int ASN1_digest();
+int ASN1_sign();
+
+int 		X509_set_version();
+int 		X509_set_serialNumber();
+ASN1_INTEGER *	X509_get_serialNumber();
+int 		X509_set_issuer_name();
+X509_NAME *	X509_get_issuer_name();
+int 		X509_set_subject_name();
+X509_NAME *	X509_get_subject_name();
+int 		X509_set_notBefore();
+int 		X509_set_notAfter();
+int 		X509_set_pubkey();
+EVP_PKEY *	X509_get_pubkey();
+int		X509_certificate_type();
+
+int		X509_REQ_set_version();
+int		X509_REQ_set_subject_name();
+int		X509_REQ_set_pubkey();
+EVP_PKEY *	X509_REQ_get_pubkey();
+
+int		X509_check_private_key();
+
+int		X509_issuer_and_serial_cmp();
+unsigned long	X509_issuer_and_serial_hash();
+
+int		X509_issuer_name_cmp();
+unsigned long	X509_issuer_name_hash();
+
+int		X509_subject_name_cmp();
+unsigned long	X509_subject_name_hash();
+
+int		X509_NAME_cmp ();
+unsigned long	X509_NAME_hash();
+
+int		X509_CRL_cmp();
+#ifndef WIN16
+int		X509_print_fp();
+int		X509_REQ_print_fp();
+#endif
+
+int		X509_NAME_print();
+int		X509_print();
+int		X509_REQ_print();
+
+int 		X509_NAME_entry_count();
+int 		X509_NAME_get_text_by_NID();
+int		X509_NAME_get_text_by_OBJ();
+
+int 		X509_NAME_get_index_by_NID();
+int 		X509_NAME_get_index_by_OBJ();
+X509_NAME_ENTRY *X509_NAME_get_entry();
+X509_NAME_ENTRY *X509_NAME_delete_entry();
+int 		X509_NAME_add_entry();
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID();
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ();
+int 		X509_NAME_ENTRY_set_object();
+int 		X509_NAME_ENTRY_set_data();
+ASN1_OBJECT *	X509_NAME_ENTRY_get_object();
+ASN1_STRING *	X509_NAME_ENTRY_get_data();
+
+int		X509v3_get_ext_count();
+int		X509v3_get_ext_by_NID();
+int		X509v3_get_ext_by_OBJ();
+int		X509v3_get_ext_by_critical();
+X509_EXTENSION *X509v3_get_ext();
+X509_EXTENSION *X509v3_delete_ext();
+STACK *		X509v3_add_ext();
+int		X509v3_data_type_by_OBJ();
+int		X509v3_data_type_by_NID();
+int		X509v3_pack_type_by_OBJ();
+int		X509v3_pack_type_by_NID();
+
+
+int		X509_get_ext_count();
+int		X509_get_ext_by_NID();
+int		X509_get_ext_by_OBJ();
+int		X509_get_ext_by_critical();
+X509_EXTENSION *X509_get_ext();
+X509_EXTENSION *X509_delete_ext();
+int		X509_add_ext();
+
+int		X509_CRL_get_ext_count();
+int		X509_CRL_get_ext_by_NID();
+int		X509_CRL_get_ext_by_OBJ();
+int		X509_CRL_get_ext_by_critical();
+X509_EXTENSION *X509_CRL_get_ext();
+X509_EXTENSION *X509_CRL_delete_ext();
+int		X509_CRL_add_ext();
+
+int		X509_REVOKED_get_ext_count();
+int		X509_REVOKED_get_ext_by_NID();
+int		X509_REVOKED_get_ext_by_OBJ();
+int		X509_REVOKED_get_ext_by_critical();
+X509_EXTENSION *X509_REVOKED_get_ext();
+X509_EXTENSION *X509_REVOKED_delete_ext();
+int		X509_REVOKED_add_ext();
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID();
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ();
+int		X509_EXTENSION_set_object();
+int		X509_EXTENSION_set_critical();
+int		X509_EXTENSION_set_data();
+ASN1_OBJECT *	X509_EXTENSION_get_object();
+ASN1_OCTET_STRING *X509_EXTENSION_get_data();
+int		X509_EXTENSION_get_critical();
+ASN1_OCTET_STRING *X509v3_pack_string();
+ASN1_STRING *	X509v3_unpack_string();
+
+int		X509_verify_cert();
+char *          X509_verify_cert_error_string();
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial();
+X509 *X509_find_by_subject();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+#define X509_F_ADD_CERT_DIR				 100
+#define X509_F_BY_FILE_CTRL				 101
+#define X509_F_DIR_CTRL					 102
+#define X509_F_GET_CERT_BY_SUBJECT			 103
+#define X509_F_X509V3_ADD_EXT				 104
+#define X509_F_X509V3_ADD_EXTENSION			 105
+#define X509_F_X509V3_PACK_STRING			 106
+#define X509_F_X509V3_UNPACK_STRING			 107
+#define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
+#define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
+#define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
+#define X509_F_X509_LOAD_CERT_FILE			 111
+#define X509_F_X509_NAME_ADD_ENTRY			 112
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 113
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 114
+#define X509_F_X509_NAME_ONELINE			 115
+#define X509_F_X509_NAME_PRINT				 116
+#define X509_F_X509_PRINT_FP				 117
+#define X509_F_X509_PUBKEY_GET				 118
+#define X509_F_X509_PUBKEY_SET				 119
+#define X509_F_X509_REQ_PRINT				 120
+#define X509_F_X509_REQ_PRINT_FP			 121
+#define X509_F_X509_REQ_TO_X509				 122
+#define X509_F_X509_STORE_ADD_CERT			 123
+#define X509_F_X509_TO_X509_REQ				 124
+#define X509_F_X509_VERIFY_CERT				 125
+
+/* Reason codes. */
+#define X509_R_BAD_X509_FILETYPE			 100
+#define X509_R_CERT_ALREADY_IN_HASH_TABLE		 101
+#define X509_R_ERR_ASN1_LIB				 102
+#define X509_R_LOADING_CERT_DIR				 103
+#define X509_R_LOADING_DEFAULTS				 104
+#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY		 105
+#define X509_R_SHOULD_RETRY				 106
+#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN	 107
+#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
+#define X509_R_UNKNOWN_NID				 109
+#define X509_R_UNKNOWN_STRING_TYPE			 110
+#define X509_R_UNSUPPORTED_ALGORITHM			 111
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
new file mode 100644
index 0000000000..14eebbfcb8
--- /dev/null
+++ b/crypto/x509/x509_cmp.c
@@ -0,0 +1,247 @@
+/* crypto/x509/x509_cmp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+int X509_issuer_and_serial_cmp(a,b)
+X509 *a;
+X509 *b;
+	{
+	int i;
+	X509_CINF *ai,*bi;
+
+	ai=a->cert_info;
+	bi=b->cert_info;
+	i=ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
+	if (i) return(i);
+	return(X509_NAME_cmp(ai->issuer,bi->issuer));
+	}
+
+#ifndef NO_MD5
+unsigned long X509_issuer_and_serial_hash(a)
+X509 *a;
+	{
+	unsigned long ret=0;
+	MD5_CTX ctx;
+	unsigned char md[16];
+	char str[256];
+
+	X509_NAME_oneline(a->cert_info->issuer,str,256);
+	ret=strlen(str);
+	MD5_Init(&ctx);
+	MD5_Update(&ctx,(unsigned char *)str,ret);
+	MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+		(unsigned long)a->cert_info->serialNumber->length);
+	MD5_Final(&(md[0]),&ctx);
+	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
+		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+		)&0xffffffffL;
+	return(ret);
+	}
+#endif
+	
+int X509_issuer_name_cmp(a, b)
+X509 *a;
+X509 *b;
+	{
+	return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
+	}
+
+int X509_subject_name_cmp(a, b)
+X509 *a;
+X509 *b;
+	{
+	return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
+	}
+
+int X509_CRL_cmp(a, b)
+X509_CRL *a;
+X509_CRL *b;
+	{
+	return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
+	}
+
+X509_NAME *X509_get_issuer_name(a)
+X509 *a;
+	{
+	return(a->cert_info->issuer);
+	}
+
+unsigned long X509_issuer_name_hash(x)
+X509 *x;
+	{
+	return(X509_NAME_hash(x->cert_info->issuer));
+	}
+
+X509_NAME *X509_get_subject_name(a)
+X509 *a;
+	{
+	return(a->cert_info->subject);
+	}
+
+ASN1_INTEGER *X509_get_serialNumber(a)
+X509 *a;
+	{
+	return(a->cert_info->serialNumber);
+	}
+
+unsigned long X509_subject_name_hash(x)
+X509 *x;
+	{
+	return(X509_NAME_hash(x->cert_info->subject));
+	}
+
+int X509_NAME_cmp(a, b)
+X509_NAME *a;
+X509_NAME *b;
+	{
+	int i,j;
+	X509_NAME_ENTRY *na,*nb;
+
+	if (sk_num(a->entries) != sk_num(b->entries))
+		return(sk_num(a->entries)-sk_num(b->entries));
+	for (i=sk_num(a->entries)-1; i>=0; i--)
+		{
+		na=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+		nb=(X509_NAME_ENTRY *)sk_value(b->entries,i);
+		j=na->value->length-nb->value->length;
+		if (j) return(j);
+		j=memcmp(na->value->data,nb->value->data,
+			na->value->length);
+		if (j) return(j);
+		j=na->set-nb->set;
+		if (j) return(j);
+		}
+
+	/* We will check the object types after checking the values
+	 * since the values will more often be different than the object
+	 * types. */
+	for (i=sk_num(a->entries)-1; i>=0; i--)
+		{
+		na=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+		nb=(X509_NAME_ENTRY *)sk_value(b->entries,i);
+		j=OBJ_cmp(na->object,nb->object);
+		if (j) return(j);
+		}
+	return(0);
+	}
+
+#ifndef NO_MD5
+/* I should do a DER encoding of the name and then hash it. */
+unsigned long X509_NAME_hash(x)
+X509_NAME *x;
+	{
+	unsigned long ret=0;
+	unsigned char md[16];
+	char str[256];
+
+	X509_NAME_oneline(x,str,256);
+	ret=strlen(str);
+	MD5((unsigned char *)str,ret,&(md[0]));
+	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
+		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+		)&0xffffffffL;
+	return(ret);
+	}
+#endif
+
+/* Search a stack of X509 for a match */
+X509 *X509_find_by_issuer_and_serial(sk,name,serial)
+STACK *sk;
+X509_NAME *name;
+ASN1_INTEGER *serial;
+	{
+	int i;
+	X509_CINF cinf;
+	X509 x,*x509=NULL;
+
+	x.cert_info= &cinf;
+	cinf.serialNumber=serial;
+	cinf.issuer=name;
+
+	for (i=0; i<sk_num(sk); i++)
+		{
+		x509=(X509 *)sk_value(sk,i);
+		if (X509_issuer_and_serial_cmp(x509,&x) == 0)
+			return(x509);
+		}
+	return(x509);
+	}
+
+X509 *X509_find_by_subject(sk,name)
+STACK *sk;
+X509_NAME *name;
+	{
+	X509 *x509;
+	int i;
+
+	for (i=0; i<sk_num(sk); i++)
+		{
+		x509=(X509 *)sk_value(sk,i);
+		if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
+			return(x509);
+		}
+	return(NULL);
+	}
+
diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c
new file mode 100644
index 0000000000..235d70f8d7
--- /dev/null
+++ b/crypto/x509/x509_d2.c
@@ -0,0 +1,106 @@
+/* crypto/x509/x509_d2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "x509.h"
+
+int X509_STORE_set_default_paths(ctx)
+X509_STORE *ctx;
+	{
+	X509_LOOKUP *lookup;
+
+	lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
+	if (lookup == NULL) return(0);
+	X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+	lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
+	if (lookup == NULL) return(0);
+	X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+	
+	/* clear any errors */
+	ERR_clear_error();
+
+	return(1);
+	}
+
+int X509_STORE_load_locations(ctx,file,path)
+X509_STORE *ctx;
+char *file;
+char *path;
+	{
+	X509_LOOKUP *lookup;
+
+	if (file != NULL)
+		{
+		lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
+		if (lookup == NULL) return(0);
+		X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM);
+		}
+	if (path != NULL)
+		{
+		lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
+		if (lookup == NULL) return(0);
+		X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM);
+		}
+	return(1);
+	}
+
diff --git a/crypto/x509/x509_def.c b/crypto/x509/x509_def.c
new file mode 100644
index 0000000000..497923828c
--- /dev/null
+++ b/crypto/x509/x509_def.c
@@ -0,0 +1,83 @@
+/* crypto/x509/x509_def.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "x509.h"
+
+char *X509_get_default_private_dir()
+	{ return(X509_PRIVATE_DIR); }
+	
+char *X509_get_default_cert_area()
+	{ return(X509_CERT_AREA); }
+
+char *X509_get_default_cert_dir()
+	{ return(X509_CERT_DIR); }
+
+char *X509_get_default_cert_file()
+	{ return(X509_CERT_FILE); }
+
+char *X509_get_default_cert_dir_env()
+	{ return(X509_CERT_DIR_EVP); }
+
+char *X509_get_default_cert_file_env()
+	{ return(X509_CERT_FILE_EVP); }
+
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
new file mode 100644
index 0000000000..bfcc47fe03
--- /dev/null
+++ b/crypto/x509/x509_err.c
@@ -0,0 +1,121 @@
+/* lib/x509/x509_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "x509.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA X509_str_functs[]=
+	{
+{ERR_PACK(0,X509_F_ADD_CERT_DIR,0),	"ADD_CERT_DIR"},
+{ERR_PACK(0,X509_F_BY_FILE_CTRL,0),	"BY_FILE_CTRL"},
+{ERR_PACK(0,X509_F_DIR_CTRL,0),	"DIR_CTRL"},
+{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0),	"GET_CERT_BY_SUBJECT"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0),	"X509v3_add_ext"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0),	"X509V3_ADD_EXTENSION"},
+{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0),	"X509v3_pack_string"},
+{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0),	"X509v3_unpack_string"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),	"X509_EXTENSION_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0),	"X509_get_pubkey_parameters"},
+{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0),	"X509_LOAD_CERT_FILE"},
+{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0),	"X509_NAME_add_entry"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0),	"X509_NAME_ENTRY_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0),	"X509_NAME_ENTRY_set_object"},
+{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0),	"X509_NAME_oneline"},
+{ERR_PACK(0,X509_F_X509_NAME_PRINT,0),	"X509_NAME_print"},
+{ERR_PACK(0,X509_F_X509_PRINT_FP,0),	"X509_print_fp"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0),	"X509_PUBKEY_get"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0),	"X509_PUBKEY_set"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT,0),	"X509_REQ_print"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0),	"X509_REQ_print_fp"},
+{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0),	"X509_REQ_to_X509"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0),	"X509_STORE_ADD_CERT"},
+{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0),	"X509_to_X509_REQ"},
+{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0),	"X509_verify_cert"},
+{0,NULL},
+	};
+
+static ERR_STRING_DATA X509_str_reasons[]=
+	{
+{X509_R_BAD_X509_FILETYPE                ,"bad x509 filetype"},
+{X509_R_CERT_ALREADY_IN_HASH_TABLE       ,"cert already in hash table"},
+{X509_R_ERR_ASN1_LIB                     ,"err asn1 lib"},
+{X509_R_LOADING_CERT_DIR                 ,"loading cert dir"},
+{X509_R_LOADING_DEFAULTS                 ,"loading defaults"},
+{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY     ,"no cert set for us to verify"},
+{X509_R_SHOULD_RETRY                     ,"should retry"},
+{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
+{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY   ,"unable to get certs public key"},
+{X509_R_UNKNOWN_NID                      ,"unknown nid"},
+{X509_R_UNKNOWN_STRING_TYPE              ,"unknown string type"},
+{X509_R_UNSUPPORTED_ALGORITHM            ,"unsupported algorithm"},
+{0,NULL},
+	};
+
+void ERR_load_X509_strings()
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+		ERR_load_strings(ERR_LIB_X509,X509_str_functs);
+		ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
+		}
+	}
diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c
new file mode 100644
index 0000000000..7495183e88
--- /dev/null
+++ b/crypto/x509/x509_ext.c
@@ -0,0 +1,222 @@
+/* crypto/x509/x509_ext.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_CRL_get_ext_count(x)
+X509_CRL *x;
+	{
+	return(X509v3_get_ext_count(x->crl->extensions));
+	}
+
+int X509_CRL_get_ext_by_NID(x,nid,oldpos)
+X509_CRL *x;
+int nid;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_NID(x->crl->extensions,nid,oldpos));
+	}
+
+int X509_CRL_get_ext_by_OBJ(x,obj,oldpos)
+X509_CRL *x;
+ASN1_OBJECT *obj;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,oldpos));
+	}
+
+int X509_CRL_get_ext_by_critical(x,crit,oldpos)
+X509_CRL *x;
+int crit;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_critical(x->crl->extensions,crit,oldpos));
+	}
+
+X509_EXTENSION *X509_CRL_get_ext(x,loc)
+X509_CRL *x;
+int loc;
+	{
+	return(X509v3_get_ext(x->crl->extensions,loc));
+	}
+
+X509_EXTENSION *X509_CRL_delete_ext(x,loc)
+X509_CRL *x;
+int loc;
+	{
+	return(X509v3_delete_ext(x->crl->extensions,loc));
+	}
+
+int X509_CRL_add_ext(x,ex,loc)
+X509_CRL *x;
+X509_EXTENSION *ex;
+int loc;
+	{
+	return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
+	}
+
+int X509_get_ext_count(x)
+X509 *x;
+	{
+	return(X509v3_get_ext_count(x->cert_info->extensions));
+	}
+
+int X509_get_ext_by_NID(x,nid,oldpos)
+X509 *x;
+int nid;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,oldpos));
+	}
+
+int X509_get_ext_by_OBJ(x,obj,oldpos)
+X509 *x;
+ASN1_OBJECT *obj;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,oldpos));
+	}
+
+int X509_get_ext_by_critical(x,crit,oldpos)
+X509 *x;
+int crit;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,oldpos));
+	}
+
+X509_EXTENSION *X509_get_ext(x,loc)
+X509 *x;
+int loc;
+	{
+	return(X509v3_get_ext(x->cert_info->extensions,loc));
+	}
+
+X509_EXTENSION *X509_delete_ext(x,loc)
+X509 *x;
+int loc;
+	{
+	return(X509v3_delete_ext(x->cert_info->extensions,loc));
+	}
+
+int X509_add_ext(x,ex,loc)
+X509 *x;
+X509_EXTENSION *ex;
+int loc;
+	{
+	return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
+	}
+
+int X509_REVOKED_get_ext_count(x)
+X509_REVOKED *x;
+	{
+	return(X509v3_get_ext_count(x->extensions));
+	}
+
+int X509_REVOKED_get_ext_by_NID(x,nid,oldpos)
+X509_REVOKED *x;
+int nid;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_NID(x->extensions,nid,oldpos));
+	}
+
+int X509_REVOKED_get_ext_by_OBJ(x,obj,oldpos)
+X509_REVOKED *x;
+ASN1_OBJECT *obj;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_OBJ(x->extensions,obj,oldpos));
+	}
+
+int X509_REVOKED_get_ext_by_critical(x,crit,oldpos)
+X509_REVOKED *x;
+int crit;
+int oldpos;
+	{
+	return(X509v3_get_ext_by_critical(x->extensions,crit,oldpos));
+	}
+
+X509_EXTENSION *X509_REVOKED_get_ext(x,loc)
+X509_REVOKED *x;
+int loc;
+	{
+	return(X509v3_get_ext(x->extensions,loc));
+	}
+
+X509_EXTENSION *X509_REVOKED_delete_ext(x,loc)
+X509_REVOKED *x;
+int loc;
+	{
+	return(X509v3_delete_ext(x->extensions,loc));
+	}
+
+int X509_REVOKED_add_ext(x,ex,loc)
+X509_REVOKED *x;
+X509_EXTENSION *ex;
+int loc;
+	{
+	return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
+	}
+
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
new file mode 100644
index 0000000000..455ad5af45
--- /dev/null
+++ b/crypto/x509/x509_lu.c
@@ -0,0 +1,439 @@
+/* crypto/x509/x509_lu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+
+X509_LOOKUP *X509_LOOKUP_new(method)
+X509_LOOKUP_METHOD *method;
+	{
+	X509_LOOKUP *ret;
+
+	ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP));
+	if (ret == NULL) return(NULL);
+
+	ret->init=0;
+	ret->skip=0;
+	ret->method=method;
+	ret->method_data=NULL;
+	ret->store_ctx=NULL;
+	if ((method->new_item != NULL) && !method->new_item(ret))
+		{
+		Free(ret);
+		return(NULL);
+		}
+	return(ret);
+	}
+
+void X509_LOOKUP_free(ctx)
+X509_LOOKUP *ctx;
+	{
+	if (ctx == NULL) return;
+	if (	(ctx->method != NULL) &&
+		(ctx->method->free != NULL))
+		ctx->method->free(ctx);
+	Free(ctx);
+	}
+
+int X509_LOOKUP_init(ctx)
+X509_LOOKUP *ctx;
+	{
+	if (ctx->method == NULL) return(0);
+	if (ctx->method->init != NULL)
+		return(ctx->method->init(ctx));
+	else
+		return(1);
+	}
+
+int X509_LOOKUP_shutdown(ctx)
+X509_LOOKUP *ctx;
+	{
+	if (ctx->method == NULL) return(0);
+	if (ctx->method->init != NULL)
+		return(ctx->method->shutdown(ctx));
+	else
+		return(1);
+	}
+
+int X509_LOOKUP_ctrl(ctx,cmd,argc,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argc;
+long argl;
+char **ret;
+	{
+	if (ctx->method == NULL) return(-1);
+	if (ctx->method->ctrl != NULL)
+		return(ctx->method->ctrl(ctx,cmd,argc,argl,ret));
+	else
+		return(1);
+	}
+
+int X509_LOOKUP_by_subject(ctx,type,name,ret)
+X509_LOOKUP *ctx;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+	{
+	if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
+		return(X509_LU_FAIL);
+	if (ctx->skip) return(0);
+	return(ctx->method->get_by_subject(ctx,type,name,ret));
+	}
+
+int X509_LOOKUP_by_issuer_serial(ctx,type,name,serial,ret)
+X509_LOOKUP *ctx;
+int type;
+X509_NAME *name;
+ASN1_INTEGER *serial;
+X509_OBJECT *ret;
+	{
+	if ((ctx->method == NULL) ||
+		(ctx->method->get_by_issuer_serial == NULL))
+		return(X509_LU_FAIL);
+	return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret));
+	}
+
+int X509_LOOKUP_by_fingerprint(ctx,type,bytes,len,ret)
+X509_LOOKUP *ctx;
+int type;
+unsigned char *bytes;
+int len;
+X509_OBJECT *ret;
+	{
+	if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
+		return(X509_LU_FAIL);
+	return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret));
+	}
+
+int X509_LOOKUP_by_alias(ctx,type,str,len,ret)
+X509_LOOKUP *ctx;
+int type;
+char *str;
+int len;
+X509_OBJECT *ret;
+	{
+	if ((ctx->method == NULL) || (ctx->method->get_by_alias))
+		return(X509_LU_FAIL);
+	return(ctx->method->get_by_alias(ctx,str,len,ret));
+	}
+
+static unsigned long x509_object_hash(a)
+X509_OBJECT *a;
+	{
+	unsigned long h;
+
+	switch (a->type)
+		{
+	case X509_LU_X509:
+		h=X509_NAME_hash(a->data.x509->cert_info->subject);
+		break;
+	case X509_LU_CRL:
+		h=X509_NAME_hash(a->data.crl->crl->issuer);
+		break;
+	default:
+		abort();
+		}
+	return(h);
+	}
+
+static int x509_object_cmp(a,b)
+X509_OBJECT *a,*b;
+	{
+	int ret;
+
+	ret=(a->type - b->type);
+	if (ret) return(ret);
+	switch (a->type)
+		{
+	case X509_LU_X509:
+		ret=X509_subject_name_cmp(a->data.x509,b->data.x509);
+		break;
+	case X509_LU_CRL:
+		ret=X509_CRL_cmp(a->data.crl,b->data.crl);
+		break;
+	default:
+		abort();
+		}
+	return(ret);
+	}
+
+X509_STORE *X509_STORE_new()
+	{
+	X509_STORE *ret;
+
+	if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL)
+		return(NULL);
+	ret->certs=lh_new(x509_object_hash,x509_object_cmp);
+	ret->cache=1;
+	ret->get_cert_methods=sk_new_null();
+	ret->verify=NULL;
+	ret->verify_cb=NULL;
+	ret->app_data=NULL;
+	ret->references=1;
+	return(ret);
+	}
+
+static void cleanup(a)
+X509_OBJECT *a;
+	{
+	if (a->type == X509_LU_X509)
+		{
+		X509_free(a->data.x509);
+		}
+	else if (a->type == X509_LU_CRL)
+		{
+		X509_CRL_free(a->data.crl);
+		}
+	else
+		abort();
+
+	Free(a);
+	}
+
+void X509_STORE_free(vfy)
+X509_STORE *vfy;
+	{
+	int i;
+	STACK *sk;
+	X509_LOOKUP *lu;
+
+	sk=vfy->get_cert_methods;
+	for (i=0; i<sk_num(sk); i++)
+		{
+		lu=(X509_LOOKUP *)sk_value(sk,i);
+		X509_LOOKUP_shutdown(lu);
+		X509_LOOKUP_free(lu);
+		}
+	sk_free(sk);
+
+	lh_doall(vfy->certs,cleanup);
+	lh_free(vfy->certs);
+	Free(vfy);
+	}
+
+X509_LOOKUP *X509_STORE_add_lookup(v,m)
+X509_STORE *v;
+X509_LOOKUP_METHOD *m;
+	{
+	int i;
+	STACK *sk;
+	X509_LOOKUP *lu;
+
+	sk=v->get_cert_methods;
+	for (i=0; i<sk_num(sk); i++)
+		{
+		lu=(X509_LOOKUP *)sk_value(sk,i);
+		if (m == lu->method)
+			{
+			return(lu);
+			}
+		}
+	/* a new one */
+	lu=X509_LOOKUP_new(m);
+	if (lu == NULL)
+		return(NULL);
+	else
+		{
+		lu->store_ctx=v;
+		if (sk_push(v->get_cert_methods,(char *)lu))
+			return(lu);
+		else
+			{
+			X509_LOOKUP_free(lu);
+			return(NULL);
+			}
+		}
+	}
+
+int X509_STORE_get_by_subject(vs,type,name,ret)
+X509_STORE_CTX *vs;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+	{
+	X509_STORE *ctx=vs->ctx;
+	X509_LOOKUP *lu;
+	X509_OBJECT stmp,*tmp;
+	int i,j;
+
+	tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name);
+
+	if (tmp == NULL)
+		{
+		for (i=vs->current_method; i<sk_num(ctx->get_cert_methods); i++)
+			{
+			lu=(X509_LOOKUP *)sk_value(ctx->get_cert_methods,i);
+			j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
+			if (j < 0)
+				{
+				vs->current_method=j;
+				return(j);
+				}
+			else if (j)
+				{
+				tmp= &stmp;
+				break;
+				}
+			}
+		vs->current_method=0;
+		if (tmp == NULL)
+			return(0);
+		}
+
+/*	if (ret->data.ptr != NULL)
+		X509_OBJECT_free_contents(ret); */
+
+	ret->type=tmp->type;
+	ret->data.ptr=tmp->data.ptr;
+
+	X509_OBJECT_up_ref_count(ret);
+
+	return(1);
+	}
+
+void X509_OBJECT_up_ref_count(a)
+X509_OBJECT *a;
+	{
+	switch (a->type)
+		{
+	case X509_LU_X509:
+		CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509);
+		break;
+	case X509_LU_CRL:
+		CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
+		break;
+		}
+	}
+
+void X509_OBJECT_free_contents(a)
+X509_OBJECT *a;
+	{
+	switch (a->type)
+		{
+	case X509_LU_X509:
+		X509_free(a->data.x509);
+		break;
+	case X509_LU_CRL:
+		X509_CRL_free(a->data.crl);
+		break;
+		}
+	}
+
+X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name)
+LHASH *h;
+int type;
+X509_NAME *name;
+	{
+	X509_OBJECT stmp,*tmp;
+	X509 x509_s;
+	X509_CINF cinf_s;
+	X509_CRL crl_s;
+	X509_CRL_INFO crl_info_s;
+
+	stmp.type=type;
+	switch (type)
+		{
+	case X509_LU_X509:
+		stmp.data.x509= &x509_s;
+		x509_s.cert_info= &cinf_s;
+		cinf_s.subject=name;
+		break;
+	case X509_LU_CRL:
+		stmp.data.crl= &crl_s;
+		crl_s.crl= &crl_info_s;
+		crl_info_s.issuer=name;
+		break;
+	default:
+		abort();
+		}
+
+	tmp=(X509_OBJECT *)lh_retrieve(h,(char *)&stmp);
+	return(tmp);
+	}
+
+void X509_STORE_CTX_init(ctx,store,x509,chain)
+X509_STORE_CTX *ctx;
+X509_STORE *store;
+X509 *x509;
+STACK *chain;
+	{
+	ctx->ctx=store;
+	ctx->current_method=0;
+	ctx->cert=x509;
+	ctx->untrusted=chain;
+	ctx->last_untrusted=0;
+	ctx->valid=0;
+	ctx->chain=NULL;
+	ctx->depth=10;
+	ctx->error=0;
+	ctx->current_cert=NULL;
+	}
+
+void X509_STORE_CTX_cleanup(ctx)
+X509_STORE_CTX *ctx;
+	{
+	if (ctx->chain != NULL)
+		{
+		sk_pop_free(ctx->chain,X509_free);
+		ctx->chain=NULL;
+		}
+	}
+
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
new file mode 100644
index 0000000000..2b53af1e61
--- /dev/null
+++ b/crypto/x509/x509_obj.c
@@ -0,0 +1,180 @@
+/* crypto/x509/x509_obj.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "objects.h"
+#include "x509.h"
+#include "buffer.h"
+
+char *X509_NAME_oneline(a,buf,len)
+X509_NAME *a;
+char *buf;
+int len;
+	{
+	X509_NAME_ENTRY *ne;
+	unsigned int i;
+	int n,lold,l,l1,l2,num,j,type;
+	char *s,*p;
+	unsigned char *q;
+	BUF_MEM *b=NULL;
+	static char hex[17]="0123456789ABCDEF";
+	int gs_doit[4];
+
+	if (a == NULL) return("NO X509_NAME");
+	if (buf == NULL)
+		{
+		if ((b=BUF_MEM_new()) == NULL) goto err;
+		if (!BUF_MEM_grow(b,200)) goto err;
+		b->data[0]='\0';
+		len=200;
+		}
+
+	len--; /* space for '\0' */
+	l=0;
+	for (i=0; (int)i<sk_num(a->entries); i++)
+		{
+		ne=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+		n=OBJ_obj2nid(ne->object);
+		if (n == NID_undef)
+			s="UNKNOWN";
+		else
+			{
+			s=OBJ_nid2sn(n);
+			if (s == NULL) s="UNKNOWN2";
+			}
+		l1=strlen(s);
+
+		type=ne->value->type;
+		num=ne->value->length;
+		q=ne->value->data;
+
+		if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
+			{
+			gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0;
+			for (j=0; j<num; j++)
+				if (q[j] != 0) gs_doit[j&3]=1;
+
+			if (gs_doit[0]|gs_doit[1]|gs_doit[2])
+				gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
+			else
+				{
+				gs_doit[0]=gs_doit[1]=gs_doit[2]=0;
+				gs_doit[3]=1;
+				}
+			}
+		else
+			gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
+
+		for (l2=j=0; j<num; j++)
+			{
+			if (!gs_doit[j&3]) continue;
+			l2++;
+			if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
+			}
+
+		lold=l;
+		l+=1+l1+1+l2;
+		if (b != NULL)
+			{
+			if (!BUF_MEM_grow(b,l+1)) goto err;
+			p= &(b->data[lold]);
+			}
+		else if (l > len)
+			{
+			break;
+			}
+		else
+			p= &(buf[lold]);
+		*(p++)='/';
+		memcpy(p,s,(unsigned int)l1); p+=l1;
+		*(p++)='=';
+
+		q=ne->value->data;
+
+		for (j=0; j<num; j++)
+			{
+			if (!gs_doit[j&3]) continue;
+			n=q[j];
+			if ((n < ' ') || (n > '~'))
+				{
+				*(p++)='\\';
+				*(p++)='x';
+				*(p++)=hex[(n>>4)&0x0f];
+				*(p++)=hex[n&0x0f];
+				}
+			else
+				*(p++)=n;
+			}
+		*p='\0';
+		}
+	if (b != NULL)
+		{
+		p=b->data;
+		Free((char *)b);
+		}
+	else
+		p=buf;
+	return(p);
+err:
+	X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE);
+	if (b != NULL) BUF_MEM_free(b);
+	return(NULL);
+	}
+
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
new file mode 100644
index 0000000000..7e79959c8a
--- /dev/null
+++ b/crypto/x509/x509_r2x.c
@@ -0,0 +1,122 @@
+/* crypto/x509/x509_r2x.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+X509 *X509_REQ_to_X509(r,days,pkey)
+X509_REQ *r;
+int days;
+EVP_PKEY *pkey;
+	{
+	X509 *ret=NULL;
+	int er=1;
+	X509_REQ_INFO *ri=NULL;
+	X509_CINF *xi=NULL;
+	X509_NAME *xn;
+
+	if ((ret=X509_new()) == NULL)
+		{
+		X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	/* duplicate the request */
+	ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO,
+		(char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info);
+	if (ri == NULL) goto err;
+
+	xi=ret->cert_info;
+
+	if (sk_num(ri->attributes) != 0)
+		{
+		if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err;
+		if (!ASN1_INTEGER_set(xi->version,2)) goto err;
+/*		xi->extensions=ri->attributes; <- bad, should not ever be done
+		ri->attributes=NULL; */
+		}
+
+	xn=X509_REQ_get_subject_name(r);
+	X509_set_subject_name(ret,X509_NAME_dup(xn));
+	X509_set_issuer_name(ret,X509_NAME_dup(xn));
+
+	X509_gmtime_adj(xi->validity->notBefore,0);
+	X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
+
+	X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
+
+	if (!X509_sign(ret,pkey,EVP_md5()))
+		goto err;
+	er=0;
+err:
+	if (er)
+		{
+		X509_free(ret);
+		X509_REQ_INFO_free(ri);
+		return(NULL);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
new file mode 100644
index 0000000000..c1f10c2428
--- /dev/null
+++ b/crypto/x509/x509_req.c
@@ -0,0 +1,111 @@
+/* crypto/x509/x509_req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+X509_REQ *X509_to_X509_REQ(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+	{
+	X509_REQ *ret;
+	X509_REQ_INFO *ri;
+	int i;
+
+	ret=X509_REQ_new();
+	if (ret == NULL)
+		{
+		X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+
+	ri=ret->req_info;
+
+	ri->version->length=1;
+	ri->version->data=(unsigned char *)Malloc(1);
+	if (ri->version->data == NULL) goto err;
+	ri->version->data[0]=0; /* version == 0 */
+
+	if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
+		goto err;
+
+	i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x));
+	if (!i) goto err;
+
+/* NEEDS FIXING EAY EAY EAY */
+	if (!X509_REQ_sign(ret,pkey,EVP_md5()))
+		goto err;
+	return(ret);
+err:
+	X509_REQ_free(ret);
+	return(NULL);
+	}
+
+EVP_PKEY *X509_REQ_get_pubkey(req)
+X509_REQ *req;
+	{
+	return(X509_PUBKEY_get(req->req_info->pubkey));
+	}
+
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
new file mode 100644
index 0000000000..f65ae91f53
--- /dev/null
+++ b/crypto/x509/x509_set.c
@@ -0,0 +1,164 @@
+/* crypto/x509/x509_set.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_set_version(x,version)
+X509 *x;
+long version;
+	{
+	if (x == NULL) return(0);
+	if (x->cert_info->version == NULL)
+		{
+		if ((x->cert_info->version=ASN1_INTEGER_new()) == NULL)
+			return(0);
+		}
+	return(ASN1_INTEGER_set(x->cert_info->version,version));
+	}
+
+int X509_set_serialNumber(x,serial)
+X509 *x;
+ASN1_INTEGER *serial;
+	{
+	ASN1_INTEGER *in;
+
+	if (x == NULL) return(0);
+	in=x->cert_info->serialNumber;
+	if (in != serial)
+		{
+		in=ASN1_INTEGER_dup(serial);
+		if (in != NULL)
+			{
+			ASN1_INTEGER_free(x->cert_info->serialNumber);
+			x->cert_info->serialNumber=in;
+			}
+		}
+	return(in != NULL);
+	}
+
+int X509_set_issuer_name(x,name)
+X509 *x;
+X509_NAME *name;
+	{
+	if ((x == NULL) || (x->cert_info == NULL)) return(0);
+	return(X509_NAME_set(&x->cert_info->issuer,name));
+	}
+
+int X509_set_subject_name(x,name)
+X509 *x;
+X509_NAME *name;
+	{
+	if ((x == NULL) || (x->cert_info == NULL)) return(0);
+	return(X509_NAME_set(&x->cert_info->subject,name));
+	}
+
+int X509_set_notBefore(x,tm)
+X509 *x;
+ASN1_UTCTIME *tm;
+	{
+	ASN1_UTCTIME *in;
+
+	if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
+	in=x->cert_info->validity->notBefore;
+	if (in != tm)
+		{
+		in=ASN1_UTCTIME_dup(tm);
+		if (in != NULL)
+			{
+			ASN1_UTCTIME_free(x->cert_info->validity->notBefore);
+			x->cert_info->validity->notBefore=in;
+			}
+		}
+	return(in != NULL);
+	}
+
+int X509_set_notAfter(x,tm)
+X509 *x;
+ASN1_UTCTIME *tm;
+	{
+	ASN1_UTCTIME *in;
+
+	if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
+	in=x->cert_info->validity->notAfter;
+	if (in != tm)
+		{
+		in=ASN1_UTCTIME_dup(tm);
+		if (in != NULL)
+			{
+			ASN1_UTCTIME_free(x->cert_info->validity->notAfter);
+			x->cert_info->validity->notAfter=in;
+			}
+		}
+	return(in != NULL);
+	}
+
+int X509_set_pubkey(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+	{
+	if ((x == NULL) || (x->cert_info == NULL)) return(0);
+	return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
+	}
+
+
+
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
new file mode 100644
index 0000000000..d5fc5839a1
--- /dev/null
+++ b/crypto/x509/x509_txt.c
@@ -0,0 +1,130 @@
+/* crypto/x509/x509_txt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+char *X509_verify_cert_error_string(n)
+int n;
+	{
+	static char buf[100];
+
+	switch (n)
+		{
+	case X509_V_OK:
+		return("ok");
+	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+		return("unable to get issuer certificate");
+	case X509_V_ERR_UNABLE_TO_GET_CRL:
+		return("unable to get certificate CRL");
+	case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+		return("unable to decrypt certificate's signature");
+	case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+		return("unable to decrypt CRL's's signature");
+	case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+		return("unable to decode issuer public key");
+	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+		return("certificate signature failure");
+	case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+		return("CRL signature failure");
+	case X509_V_ERR_CERT_NOT_YET_VALID:
+		return("certificate is not yet valid");
+	case X509_V_ERR_CRL_NOT_YET_VALID:
+		return("CRL is not yet valid");
+	case X509_V_ERR_CERT_HAS_EXPIRED:
+		return("Certificate has expired");
+	case X509_V_ERR_CRL_HAS_EXPIRED:
+		return("CRL has expired");
+	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+		return("format error in certificate's notBefore field");
+	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+		return("format error in certificate's notAfter field");
+	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FILED:
+		return("format error in CRL's lastUpdate field");
+	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FILED:
+		return("format error in CRL's nextUpdate field");
+	case X509_V_ERR_OUT_OF_MEM:
+		return("out of memory");
+	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+		return("self signed certificate");
+	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+		return("self signed certificate in certificate chain");
+	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+		return("unable to get local issuer certificate");
+	case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+		return("unable to verify the first certificate");
+	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+		return("certificate chain too long");
+	default:
+		sprintf(buf,"error number %d",n);
+		return(buf);
+		}
+	}
+
+
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
new file mode 100644
index 0000000000..388130b1d7
--- /dev/null
+++ b/crypto/x509/x509_v3.c
@@ -0,0 +1,409 @@
+/* crypto/x509/x509_v3.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+#ifndef NOPROTO
+static X509_EXTENSION_METHOD *find_by_nid(int nid);
+static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b);
+#else
+static X509_EXTENSION_METHOD *find_by_nid();
+static int xem_cmp();
+#endif
+
+static STACK *extensions=NULL;
+
+int X509v3_get_ext_count(x)
+STACK *x;
+	{
+	if (x == NULL) return(0);
+	return(sk_num(x));
+	}
+
+int X509v3_get_ext_by_NID(x,nid,oldpos)
+STACK *x;
+int nid;
+int oldpos;
+	{
+	ASN1_OBJECT *obj;
+
+	obj=OBJ_nid2obj(nid);
+	if (obj == NULL) return(-2);
+	return(X509v3_get_ext_by_OBJ(x,obj,oldpos));
+	}
+
+int X509v3_get_ext_by_OBJ(sk,obj,oldpos)
+STACK *sk;
+ASN1_OBJECT *obj;
+int oldpos;
+	{
+	int n;
+	X509_EXTENSION *ex;
+
+	if (sk == NULL) return(-1);
+	oldpos++;
+	if (oldpos < 0)
+		oldpos=0;
+	n=sk_num(sk);
+	for ( ; oldpos < n; oldpos++)
+		{
+		ex=(X509_EXTENSION *)sk_value(sk,oldpos);
+		if (OBJ_cmp(ex->object,obj) == 0)
+			return(oldpos);
+		}
+	return(-1);
+	}
+
+int X509v3_get_ext_by_critical(sk,crit,oldpos)
+STACK *sk;
+int crit;
+int oldpos;
+	{
+	int n;
+	X509_EXTENSION *ex;
+
+	if (sk == NULL) return(-1);
+	oldpos++;
+	if (oldpos < 0)
+		oldpos=0;
+	n=sk_num(sk);
+	for ( ; oldpos < n; oldpos++)
+		{
+		ex=(X509_EXTENSION *)sk_value(sk,oldpos);
+		if (	(ex->critical && crit) ||
+			(!ex->critical && !crit))
+			return(oldpos);
+		}
+	return(-1);
+	}
+
+X509_EXTENSION *X509v3_get_ext(x,loc)
+STACK *x;
+int loc;
+	{
+	if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0))
+		return(NULL);
+	else
+		return((X509_EXTENSION *)sk_value(x,loc));
+	}
+
+X509_EXTENSION *X509v3_delete_ext(x,loc)
+STACK *x;
+int loc;
+	{
+	X509_EXTENSION *ret;
+
+	if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0))
+		return(NULL);
+	ret=(X509_EXTENSION *)sk_delete(x,loc);
+	return(ret);
+	}
+
+STACK *X509v3_add_ext(x,ex,loc)
+STACK **x;
+X509_EXTENSION *ex;
+int loc;
+	{
+	X509_EXTENSION *new_ex=NULL;
+	int n;
+	STACK *sk=NULL;
+
+	if ((x != NULL) && (*x == NULL))
+		{
+		if ((sk=sk_new_null()) == NULL)
+			goto err;
+		}
+	else
+		sk= *x;
+
+	n=sk_num(sk);
+	if (loc > n) loc=n;
+	else if (loc < 0) loc=n;
+
+	if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
+		goto err2;
+	if (!sk_insert(sk,(char *)new_ex,loc))
+		goto err;
+	if ((x != NULL) && (*x == NULL))
+		*x=sk;
+	return(sk);
+err:
+	X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
+err2:
+	if (new_ex != NULL) X509_EXTENSION_free(new_ex);
+	if (sk != NULL) sk_free(sk);
+	return(NULL);
+	}
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(ex,nid,crit,data)
+X509_EXTENSION **ex;
+int nid;
+int crit;
+ASN1_OCTET_STRING *data;
+	{
+	ASN1_OBJECT *obj;
+	X509_EXTENSION *ret;
+
+	obj=OBJ_nid2obj(nid);
+	if (obj == NULL)
+		{
+		X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+		return(NULL);
+		}
+	ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data);
+	if (ret == NULL) ASN1_OBJECT_free(obj);
+	return(ret);
+	}
+
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(ex,obj,crit,data)
+X509_EXTENSION **ex;
+ASN1_OBJECT *obj;
+int crit;
+ASN1_OCTET_STRING *data;
+	{
+	X509_EXTENSION *ret;
+
+	if ((ex == NULL) || (*ex == NULL))
+		{
+		if ((ret=X509_EXTENSION_new()) == NULL)
+			{
+			X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
+			return(NULL);
+			}
+		}
+	else
+		ret= *ex;
+
+	if (!X509_EXTENSION_set_object(ret,obj))
+		goto err;
+	if (!X509_EXTENSION_set_critical(ret,crit))
+		goto err;
+	if (!X509_EXTENSION_set_data(ret,data))
+		goto err;
+	
+	if ((ex != NULL) && (*ex == NULL)) *ex=ret;
+	return(ret);
+err:
+	if ((ex == NULL) || (ret != *ex))
+		X509_EXTENSION_free(ret);
+	return(NULL);
+	}
+
+int X509_EXTENSION_set_object(ex,obj)
+X509_EXTENSION *ex;
+ASN1_OBJECT *obj;
+	{
+	if ((ex == NULL) || (obj == NULL))
+		return(0);
+	ASN1_OBJECT_free(ex->object);
+	ex->object=OBJ_dup(obj);
+	return(1);
+	}
+
+int X509_EXTENSION_set_critical(ex,crit)
+X509_EXTENSION *ex;
+int crit;
+	{
+	if (ex == NULL) return(0);
+	ex->critical=(crit)?0xFF:0;
+	return(1);
+	}
+
+int X509_EXTENSION_set_data(ex,data)
+X509_EXTENSION *ex;
+ASN1_OCTET_STRING *data;
+	{
+	int i;
+
+	if (ex == NULL) return(0);
+	i=ASN1_OCTET_STRING_set(ex->value,data->data,data->length);
+	if (!i) return(0);
+	return(1);
+	}
+
+ASN1_OBJECT *X509_EXTENSION_get_object(ex)
+X509_EXTENSION *ex;
+	{
+	if (ex == NULL) return(NULL);
+	return(ex->object);
+	}
+
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(ex)
+X509_EXTENSION *ex;
+	{
+	if (ex == NULL) return(NULL);
+	return(ex->value);
+	}
+
+int X509_EXTENSION_get_critical(ex)
+X509_EXTENSION *ex;
+	{
+	if (ex == NULL) return(0);
+	return(ex->critical);
+	}
+
+int X509v3_data_type_by_OBJ(obj)
+ASN1_OBJECT *obj;
+	{
+	int nid;
+
+	nid=OBJ_obj2nid(obj);
+	if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF);
+	return(X509v3_data_type_by_NID(nid));
+	}
+
+int X509v3_data_type_by_NID(nid)
+int nid;
+	{
+	X509_EXTENSION_METHOD *x;
+
+	x=find_by_nid(nid);
+	if (x == NULL)
+		return(V_ASN1_UNDEF);
+	else
+		return(x->data_type);
+	}
+
+int X509v3_pack_type_by_OBJ(obj)
+ASN1_OBJECT *obj;
+	{
+	int nid;
+
+	nid=OBJ_obj2nid(obj);
+	if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN);
+	return(X509v3_pack_type_by_NID(nid));
+	}
+
+int X509v3_pack_type_by_NID(nid)
+int nid;
+	{
+	X509_EXTENSION_METHOD *x;
+
+	x=find_by_nid(nid);
+	if (x == NULL)
+		return(X509_EXT_PACK_UNKNOWN);
+	else
+		return(x->pack_type);
+	}
+
+static X509_EXTENSION_METHOD *find_by_nid(nid)
+int nid;
+	{
+	X509_EXTENSION_METHOD x;
+	int i;
+
+	x.nid=nid;
+	if (extensions == NULL) return(NULL);
+	i=sk_find(extensions,(char *)&x);
+	if (i < 0)
+		return(NULL);
+	else
+		return((X509_EXTENSION_METHOD *)sk_value(extensions,i));
+	}
+
+static int xem_cmp(a,b)
+X509_EXTENSION_METHOD **a,**b;
+	{
+	return((*a)->nid-(*b)->nid);
+	}
+
+void X509v3_cleanup_extensions()
+	{
+	int i;
+
+	if (extensions != NULL)
+		{
+		for (i=0; i<sk_num(extensions); i++)
+			Free(sk_value(extensions,i));
+		sk_free(extensions);
+		extensions=NULL;
+		}
+	}
+
+int X509v3_add_extension(x)
+X509_EXTENSION_METHOD *x;
+	{
+	X509_EXTENSION_METHOD *newx;
+
+	if (extensions == NULL)
+		{
+		extensions=sk_new(xem_cmp);
+		if (extensions == NULL) goto err;
+		}
+	newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD));
+	if (newx == NULL) goto err;
+	newx->nid=x->nid;
+	newx->data_type=x->data_type;
+	newx->pack_type=x->pack_type;
+	if (!sk_push(extensions,(char *)newx))
+		{
+		Free(newx);
+		goto err;
+		}
+	return(1);
+err:
+	X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE);
+	return(0);
+	}
+
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
new file mode 100644
index 0000000000..f6dba6f9ef
--- /dev/null
+++ b/crypto/x509/x509_vfy.c
@@ -0,0 +1,585 @@
+/* crypto/x509/x509_vfy.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#ifndef NOPROTO
+static int null_callback(int ok,X509_STORE_CTX *e);
+static int internal_verify(X509_STORE_CTX *ctx);
+#else
+static int null_callback();
+static int internal_verify();
+#endif
+
+char *X509_version="X509 part of SSLeay 0.8.1b 29-Jun-1998";
+
+static int null_callback(ok,e)
+int ok;
+X509_STORE_CTX *e;
+	{
+	return(ok);
+	}
+
+#if 0
+static int x509_subject_cmp(a,b)
+X509 **a,**b;
+	{
+	return(X509_subject_name_cmp(*a,*b));
+	}
+#endif
+
+int X509_verify_cert(ctx)
+X509_STORE_CTX *ctx;
+	{
+	X509 *x,*xtmp,*chain_ss=NULL;
+	X509_NAME *xn;
+	X509_OBJECT obj;
+	int depth,i,ok=0;
+	int num;
+	int (*cb)();
+	STACK *sktmp=NULL;
+
+	if (ctx->cert == NULL)
+		{
+		X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
+		return(-1);
+		}
+
+	cb=ctx->ctx->verify_cb;
+	if (cb == NULL) cb=null_callback;
+
+	/* first we make sure the chain we are going to build is
+	 * present and that the first entry is in place */
+	if (ctx->chain == NULL)
+		{
+		if (	((ctx->chain=sk_new_null()) == NULL) ||
+			(!sk_push(ctx->chain,(char *)ctx->cert)))
+			{
+			X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+			goto end;
+			}
+		CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
+		ctx->last_untrusted=1;
+		}
+
+	/* We use a temporary so we can chop and hack at it */
+	if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL)
+		{
+		X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+		goto end;
+		}
+
+	num=sk_num(ctx->chain);
+	x=(X509 *)sk_value(ctx->chain,num-1);
+	depth=ctx->depth;
+
+
+	for (;;)
+		{
+		/* If we have enough, we break */
+		if (depth <= num) break;
+
+		/* If we are self signed, we break */
+		xn=X509_get_issuer_name(x);
+		if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0)
+			break;
+
+		/* If we were passed a cert chain, use it first */
+		if (ctx->untrusted != NULL)
+			{
+			xtmp=X509_find_by_subject(sktmp,xn);
+			if (xtmp != NULL)
+				{
+				if (!sk_push(ctx->chain,(char *)xtmp))
+					{
+					X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+					goto end;
+					}
+				CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
+				sk_delete_ptr(sktmp,(char *)xtmp);
+				ctx->last_untrusted++;
+				x=xtmp;
+				num++;
+				/* reparse the full chain for
+				 * the next one */
+				continue;
+				}
+			}
+		break;
+		}
+
+	/* at this point, chain should contain a list of untrusted
+	 * certificates.  We now need to add at least one trusted one,
+	 * if possible, otherwise we complain. */
+
+	i=sk_num(ctx->chain);
+	x=(X509 *)sk_value(ctx->chain,i-1);
+	if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x))
+		== 0)
+		{
+		/* we have a self signed certificate */
+		if (sk_num(ctx->chain) == 1)
+			{
+			ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
+			ctx->current_cert=x;
+			ctx->error_depth=i-1;
+			ok=cb(0,ctx);
+			if (!ok) goto end;
+			}
+		else
+			{
+			/* worry more about this one elsewhere */
+			chain_ss=(X509 *)sk_pop(ctx->chain);
+			ctx->last_untrusted--;
+			num--;
+			x=(X509 *)sk_value(ctx->chain,num-1);
+			}
+		}
+
+	/* We now lookup certs from the certificate store */
+	for (;;)
+		{
+		/* If we have enough, we break */
+		if (depth <= num) break;
+
+		/* If we are self signed, we break */
+		xn=X509_get_issuer_name(x);
+		if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0)
+			break;
+
+		ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj);
+		if (ok != X509_LU_X509)
+			{
+			if (ok == X509_LU_RETRY)
+				{
+				X509_OBJECT_free_contents(&obj);
+				X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
+				return(ok);
+				}
+			else if (ok != X509_LU_FAIL)
+				{
+				X509_OBJECT_free_contents(&obj);
+				/* not good :-(, break anyway */
+				return(ok);
+				}
+			break;
+			}
+		x=obj.data.x509;
+		if (!sk_push(ctx->chain,(char *)obj.data.x509))
+			{
+			X509_OBJECT_free_contents(&obj);
+			X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+			return(0);
+			}
+		num++;
+		}
+
+	/* we now have our chain, lets check it... */
+	xn=X509_get_issuer_name(x);
+	if (X509_NAME_cmp(X509_get_subject_name(x),xn) != 0)
+		{
+		if ((chain_ss == NULL) || (X509_NAME_cmp(X509_get_subject_name(chain_ss),xn) != 0))
+			{
+			if (ctx->last_untrusted >= num)
+				ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
+			else
+				ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
+			ctx->current_cert=x;
+			}
+		else
+			{
+
+			sk_push(ctx->chain,(char *)chain_ss);
+			num++;
+			ctx->last_untrusted=num;
+			ctx->current_cert=chain_ss;
+			ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
+			chain_ss=NULL;
+			}
+
+		ctx->error_depth=num-1;
+		ok=cb(0,ctx);
+		if (!ok) goto end;
+		}
+
+	/* We may as well copy down any DSA parameters that are required */
+	X509_get_pubkey_parameters(NULL,ctx->chain);
+
+	/* At this point, we have a chain and just need to verify it */
+	if (ctx->ctx->verify != NULL)
+		ok=ctx->ctx->verify(ctx);
+	else
+		ok=internal_verify(ctx);
+end:
+	if (sktmp != NULL) sk_free(sktmp);
+	if (chain_ss != NULL) X509_free(chain_ss);
+	return(ok);
+	}
+
+static int internal_verify(ctx)
+X509_STORE_CTX *ctx;
+	{
+	int i,ok=0,n;
+	X509 *xs,*xi;
+	EVP_PKEY *pkey=NULL;
+	int (*cb)();
+
+	cb=ctx->ctx->verify_cb;
+	if (cb == NULL) cb=null_callback;
+
+	n=sk_num(ctx->chain);
+	ctx->error_depth=n-1;
+	n--;
+	xi=(X509 *)sk_value(ctx->chain,n);
+	if (X509_NAME_cmp(X509_get_subject_name(xi),
+		X509_get_issuer_name(xi)) == 0)
+		xs=xi;
+	else
+		{
+		if (n <= 0)
+			{
+			ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
+			ctx->current_cert=xi;
+			ok=cb(0,ctx);
+			goto end;
+			}
+		else
+			{
+			n--;
+			ctx->error_depth=n;
+			xs=(X509 *)sk_value(ctx->chain,n);
+			}
+		}
+
+/*	ctx->error=0;  not needed */
+	while (n >= 0)
+		{
+		ctx->error_depth=n;
+		if (!xs->valid)
+			{
+			if ((pkey=X509_get_pubkey(xi)) == NULL)
+				{
+				ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+				ctx->current_cert=xi;
+				ok=(*cb)(0,ctx);
+				if (!ok) goto end;
+				}
+			if (X509_verify(xs,pkey) <= 0)
+				{
+				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
+				ctx->current_cert=xs;
+				ok=(*cb)(0,ctx);
+				if (!ok) goto end;
+				}
+			pkey=NULL;
+
+			i=X509_cmp_current_time(X509_get_notBefore(xs));
+			if (i == 0)
+				{
+				ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+				ctx->current_cert=xs;
+				ok=(*cb)(0,ctx);
+				if (!ok) goto end;
+				}
+			if (i > 0)
+				{
+				ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
+				ctx->current_cert=xs;
+				ok=(*cb)(0,ctx);
+				if (!ok) goto end;
+				}
+			xs->valid=1;
+			}
+
+		i=X509_cmp_current_time(X509_get_notAfter(xs));
+		if (i == 0)
+			{
+			ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+			ctx->current_cert=xs;
+			ok=(*cb)(0,ctx);
+			if (!ok) goto end;
+			}
+
+		if (i < 0)
+			{
+			ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
+			ctx->current_cert=xs;
+			ok=(*cb)(0,ctx);
+			if (!ok) goto end;
+			}
+
+		/* CRL CHECK */
+
+		/* The last error (if any) is still in the error value */
+		ctx->current_cert=xs;
+		ok=(*cb)(1,ctx);
+		if (!ok) goto end;
+
+		n--;
+		if (n >= 0)
+			{
+			xi=xs;
+			xs=(X509 *)sk_value(ctx->chain,n);
+			}
+		}
+	ok=1;
+end:
+	return(ok);
+	}
+
+int X509_cmp_current_time(ctm)
+ASN1_UTCTIME *ctm;
+	{
+	char *str;
+	ASN1_UTCTIME atm;
+	time_t offset;
+	char buff1[24],buff2[24],*p;
+	int i,j;
+
+	p=buff1;
+	i=ctm->length;
+	str=(char *)ctm->data;
+	if ((i < 11) || (i > 17)) return(0);
+	memcpy(p,str,10);
+	p+=10;
+	str+=10;
+
+	if ((*str == 'Z') || (*str == '-') || (*str == '+'))
+		{ *(p++)='0'; *(p++)='0'; }
+	else	{ *(p++)= *(str++); *(p++)= *(str++); }
+	*(p++)='Z';
+	*(p++)='\0';
+
+	if (*str == 'Z')
+		offset=0;
+	else
+		{
+		if ((*str != '+') && (str[5] != '-'))
+			return(0);
+		offset=((str[1]-'0')*10+(str[2]-'0'))*60;
+		offset+=(str[3]-'0')*10+(str[4]-'0');
+		if (*str == '-')
+			offset-=offset;
+		}
+	atm.type=V_ASN1_UTCTIME;
+	atm.length=sizeof(buff2);
+	atm.data=(unsigned char *)buff2;
+
+	X509_gmtime_adj(&atm,offset);
+
+	i=(buff1[0]-'0')*10+(buff1[1]-'0');
+	if (i < 70) i+=100;
+	j=(buff2[0]-'0')*10+(buff2[1]-'0');
+	if (j < 70) j+=100;
+
+	if (i < j) return (-1);
+	if (i > j) return (1);
+	i=strcmp(buff1,buff2);
+	if (i == 0) /* wait a second then return younger :-) */
+		return(-1);
+	else
+		return(i);
+	}
+
+ASN1_UTCTIME *X509_gmtime_adj(s, adj)
+ASN1_UTCTIME *s;
+long adj;
+	{
+	time_t t;
+
+	time(&t);
+	t+=adj;
+	return(ASN1_UTCTIME_set(s,t));
+	}
+
+int X509_get_pubkey_parameters(pkey,chain)
+EVP_PKEY *pkey;
+STACK *chain;
+	{
+	EVP_PKEY *ktmp=NULL,*ktmp2;
+	int i,j;
+
+	if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1);
+
+	for (i=0; i<sk_num(chain); i++)
+		{
+		ktmp=X509_get_pubkey((X509 *)sk_value(chain,i));
+		if (ktmp == NULL)
+			{
+			X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
+			return(0);
+			}
+		if (!EVP_PKEY_missing_parameters(ktmp))
+			break;
+		else
+			{
+			ktmp=NULL;
+			}
+		}
+	if (ktmp == NULL)
+		{
+		X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
+		return(0);
+		}
+
+	/* first, populate the other certs */
+	for (j=i-1; j >= 0; j--)
+		{
+		ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j));
+		EVP_PKEY_copy_parameters(ktmp2,ktmp);
+		}
+	
+	if (pkey != NULL)
+		EVP_PKEY_copy_parameters(pkey,ktmp);
+	return(1);
+	}
+
+EVP_PKEY *X509_get_pubkey(x)
+X509 *x;
+	{
+	return(X509_PUBKEY_get(x->cert_info->key));
+	}
+
+int X509_check_private_key(x,k)
+X509 *x;
+EVP_PKEY *k;
+	{
+	EVP_PKEY *xk=NULL;
+	int ok=0;
+
+	xk=X509_get_pubkey(x);
+	if (xk->type != k->type) goto err;
+	switch (k->type)
+		{
+#ifndef NO_RSA
+	case EVP_PKEY_RSA:
+		if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err;
+		if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err;
+		break;
+#endif
+#ifndef NO_DSA
+	case EVP_PKEY_DSA:
+		if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
+			goto err;
+		break;
+#endif
+#ifndef NO_DH
+	case EVP_PKEY_DH:
+		/* No idea */
+		goto err;
+#endif
+	default:
+		goto err;
+		}
+
+	ok=1;
+err:
+	return(ok);
+	}
+
+int X509_STORE_add_cert(ctx,x)
+X509_STORE *ctx;
+X509 *x;
+	{
+	X509_OBJECT *obj,*r;
+	int ret=1;
+
+	if (x == NULL) return(0);
+	obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT));
+	if (obj == NULL)
+		{
+		X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	obj->type=X509_LU_X509;
+	obj->data.x509=x;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+	X509_OBJECT_up_ref_count(obj);
+
+	r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj);
+	if (r != NULL)
+		{ /* oops, put it back */
+		lh_delete(ctx->certs,(char *)obj);
+		X509_OBJECT_free_contents(obj);
+		Free(obj);
+		lh_insert(ctx->certs,(char *)r);
+		X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE);
+		ret=0;
+		}
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+	return(ret);	
+	}
+
+
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
new file mode 100644
index 0000000000..b92e1ba432
--- /dev/null
+++ b/crypto/x509/x509_vfy.h
@@ -0,0 +1,341 @@
+/* crypto/x509/x509_vfy.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_VFY_H
+#define HEADER_X509_VFY_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Outer object */
+typedef struct x509_hash_dir_st
+	{
+	int num_dirs;
+	char **dirs;
+	int *dirs_type;
+	int num_dirs_alloced;
+	} X509_HASH_DIR_CTX;
+
+typedef struct x509_file_st
+	{
+	int num_paths;	/* number of paths to files or directories */
+	int num_alloced;
+	char **paths;	/* the list of paths or directories */
+	int *path_type;
+	} X509_CERT_FILE_CTX;
+
+/*******************************/
+/*
+SSL_CTX -> X509_STORE    
+		-> X509_LOOKUP
+			->X509_LOOKUP_METHOD
+		-> X509_LOOKUP
+			->X509_LOOKUP_METHOD
+ 
+SSL	-> X509_STORE_CTX
+		->X509_STORE    
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+#define X509_LU_RETRY		-1
+#define X509_LU_FAIL		0
+#define X509_LU_X509		1
+#define X509_LU_CRL		2
+#define X509_LU_PKEY		3
+
+typedef struct x509_object_st
+	{
+	/* one of the above types */
+	int type;
+	union	{
+		char *ptr;
+		X509 *x509;
+		X509_CRL *crl;
+		EVP_PKEY *pkey;
+		} data;
+	} X509_OBJECT;
+
+/* This is a static that defines the function interface */
+typedef struct x509_lookup_method_st
+	{
+	char *name;
+	int (*new_item)();
+	void (*free)();
+	int (*init)(/* meth, char ** */);
+	int (*shutdown)( /* meth, char ** */);
+	int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */);
+	int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */);
+	int (*get_by_issuer_serial)();
+	int (*get_by_fingerprint)();
+	int (*get_by_alias)();
+	} X509_LOOKUP_METHOD;
+
+/* This is used to hold everything.  It is used for all certificate
+ * validation.  Once we have a certificate chain, the 'verify'
+ * function is then called to actually check the cert chain. */
+typedef struct x509_store_st
+	{
+	/* The following is a cache of trusted certs */
+	int cache; 	/* if true, stash any hits */
+#ifdef HEADER_LHASH_H
+	LHASH *certs;	/* cached certs; */ 
+#else
+	char *certs;
+#endif
+
+	/* These are external lookup methods */
+	STACK *get_cert_methods;/* X509_LOOKUP */
+	int (*verify)();	/* called to verify a certificate */
+	int (*verify_cb)();	/* error callback */
+
+	char *app_data;
+	int references;
+	int depth;		/* how deep to look */
+	}  X509_STORE;
+
+#define X509_STORE_set_depth(ctx,depth)	((ctx)->depth=(depth))
+
+#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+#define X509_STORE_set_verify_func(ctx,func)	((ctx)->verify=(func))
+
+/* This is the functions plus an instance of the local variables. */
+typedef struct x509_lookup_st
+	{
+	int init;			/* have we been started */
+	int skip;			/* don't use us. */
+	X509_LOOKUP_METHOD *method;	/* the functions */
+	char *method_data;		/* method data */
+
+	X509_STORE *store_ctx;	/* who owns us */
+	} X509_LOOKUP;
+
+/* This is a temporary used when processing cert chains.  Since the
+ * gathering of the cert chain can take some time (and have to be
+ * 'retried', this needs to be kept and passed around. */
+typedef struct x509_store_state_st
+	{
+	X509_STORE *ctx;
+	int current_method;	/* used when looking up certs */
+
+	/* The following are set by the caller */
+	X509 *cert;		/* The cert to check */
+	STACK *untrusted;	/* chain of X509s - untrusted - passed in */
+
+	/* The following is built up */
+	int depth;		/* how far to go looking up certs */
+	int valid;		/* if 0, rebuild chain */
+	int last_untrusted;	/* index of last untrusted cert */
+	STACK *chain; 		/* chain of X509s - built up and trusted */
+
+	/* When something goes wrong, this is why */
+	int error_depth;
+	int error;
+	X509 *current_cert;
+
+	char *app_data;
+	} X509_STORE_CTX;
+
+#define X509_STORE_CTX_set_app_data(ctx,data)	((ctx)->app_data=(data))
+#define X509_STORE_CTX_get_app_data(ctx)	((ctx)->app_data)
+#define X509_STORE_CTX_get_error(ctx)		((ctx)->error)
+#define X509_STORE_CTX_set_error(ctx,s)		((ctx)->error=(s))
+#define X509_STORE_CTX_get_error_depth(ctx)	((ctx)->error_depth)
+#define X509_STORE_CTX_get_current_cert(ctx)	((ctx)->current_cert)
+#define X509_STORE_CTX_get_chain(ctx)		((ctx)->chain)
+
+#define X509_STORE_CTX_set_cert(c,ch)	((c)->cert=(ch))
+#define X509_STORE_CTX_set_chain(c,ch)	((c)->untrusted=(ch))
+
+#define X509_L_FILE_LOAD	1
+#define X509_L_ADD_DIR		2
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file();
+#define X509_LOOKUP_load_file(x,name,type) \
+		X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+X509_LOOKUP_METHOD *X509_LOOKUP_dir();
+#define X509_LOOKUP_add_dir(x,name,type) \
+		X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+#define		X509_V_OK					0
+
+#define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT		2
+#define		X509_V_ERR_UNABLE_TO_GET_CRL			3
+#define		X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE	4
+#define		X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE	5
+#define		X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY	6
+#define		X509_V_ERR_CERT_SIGNATURE_FAILURE		7
+#define		X509_V_ERR_CRL_SIGNATURE_FAILURE		8
+#define		X509_V_ERR_CERT_NOT_YET_VALID			9	
+#define		X509_V_ERR_CERT_HAS_EXPIRED			10
+#define		X509_V_ERR_CRL_NOT_YET_VALID			11
+#define		X509_V_ERR_CRL_HAS_EXPIRED			12
+#define		X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD	13
+#define		X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD	14
+#define		X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FILED	15
+#define		X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FILED	16
+#define		X509_V_ERR_OUT_OF_MEM				17
+#define		X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT		18
+#define		X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN		19
+#define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY	20
+#define		X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE	21
+#define		X509_V_ERR_CERT_CHAIN_TOO_LONG			22
+
+#ifndef NOPROTO
+#ifdef HEADER_LHASH_H
+X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name);
+#endif
+void X509_OBJECT_up_ref_count(X509_OBJECT *a);
+void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_STORE *X509_STORE_new(void );
+void X509_STORE_free(X509_STORE *v);
+
+void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+	X509 *x509, STACK *chain);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
+	X509_OBJECT *ret);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret);
+int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type);
+
+void X509v3_cleanup_extensions(void );
+int X509v3_add_extension(X509_EXTENSION_METHOD *x);
+int X509v3_add_netscape_extensions(void );
+int X509v3_add_standard_extensions(void );
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+	X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+	ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+	unsigned char *bytes, int len, X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
+	int len, X509_OBJECT *ret);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+int	X509_STORE_load_locations (X509_STORE *ctx,
+		char *file, char *dir);
+int	X509_STORE_set_default_paths(X509_STORE *ctx);
+
+#else
+
+#ifdef HEADER_LHASH_H
+X509_OBJECT *X509_OBJECT_retrive_by_subject();
+#endif
+void X509_OBJECT_up_ref_count();
+void X509_OBJECT_free_contents();
+X509_STORE *X509_STORE_new();
+void X509_STORE_free();
+
+void X509_STORE_CTX_init();
+void X509_STORE_CTX_cleanup();
+
+X509_LOOKUP *X509_STORE_add_lookup();
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir();
+X509_LOOKUP_METHOD *X509_LOOKUP_file();
+
+int X509_STORE_add_cert();
+
+int X509_STORE_get_by_subject();
+
+int X509_LOOKUP_ctrl();
+int X509_load_cert_file();
+
+void X509v3_cleanup_extensions();
+int X509v3_add_extension();
+int X509v3_add_netscape_extensions();
+int X509v3_add_standard_extensions();
+
+X509_LOOKUP *X509_LOOKUP_new();
+void X509_LOOKUP_free();
+int X509_LOOKUP_init();
+int X509_LOOKUP_by_subject();
+int X509_LOOKUP_by_issuer_serial();
+int X509_LOOKUP_by_fingerprint();
+int X509_LOOKUP_by_alias();
+int X509_LOOKUP_shutdown();
+
+int	X509_STORE_load_locations ();
+int	X509_STORE_set_default_paths();
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
new file mode 100644
index 0000000000..8223ec069d
--- /dev/null
+++ b/crypto/x509/x509name.c
@@ -0,0 +1,357 @@
+/* crypto/x509/x509name.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_NAME_get_text_by_NID(name,nid,buf,len)
+X509_NAME *name;
+int nid;
+char *buf;
+int len;
+	{
+	ASN1_OBJECT *obj;
+
+	obj=OBJ_nid2obj(nid);
+	if (obj == NULL) return(-1);
+	return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
+	}
+
+int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
+X509_NAME *name;
+ASN1_OBJECT *obj;
+char *buf;
+int len;
+	{
+	int i;
+	ASN1_STRING *data;
+
+	i=X509_NAME_get_index_by_OBJ(name,obj,-1);
+	if (i < 0) return(-1);
+	data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+	i=(data->length > (len-1))?(len-1):data->length;
+	if (buf == NULL) return(data->length);
+	memcpy(buf,data->data,i);
+	buf[i]='\0';
+	return(i);
+	}
+
+int X509_NAME_entry_count(name)
+X509_NAME *name;
+	{
+	if (name == NULL) return(0);
+	return(sk_num(name->entries));
+	}
+
+int X509_NAME_get_index_by_NID(name,nid,oldpos)
+X509_NAME *name;
+int nid;
+int oldpos;
+	{
+	ASN1_OBJECT *obj;
+
+	obj=OBJ_nid2obj(nid);
+	if (obj == NULL) return(-2);
+	return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
+	}
+
+int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
+X509_NAME *name;
+ASN1_OBJECT *obj;
+int oldpos;
+	{
+	int n;
+	X509_NAME_ENTRY *ne;
+	STACK *sk;
+
+	if (name == NULL) return(-1);
+	if (oldpos < 0)
+		oldpos= -1;
+	sk=name->entries;
+	n=sk_num(sk);
+	for (oldpos++; oldpos < n; oldpos++)
+		{
+		ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
+		if (OBJ_cmp(ne->object,obj) == 0)
+			return(oldpos);
+		}
+	return(-1);
+	}
+
+X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
+X509_NAME *name;
+int loc;
+	{
+	if (	(name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+		return(NULL);
+	else
+		return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
+	}
+
+X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
+X509_NAME *name;
+int loc;
+	{
+	X509_NAME_ENTRY *ret;
+	int i,j,n,set_prev,set_next;
+	STACK *sk;
+
+	if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+		return(NULL);
+	sk=name->entries;
+	ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
+	n=sk_num(sk);
+	name->modified=1;
+	if (loc == n) return(ret);
+
+	/* else we need to fixup the set field */
+	if (loc != 0)
+		set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+	else
+		set_prev=ret->set-1;
+	set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+
+	/* set_prev is the previous set
+	 * set is the current set
+	 * set_next is the following
+	 * prev  1 1	1 1	1 1	1 1
+	 * set   1	1	2	2
+	 * next  1 1	2 2	2 2	3 2
+	 * so basically only if prev and next differ by 2, then
+	 * re-number down by 1 */
+	if (set_prev+1 < set_next)
+		{
+		j=set_next-set_prev-1;
+		for (i=loc; i<n; i++)
+			((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
+		}
+	return(ret);
+	}
+
+/* if set is -1, append to previous set, 0 'a new one', and 1,
+ * prepend to the guy we are about to stomp on. */
+int X509_NAME_add_entry(name,ne,loc,set)
+X509_NAME *name;
+X509_NAME_ENTRY *ne;
+int loc;
+int set;
+	{
+	X509_NAME_ENTRY *new_name=NULL;
+	int n,i,inc;
+	STACK *sk;
+
+	if (name == NULL) return(0);
+	sk=name->entries;
+	n=sk_num(sk);
+	if (loc > n) loc=n;
+	else if (loc < 0) loc=n;
+
+	name->modified=1;
+
+	if (set == -1)
+		{
+		if (loc == 0)
+			{
+			set=0;
+			inc=1;
+			}
+		else
+			{
+			set=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+			inc=0;
+			}
+		}
+	else /* if (set >= 0) */
+		{
+		if (loc >= n)
+			{
+			if (loc != 0)
+				set=((X509_NAME_ENTRY *)
+					sk_value(sk,loc-1))->set+1;
+			else
+				set=0;
+			}
+		else
+			set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+		inc=(set == 0)?1:0;
+		}
+
+	if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
+		goto err;
+	new_name->set=set;
+	if (!sk_insert(sk,(char *)new_name,loc))
+		{
+		X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
+	if (inc)
+		{
+		n=sk_num(sk);
+		for (i=loc+1; i<n; i++)
+			((X509_NAME_ENTRY *)sk_value(sk,i-1))->set+=1;
+		}	
+	return(1);
+err:
+	if (new_name != NULL)
+		X509_NAME_ENTRY_free(ne);
+	return(0);
+	}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
+X509_NAME_ENTRY **ne;
+int nid;
+int type;
+unsigned char *bytes;
+int len;
+	{
+	ASN1_OBJECT *obj;
+
+	obj=OBJ_nid2obj(nid);
+	if (obj == NULL)
+		{
+		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+		return(NULL);
+		}
+	return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+	}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
+X509_NAME_ENTRY **ne;
+ASN1_OBJECT *obj;
+int type;
+unsigned char *bytes;
+int len;
+	{
+	X509_NAME_ENTRY *ret;
+
+	if ((ne == NULL) || (*ne == NULL))
+		{
+		if ((ret=X509_NAME_ENTRY_new()) == NULL)
+			return(NULL);
+		}
+	else
+		ret= *ne;
+
+	if (!X509_NAME_ENTRY_set_object(ret,obj))
+		goto err;
+	if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+		goto err;
+	
+	if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+	return(ret);
+err:
+	if ((ne == NULL) || (ret != *ne))
+		X509_NAME_ENTRY_free(ret);
+	return(NULL);
+	}
+
+int X509_NAME_ENTRY_set_object(ne,obj)
+X509_NAME_ENTRY *ne;
+ASN1_OBJECT *obj;
+	{
+	if ((ne == NULL) || (obj == NULL))
+		{
+		X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+		return(0);
+		}
+	ASN1_OBJECT_free(ne->object);
+	ne->object=OBJ_dup(obj);
+	return((ne->object == NULL)?0:1);
+	}
+
+int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
+X509_NAME_ENTRY *ne;
+int type;
+unsigned char *bytes;
+int len;
+	{
+	int i;
+
+	if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+	if (len < 0) len=strlen((char *)bytes);
+	i=ASN1_STRING_set(ne->value,bytes,len);
+	if (!i) return(0);
+	if (type != V_ASN1_UNDEF)
+		{
+		if (type == V_ASN1_APP_CHOOSE)
+			ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+		else
+			ne->value->type=type;
+		}
+	return(1);
+	}
+
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
+X509_NAME_ENTRY *ne;
+	{
+	if (ne == NULL) return(NULL);
+	return(ne->object);
+	}
+
+ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
+X509_NAME_ENTRY *ne;
+	{
+	if (ne == NULL) return(NULL);
+	return(ne->value);
+	}
+
diff --git a/crypto/x509/x509pack.c b/crypto/x509/x509pack.c
new file mode 100644
index 0000000000..949943fca5
--- /dev/null
+++ b/crypto/x509/x509pack.c
@@ -0,0 +1,157 @@
+/* crypto/x509/x509pack.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+ASN1_OCTET_STRING *X509v3_pack_string(ex,type,bytes,len)
+ASN1_OCTET_STRING **ex;
+int type;
+unsigned char *bytes;
+int len;
+	{
+	ASN1_OCTET_STRING *os;
+	ASN1_STRING str;
+	unsigned char *p;
+	int i;
+
+	if ((ex == NULL) || (*ex == NULL))
+		os=ASN1_OCTET_STRING_new();
+	else
+		os= *ex;
+
+	if (len < 0) len=strlen((char *)bytes);
+	str.length=len;
+	str.type=type;
+	str.data=bytes;
+
+	/* str now holds the data, we just have to copy it into ->value */
+
+	switch (type)
+		{
+	case V_ASN1_BIT_STRING:
+		i=i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,NULL);
+		if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
+			goto err;
+		p=(unsigned char *)os->data;
+		i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,&p);
+		break;
+	case V_ASN1_OCTET_STRING:
+		i=i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,NULL);
+		if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
+			goto err;
+		p=(unsigned char *)os->data;
+		i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,&p);
+		break;
+	case V_ASN1_IA5STRING:
+	case V_ASN1_PRINTABLESTRING:
+	case V_ASN1_T61STRING:
+		i=i2d_ASN1_bytes(&str,NULL,type,V_ASN1_UNIVERSAL);
+		if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
+			goto err;
+		p=(unsigned char *)os->data;
+		i=i2d_ASN1_bytes(&str,&p,type,V_ASN1_UNIVERSAL);
+		break;
+	default:
+		X509err(X509_F_X509V3_PACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
+		goto err;
+		}
+	os->length=i;
+
+	if ((ex != NULL) && (os != *ex))
+		*ex=os;
+	return(os);
+err:
+	return(NULL);
+	}
+
+ASN1_STRING *X509v3_unpack_string(ex,type,os)
+ASN1_STRING **ex;
+int type;
+ASN1_OCTET_STRING *os;
+	{
+	unsigned char *p;
+	ASN1_STRING *ret=NULL;
+
+	p=os->data;
+	switch (type)
+		{
+	case V_ASN1_BIT_STRING:
+		ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
+			(ASN1_BIT_STRING **)ex,&p,os->length);
+		break;
+	case V_ASN1_OCTET_STRING:
+		ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
+			(ASN1_BIT_STRING **)ex,&p,os->length);
+		break;
+	case V_ASN1_IA5STRING:
+	case V_ASN1_PRINTABLESTRING:
+	case V_ASN1_T61STRING:
+		ret=(ASN1_STRING *)d2i_ASN1_PRINTABLE(ex,&p,os->length);
+		break;
+	default:
+		X509err(X509_F_X509V3_UNPACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
+		}
+	return(ret);
+	}
+
diff --git a/crypto/x509/x509rset.c b/crypto/x509/x509rset.c
new file mode 100644
index 0000000000..2ff456f2ee
--- /dev/null
+++ b/crypto/x509/x509rset.c
@@ -0,0 +1,89 @@
+/* crypto/x509/x509rset.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_REQ_set_version(x,version)
+X509_REQ *x;
+long version;
+	{
+	if (x == NULL) return(0);
+	return(ASN1_INTEGER_set(x->req_info->version,version));
+	}
+
+int X509_REQ_set_subject_name(x,name)
+X509_REQ *x;
+X509_NAME *name;
+	{
+	if ((x == NULL) || (x->req_info == NULL)) return(0);
+	return(X509_NAME_set(&x->req_info->subject,name));
+	}
+
+int X509_REQ_set_pubkey(x,pkey)
+X509_REQ *x;
+EVP_PKEY *pkey;
+	{
+	if ((x == NULL) || (x->req_info == NULL)) return(0);
+	return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
+	}
+
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
new file mode 100644
index 0000000000..05d6919d6a
--- /dev/null
+++ b/crypto/x509/x509type.c
@@ -0,0 +1,115 @@
+/* crypto/x509/x509type.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int X509_certificate_type(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+	{
+	EVP_PKEY *pk;
+	int ret=0,i;
+
+	if (x == NULL) return(0);
+
+	if (pkey == NULL)
+		pk=X509_get_pubkey(x);
+	else
+		pk=pkey;
+
+	if (pk == NULL) return(0);
+
+	switch (pk->type)
+		{
+	case EVP_PKEY_RSA:
+		ret=EVP_PK_RSA|EVP_PKT_SIGN;
+/*		if (!sign only extension) */
+			ret|=EVP_PKT_ENC;
+	break;
+	case EVP_PKEY_DSA:
+		ret=EVP_PK_DSA|EVP_PKT_SIGN;
+		break;
+	case EVP_PKEY_DH:
+		ret=EVP_PK_DH|EVP_PKT_EXCH;
+		break;
+	default:
+		break;
+		}
+
+	i=X509_get_signature_type(x);
+	switch (i)
+		{
+	case EVP_PKEY_RSA:
+		ret|=EVP_PKS_RSA;
+		break;
+	case EVP_PKS_DSA:
+		ret|=EVP_PKS_DSA;
+		break;
+	default:
+		break;
+		}
+
+	if (EVP_PKEY_size(pkey) <= 512)
+		ret|=EVP_PKT_EXP;
+	return(ret);
+	}
+
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
new file mode 100644
index 0000000000..2f554f597b
--- /dev/null
+++ b/crypto/x509/x_all.c
@@ -0,0 +1,465 @@
+/* crypto/x509/x_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SSLEAY_MACROS
+#include "stack.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_verify(a,r)
+X509 *a;
+EVP_PKEY *r;
+	{
+	return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
+		a->signature,(char *)a->cert_info,r));
+	}
+
+int X509_REQ_verify(a,r)
+X509_REQ *a;
+EVP_PKEY *r;
+	{
+	return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
+		a->sig_alg,a->signature,(char *)a->req_info,r));
+	}
+
+int X509_CRL_verify(a,r)
+X509_CRL *a;
+EVP_PKEY *r;
+	{
+	return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
+		a->sig_alg, a->signature,(char *)a->crl,r));
+	}
+
+int NETSCAPE_SPKI_verify(a,r)
+NETSCAPE_SPKI *a;
+EVP_PKEY *r;
+	{
+	return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
+		a->sig_algor,a->signature, (char *)a->spkac,r));
+	}
+
+int X509_sign(x,pkey,md)
+X509 *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+	{
+	return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
+		x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
+	}
+
+int X509_REQ_sign(x,pkey,md)
+X509_REQ *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+	{
+	return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
+		x->signature, (char *)x->req_info,pkey,md));
+	}
+
+int X509_CRL_sign(x,pkey,md)
+X509_CRL *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+	{
+	return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
+		x->sig_alg, x->signature, (char *)x->crl,pkey,md));
+	}
+
+int NETSCAPE_SPKI_sign(x,pkey,md)
+NETSCAPE_SPKI *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+	{
+	return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
+		x->signature, (char *)x->spkac,pkey,md));
+	}
+
+X509 *X509_dup(x509)
+X509 *x509;
+	{
+	return((X509 *)ASN1_dup((int (*)())i2d_X509,
+		(char *(*)())d2i_X509,(char *)x509));
+	}
+
+X509_EXTENSION *X509_EXTENSION_dup(ex)
+X509_EXTENSION *ex;
+	{
+	return((X509_EXTENSION *)ASN1_dup(
+		(int (*)())i2d_X509_EXTENSION,
+		(char *(*)())d2i_X509_EXTENSION,(char *)ex));
+	}
+
+#ifndef WIN16
+X509 *d2i_X509_fp(fp,x509)
+FILE *fp;
+X509 *x509;
+	{
+	return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
+		(char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
+	}
+
+int i2d_X509_fp(fp,x509)
+FILE *fp;
+X509 *x509;
+	{
+	return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509));
+	}
+#endif
+
+X509 *d2i_X509_bio(bp,x509)
+BIO *bp;
+X509 *x509;
+	{
+	return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
+		(char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
+	}
+
+int i2d_X509_bio(bp,x509)
+BIO *bp;
+X509 *x509;
+	{
+	return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509));
+	}
+
+X509_CRL *X509_CRL_dup(crl)
+X509_CRL *crl;
+	{
+	return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL,
+		(char *(*)())d2i_X509_CRL,(char *)crl));
+	}
+
+#ifndef WIN16
+X509_CRL *d2i_X509_CRL_fp(fp,crl)
+FILE *fp;
+X509_CRL *crl;
+	{
+	return((X509_CRL *)ASN1_d2i_fp((char *(*)())
+		X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
+		(unsigned char **)(crl)));
+	}
+
+int i2d_X509_CRL_fp(fp,crl)
+FILE *fp;
+X509_CRL *crl;
+	{
+	return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl));
+	}
+#endif
+
+X509_CRL *d2i_X509_CRL_bio(bp,crl)
+BIO *bp;
+X509_CRL *crl;
+	{
+	return((X509_CRL *)ASN1_d2i_bio((char *(*)())
+		X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
+		(unsigned char **)(crl)));
+	}
+
+int i2d_X509_CRL_bio(bp,crl)
+BIO *bp;
+X509_CRL *crl;
+	{
+	return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl));
+	}
+
+PKCS7 *PKCS7_dup(p7)
+PKCS7 *p7;
+	{
+	return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7,
+		(char *(*)())d2i_PKCS7,(char *)p7));
+	}
+
+#ifndef WIN16
+PKCS7 *d2i_PKCS7_fp(fp,p7)
+FILE *fp;
+PKCS7 *p7;
+	{
+	return((PKCS7 *)ASN1_d2i_fp((char *(*)())
+		PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
+		(unsigned char **)(p7)));
+	}
+
+int i2d_PKCS7_fp(fp,p7)
+FILE *fp;
+PKCS7 *p7;
+	{
+	return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7));
+	}
+#endif
+
+PKCS7 *d2i_PKCS7_bio(bp,p7)
+BIO *bp;
+PKCS7 *p7;
+	{
+	return((PKCS7 *)ASN1_d2i_bio((char *(*)())
+		PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
+		(unsigned char **)(p7)));
+	}
+
+int i2d_PKCS7_bio(bp,p7)
+BIO *bp;
+PKCS7 *p7;
+	{
+	return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7));
+	}
+
+X509_REQ *X509_REQ_dup(req)
+X509_REQ *req;
+	{
+	return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ,
+		(char *(*)())d2i_X509_REQ,(char *)req));
+	}
+
+#ifndef WIN16
+X509_REQ *d2i_X509_REQ_fp(fp,req)
+FILE *fp;
+X509_REQ *req;
+	{
+	return((X509_REQ *)ASN1_d2i_fp((char *(*)())
+		X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
+		(unsigned char **)(req)));
+	}
+
+int i2d_X509_REQ_fp(fp,req)
+FILE *fp;
+X509_REQ *req;
+	{
+	return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req));
+	}
+#endif
+
+X509_REQ *d2i_X509_REQ_bio(bp,req)
+BIO *bp;
+X509_REQ *req;
+	{
+	return((X509_REQ *)ASN1_d2i_bio((char *(*)())
+		X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
+		(unsigned char **)(req)));
+	}
+
+int i2d_X509_REQ_bio(bp,req)
+BIO *bp;
+X509_REQ *req;
+	{
+	return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req));
+	}
+
+#ifndef NO_RSA
+RSA *RSAPublicKey_dup(rsa)
+RSA *rsa;
+	{
+	return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey,
+		(char *(*)())d2i_RSAPublicKey,(char *)rsa));
+	}
+
+RSA *RSAPrivateKey_dup(rsa)
+RSA *rsa;
+	{
+	return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey,
+		(char *(*)())d2i_RSAPrivateKey,(char *)rsa));
+	}
+
+#ifndef WIN16
+RSA *d2i_RSAPrivateKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+	{
+	return((RSA *)ASN1_d2i_fp((char *(*)())
+		RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
+		(unsigned char **)(rsa)));
+	}
+
+int i2d_RSAPrivateKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+	{
+	return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
+	}
+
+RSA *d2i_RSAPublicKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+	{
+	return((RSA *)ASN1_d2i_fp((char *(*)())
+		RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
+		(unsigned char **)(rsa)));
+	}
+
+int i2d_RSAPublicKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+	{
+	return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa));
+	}
+#endif
+
+RSA *d2i_RSAPrivateKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+	{
+	return((RSA *)ASN1_d2i_bio((char *(*)())
+		RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
+		(unsigned char **)(rsa)));
+	}
+
+int i2d_RSAPrivateKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+	{
+	return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
+	}
+
+RSA *d2i_RSAPublicKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+	{
+	return((RSA *)ASN1_d2i_bio((char *(*)())
+		RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
+		(unsigned char **)(rsa)));
+	}
+
+int i2d_RSAPublicKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+	{
+	return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa));
+	}
+#endif
+
+#ifndef NO_DSA
+#ifndef WIN16
+DSA *d2i_DSAPrivateKey_fp(fp,dsa)
+FILE *fp;
+DSA *dsa;
+	{
+	return((DSA *)ASN1_d2i_fp((char *(*)())
+		DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
+		(unsigned char **)(dsa)));
+	}
+
+int i2d_DSAPrivateKey_fp(fp,dsa)
+FILE *fp;
+DSA *dsa;
+	{
+	return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
+	}
+#endif
+
+DSA *d2i_DSAPrivateKey_bio(bp,dsa)
+BIO *bp;
+DSA *dsa;
+	{
+	return((DSA *)ASN1_d2i_bio((char *(*)())
+		DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
+		(unsigned char **)(dsa)));
+	}
+
+int i2d_DSAPrivateKey_bio(bp,dsa)
+BIO *bp;
+DSA *dsa;
+	{
+	return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
+	}
+#endif
+
+X509_NAME *X509_NAME_dup(xn)
+X509_NAME *xn;
+	{
+	return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME,
+		(char *(*)())d2i_X509_NAME,(char *)xn));
+	}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(ne)
+X509_NAME_ENTRY *ne;
+	{
+	return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY,
+		(char *(*)())d2i_X509_NAME_ENTRY,(char *)ne));
+	}
+
+int X509_digest(data,type,md,len)
+X509 *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+	{
+	return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
+	}
+
+int X509_NAME_digest(data,type,md,len)
+X509_NAME *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+	{
+	return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
+	}
+
+int PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len)
+PKCS7_ISSUER_AND_SERIAL *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+	{
+	return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
+		(char *)data,md,len));
+	}
+