This commit was manufactured by cvs2git to create branch 'openssl'.

158 files changed, 41919 insertions, 0 deletions

diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c
new file mode 100644
index 0000000000..226474f057
--- /dev/null
+++ b/src/lib/libcrypto/asn1/a_gentm.c
@@ -0,0 +1,224 @@
+/* crypto/asn1/a_gentm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
+        {
+#ifdef CHARSET_EBCDIC
+        /* KLUDGE! We convert to ascii before writing DER */
+        int len;
+        char tmp[24];
+        ASN1_STRING tmpstr = *(ASN1_STRING *)a;
+
+        len = tmpstr.length;
+        ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
+        tmpstr.data = tmp;
+
+        a = (ASN1_GENERALIZEDTIME *) &tmpstr;
+#endif
+        return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+                V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL));
+        }
+
+
+ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
+             unsigned char **pp, long length)
+        {
+        ASN1_GENERALIZEDTIME *ret=NULL;
+
+        ret=(ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
+                V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL);
+        if (ret == NULL)
+                {
+                ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ERR_R_NESTED_ASN1_ERROR);
+                return(NULL);
+                }
+#ifdef CHARSET_EBCDIC
+        ascii2ebcdic(ret->data, ret->data, ret->length);
+#endif
+        if (!ASN1_GENERALIZEDTIME_check(ret))
+                {
+                ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ASN1_R_INVALID_TIME_FORMAT);
+                goto err;
+                }
+
+        return(ret);
+err:
+        if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+                ASN1_GENERALIZEDTIME_free(ret);
+        return(NULL);
+        }
+
+int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
+        {
+        static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
+        static int max[9]={99, 99,12,31,23,59,59,12,59};
+        char *a;
+        int n,i,l,o;
+
+        if (d->type != V_ASN1_GENERALIZEDTIME) return(0);
+        l=d->length;
+        a=(char *)d->data;
+        o=0;
+        /* GENERALIZEDTIME is similar to UTCTIME except the year is
+         * represented as YYYY. This stuff treats everything as a two digit
+         * field so make first two fields 00 to 99
+         */
+        if (l < 13) goto err;
+        for (i=0; i<7; i++)
+                {
+                if ((i == 6) && ((a[o] == 'Z') ||
+                        (a[o] == '+') || (a[o] == '-')))
+                        { i++; break; }
+                if ((a[o] < '0') || (a[o] > '9')) goto err;
+                n= a[o]-'0';
+                if (++o > l) goto err;
+
+                if ((a[o] < '0') || (a[o] > '9')) goto err;
+                n=(n*10)+ a[o]-'0';
+                if (++o > l) goto err;
+
+                if ((n < min[i]) || (n > max[i])) goto err;
+                }
+        if (a[o] == 'Z')
+                o++;
+        else if ((a[o] == '+') || (a[o] == '-'))
+                {
+                o++;
+                if (o+4 > l) goto err;
+                for (i=7; i<9; i++)
+                        {
+                        if ((a[o] < '0') || (a[o] > '9')) goto err;
+                        n= a[o]-'0';
+                        o++;
+                        if ((a[o] < '0') || (a[o] > '9')) goto err;
+                        n=(n*10)+ a[o]-'0';
+                        if ((n < min[i]) || (n > max[i])) goto err;
+                        o++;
+                        }
+                }
+        return(o == l);
+err:
+        return(0);
+        }
+
+int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str)
+        {
+        ASN1_GENERALIZEDTIME t;
+
+        t.type=V_ASN1_GENERALIZEDTIME;
+        t.length=strlen(str);
+        t.data=(unsigned char *)str;
+        if (ASN1_GENERALIZEDTIME_check(&t))
+                {
+                if (s != NULL)
+                        {
+                        ASN1_STRING_set((ASN1_STRING *)s,
+                                (unsigned char *)str,t.length);
+                        }
+                return(1);
+                }
+        else
+                return(0);
+        }
+
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+             time_t t)
+        {
+        char *p;
+        struct tm *ts;
+#if defined(THREADS) && !defined(WIN32)
+        struct tm data;
+#endif
+
+        if (s == NULL)
+                s=ASN1_GENERALIZEDTIME_new();
+        if (s == NULL)
+                return(NULL);
+
+#if defined(THREADS) && !defined(WIN32)
+        gmtime_r(&t,&data); /* should return &data, but doesn't on some systems, so we don't even look at the return value */
+        ts=&data;
+#else
+        ts=gmtime(&t);
+#endif
+        p=(char *)s->data;
+        if ((p == NULL) || (s->length < 16))
+                {
+                p=Malloc(20);
+                if (p == NULL) return(NULL);
+                if (s->data != NULL)
+                        Free(s->data);
+                s->data=(unsigned char *)p;
+                }
+
+        sprintf(p,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
+                ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+        s->length=strlen(p);
+        s->type=V_ASN1_GENERALIZEDTIME;
+#ifdef CHARSET_EBCDIC_not
+        ebcdic2ascii(s->data, s->data, s->length);
+#endif
+        return(s);
+        }
diff --git a/src/lib/libcrypto/asn1/p8_key.c b/src/lib/libcrypto/asn1/p8_key.c
new file mode 100644
index 0000000000..0b24374627
--- /dev/null
+++ b/src/lib/libcrypto/asn1/p8_key.c
@@ -0,0 +1,131 @@
+/* crypto/asn1/p8_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1_mac.h>
+#include <openssl/objects.h>
+
+int i2d_X509_KEY(X509 *a, unsigned char **pp)
+        {
+        M_ASN1_I2D_vars(a);
+
+        M_ASN1_I2D_len(a->cert_info,    i2d_X509_CINF);
+        M_ASN1_I2D_len(a->sig_alg,      i2d_X509_ALGOR);
+        M_ASN1_I2D_len(a->signature,    i2d_ASN1_BIT_STRING);
+
+        M_ASN1_I2D_seq_total();
+
+        M_ASN1_I2D_put(a->cert_info,    i2d_X509_CINF);
+        M_ASN1_I2D_put(a->sig_alg,      i2d_X509_ALGOR);
+        M_ASN1_I2D_put(a->signature,    i2d_ASN1_BIT_STRING);
+
+        M_ASN1_I2D_finish();
+        }
+
+X509 *d2i_X509_KEY(X509 **a, unsigned char **pp, long length)
+        {
+        M_ASN1_D2I_vars(a,X509 *,X509_new);
+
+        M_ASN1_D2I_Init();
+        M_ASN1_D2I_start_sequence();
+        M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
+        M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+        M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+        M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
+        }
+
+X509 *X509_KEY_new(void)
+        {
+        X509_KEY *ret=NULL;
+
+        M_ASN1_New_Malloc(ret,X509_KEY);
+        ret->references=1;
+        ret->type=NID
+        M_ASN1_New(ret->cert_info,X509_CINF_new);
+        M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+        M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+        return(ret);
+        M_ASN1_New_Error(ASN1_F_X509_NEW);
+        }
+
+void X509_KEY_free(X509 *a)
+        {
+        int i;
+
+        if (a == NULL) return;
+
+        i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
+#ifdef REF_PRINT
+        REF_PRINT("X509_KEY",a);
+#endif
+        if (i > 0) return;
+#ifdef REF_CHECK
+        if (i < 0)
+                {
+                fprintf(stderr,"X509_KEY_free, bad reference count\n");
+                abort();
+                }
+#endif
+
+        X509_CINF_free(a->cert_info);
+        X509_ALGOR_free(a->sig_alg);
+        ASN1_BIT_STRING_free(a->signature);
+        Free(a);
+        }
+
diff --git a/src/lib/libcrypto/bn/asm/alpha.s.works b/src/lib/libcrypto/bn/asm/alpha.s.works
new file mode 100644
index 0000000000..ee6c587809
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.s.works
@@ -0,0 +1,533 @@
+
+ # DEC Alpha assember
+ # The bn_div64 is actually gcc output but the other parts are hand done.
+ # Thanks to tzeruch@ceddec.com for sending me the gcc output for
+ # bn_div64.
+ # I've gone back and re-done most of routines.
+ # The key thing to remeber for the 164 CPU is that while a
+ # multiply operation takes 8 cycles, another one can only be issued
+ # after 4 cycles have elapsed.  I've done modification to help
+ # improve this.  Also, normally, a ld instruction will not be available
+ # for about 3 cycles.
+        .file   1 "bn_asm.c"
+        .set noat
+gcc2_compiled.:
+__gnu_compiled_c:
+        .text
+        .align 3
+        .globl bn_mul_add_words
+        .ent bn_mul_add_words
+bn_mul_add_words:
+bn_mul_add_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+        .align 5
+        subq    $18,4,$18
+        bis     $31,$31,$0
+        blt     $18,$43         # if we are -1, -2, -3 or -4 goto tail code
+        ldq     $20,0($17)      # 1 1
+        ldq     $1,0($16)       # 1 1
+        .align 3
+$42:
+        mulq    $20,$19,$5      # 1 2 1 ######
+        ldq     $21,8($17)      # 2 1
+        ldq     $2,8($16)       # 2 1
+        umulh   $20,$19,$20     # 1 2   ######
+        ldq     $27,16($17)     # 3 1
+        ldq     $3,16($16)      # 3 1
+        mulq    $21,$19,$6      # 2 2 1 ######
+         ldq    $28,24($17)     # 4 1
+        addq    $1,$5,$1        # 1 2 2
+         ldq    $4,24($16)      # 4 1
+        umulh   $21,$19,$21     # 2 2   ######
+         cmpult $1,$5,$22       # 1 2 3 1
+        addq    $20,$22,$20     # 1 3 1
+         addq   $1,$0,$1        # 1 2 3 1
+        mulq    $27,$19,$7      # 3 2 1 ######
+         cmpult $1,$0,$0        # 1 2 3 2
+        addq    $2,$6,$2        # 2 2 2
+         addq   $20,$0,$0       # 1 3 2 
+        cmpult  $2,$6,$23       # 2 2 3 1
+         addq   $21,$23,$21     # 2 3 1
+        umulh   $27,$19,$27     # 3 2   ######
+         addq   $2,$0,$2        # 2 2 3 1
+        cmpult  $2,$0,$0        # 2 2 3 2
+         subq   $18,4,$18
+        mulq    $28,$19,$8      # 4 2 1 ######
+         addq   $21,$0,$0       # 2 3 2 
+        addq    $3,$7,$3        # 3 2 2
+         addq   $16,32,$16
+        cmpult  $3,$7,$24       # 3 2 3 1
+         stq    $1,-32($16)     # 1 2 4
+        umulh   $28,$19,$28     # 4 2   ######
+         addq   $27,$24,$27     # 3 3 1
+        addq    $3,$0,$3        # 3 2 3 1
+         stq    $2,-24($16)     # 2 2 4
+        cmpult  $3,$0,$0        # 3 2 3 2
+         stq    $3,-16($16)     # 3 2 4
+        addq    $4,$8,$4        # 4 2 2
+         addq   $27,$0,$0       # 3 3 2 
+        cmpult  $4,$8,$25       # 4 2 3 1
+         addq   $17,32,$17
+        addq    $28,$25,$28     # 4 3 1
+         addq   $4,$0,$4        # 4 2 3 1
+        cmpult  $4,$0,$0        # 4 2 3 2
+         stq    $4,-8($16)      # 4 2 4
+        addq    $28,$0,$0       # 4 3 2 
+         blt    $18,$43
+
+        ldq     $20,0($17)      # 1 1
+        ldq     $1,0($16)       # 1 1
+
+        br      $42
+
+        .align 4
+$45:
+        ldq     $20,0($17)      # 4 1
+        ldq     $1,0($16)       # 4 1
+        mulq    $20,$19,$5      # 4 2 1
+        subq    $18,1,$18
+        addq    $16,8,$16
+        addq    $17,8,$17
+        umulh   $20,$19,$20     # 4 2
+        addq    $1,$5,$1        # 4 2 2
+        cmpult  $1,$5,$22       # 4 2 3 1
+        addq    $20,$22,$20     # 4 3 1
+        addq    $1,$0,$1        # 4 2 3 1
+        cmpult  $1,$0,$0        # 4 2 3 2
+        addq    $20,$0,$0       # 4 3 2 
+        stq     $1,-8($16)      # 4 2 4
+        bgt     $18,$45
+        ret     $31,($26),1     # else exit
+
+        .align 4
+$43:
+        addq    $18,4,$18
+        bgt     $18,$45         # goto tail code
+        ret     $31,($26),1     # else exit
+
+        .end bn_mul_add_words
+        .align 3
+        .globl bn_mul_words
+        .ent bn_mul_words
+bn_mul_words:
+bn_mul_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+        .align 5
+        subq    $18,4,$18
+        bis     $31,$31,$0
+        blt     $18,$143        # if we are -1, -2, -3 or -4 goto tail code
+        ldq     $20,0($17)      # 1 1
+        .align 3
+$142:
+
+        mulq    $20,$19,$5      # 1 2 1 #####
+         ldq    $21,8($17)      # 2 1
+         ldq    $27,16($17)     # 3 1
+        umulh   $20,$19,$20     # 1 2   #####
+         ldq    $28,24($17)     # 4 1
+        mulq    $21,$19,$6      # 2 2 1 #####
+         addq   $5,$0,$5        # 1 2 3 1
+        subq    $18,4,$18
+         cmpult $5,$0,$0        # 1 2 3 2
+        umulh   $21,$19,$21     # 2 2   #####
+         addq   $20,$0,$0       # 1 3 2 
+        addq    $17,32,$17
+         addq   $6,$0,$6        # 2 2 3 1
+        mulq    $27,$19,$7      # 3 2 1 #####
+         cmpult $6,$0,$0        # 2 2 3 2
+        addq    $21,$0,$0       # 2 3 2 
+         addq   $16,32,$16
+        umulh   $27,$19,$27     # 3 2   #####
+         stq    $5,-32($16)     # 1 2 4
+        mulq    $28,$19,$8      # 4 2 1 #####
+         addq   $7,$0,$7        # 3 2 3 1
+        stq     $6,-24($16)     # 2 2 4
+         cmpult $7,$0,$0        # 3 2 3 2
+        umulh   $28,$19,$28     # 4 2   #####
+         addq   $27,$0,$0       # 3 3 2 
+        stq     $7,-16($16)     # 3 2 4
+         addq   $8,$0,$8        # 4 2 3 1
+        cmpult  $8,$0,$0        # 4 2 3 2
+
+        addq    $28,$0,$0       # 4 3 2 
+
+        stq     $8,-8($16)      # 4 2 4
+
+        blt     $18,$143
+
+        ldq     $20,0($17)      # 1 1
+
+        br      $142
+
+        .align 4
+$145:
+        ldq     $20,0($17)      # 4 1
+        mulq    $20,$19,$5      # 4 2 1
+        subq    $18,1,$18
+        umulh   $20,$19,$20     # 4 2
+        addq    $5,$0,$5        # 4 2 3 1
+         addq   $16,8,$16
+        cmpult  $5,$0,$0        # 4 2 3 2
+         addq   $17,8,$17
+        addq    $20,$0,$0       # 4 3 2 
+        stq     $5,-8($16)      # 4 2 4
+
+        bgt     $18,$145
+        ret     $31,($26),1     # else exit
+
+        .align 4
+$143:
+        addq    $18,4,$18
+        bgt     $18,$145        # goto tail code
+        ret     $31,($26),1     # else exit
+
+        .end bn_mul_words
+        .align 3
+        .globl bn_sqr_words
+        .ent bn_sqr_words
+bn_sqr_words:
+bn_sqr_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+
+        subq    $18,4,$18
+        blt     $18,$543        # if we are -1, -2, -3 or -4 goto tail code
+        ldq     $20,0($17)      # 1 1
+        .align 3
+$542:
+        mulq    $20,$20,$5              ######
+         ldq    $21,8($17)      # 1 1
+        subq    $18,4
+        umulh   $20,$20,$1              ######
+        ldq     $27,16($17)     # 1 1
+        mulq    $21,$21,$6              ######
+        ldq     $28,24($17)     # 1 1
+        stq     $5,0($16)       # r[0]
+        umulh   $21,$21,$2              ######
+        stq     $1,8($16)       # r[1]
+        mulq    $27,$27,$7              ######
+        stq     $6,16($16)      # r[0]
+        umulh   $27,$27,$3              ######
+        stq     $2,24($16)      # r[1]
+        mulq    $28,$28,$8              ######
+        stq     $7,32($16)      # r[0]
+        umulh   $28,$28,$4              ######
+        stq     $3,40($16)      # r[1]
+
+        addq    $16,64,$16
+        addq    $17,32,$17
+        stq     $8,-16($16)     # r[0]
+        stq     $4,-8($16)      # r[1]
+
+        blt     $18,$543
+        ldq     $20,0($17)      # 1 1
+        br      $542
+
+$442:
+        ldq     $20,0($17)   # a[0]
+        mulq    $20,$20,$5  # a[0]*w low part       r2
+        addq    $16,16,$16
+        addq    $17,8,$17
+        subq    $18,1,$18
+        umulh   $20,$20,$1  # a[0]*w high part       r3
+        stq     $5,-16($16)   # r[0]
+        stq     $1,-8($16)   # r[1]
+
+        bgt     $18,$442
+        ret     $31,($26),1     # else exit
+
+        .align 4
+$543:
+        addq    $18,4,$18
+        bgt     $18,$442        # goto tail code
+        ret     $31,($26),1     # else exit
+        .end bn_sqr_words
+
+        .align 3
+        .globl bn_add_words
+        .ent bn_add_words
+bn_add_words:
+bn_add_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+
+        subq    $19,4,$19
+        bis     $31,$31,$0      # carry = 0
+        blt     $19,$900
+        ldq     $5,0($17)       # a[0]
+        ldq     $1,0($18)       # b[1]
+        .align 3
+$901:
+        addq    $1,$5,$1        # r=a+b;
+         ldq    $6,8($17)       # a[1]
+        cmpult  $1,$5,$22       # did we overflow?
+         ldq    $2,8($18)       # b[1]
+        addq    $1,$0,$1        # c+= overflow
+         ldq    $7,16($17)      # a[2]
+        cmpult  $1,$0,$0        # overflow?
+         ldq    $3,16($18)      # b[2]
+        addq    $0,$22,$0
+         ldq    $8,24($17)      # a[3]
+        addq    $2,$6,$2        # r=a+b;
+         ldq    $4,24($18)      # b[3]
+        cmpult  $2,$6,$23       # did we overflow?
+         addq   $3,$7,$3        # r=a+b;
+        addq    $2,$0,$2        # c+= overflow
+         cmpult $3,$7,$24       # did we overflow?
+        cmpult  $2,$0,$0        # overflow?
+         addq   $4,$8,$4        # r=a+b;
+        addq    $0,$23,$0
+         cmpult $4,$8,$25       # did we overflow?
+        addq    $3,$0,$3        # c+= overflow
+         stq    $1,0($16)       # r[0]=c
+        cmpult  $3,$0,$0        # overflow?
+         stq    $2,8($16)       # r[1]=c
+        addq    $0,$24,$0
+         stq    $3,16($16)      # r[2]=c
+        addq    $4,$0,$4        # c+= overflow
+         subq   $19,4,$19       # loop--
+        cmpult  $4,$0,$0        # overflow?
+         addq   $17,32,$17      # a++
+        addq    $0,$25,$0
+         stq    $4,24($16)      # r[3]=c
+        addq    $18,32,$18      # b++
+         addq   $16,32,$16      # r++
+
+        blt     $19,$900
+         ldq    $5,0($17)       # a[0]
+        ldq     $1,0($18)       # b[1]
+         br     $901
+        .align 4
+$945:
+        ldq     $5,0($17)       # a[0]
+         ldq    $1,0($18)       # b[1]
+        addq    $1,$5,$1        # r=a+b;
+         subq   $19,1,$19       # loop--
+        addq    $1,$0,$1        # c+= overflow
+         addq   $17,8,$17       # a++
+        cmpult  $1,$5,$22       # did we overflow?
+         cmpult $1,$0,$0        # overflow?
+        addq    $18,8,$18       # b++
+         stq    $1,0($16)       # r[0]=c
+        addq    $0,$22,$0
+         addq   $16,8,$16       # r++
+
+        bgt     $19,$945
+        ret     $31,($26),1     # else exit
+
+$900:
+        addq    $19,4,$19
+        bgt     $19,$945        # goto tail code
+        ret     $31,($26),1     # else exit
+        .end bn_add_words
+
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+        .align 3
+        .globl bn_div64
+        .ent bn_div64
+bn_div64:
+        ldgp $29,0($27)
+bn_div64..ng:
+        lda $30,-48($30)
+        .frame $30,48,$26,0
+        stq $26,0($30)
+        stq $9,8($30)
+        stq $10,16($30)
+        stq $11,24($30)
+        stq $12,32($30)
+        stq $13,40($30)
+        .mask 0x4003e00,-48
+        .prologue 1
+        bis $16,$16,$9
+        bis $17,$17,$10
+        bis $18,$18,$11
+        bis $31,$31,$13
+        bis $31,2,$12
+        bne $11,$119
+        lda $0,-1
+        br $31,$136
+        .align 4
+$119:
+        bis $11,$11,$16
+        jsr $26,BN_num_bits_word
+        ldgp $29,0($26)
+        subq $0,64,$1
+        beq $1,$120
+        bis $31,1,$1
+        sll $1,$0,$1
+        cmpule $9,$1,$1
+        bne $1,$120
+ #      lda $16,_IO_stderr_
+ #      lda $17,$C32
+ #      bis $0,$0,$18
+ #      jsr $26,fprintf
+ #      ldgp $29,0($26)
+        jsr $26,abort
+        ldgp $29,0($26)
+        .align 4
+$120:
+        bis $31,64,$3
+        cmpult $9,$11,$2
+        subq $3,$0,$1
+        addl $1,$31,$0
+        subq $9,$11,$1
+        cmoveq $2,$1,$9
+        beq $0,$122
+        zapnot $0,15,$2
+        subq $3,$0,$1
+        sll $11,$2,$11
+        sll $9,$2,$3
+        srl $10,$1,$1
+        sll $10,$2,$10
+        bis $3,$1,$9
+$122:
+        srl $11,32,$5
+        zapnot $11,15,$6
+        lda $7,-1
+        .align 5
+$123:
+        srl $9,32,$1
+        subq $1,$5,$1
+        bne $1,$126
+        zapnot $7,15,$27
+        br $31,$127
+        .align 4
+$126:
+        bis $9,$9,$24
+        bis $5,$5,$25
+        divqu $24,$25,$27
+$127:
+        srl $10,32,$4
+        .align 5
+$128:
+        mulq $27,$5,$1
+        subq $9,$1,$3
+        zapnot $3,240,$1
+        bne $1,$129
+        mulq $6,$27,$2
+        sll $3,32,$1
+        addq $1,$4,$1
+        cmpule $2,$1,$2
+        bne $2,$129
+        subq $27,1,$27
+        br $31,$128
+        .align 4
+$129:
+        mulq $27,$6,$1
+        mulq $27,$5,$4
+        srl $1,32,$3
+        sll $1,32,$1
+        addq $4,$3,$4
+        cmpult $10,$1,$2
+        subq $10,$1,$10
+        addq $2,$4,$2
+        cmpult $9,$2,$1
+        bis $2,$2,$4
+        beq $1,$134
+        addq $9,$11,$9
+        subq $27,1,$27
+$134:
+        subl $12,1,$12
+        subq $9,$4,$9
+        beq $12,$124
+        sll $27,32,$13
+        sll $9,32,$2
+        srl $10,32,$1
+        sll $10,32,$10
+        bis $2,$1,$9
+        br $31,$123
+        .align 4
+$124:
+        bis $13,$27,$0
+$136:
+        ldq $26,0($30)
+        ldq $9,8($30)
+        ldq $10,16($30)
+        ldq $11,24($30)
+        ldq $12,32($30)
+        ldq $13,40($30)
+        addq $30,48,$30
+        ret $31,($26),1
+        .end bn_div64
+
+        .set noat
+        .text
+        .align 3
+        .globl bn_sub_words
+        .ent bn_sub_words
+bn_sub_words:
+bn_sub_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+
+        subq    $19,    4,      $19
+        bis     $31,    $31,    $0
+        blt     $19,    $100
+        ldq     $1,     0($17)
+        ldq     $2,     0($18)
+$101:
+        ldq     $3,     8($17)
+        cmpult  $1,     $2,     $4
+        ldq     $5,     8($18)
+        subq    $1,     $2,     $1
+        ldq     $6,     16($17)
+        cmpult  $1,     $0,     $2
+        ldq     $7,     16($18)
+        subq    $1,     $0,     $23
+        ldq     $8,     24($17)
+        addq    $2,     $4,     $0
+        cmpult  $3,     $5,     $24
+        subq    $3,     $5,     $3
+        ldq     $22,    24($18)
+        cmpult  $3,     $0,     $5
+        subq    $3,     $0,     $25
+        addq    $5,     $24,    $0
+        cmpult  $6,     $7,     $27
+        subq    $6,     $7,     $6
+        stq     $23,    0($16)
+        cmpult  $6,     $0,     $7
+        subq    $6,     $0,     $28
+        addq    $7,     $27,    $0
+        cmpult  $8,     $22,    $21
+        subq    $8,     $22,    $8
+        stq     $25,    8($16)
+        cmpult  $8,     $0,     $22
+        subq    $8,     $0,     $20
+        addq    $22,    $21,    $0
+        stq     $28,    16($16)
+        subq    $19,    4,      $19
+        stq     $20,    24($16)
+        addq    $17,    32,     $17
+        addq    $18,    32,     $18
+        addq    $16,    32,     $16
+        blt     $19,    $100
+        ldq     $1,     0($17)
+        ldq     $2,     0($18)
+        br      $101
+$102:
+        ldq     $1,     0($17)
+        ldq     $2,     0($18)
+        cmpult  $1,     $2,     $27
+        subq    $1,     $2,     $1
+        cmpult  $1,     $0,     $2
+        subq    $1,     $0,     $1
+        stq     $1,     0($16)
+        addq    $2,     $27,    $0
+        addq    $17,    8,      $17
+        addq    $18,    8,      $18
+        addq    $16,    8,      $16
+        subq    $19,    1,      $19
+        bgt     $19,    $102
+        ret     $31,($26),1
+$100:
+        addq    $19,    4,      $19
+        bgt     $19,    $102
+$103:
+        ret     $31,($26),1
+        .end bn_sub_words
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/add.pl b/src/lib/libcrypto/bn/asm/alpha.works/add.pl
new file mode 100644
index 0000000000..4dc76e6b69
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/add.pl
@@ -0,0 +1,119 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_add_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+        $count=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &br(&label("finish"));
+        &blt($count,&label("finish"));
+
+        ($a0,$b0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($b0,&QWPw(0,$bp));
+
+##########################################################
+        &set_label("loop");
+
+        ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
+        ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
+        ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
+        ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
+        ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
+        ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
+
+        ($o0,$t0)=&NR(2);
+        &add($a0,$b0,$o0); 
+        &cmpult($o0,$b0,$t0);
+        &add($o0,$cc,$o0);
+        &cmpult($o0,$cc,$cc);
+        &add($cc,$t0,$cc);      &FR($t0);
+
+        ($t1,$o1)=&NR(2);
+
+        &add($a1,$b1,$o1);      &FR($a1);
+        &cmpult($o1,$b1,$t1);   &FR($b1);
+        &add($o1,$cc,$o1);
+        &cmpult($o1,$cc,$cc);
+        &add($cc,$t1,$cc);      &FR($t1);
+
+        ($t2,$o2)=&NR(2);
+
+        &add($a2,$b2,$o2);      &FR($a2);
+        &cmpult($o2,$b2,$t2);   &FR($b2);
+        &add($o2,$cc,$o2);
+        &cmpult($o2,$cc,$cc);
+        &add($cc,$t2,$cc);      &FR($t2);
+
+        ($t3,$o3)=&NR(2);
+
+        &add($a3,$b3,$o3);      &FR($a3);
+        &cmpult($o3,$b3,$t3);   &FR($b3);
+        &add($o3,$cc,$o3);
+        &cmpult($o3,$cc,$cc);
+        &add($cc,$t3,$cc);      &FR($t3);
+
+        &st($o0,&QWPw(0,$rp)); &FR($o0);
+        &st($o1,&QWPw(0,$rp)); &FR($o1);
+        &st($o2,&QWPw(0,$rp)); &FR($o2);
+        &st($o3,&QWPw(0,$rp)); &FR($o3);
+
+        &sub($count,4,$count);  # count-=4
+        &add($ap,4*$QWS,$ap);   # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+        &add($rp,4*$QWS,$rp);   # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+##################################################
+        # Do the last 0..3 words
+
+        ($t0,$o0)=&NR(2);
+        &set_label("last_loop");
+
+        &ld($a0,&QWPw(0,$ap));  # get a
+        &ld($b0,&QWPw(0,$bp));  # get b
+
+        &add($a0,$b0,$o0); 
+        &cmpult($o0,$b0,$t0);   # will we borrow?
+        &add($o0,$cc,$o0);      # will we borrow?
+        &cmpult($o0,$cc,$cc);   # will we borrow?
+        &add($cc,$t0,$cc);      # add the borrows
+        &st($o0,&QWPw(0,$rp));  # save
+
+        &add($ap,$QWS,$ap);
+        &add($bp,$QWS,$bp);
+        &add($rp,$QWS,$rp);
+        &sub($count,1,$count);
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &FR($o0,$t0,$a0,$b0);
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/div.pl b/src/lib/libcrypto/bn/asm/alpha.works/div.pl
new file mode 100644
index 0000000000..7ec144377f
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/div.pl
@@ -0,0 +1,144 @@
+#!/usr/local/bin/perl
+
+sub bn_div64
+        {
+        local($data)=<<'EOF';
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+        .set noreorder
+        .set volatile
+        .align 3
+        .globl bn_div64
+        .ent bn_div64
+bn_div64:
+        ldgp $29,0($27)
+bn_div64..ng:
+        lda $30,-48($30)
+        .frame $30,48,$26,0
+        stq $26,0($30)
+        stq $9,8($30)
+        stq $10,16($30)
+        stq $11,24($30)
+        stq $12,32($30)
+        stq $13,40($30)
+        .mask 0x4003e00,-48
+        .prologue 1
+        bis $16,$16,$9
+        bis $17,$17,$10
+        bis $18,$18,$11
+        bis $31,$31,$13
+        bis $31,2,$12
+        bne $11,$9119
+        lda $0,-1
+        br $31,$9136
+        .align 4
+$9119:
+        bis $11,$11,$16
+        jsr $26,BN_num_bits_word
+        ldgp $29,0($26)
+        subq $0,64,$1
+        beq $1,$9120
+        bis $31,1,$1
+        sll $1,$0,$1
+        cmpule $9,$1,$1
+        bne $1,$9120
+ #      lda $16,_IO_stderr_
+ #      lda $17,$C32
+ #      bis $0,$0,$18
+ #      jsr $26,fprintf
+ #      ldgp $29,0($26)
+        jsr $26,abort
+        ldgp $29,0($26)
+        .align 4
+$9120:
+        bis $31,64,$3
+        cmpult $9,$11,$2
+        subq $3,$0,$1
+        addl $1,$31,$0
+        subq $9,$11,$1
+        cmoveq $2,$1,$9
+        beq $0,$9122
+        zapnot $0,15,$2
+        subq $3,$0,$1
+        sll $11,$2,$11
+        sll $9,$2,$3
+        srl $10,$1,$1
+        sll $10,$2,$10
+        bis $3,$1,$9
+$9122:
+        srl $11,32,$5
+        zapnot $11,15,$6
+        lda $7,-1
+        .align 5
+$9123:
+        srl $9,32,$1
+        subq $1,$5,$1
+        bne $1,$9126
+        zapnot $7,15,$27
+        br $31,$9127
+        .align 4
+$9126:
+        bis $9,$9,$24
+        bis $5,$5,$25
+        divqu $24,$25,$27
+$9127:
+        srl $10,32,$4
+        .align 5
+$9128:
+        mulq $27,$5,$1
+        subq $9,$1,$3
+        zapnot $3,240,$1
+        bne $1,$9129
+        mulq $6,$27,$2
+        sll $3,32,$1
+        addq $1,$4,$1
+        cmpule $2,$1,$2
+        bne $2,$9129
+        subq $27,1,$27
+        br $31,$9128
+        .align 4
+$9129:
+        mulq $27,$6,$1
+        mulq $27,$5,$4
+        srl $1,32,$3
+        sll $1,32,$1
+        addq $4,$3,$4
+        cmpult $10,$1,$2
+        subq $10,$1,$10
+        addq $2,$4,$2
+        cmpult $9,$2,$1
+        bis $2,$2,$4
+        beq $1,$9134
+        addq $9,$11,$9
+        subq $27,1,$27
+$9134:
+        subl $12,1,$12
+        subq $9,$4,$9
+        beq $12,$9124
+        sll $27,32,$13
+        sll $9,32,$2
+        srl $10,32,$1
+        sll $10,32,$10
+        bis $2,$1,$9
+        br $31,$9123
+        .align 4
+$9124:
+        bis $13,$27,$0
+$9136:
+        ldq $26,0($30)
+        ldq $9,8($30)
+        ldq $10,16($30)
+        ldq $11,24($30)
+        ldq $12,32($30)
+        ldq $13,40($30)
+        addq $30,48,$30
+        ret $31,($26),1
+        .end bn_div64
+EOF
+        &asm_add($data);
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul.pl
new file mode 100644
index 0000000000..b182bae452
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/mul.pl
@@ -0,0 +1,116 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_mul_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r,$couny);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $count=&wparam(2);
+        $word=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &br(&label("finish"));
+        &blt($count,&label("finish"));
+
+        ($a0,$r0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($r0,&QWPw(0,$rp));
+
+$a=<<'EOF';
+##########################################################
+        &set_label("loop");
+
+        ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
+        ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
+        ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
+        ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
+        ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
+        ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
+
+        ($o0,$t0)=&NR(2);
+        &add($a0,$b0,$o0); 
+        &cmpult($o0,$b0,$t0);
+        &add($o0,$cc,$o0);
+        &cmpult($o0,$cc,$cc);
+        &add($cc,$t0,$cc);      &FR($t0);
+
+        ($t1,$o1)=&NR(2);
+
+        &add($a1,$b1,$o1);      &FR($a1);
+        &cmpult($o1,$b1,$t1);   &FR($b1);
+        &add($o1,$cc,$o1);
+        &cmpult($o1,$cc,$cc);
+        &add($cc,$t1,$cc);      &FR($t1);
+
+        ($t2,$o2)=&NR(2);
+
+        &add($a2,$b2,$o2);      &FR($a2);
+        &cmpult($o2,$b2,$t2);   &FR($b2);
+        &add($o2,$cc,$o2);
+        &cmpult($o2,$cc,$cc);
+        &add($cc,$t2,$cc);      &FR($t2);
+
+        ($t3,$o3)=&NR(2);
+
+        &add($a3,$b3,$o3);      &FR($a3);
+        &cmpult($o3,$b3,$t3);   &FR($b3);
+        &add($o3,$cc,$o3);
+        &cmpult($o3,$cc,$cc);
+        &add($cc,$t3,$cc);      &FR($t3);
+
+        &st($o0,&QWPw(0,$rp)); &FR($o0);
+        &st($o1,&QWPw(0,$rp)); &FR($o1);
+        &st($o2,&QWPw(0,$rp)); &FR($o2);
+        &st($o3,&QWPw(0,$rp)); &FR($o3);
+
+        &sub($count,4,$count);  # count-=4
+        &add($ap,4*$QWS,$ap);   # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+        &add($rp,4*$QWS,$rp);   # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+EOF
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
+        &mul($a0,$word,($l0)=&NR(1));
+         &add($ap,$QWS,$ap);
+        &muh($a0,$word,($h0)=&NR(1));   &FR($a0);
+        &add($l0,$cc,$l0);
+         &add($rp,$QWS,$rp);
+         &sub($count,1,$count);
+        &cmpult($l0,$cc,$cc);
+        &st($l0,&QWPw(-1,$rp));         &FR($l0);
+        &add($h0,$cc,$cc);              &FR($h0);
+
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl
new file mode 100644
index 0000000000..e37f6315fb
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/mul_add.pl
@@ -0,0 +1,120 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_mul_add_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r,$couny);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $count=&wparam(2);
+        $word=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &br(&label("finish"));
+        &blt($count,&label("finish"));
+
+        ($a0,$r0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($r0,&QWPw(0,$rp));
+
+$a=<<'EOF';
+##########################################################
+        &set_label("loop");
+
+        ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
+        ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
+        ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
+        ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
+        ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
+        ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
+
+        ($o0,$t0)=&NR(2);
+        &add($a0,$b0,$o0); 
+        &cmpult($o0,$b0,$t0);
+        &add($o0,$cc,$o0);
+        &cmpult($o0,$cc,$cc);
+        &add($cc,$t0,$cc);      &FR($t0);
+
+        ($t1,$o1)=&NR(2);
+
+        &add($a1,$b1,$o1);      &FR($a1);
+        &cmpult($o1,$b1,$t1);   &FR($b1);
+        &add($o1,$cc,$o1);
+        &cmpult($o1,$cc,$cc);
+        &add($cc,$t1,$cc);      &FR($t1);
+
+        ($t2,$o2)=&NR(2);
+
+        &add($a2,$b2,$o2);      &FR($a2);
+        &cmpult($o2,$b2,$t2);   &FR($b2);
+        &add($o2,$cc,$o2);
+        &cmpult($o2,$cc,$cc);
+        &add($cc,$t2,$cc);      &FR($t2);
+
+        ($t3,$o3)=&NR(2);
+
+        &add($a3,$b3,$o3);      &FR($a3);
+        &cmpult($o3,$b3,$t3);   &FR($b3);
+        &add($o3,$cc,$o3);
+        &cmpult($o3,$cc,$cc);
+        &add($cc,$t3,$cc);      &FR($t3);
+
+        &st($o0,&QWPw(0,$rp)); &FR($o0);
+        &st($o1,&QWPw(0,$rp)); &FR($o1);
+        &st($o2,&QWPw(0,$rp)); &FR($o2);
+        &st($o3,&QWPw(0,$rp)); &FR($o3);
+
+        &sub($count,4,$count);  # count-=4
+        &add($ap,4*$QWS,$ap);   # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+        &add($rp,4*$QWS,$rp);   # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+EOF
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
+        &ld(($r0)=&NR(1),&QWPw(0,$rp)); # get b
+        &mul($a0,$word,($l0)=&NR(1));
+         &sub($count,1,$count);
+         &add($ap,$QWS,$ap);
+        &muh($a0,$word,($h0)=&NR(1));   &FR($a0);
+        &add($r0,$l0,$r0);
+         &add($rp,$QWS,$rp);
+        &cmpult($r0,$l0,($t0)=&NR(1));  &FR($l0);
+         &add($r0,$cc,$r0);
+        &add($h0,$t0,$h0);              &FR($t0);
+         &cmpult($r0,$cc,$cc);
+        &st($r0,&QWPw(-1,$rp));         &FR($r0);
+         &add($h0,$cc,$cc);             &FR($h0);
+
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl
new file mode 100644
index 0000000000..5efd201281
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.pl
@@ -0,0 +1,213 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub mul_add_c
+        {
+        local($a,$b,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+        &mul($a,$b,($l1)=&NR(1));
+        &muh($a,$b,($h1)=&NR(1));
+        &add($c0,$l1,$c0);
+        &cmpult($c0,$l1,($t1)=&NR(1));  &FR($l1);
+        &add($t1,$h1,$h1);              &FR($t1);
+        &add($c1,$h1,$c1);
+        &cmpult($c1,$h1,($t2)=&NR(1));  &FR($h1);
+        &add($c2,$t2,$c2);              &FR($t2);
+        }
+
+sub bn_mul_comba4
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(3);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($b[0])=&NR(1),&QWPw(0,$bp));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[1])=&NR(1),&QWPw(1,$bp));
+        &mul($a[0],$b[0],($r00)=&NR(1));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($b[2])=&NR(1),&QWPw(2,$bp));
+        &muh($a[0],$b[0],($r01)=&NR(1));
+        &FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap));
+        &FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp));
+        &mul($a[0],$b[1],($r02)=&NR(1));
+
+        ($R,$H1,$H2)=&NR(3);
+
+        &st($r00,&QWPw(0,$rp)); &FR($r00);
+
+        &mov("zero",$R);
+        &mul($a[1],$b[0],($r03)=&NR(1));
+
+        &mov("zero",$H1);
+        &mov("zero",$H0);
+         &add($R,$r01,$R);
+        &muh($a[0],$b[1],($r04)=&NR(1));
+         &cmpult($R,$r01,($t01)=&NR(1));        &FR($r01);
+         &add($R,$r02,$R);
+         &add($H1,$t01,$H1)                     &FR($t01);
+        &muh($a[1],$b[0],($r05)=&NR(1));
+         &cmpult($R,$r02,($t02)=&NR(1));        &FR($r02);
+         &add($R,$r03,$R);
+         &add($H2,$t02,$H2)                     &FR($t02);
+        &mul($a[0],$b[2],($r06)=&NR(1));
+         &cmpult($R,$r03,($t03)=&NR(1));        &FR($r03);
+         &add($H1,$t03,$H1)                     &FR($t03);
+        &st($R,&QWPw(1,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r04,$R);
+        &mov("zero",$H2);
+        &mul($a[1],$b[1],($r07)=&NR(1));
+         &cmpult($R,$r04,($t04)=&NR(1));        &FR($r04);
+         &add($R,$r05,$R);
+         &add($H1,$t04,$H1)                     &FR($t04);
+        &mul($a[2],$b[0],($r08)=&NR(1));
+         &cmpult($R,$r05,($t05)=&NR(1));        &FR($r05);
+         &add($R,$r01,$R);
+         &add($H2,$t05,$H2)                     &FR($t05);
+        &muh($a[0],$b[2],($r09)=&NR(1));
+         &cmpult($R,$r06,($t06)=&NR(1));        &FR($r06);
+         &add($R,$r07,$R);
+         &add($H1,$t06,$H1)                     &FR($t06);
+        &muh($a[1],$b[1],($r10)=&NR(1));
+         &cmpult($R,$r07,($t07)=&NR(1));        &FR($r07);
+         &add($R,$r08,$R);
+         &add($H2,$t07,$H2)                     &FR($t07);
+        &muh($a[2],$b[0],($r11)=&NR(1));
+         &cmpult($R,$r08,($t08)=&NR(1));        &FR($r08);
+         &add($H1,$t08,$H1)                     &FR($t08);
+        &st($R,&QWPw(2,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r09,$R);
+        &mov("zero",$H2);
+        &mul($a[0],$b[3],($r12)=&NR(1));
+         &cmpult($R,$r09,($t09)=&NR(1));        &FR($r09);
+         &add($R,$r10,$R);
+         &add($H1,$t09,$H1)                     &FR($t09);
+        &mul($a[1],$b[2],($r13)=&NR(1));
+         &cmpult($R,$r10,($t10)=&NR(1));        &FR($r10);
+         &add($R,$r11,$R);
+         &add($H1,$t10,$H1)                     &FR($t10);
+        &mul($a[2],$b[1],($r14)=&NR(1));
+         &cmpult($R,$r11,($t11)=&NR(1));        &FR($r11);
+         &add($R,$r12,$R);
+         &add($H1,$t11,$H1)                     &FR($t11);
+        &mul($a[3],$b[0],($r15)=&NR(1));
+         &cmpult($R,$r12,($t12)=&NR(1));        &FR($r12);
+         &add($R,$r13,$R);
+         &add($H1,$t12,$H1)                     &FR($t12);
+        &muh($a[0],$b[3],($r16)=&NR(1));
+         &cmpult($R,$r13,($t13)=&NR(1));        &FR($r13);
+         &add($R,$r14,$R);
+         &add($H1,$t13,$H1)                     &FR($t13);
+        &muh($a[1],$b[2],($r17)=&NR(1));
+         &cmpult($R,$r14,($t14)=&NR(1));        &FR($r14);
+         &add($R,$r15,$R);
+         &add($H1,$t14,$H1)                     &FR($t14);
+        &muh($a[2],$b[1],($r18)=&NR(1));
+         &cmpult($R,$r15,($t15)=&NR(1));        &FR($r15);
+         &add($H1,$t15,$H1)                     &FR($t15);
+        &st($R,&QWPw(3,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r16,$R);
+        &mov("zero",$H2);
+        &muh($a[3],$b[0],($r19)=&NR(1));
+         &cmpult($R,$r16,($t16)=&NR(1));        &FR($r16);
+         &add($R,$r17,$R);
+         &add($H1,$t16,$H1)                     &FR($t16);
+        &mul($a[1],$b[3],($r20)=&NR(1));
+         &cmpult($R,$r17,($t17)=&NR(1));        &FR($r17);
+         &add($R,$r18,$R);
+         &add($H1,$t17,$H1)                     &FR($t17);
+        &mul($a[2],$b[2],($r21)=&NR(1));
+         &cmpult($R,$r18,($t18)=&NR(1));        &FR($r18);
+         &add($R,$r19,$R);
+         &add($H1,$t18,$H1)                     &FR($t18);
+        &mul($a[3],$b[1],($r22)=&NR(1));
+         &cmpult($R,$r19,($t19)=&NR(1));        &FR($r19);
+         &add($R,$r20,$R);
+         &add($H1,$t19,$H1)                     &FR($t19);
+        &muh($a[1],$b[3],($r23)=&NR(1));
+         &cmpult($R,$r20,($t20)=&NR(1));        &FR($r20);
+         &add($R,$r21,$R);
+         &add($H1,$t20,$H1)                     &FR($t20);
+        &muh($a[2],$b[2],($r24)=&NR(1));
+         &cmpult($R,$r21,($t21)=&NR(1));        &FR($r21);
+         &add($R,$r22,$R);
+         &add($H1,$t21,$H1)                     &FR($t21);
+        &muh($a[3],$b[1],($r25)=&NR(1));
+         &cmpult($R,$r22,($t22)=&NR(1));        &FR($r22);
+         &add($H1,$t22,$H1)                     &FR($t22);
+        &st($R,&QWPw(4,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r23,$R);
+        &mov("zero",$H2);
+        &mul($a[2],$b[3],($r26)=&NR(1));
+         &cmpult($R,$r23,($t23)=&NR(1));        &FR($r23);
+         &add($R,$r24,$R);
+         &add($H1,$t23,$H1)                     &FR($t23);
+        &mul($a[3],$b[2],($r27)=&NR(1));
+         &cmpult($R,$r24,($t24)=&NR(1));        &FR($r24);
+         &add($R,$r25,$R);
+         &add($H1,$t24,$H1)                     &FR($t24);
+        &muh($a[2],$b[3],($r28)=&NR(1));
+         &cmpult($R,$r25,($t25)=&NR(1));        &FR($r25);
+         &add($R,$r26,$R);
+         &add($H1,$t25,$H1)                     &FR($t25);
+        &muh($a[3],$b[2],($r29)=&NR(1));
+         &cmpult($R,$r26,($t26)=&NR(1));        &FR($r26);
+         &add($R,$r27,$R);
+         &add($H1,$t26,$H1)                     &FR($t26);
+        &mul($a[3],$b[3],($r30)=&NR(1));
+         &cmpult($R,$r27,($t27)=&NR(1));        &FR($r27);
+         &add($H1,$t27,$H1)                     &FR($t27);
+        &st($R,&QWPw(5,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r28,$R);
+        &mov("zero",$H2);
+        &muh($a[3],$b[3],($r31)=&NR(1));
+         &cmpult($R,$r28,($t28)=&NR(1));        &FR($r28);
+         &add($R,$r29,$R);
+         &add($H1,$t28,$H1)                     &FR($t28);
+        ############
+         &cmpult($R,$r29,($t29)=&NR(1));        &FR($r29);
+         &add($R,$r30,$R);
+         &add($H1,$t29,$H1)                     &FR($t29);
+        ############
+         &cmpult($R,$r30,($t30)=&NR(1));        &FR($r30);
+         &add($H1,$t30,$H1)                     &FR($t30);
+        &st($R,&QWPw(6,$rp));
+        &add($H1,$H2,$R);
+
+         &add($R,$r31,$R);                      &FR($r31);
+        &st($R,&QWPw(7,$rp));
+
+        &FR($R,$H1,$H2);
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl
new file mode 100644
index 0000000000..79d86dd25c
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/mul_c4.works.pl
@@ -0,0 +1,98 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub mul_add_c
+        {
+        local($a,$b,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+print STDERR "count=$cnt\n"; $cnt++;
+        &mul($a,$b,($l1)=&NR(1));
+        &muh($a,$b,($h1)=&NR(1));
+        &add($c0,$l1,$c0);
+        &cmpult($c0,$l1,($t1)=&NR(1));  &FR($l1);
+        &add($t1,$h1,$h1);              &FR($t1);
+        &add($c1,$h1,$c1);
+        &cmpult($c1,$h1,($t2)=&NR(1));  &FR($h1);
+        &add($c2,$t2,$c2);              &FR($t2);
+        }
+
+sub bn_mul_comba4
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(3);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($b[0])=&NR(1),&QWPw(0,$bp));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[1])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($b[2])=&NR(1),&QWPw(2,$bp));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap));       &FR($ap);
+        &ld(($b[3])=&NR(1),&QWPw(3,$bp));       &FR($bp);
+
+        ($c0,$c1,$c2)=&NR(3);
+        &mov("zero",$c2);
+        &mul($a[0],$b[0],$c0);
+        &muh($a[0],$b[0],$c1);
+        &st($c0,&QWPw(0,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[3],$c0,$c1,$c2);    &FR($a[0]);
+        &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[0],$c0,$c1,$c2);    &FR($b[0]);
+        &st($c0,&QWPw(3,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[1],$b[3],$c0,$c1,$c2);    &FR($a[1]);
+        &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[1],$c0,$c1,$c2);    &FR($b[1]);
+        &st($c0,&QWPw(4,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[2],$b[3],$c0,$c1,$c2);    &FR($a[2]);
+        &mul_add_c($a[3],$b[2],$c0,$c1,$c2);    &FR($b[2]);
+        &st($c0,&QWPw(5,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[3],$b[3],$c0,$c1,$c2);    &FR($a[3],$b[3]);
+        &st($c0,&QWPw(6,$rp));
+        &st($c1,&QWPw(7,$rp));
+
+        &FR($c0,$c1,$c2);
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl b/src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl
new file mode 100644
index 0000000000..525ca7494b
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/mul_c8.pl
@@ -0,0 +1,177 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_mul_comba8
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(3);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &stack_push(2);
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($b[0])=&NR(1),&QWPw(0,$bp));
+        &st($reg_s0,&swtmp(0)); &FR($reg_s0);
+        &st($reg_s1,&swtmp(1)); &FR($reg_s1);
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[1])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($b[2])=&NR(1),&QWPw(2,$bp));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap));
+        &ld(($b[3])=&NR(1),&QWPw(3,$bp));
+        &ld(($a[4])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[4])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[5])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[5])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[6])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[6])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[7])=&NR(1),&QWPw(1,$ap));       &FR($ap);
+        &ld(($b[7])=&NR(1),&QWPw(1,$bp));       &FR($bp);
+
+        ($c0,$c1,$c2)=&NR(3);
+        &mov("zero",$c2);
+        &mul($a[0],$b[0],$c0);
+        &muh($a[0],$b[0],$c1);
+        &st($c0,&QWPw(0,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(3,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(4,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(5,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(6,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[7],$c0,$c1,$c2);    &FR($a[0]);
+        &mul_add_c($a[1],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[0],$c0,$c1,$c2);    &FR($b[0]);
+        &st($c0,&QWPw(7,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[1],$b[7],$c0,$c1,$c2);    &FR($a[1]);
+        &mul_add_c($a[2],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[1],$c0,$c1,$c2);    &FR($b[1]);
+        &st($c0,&QWPw(8,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[2],$b[7],$c0,$c1,$c2);    &FR($a[2]);
+        &mul_add_c($a[3],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[2],$c0,$c1,$c2);    &FR($b[2]);
+        &st($c0,&QWPw(9,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[3],$b[7],$c0,$c1,$c2);    &FR($a[3]);
+        &mul_add_c($a[4],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[3],$c0,$c1,$c2);    &FR($b[3]);
+        &st($c0,&QWPw(10,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[4],$b[7],$c0,$c1,$c2);    &FR($a[4]);
+        &mul_add_c($a[5],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[4],$c0,$c1,$c2);    &FR($b[4]);
+        &st($c0,&QWPw(11,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[5],$b[7],$c0,$c1,$c2);    &FR($a[5]);
+        &mul_add_c($a[6],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[5],$c0,$c1,$c2);    &FR($b[5]);
+        &st($c0,&QWPw(12,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[6],$b[7],$c0,$c1,$c2);    &FR($a[6]);
+        &mul_add_c($a[7],$b[6],$c0,$c1,$c2);    &FR($b[6]);
+        &st($c0,&QWPw(13,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[7],$b[7],$c0,$c1,$c2);    &FR($a[7],$b[7]);
+        &st($c0,&QWPw(14,$rp));
+        &st($c1,&QWPw(15,$rp));
+
+        &FR($c0,$c1,$c2);
+
+        &ld($reg_s0,&swtmp(0));
+        &ld($reg_s1,&swtmp(1));
+        &stack_pop(2);
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sqr.pl b/src/lib/libcrypto/bn/asm/alpha.works/sqr.pl
new file mode 100644
index 0000000000..a55b696906
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/sqr.pl
@@ -0,0 +1,113 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_sqr_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r,$couny);
+
+        &init_pool(3);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $count=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &br(&label("finish"));
+        &blt($count,&label("finish"));
+
+        ($a0,$r0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($r0,&QWPw(0,$rp));
+
+$a=<<'EOF';
+##########################################################
+        &set_label("loop");
+
+        ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
+        ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
+        ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
+        ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
+        ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
+        ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
+
+        ($o0,$t0)=&NR(2);
+        &add($a0,$b0,$o0); 
+        &cmpult($o0,$b0,$t0);
+        &add($o0,$cc,$o0);
+        &cmpult($o0,$cc,$cc);
+        &add($cc,$t0,$cc);      &FR($t0);
+
+        ($t1,$o1)=&NR(2);
+
+        &add($a1,$b1,$o1);      &FR($a1);
+        &cmpult($o1,$b1,$t1);   &FR($b1);
+        &add($o1,$cc,$o1);
+        &cmpult($o1,$cc,$cc);
+        &add($cc,$t1,$cc);      &FR($t1);
+
+        ($t2,$o2)=&NR(2);
+
+        &add($a2,$b2,$o2);      &FR($a2);
+        &cmpult($o2,$b2,$t2);   &FR($b2);
+        &add($o2,$cc,$o2);
+        &cmpult($o2,$cc,$cc);
+        &add($cc,$t2,$cc);      &FR($t2);
+
+        ($t3,$o3)=&NR(2);
+
+        &add($a3,$b3,$o3);      &FR($a3);
+        &cmpult($o3,$b3,$t3);   &FR($b3);
+        &add($o3,$cc,$o3);
+        &cmpult($o3,$cc,$cc);
+        &add($cc,$t3,$cc);      &FR($t3);
+
+        &st($o0,&QWPw(0,$rp)); &FR($o0);
+        &st($o1,&QWPw(0,$rp)); &FR($o1);
+        &st($o2,&QWPw(0,$rp)); &FR($o2);
+        &st($o3,&QWPw(0,$rp)); &FR($o3);
+
+        &sub($count,4,$count);  # count-=4
+        &add($ap,4*$QWS,$ap);   # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+        &add($rp,4*$QWS,$rp);   # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+EOF
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
+        &mul($a0,$a0,($l0)=&NR(1));
+         &add($ap,$QWS,$ap);
+         &add($rp,2*$QWS,$rp);
+         &sub($count,1,$count);
+        &muh($a0,$a0,($h0)=&NR(1));     &FR($a0);
+        &st($l0,&QWPw(-2,$rp));         &FR($l0);
+        &st($h0,&QWPw(-1,$rp));         &FR($h0);
+
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl b/src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl
new file mode 100644
index 0000000000..bf33f5b503
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/sqr_c4.pl
@@ -0,0 +1,109 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub sqr_add_c
+        {
+        local($a,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+        &mul($a,$a,($l1)=&NR(1));
+        &muh($a,$a,($h1)=&NR(1));
+        &add($c0,$l1,$c0);
+        &add($c1,$h1,$c1);
+        &cmpult($c0,$l1,($t1)=&NR(1));  &FR($l1);
+        &cmpult($c1,$h1,($t2)=&NR(1));  &FR($h1);
+        &add($c1,$t1,$c1);              &FR($t1);
+        &add($c2,$t2,$c2);              &FR($t2);
+        }
+
+sub sqr_add_c2
+        {
+        local($a,$b,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+        &mul($a,$b,($l1)=&NR(1));
+        &muh($a,$b,($h1)=&NR(1));
+        &cmplt($l1,"zero",($lc1)=&NR(1));
+        &cmplt($h1,"zero",($hc1)=&NR(1));
+        &add($l1,$l1,$l1);
+        &add($h1,$h1,$h1);
+        &add($h1,$lc1,$h1);             &FR($lc1);
+        &add($c2,$hc1,$c2);             &FR($hc1);
+
+        &add($c0,$l1,$c0);
+        &add($c1,$h1,$c1);
+        &cmpult($c0,$l1,($lc1)=&NR(1)); &FR($l1);
+        &cmpult($c1,$h1,($hc1)=&NR(1)); &FR($h1);
+
+        &add($c1,$lc1,$c1);             &FR($lc1);
+        &add($c2,$hc1,$c2);             &FR($hc1);
+        }
+
+
+sub bn_sqr_comba4
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(2);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
+
+        ($c0,$c1,$c2)=&NR(3);
+
+        &mov("zero",$c2);
+        &mul($a[0],$a[0],$c0);
+        &muh($a[0],$a[0],$c1);
+        &st($c0,&QWPw(0,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[0],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
+        &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(3,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(4,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
+        &st($c0,&QWPw(5,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[3],$c0,$c1,$c2);
+        &st($c0,&QWPw(6,$rp));
+        &st($c1,&QWPw(7,$rp));
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl b/src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl
new file mode 100644
index 0000000000..b4afe085f1
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/sqr_c8.pl
@@ -0,0 +1,132 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_sqr_comba8
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(2);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap));
+        &ld(($a[4])=&NR(1),&QWPw(4,$ap));
+        &ld(($a[5])=&NR(1),&QWPw(5,$ap));
+        &ld(($a[6])=&NR(1),&QWPw(6,$ap));
+        &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap);
+
+        ($c0,$c1,$c2)=&NR(3);
+
+        &mov("zero",$c2);
+        &mul($a[0],$a[0],$c0);
+        &muh($a[0],$a[0],$c1);
+        &st($c0,&QWPw(0,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[1],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(3,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[4],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(4,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[4],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(5,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[4],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(6,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[4],$a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(7,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[4],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(8,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[5],$a[4],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[2],$c0,$c1,$c2);
+        &st($c0,&QWPw(9,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[5],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[4],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[3],$c0,$c1,$c2);
+        &st($c0,&QWPw(10,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[6],$a[5],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[4],$c0,$c1,$c2);
+        &st($c0,&QWPw(11,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[6],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[5],$c0,$c1,$c2);
+        &st($c0,&QWPw(12,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[7],$a[6],$c0,$c1,$c2);
+        &st($c0,&QWPw(13,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[7],$c0,$c1,$c2);
+        &st($c0,&QWPw(14,$rp));
+        &st($c1,&QWPw(15,$rp));
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha.works/sub.pl b/src/lib/libcrypto/bn/asm/alpha.works/sub.pl
new file mode 100644
index 0000000000..d998da5c21
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.works/sub.pl
@@ -0,0 +1,108 @@
+#!/usr/local/bin/perl
+# alpha assember
+
+sub bn_sub_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+        $count=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &blt($count,&label("finish"));
+
+        ($a0,$b0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($b0,&QWPw(0,$bp));
+
+##########################################################
+        &set_label("loop");
+
+        ($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8);
+        &ld($a1,&QWPw(1,$ap));
+         &cmpult($a0,$b0,$tmp); # will we borrow?
+        &ld($b1,&QWPw(1,$bp));
+         &sub($a0,$b0,$a0);             # do the subtract
+        &ld($a2,&QWPw(2,$ap));
+         &cmpult($a0,$cc,$b0);  # will we borrow?
+        &ld($b2,&QWPw(2,$bp));
+         &sub($a0,$cc,$o0);     # will we borrow?
+        &ld($a3,&QWPw(3,$ap));
+         &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp);
+
+        &cmpult($a1,$b1,$t1);   # will we borrow?
+         &sub($a1,$b1,$a1);     # do the subtract
+        &ld($b3,&QWPw(3,$bp));
+         &cmpult($a1,$cc,$b1);  # will we borrow?
+        &sub($a1,$cc,$o1);      # will we borrow?
+         &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1);
+        
+        &cmpult($a2,$b2,$tmp);  # will we borrow?
+         &sub($a2,$b2,$a2);             # do the subtract
+        &st($o0,&QWPw(0,$rp));  &FR($o0); # save
+         &cmpult($a2,$cc,$b2);  # will we borrow?
+        &sub($a2,$cc,$o2);      # will we borrow?
+         &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2);
+
+        &cmpult($a3,$b3,$t3);   # will we borrow?
+         &sub($a3,$b3,$a3);     # do the subtract
+        &st($o1,&QWPw(1,$rp)); &FR($o1);
+         &cmpult($a3,$cc,$b3);  # will we borrow?
+        &sub($a3,$cc,$o3);      # will we borrow?
+         &add($b3,$t3,$cc); &FR($t3,$a3,$b3);
+
+        &st($o2,&QWPw(2,$rp));  &FR($o2);
+         &sub($count,4,$count); # count-=4
+        &st($o3,&QWPw(3,$rp));  &FR($o3);
+         &add($ap,4*$QWS,$ap);  # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+         &add($rp,4*$QWS,$rp);  # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld($a0,&QWPw(0,$ap));  # get a
+         &ld($b0,&QWPw(0,$bp)); # get b
+        &cmpult($a0,$b0,$tmp);  # will we borrow?
+        &sub($a0,$b0,$a0);      # do the subtract
+        &cmpult($a0,$cc,$b0);   # will we borrow?
+        &sub($a0,$cc,$a0);      # will we borrow?
+        &st($a0,&QWPw(0,$rp));  # save
+        &add($b0,$tmp,$cc);     # add the borrows
+
+        &add($ap,$QWS,$ap);
+        &add($bp,$QWS,$bp);
+        &add($rp,$QWS,$rp);
+        &sub($count,1,$count);
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &FR($a0,$b0);
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/add.pl b/src/lib/libcrypto/bn/asm/alpha/add.pl
new file mode 100644
index 0000000000..13bf516428
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/add.pl
@@ -0,0 +1,118 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_add_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+        $count=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+         &mov("zero",$cc);
+        &blt($count,&label("finish"));
+
+        ($a0,$b0)=&NR(2);
+
+##########################################################
+        &set_label("loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap));
+         &ld(($b0)=&NR(1),&QWPw(0,$bp));
+        &ld(($a1)=&NR(1),&QWPw(1,$ap));
+         &ld(($b1)=&NR(1),&QWPw(1,$bp));
+
+        ($o0,$t0)=&NR(2);
+        &add($a0,$b0,$o0); 
+         &ld(($a2)=&NR(1),&QWPw(2,$ap));
+        &cmpult($o0,$b0,$t0);
+         &add($o0,$cc,$o0);
+        &cmpult($o0,$cc,$cc);
+         &ld(($b2)=&NR(1),&QWPw(2,$bp));
+        &add($cc,$t0,$cc);      &FR($t0);
+
+        ($t1,$o1)=&NR(2);
+
+         &add($a1,$b1,$o1);     &FR($a1);
+        &cmpult($o1,$b1,$t1);   &FR($b1);
+         &add($o1,$cc,$o1);
+        &cmpult($o1,$cc,$cc);
+         &ld(($a3)=&NR(1),&QWPw(3,$ap));
+        &add($cc,$t1,$cc);      &FR($t1);
+
+        ($t2,$o2)=&NR(2);
+
+         &add($a2,$b2,$o2);     &FR($a2);
+        &cmpult($o2,$b2,$t2);   &FR($b2);
+         &add($o2,$cc,$o2);
+        &cmpult($o2,$cc,$cc);
+         &ld(($b3)=&NR(1),&QWPw(3,$bp));
+        &st($o0,&QWPw(0,$rp)); &FR($o0);
+         &add($cc,$t2,$cc);     &FR($t2);
+
+        ($t3,$o3)=&NR(2);
+
+        &st($o1,&QWPw(0,$rp)); &FR($o1);
+         &add($a3,$b3,$o3);     &FR($a3);
+        &cmpult($o3,$b3,$t3);   &FR($b3);
+         &add($o3,$cc,$o3);
+        &st($o2,&QWPw(0,$rp)); &FR($o2);
+         &cmpult($o3,$cc,$cc);
+        &st($o3,&QWPw(0,$rp)); &FR($o3);
+         &add($cc,$t3,$cc);     &FR($t3);
+
+
+        &sub($count,4,$count);  # count-=4
+         &add($ap,4*$QWS,$ap);  # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+         &add($rp,4*$QWS,$rp);  # count+=4
+
+        ###
+         &bge($count,&label("loop"));
+        ###
+        &br(&label("finish"));
+##################################################
+        # Do the last 0..3 words
+
+        ($t0,$o0)=&NR(2);
+        &set_label("last_loop");
+
+        &ld($a0,&QWPw(0,$ap));  # get a
+         &ld($b0,&QWPw(0,$bp)); # get b
+        &add($ap,$QWS,$ap);
+         &add($bp,$QWS,$bp);
+        &add($a0,$b0,$o0); 
+         &sub($count,1,$count);
+        &cmpult($o0,$b0,$t0);   # will we borrow?
+         &add($o0,$cc,$o0);     # will we borrow?
+        &cmpult($o0,$cc,$cc);   # will we borrow?
+         &add($rp,$QWS,$rp);
+        &st($o0,&QWPw(-1,$rp)); # save
+         &add($cc,$t0,$cc);     # add the borrows
+
+        ###
+         &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+         &bgt($count,&label("last_loop"));
+
+        &FR($o0,$t0,$a0,$b0);
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/div.pl b/src/lib/libcrypto/bn/asm/alpha/div.pl
new file mode 100644
index 0000000000..e9e680897a
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/div.pl
@@ -0,0 +1,144 @@
+#!/usr/local/bin/perl
+
+sub bn_div_words
+        {
+        local($data)=<<'EOF';
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+        .set noreorder
+        .set volatile
+        .align 3
+        .globl bn_div_words
+        .ent bn_div_words
+bn_div_words
+        ldgp $29,0($27)
+bn_div_words.ng:
+        lda $30,-48($30)
+        .frame $30,48,$26,0
+        stq $26,0($30)
+        stq $9,8($30)
+        stq $10,16($30)
+        stq $11,24($30)
+        stq $12,32($30)
+        stq $13,40($30)
+        .mask 0x4003e00,-48
+        .prologue 1
+        bis $16,$16,$9
+        bis $17,$17,$10
+        bis $18,$18,$11
+        bis $31,$31,$13
+        bis $31,2,$12
+        bne $11,$9119
+        lda $0,-1
+        br $31,$9136
+        .align 4
+$9119:
+        bis $11,$11,$16
+        jsr $26,BN_num_bits_word
+        ldgp $29,0($26)
+        subq $0,64,$1
+        beq $1,$9120
+        bis $31,1,$1
+        sll $1,$0,$1
+        cmpule $9,$1,$1
+        bne $1,$9120
+ #      lda $16,_IO_stderr_
+ #      lda $17,$C32
+ #      bis $0,$0,$18
+ #      jsr $26,fprintf
+ #      ldgp $29,0($26)
+        jsr $26,abort
+        ldgp $29,0($26)
+        .align 4
+$9120:
+        bis $31,64,$3
+        cmpult $9,$11,$2
+        subq $3,$0,$1
+        addl $1,$31,$0
+        subq $9,$11,$1
+        cmoveq $2,$1,$9
+        beq $0,$9122
+        zapnot $0,15,$2
+        subq $3,$0,$1
+        sll $11,$2,$11
+        sll $9,$2,$3
+        srl $10,$1,$1
+        sll $10,$2,$10
+        bis $3,$1,$9
+$9122:
+        srl $11,32,$5
+        zapnot $11,15,$6
+        lda $7,-1
+        .align 5
+$9123:
+        srl $9,32,$1
+        subq $1,$5,$1
+        bne $1,$9126
+        zapnot $7,15,$27
+        br $31,$9127
+        .align 4
+$9126:
+        bis $9,$9,$24
+        bis $5,$5,$25
+        divqu $24,$25,$27
+$9127:
+        srl $10,32,$4
+        .align 5
+$9128:
+        mulq $27,$5,$1
+        subq $9,$1,$3
+        zapnot $3,240,$1
+        bne $1,$9129
+        mulq $6,$27,$2
+        sll $3,32,$1
+        addq $1,$4,$1
+        cmpule $2,$1,$2
+        bne $2,$9129
+        subq $27,1,$27
+        br $31,$9128
+        .align 4
+$9129:
+        mulq $27,$6,$1
+        mulq $27,$5,$4
+        srl $1,32,$3
+        sll $1,32,$1
+        addq $4,$3,$4
+        cmpult $10,$1,$2
+        subq $10,$1,$10
+        addq $2,$4,$2
+        cmpult $9,$2,$1
+        bis $2,$2,$4
+        beq $1,$9134
+        addq $9,$11,$9
+        subq $27,1,$27
+$9134:
+        subl $12,1,$12
+        subq $9,$4,$9
+        beq $12,$9124
+        sll $27,32,$13
+        sll $9,32,$2
+        srl $10,32,$1
+        sll $10,32,$10
+        bis $2,$1,$9
+        br $31,$9123
+        .align 4
+$9124:
+        bis $13,$27,$0
+$9136:
+        ldq $26,0($30)
+        ldq $9,8($30)
+        ldq $10,16($30)
+        ldq $11,24($30)
+        ldq $12,32($30)
+        ldq $13,40($30)
+        addq $30,48,$30
+        ret $31,($26),1
+        .end bn_div_words
+EOF
+        &asm_add($data);
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/mul.pl b/src/lib/libcrypto/bn/asm/alpha/mul.pl
new file mode 100644
index 0000000000..76c926566c
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/mul.pl
@@ -0,0 +1,104 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_mul_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r,$couny);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $count=&wparam(2);
+        $word=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+         &mov("zero",$cc);
+        ###
+         &blt($count,&label("finish"));
+
+        ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap));
+
+        &set_label("loop");
+
+        ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
+         ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
+
+        &muh($a0,$word,($h0)=&NR(1));   &FR($a0);
+         ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
+                                                        ### wait 8
+        &mul($a0,$word,($l0)=&NR(1));   &FR($a0);
+                                                        ### wait 8
+        &muh($a1,$word,($h1)=&NR(1));   &FR($a1);
+         &add($l0,$cc,$l0);                             ### wait 8
+        &mul($a1,$word,($l1)=&NR(1));   &FR($a1);
+         &cmpult($l0,$cc,$cc);                          ### wait 8
+        &muh($a2,$word,($h2)=&NR(1));   &FR($a2);
+         &add($h0,$cc,$cc);     &FR($h0);               ### wait 8
+        &mul($a2,$word,($l2)=&NR(1));   &FR($a2);
+         &add($l1,$cc,$l1);                             ### wait 8
+        &st($l0,&QWPw(0,$rp));          &FR($l0);
+         &cmpult($l1,$cc,$cc);                          ### wait 8
+        &muh($a3,$word,($h3)=&NR(1));   &FR($a3);
+         &add($h1,$cc,$cc);             &FR($h1);
+        &mul($a3,$word,($l3)=&NR(1));   &FR($a3);
+         &add($l2,$cc,$l2);
+        &st($l1,&QWPw(1,$rp));          &FR($l1);
+         &cmpult($l2,$cc,$cc);
+        &add($h2,$cc,$cc);              &FR($h2);
+         &sub($count,4,$count); # count-=4
+        &st($l2,&QWPw(2,$rp));          &FR($l2);
+         &add($l3,$cc,$l3);
+        &cmpult($l3,$cc,$cc);
+         &add($bp,4*$QWS,$bp);  # count+=4
+        &add($h3,$cc,$cc);              &FR($h3);
+         &add($ap,4*$QWS,$ap);  # count+=4
+        &st($l3,&QWPw(3,$rp));          &FR($l3);
+         &add($rp,4*$QWS,$rp);  # count+=4
+        ###
+         &blt($count,&label("finish"));
+         ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap));
+        &br(&label("finish"));
+##################################################
+
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
+         ###
+        ###
+         ###
+        &muh($a0,$word,($h0)=&NR(1));
+         ### Wait 8 for next mul issue
+        &mul($a0,$word,($l0)=&NR(1)); &FR($a0)
+         &add($ap,$QWS,$ap);
+        ### Loose 12 until result is available
+        &add($rp,$QWS,$rp);
+         &sub($count,1,$count);
+        &add($l0,$cc,$l0);
+         ###
+        &st($l0,&QWPw(-1,$rp));         &FR($l0);
+         &cmpult($l0,$cc,$cc);
+        &add($h0,$cc,$cc);              &FR($h0);
+         &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_add.pl b/src/lib/libcrypto/bn/asm/alpha/mul_add.pl
new file mode 100644
index 0000000000..0d6df69bc4
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/mul_add.pl
@@ -0,0 +1,123 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_mul_add_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r,$couny);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $count=&wparam(2);
+        $word=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+         &mov("zero",$cc);
+        ###
+         &blt($count,&label("finish"));
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap));
+
+$a=<<'EOF';
+##########################################################
+        &set_label("loop");
+
+        &ld(($r0)=&NR(1),&QWPw(0,$rp));
+         &ld(($a1)=&NR(1),&QWPw(1,$ap));
+        &muh($a0,$word,($h0)=&NR(1));
+         &ld(($r1)=&NR(1),&QWPw(1,$rp));
+        &ld(($a2)=&NR(1),&QWPw(2,$ap));
+         ###
+        &mul($a0,$word,($l0)=&NR(1));   &FR($a0);
+         &ld(($r2)=&NR(1),&QWPw(2,$rp));
+        &muh($a1,$word,($h1)=&NR(1));
+         &ld(($a3)=&NR(1),&QWPw(3,$ap));
+        &mul($a1,$word,($l1)=&NR(1));   &FR($a1);
+         &ld(($r3)=&NR(1),&QWPw(3,$rp));
+        &add($r0,$l0,$r0);
+         &add($r1,$l1,$r1);
+        &cmpult($r0,$l0,($t0)=&NR(1));  &FR($l0);
+         &cmpult($r1,$l1,($t1)=&NR(1)); &FR($l1);
+        &muh($a2,$word,($h2)=&NR(1));
+         &add($r0,$cc,$r0);
+        &add($h0,$t0,$h0);              &FR($t0);
+         &cmpult($r0,$cc,$cc);
+        &add($h1,$t1,$h1);              &FR($t1);
+         &add($h0,$cc,$cc);             &FR($h0);
+        &mul($a2,$word,($l2)=&NR(1));   &FR($a2);
+         &add($r1,$cc,$r1);
+        &cmpult($r1,$cc,$cc);
+         &add($r2,$l2,$r2);
+        &add($h1,$cc,$cc);              &FR($h1);
+         &cmpult($r2,$l2,($t2)=&NR(1)); &FR($l2);
+        &muh($a3,$word,($h3)=&NR(1));
+         &add($r2,$cc,$r2);
+        &st($r0,&QWPw(0,$rp)); &FR($r0);
+         &add($h2,$t2,$h2);             &FR($t2);
+        &st($r1,&QWPw(1,$rp)); &FR($r1);
+         &cmpult($r2,$cc,$cc);
+        &mul($a3,$word,($l3)=&NR(1));   &FR($a3);
+         &add($h2,$cc,$cc);             &FR($h2);
+        &st($r2,&QWPw(2,$rp)); &FR($r2);
+         &sub($count,4,$count); # count-=4
+         &add($rp,4*$QWS,$rp);  # count+=4
+        &add($r3,$l3,$r3);
+         &add($ap,4*$QWS,$ap);  # count+=4
+        &cmpult($r3,$l3,($t3)=&NR(1));  &FR($l3);
+         &add($r3,$cc,$r3);
+        &add($h3,$t3,$h3);              &FR($t3);
+         &cmpult($r3,$cc,$cc);
+        &st($r3,&QWPw(-1,$rp)); &FR($r3);
+         &add($h3,$cc,$cc);             &FR($h3);
+
+        ###
+         &blt($count,&label("finish"));
+        &ld(($a0)=&NR(1),&QWPw(0,$ap));
+         &br(&label("loop"));
+EOF
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
+         &ld(($r0)=&NR(1),&QWPw(0,$rp));        # get b
+        ###
+         ###
+        &muh($a0,$word,($h0)=&NR(1));   &FR($a0);
+         ### wait 8
+        &mul($a0,$word,($l0)=&NR(1));   &FR($a0);
+         &add($rp,$QWS,$rp);
+        &add($ap,$QWS,$ap);
+         &sub($count,1,$count);
+        ### wait 3 until l0 is available
+        &add($r0,$l0,$r0);
+         ###
+        &cmpult($r0,$l0,($t0)=&NR(1));  &FR($l0);
+         &add($r0,$cc,$r0);
+        &add($h0,$t0,$h0);              &FR($t0);
+         &cmpult($r0,$cc,$cc);
+        &add($h0,$cc,$cc);              &FR($h0);
+
+        &st($r0,&QWPw(-1,$rp));         &FR($r0);
+         &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+         &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_c4.pl b/src/lib/libcrypto/bn/asm/alpha/mul_c4.pl
new file mode 100644
index 0000000000..9cc876ded4
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/mul_c4.pl
@@ -0,0 +1,215 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+# upto
+
+sub mul_add_c
+        {
+        local($a,$b,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+        &mul($a,$b,($l1)=&NR(1));
+        &muh($a,$b,($h1)=&NR(1));
+        &add($c0,$l1,$c0);
+        &cmpult($c0,$l1,($t1)=&NR(1));  &FR($l1);
+        &add($t1,$h1,$h1);              &FR($t1);
+        &add($c1,$h1,$c1);
+        &cmpult($c1,$h1,($t2)=&NR(1));  &FR($h1);
+        &add($c2,$t2,$c2);              &FR($t2);
+        }
+
+sub bn_mul_comba4
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(3);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($b[0])=&NR(1),&QWPw(0,$bp));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[1])=&NR(1),&QWPw(1,$bp));
+        &mul($a[0],$b[0],($r00)=&NR(1));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($b[2])=&NR(1),&QWPw(2,$bp));
+        &muh($a[0],$b[0],($r01)=&NR(1));
+        &FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap));
+        &FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp));
+        &mul($a[0],$b[1],($r02)=&NR(1));
+
+        ($R,$H1,$H2)=&NR(3);
+
+        &st($r00,&QWPw(0,$rp)); &FR($r00);
+
+        &mov("zero",$R);
+        &mul($a[1],$b[0],($r03)=&NR(1));
+
+        &mov("zero",$H1);
+        &mov("zero",$H0);
+         &add($R,$r01,$R);
+        &muh($a[0],$b[1],($r04)=&NR(1));
+         &cmpult($R,$r01,($t01)=&NR(1));        &FR($r01);
+         &add($R,$r02,$R);
+         &add($H1,$t01,$H1)                     &FR($t01);
+        &muh($a[1],$b[0],($r05)=&NR(1));
+         &cmpult($R,$r02,($t02)=&NR(1));        &FR($r02);
+         &add($R,$r03,$R);
+         &add($H2,$t02,$H2)                     &FR($t02);
+        &mul($a[0],$b[2],($r06)=&NR(1));
+         &cmpult($R,$r03,($t03)=&NR(1));        &FR($r03);
+         &add($H1,$t03,$H1)                     &FR($t03);
+        &st($R,&QWPw(1,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r04,$R);
+        &mov("zero",$H2);
+        &mul($a[1],$b[1],($r07)=&NR(1));
+         &cmpult($R,$r04,($t04)=&NR(1));        &FR($r04);
+         &add($R,$r05,$R);
+         &add($H1,$t04,$H1)                     &FR($t04);
+        &mul($a[2],$b[0],($r08)=&NR(1));
+         &cmpult($R,$r05,($t05)=&NR(1));        &FR($r05);
+         &add($R,$r01,$R);
+         &add($H2,$t05,$H2)                     &FR($t05);
+        &muh($a[0],$b[2],($r09)=&NR(1));
+         &cmpult($R,$r06,($t06)=&NR(1));        &FR($r06);
+         &add($R,$r07,$R);
+         &add($H1,$t06,$H1)                     &FR($t06);
+        &muh($a[1],$b[1],($r10)=&NR(1));
+         &cmpult($R,$r07,($t07)=&NR(1));        &FR($r07);
+         &add($R,$r08,$R);
+         &add($H2,$t07,$H2)                     &FR($t07);
+        &muh($a[2],$b[0],($r11)=&NR(1));
+         &cmpult($R,$r08,($t08)=&NR(1));        &FR($r08);
+         &add($H1,$t08,$H1)                     &FR($t08);
+        &st($R,&QWPw(2,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r09,$R);
+        &mov("zero",$H2);
+        &mul($a[0],$b[3],($r12)=&NR(1));
+         &cmpult($R,$r09,($t09)=&NR(1));        &FR($r09);
+         &add($R,$r10,$R);
+         &add($H1,$t09,$H1)                     &FR($t09);
+        &mul($a[1],$b[2],($r13)=&NR(1));
+         &cmpult($R,$r10,($t10)=&NR(1));        &FR($r10);
+         &add($R,$r11,$R);
+         &add($H1,$t10,$H1)                     &FR($t10);
+        &mul($a[2],$b[1],($r14)=&NR(1));
+         &cmpult($R,$r11,($t11)=&NR(1));        &FR($r11);
+         &add($R,$r12,$R);
+         &add($H1,$t11,$H1)                     &FR($t11);
+        &mul($a[3],$b[0],($r15)=&NR(1));
+         &cmpult($R,$r12,($t12)=&NR(1));        &FR($r12);
+         &add($R,$r13,$R);
+         &add($H1,$t12,$H1)                     &FR($t12);
+        &muh($a[0],$b[3],($r16)=&NR(1));
+         &cmpult($R,$r13,($t13)=&NR(1));        &FR($r13);
+         &add($R,$r14,$R);
+         &add($H1,$t13,$H1)                     &FR($t13);
+        &muh($a[1],$b[2],($r17)=&NR(1));
+         &cmpult($R,$r14,($t14)=&NR(1));        &FR($r14);
+         &add($R,$r15,$R);
+         &add($H1,$t14,$H1)                     &FR($t14);
+        &muh($a[2],$b[1],($r18)=&NR(1));
+         &cmpult($R,$r15,($t15)=&NR(1));        &FR($r15);
+         &add($H1,$t15,$H1)                     &FR($t15);
+        &st($R,&QWPw(3,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r16,$R);
+        &mov("zero",$H2);
+        &muh($a[3],$b[0],($r19)=&NR(1));
+         &cmpult($R,$r16,($t16)=&NR(1));        &FR($r16);
+         &add($R,$r17,$R);
+         &add($H1,$t16,$H1)                     &FR($t16);
+        &mul($a[1],$b[3],($r20)=&NR(1));
+         &cmpult($R,$r17,($t17)=&NR(1));        &FR($r17);
+         &add($R,$r18,$R);
+         &add($H1,$t17,$H1)                     &FR($t17);
+        &mul($a[2],$b[2],($r21)=&NR(1));
+         &cmpult($R,$r18,($t18)=&NR(1));        &FR($r18);
+         &add($R,$r19,$R);
+         &add($H1,$t18,$H1)                     &FR($t18);
+        &mul($a[3],$b[1],($r22)=&NR(1));
+         &cmpult($R,$r19,($t19)=&NR(1));        &FR($r19);
+         &add($R,$r20,$R);
+         &add($H1,$t19,$H1)                     &FR($t19);
+        &muh($a[1],$b[3],($r23)=&NR(1));
+         &cmpult($R,$r20,($t20)=&NR(1));        &FR($r20);
+         &add($R,$r21,$R);
+         &add($H1,$t20,$H1)                     &FR($t20);
+        &muh($a[2],$b[2],($r24)=&NR(1));
+         &cmpult($R,$r21,($t21)=&NR(1));        &FR($r21);
+         &add($R,$r22,$R);
+         &add($H1,$t21,$H1)                     &FR($t21);
+        &muh($a[3],$b[1],($r25)=&NR(1));
+         &cmpult($R,$r22,($t22)=&NR(1));        &FR($r22);
+         &add($H1,$t22,$H1)                     &FR($t22);
+        &st($R,&QWPw(4,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r23,$R);
+        &mov("zero",$H2);
+        &mul($a[2],$b[3],($r26)=&NR(1));
+         &cmpult($R,$r23,($t23)=&NR(1));        &FR($r23);
+         &add($R,$r24,$R);
+         &add($H1,$t23,$H1)                     &FR($t23);
+        &mul($a[3],$b[2],($r27)=&NR(1));
+         &cmpult($R,$r24,($t24)=&NR(1));        &FR($r24);
+         &add($R,$r25,$R);
+         &add($H1,$t24,$H1)                     &FR($t24);
+        &muh($a[2],$b[3],($r28)=&NR(1));
+         &cmpult($R,$r25,($t25)=&NR(1));        &FR($r25);
+         &add($R,$r26,$R);
+         &add($H1,$t25,$H1)                     &FR($t25);
+        &muh($a[3],$b[2],($r29)=&NR(1));
+         &cmpult($R,$r26,($t26)=&NR(1));        &FR($r26);
+         &add($R,$r27,$R);
+         &add($H1,$t26,$H1)                     &FR($t26);
+        &mul($a[3],$b[3],($r30)=&NR(1));
+         &cmpult($R,$r27,($t27)=&NR(1));        &FR($r27);
+         &add($H1,$t27,$H1)                     &FR($t27);
+        &st($R,&QWPw(5,$rp));
+        &add($H1,$H2,$R);
+
+        &mov("zero",$H1);
+         &add($R,$r28,$R);
+        &mov("zero",$H2);
+        &muh($a[3],$b[3],($r31)=&NR(1));
+         &cmpult($R,$r28,($t28)=&NR(1));        &FR($r28);
+         &add($R,$r29,$R);
+         &add($H1,$t28,$H1)                     &FR($t28);
+        ############
+         &cmpult($R,$r29,($t29)=&NR(1));        &FR($r29);
+         &add($R,$r30,$R);
+         &add($H1,$t29,$H1)                     &FR($t29);
+        ############
+         &cmpult($R,$r30,($t30)=&NR(1));        &FR($r30);
+         &add($H1,$t30,$H1)                     &FR($t30);
+        &st($R,&QWPw(6,$rp));
+        &add($H1,$H2,$R);
+
+         &add($R,$r31,$R);                      &FR($r31);
+        &st($R,&QWPw(7,$rp));
+
+        &FR($R,$H1,$H2);
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl b/src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl
new file mode 100644
index 0000000000..79d86dd25c
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/mul_c4.works.pl
@@ -0,0 +1,98 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub mul_add_c
+        {
+        local($a,$b,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+print STDERR "count=$cnt\n"; $cnt++;
+        &mul($a,$b,($l1)=&NR(1));
+        &muh($a,$b,($h1)=&NR(1));
+        &add($c0,$l1,$c0);
+        &cmpult($c0,$l1,($t1)=&NR(1));  &FR($l1);
+        &add($t1,$h1,$h1);              &FR($t1);
+        &add($c1,$h1,$c1);
+        &cmpult($c1,$h1,($t2)=&NR(1));  &FR($h1);
+        &add($c2,$t2,$c2);              &FR($t2);
+        }
+
+sub bn_mul_comba4
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(3);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($b[0])=&NR(1),&QWPw(0,$bp));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[1])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($b[2])=&NR(1),&QWPw(2,$bp));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap));       &FR($ap);
+        &ld(($b[3])=&NR(1),&QWPw(3,$bp));       &FR($bp);
+
+        ($c0,$c1,$c2)=&NR(3);
+        &mov("zero",$c2);
+        &mul($a[0],$b[0],$c0);
+        &muh($a[0],$b[0],$c1);
+        &st($c0,&QWPw(0,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[3],$c0,$c1,$c2);    &FR($a[0]);
+        &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[0],$c0,$c1,$c2);    &FR($b[0]);
+        &st($c0,&QWPw(3,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[1],$b[3],$c0,$c1,$c2);    &FR($a[1]);
+        &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[1],$c0,$c1,$c2);    &FR($b[1]);
+        &st($c0,&QWPw(4,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[2],$b[3],$c0,$c1,$c2);    &FR($a[2]);
+        &mul_add_c($a[3],$b[2],$c0,$c1,$c2);    &FR($b[2]);
+        &st($c0,&QWPw(5,$rp));                  &FR($c0); ($c0)=&NR($c0);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[3],$b[3],$c0,$c1,$c2);    &FR($a[3],$b[3]);
+        &st($c0,&QWPw(6,$rp));
+        &st($c1,&QWPw(7,$rp));
+
+        &FR($c0,$c1,$c2);
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/mul_c8.pl b/src/lib/libcrypto/bn/asm/alpha/mul_c8.pl
new file mode 100644
index 0000000000..525ca7494b
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/mul_c8.pl
@@ -0,0 +1,177 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_mul_comba8
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(3);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &stack_push(2);
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($b[0])=&NR(1),&QWPw(0,$bp));
+        &st($reg_s0,&swtmp(0)); &FR($reg_s0);
+        &st($reg_s1,&swtmp(1)); &FR($reg_s1);
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[1])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($b[2])=&NR(1),&QWPw(2,$bp));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap));
+        &ld(($b[3])=&NR(1),&QWPw(3,$bp));
+        &ld(($a[4])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[4])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[5])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[5])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[6])=&NR(1),&QWPw(1,$ap));
+        &ld(($b[6])=&NR(1),&QWPw(1,$bp));
+        &ld(($a[7])=&NR(1),&QWPw(1,$ap));       &FR($ap);
+        &ld(($b[7])=&NR(1),&QWPw(1,$bp));       &FR($bp);
+
+        ($c0,$c1,$c2)=&NR(3);
+        &mov("zero",$c2);
+        &mul($a[0],$b[0],$c0);
+        &muh($a[0],$b[0],$c1);
+        &st($c0,&QWPw(0,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(3,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(4,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(5,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[1],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(6,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[0],$b[7],$c0,$c1,$c2);    &FR($a[0]);
+        &mul_add_c($a[1],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[2],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[1],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[0],$c0,$c1,$c2);    &FR($b[0]);
+        &st($c0,&QWPw(7,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[1],$b[7],$c0,$c1,$c2);    &FR($a[1]);
+        &mul_add_c($a[2],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[3],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[2],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[1],$c0,$c1,$c2);    &FR($b[1]);
+        &st($c0,&QWPw(8,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[2],$b[7],$c0,$c1,$c2);    &FR($a[2]);
+        &mul_add_c($a[3],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[4],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[3],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[2],$c0,$c1,$c2);    &FR($b[2]);
+        &st($c0,&QWPw(9,$rp));                  &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[3],$b[7],$c0,$c1,$c2);    &FR($a[3]);
+        &mul_add_c($a[4],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[5],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[4],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[3],$c0,$c1,$c2);    &FR($b[3]);
+        &st($c0,&QWPw(10,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[4],$b[7],$c0,$c1,$c2);    &FR($a[4]);
+        &mul_add_c($a[5],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[6],$b[5],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[4],$c0,$c1,$c2);    &FR($b[4]);
+        &st($c0,&QWPw(11,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[5],$b[7],$c0,$c1,$c2);    &FR($a[5]);
+        &mul_add_c($a[6],$b[6],$c0,$c1,$c2);
+        &mul_add_c($a[7],$b[5],$c0,$c1,$c2);    &FR($b[5]);
+        &st($c0,&QWPw(12,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[6],$b[7],$c0,$c1,$c2);    &FR($a[6]);
+        &mul_add_c($a[7],$b[6],$c0,$c1,$c2);    &FR($b[6]);
+        &st($c0,&QWPw(13,$rp));                 &FR($c0); ($c0)=&NR(1);
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &mul_add_c($a[7],$b[7],$c0,$c1,$c2);    &FR($a[7],$b[7]);
+        &st($c0,&QWPw(14,$rp));
+        &st($c1,&QWPw(15,$rp));
+
+        &FR($c0,$c1,$c2);
+
+        &ld($reg_s0,&swtmp(0));
+        &ld($reg_s1,&swtmp(1));
+        &stack_pop(2);
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/sqr.pl b/src/lib/libcrypto/bn/asm/alpha/sqr.pl
new file mode 100644
index 0000000000..a55b696906
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/sqr.pl
@@ -0,0 +1,113 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_sqr_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r,$couny);
+
+        &init_pool(3);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $count=&wparam(2);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &br(&label("finish"));
+        &blt($count,&label("finish"));
+
+        ($a0,$r0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($r0,&QWPw(0,$rp));
+
+$a=<<'EOF';
+##########################################################
+        &set_label("loop");
+
+        ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
+        ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
+        ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
+        ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
+        ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
+        ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
+
+        ($o0,$t0)=&NR(2);
+        &add($a0,$b0,$o0); 
+        &cmpult($o0,$b0,$t0);
+        &add($o0,$cc,$o0);
+        &cmpult($o0,$cc,$cc);
+        &add($cc,$t0,$cc);      &FR($t0);
+
+        ($t1,$o1)=&NR(2);
+
+        &add($a1,$b1,$o1);      &FR($a1);
+        &cmpult($o1,$b1,$t1);   &FR($b1);
+        &add($o1,$cc,$o1);
+        &cmpult($o1,$cc,$cc);
+        &add($cc,$t1,$cc);      &FR($t1);
+
+        ($t2,$o2)=&NR(2);
+
+        &add($a2,$b2,$o2);      &FR($a2);
+        &cmpult($o2,$b2,$t2);   &FR($b2);
+        &add($o2,$cc,$o2);
+        &cmpult($o2,$cc,$cc);
+        &add($cc,$t2,$cc);      &FR($t2);
+
+        ($t3,$o3)=&NR(2);
+
+        &add($a3,$b3,$o3);      &FR($a3);
+        &cmpult($o3,$b3,$t3);   &FR($b3);
+        &add($o3,$cc,$o3);
+        &cmpult($o3,$cc,$cc);
+        &add($cc,$t3,$cc);      &FR($t3);
+
+        &st($o0,&QWPw(0,$rp)); &FR($o0);
+        &st($o1,&QWPw(0,$rp)); &FR($o1);
+        &st($o2,&QWPw(0,$rp)); &FR($o2);
+        &st($o3,&QWPw(0,$rp)); &FR($o3);
+
+        &sub($count,4,$count);  # count-=4
+        &add($ap,4*$QWS,$ap);   # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+        &add($rp,4*$QWS,$rp);   # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+EOF
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
+        &mul($a0,$a0,($l0)=&NR(1));
+         &add($ap,$QWS,$ap);
+         &add($rp,2*$QWS,$rp);
+         &sub($count,1,$count);
+        &muh($a0,$a0,($h0)=&NR(1));     &FR($a0);
+        &st($l0,&QWPw(-2,$rp));         &FR($l0);
+        &st($h0,&QWPw(-1,$rp));         &FR($h0);
+
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl b/src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl
new file mode 100644
index 0000000000..bf33f5b503
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/sqr_c4.pl
@@ -0,0 +1,109 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub sqr_add_c
+        {
+        local($a,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+        &mul($a,$a,($l1)=&NR(1));
+        &muh($a,$a,($h1)=&NR(1));
+        &add($c0,$l1,$c0);
+        &add($c1,$h1,$c1);
+        &cmpult($c0,$l1,($t1)=&NR(1));  &FR($l1);
+        &cmpult($c1,$h1,($t2)=&NR(1));  &FR($h1);
+        &add($c1,$t1,$c1);              &FR($t1);
+        &add($c2,$t2,$c2);              &FR($t2);
+        }
+
+sub sqr_add_c2
+        {
+        local($a,$b,$c0,$c1,$c2)=@_;
+        local($l1,$h1,$t1,$t2);
+
+        &mul($a,$b,($l1)=&NR(1));
+        &muh($a,$b,($h1)=&NR(1));
+        &cmplt($l1,"zero",($lc1)=&NR(1));
+        &cmplt($h1,"zero",($hc1)=&NR(1));
+        &add($l1,$l1,$l1);
+        &add($h1,$h1,$h1);
+        &add($h1,$lc1,$h1);             &FR($lc1);
+        &add($c2,$hc1,$c2);             &FR($hc1);
+
+        &add($c0,$l1,$c0);
+        &add($c1,$h1,$c1);
+        &cmpult($c0,$l1,($lc1)=&NR(1)); &FR($l1);
+        &cmpult($c1,$h1,($hc1)=&NR(1)); &FR($h1);
+
+        &add($c1,$lc1,$c1);             &FR($lc1);
+        &add($c2,$hc1,$c2);             &FR($hc1);
+        }
+
+
+sub bn_sqr_comba4
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(2);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
+
+        ($c0,$c1,$c2)=&NR(3);
+
+        &mov("zero",$c2);
+        &mul($a[0],$a[0],$c0);
+        &muh($a[0],$a[0],$c1);
+        &st($c0,&QWPw(0,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[0],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
+        &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(3,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(4,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
+        &st($c0,&QWPw(5,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[3],$c0,$c1,$c2);
+        &st($c0,&QWPw(6,$rp));
+        &st($c1,&QWPw(7,$rp));
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl b/src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl
new file mode 100644
index 0000000000..b4afe085f1
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/sqr_c8.pl
@@ -0,0 +1,132 @@
+#!/usr/local/bin/perl
+# alpha assember 
+
+sub bn_sqr_comba8
+        {
+        local($name)=@_;
+        local(@a,@b,$r,$c0,$c1,$c2);
+
+        $cnt=1;
+        &init_pool(2);
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+
+        &function_begin($name,"");
+
+        &comment("");
+
+        &ld(($a[0])=&NR(1),&QWPw(0,$ap));
+        &ld(($a[1])=&NR(1),&QWPw(1,$ap));
+        &ld(($a[2])=&NR(1),&QWPw(2,$ap));
+        &ld(($a[3])=&NR(1),&QWPw(3,$ap));
+        &ld(($a[4])=&NR(1),&QWPw(4,$ap));
+        &ld(($a[5])=&NR(1),&QWPw(5,$ap));
+        &ld(($a[6])=&NR(1),&QWPw(6,$ap));
+        &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap);
+
+        ($c0,$c1,$c2)=&NR(3);
+
+        &mov("zero",$c2);
+        &mul($a[0],$a[0],$c0);
+        &muh($a[0],$a[0],$c1);
+        &st($c0,&QWPw(0,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[1],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(1,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(2,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(3,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[4],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(4,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[4],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(5,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[4],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(6,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[4],$a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[1],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[0],$c0,$c1,$c2);
+        &st($c0,&QWPw(7,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[4],$c0,$c1,$c2);
+        &sqr_add_c2($a[5],$a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[2],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[1],$c0,$c1,$c2);
+        &st($c0,&QWPw(8,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[5],$a[4],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[3],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[2],$c0,$c1,$c2);
+        &st($c0,&QWPw(9,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[5],$c0,$c1,$c2);
+        &sqr_add_c2($a[6],$a[4],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[3],$c0,$c1,$c2);
+        &st($c0,&QWPw(10,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[6],$a[5],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[4],$c0,$c1,$c2);
+        &st($c0,&QWPw(11,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[6],$c0,$c1,$c2);
+        &sqr_add_c2($a[7],$a[5],$c0,$c1,$c2);
+        &st($c0,&QWPw(12,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c2($a[7],$a[6],$c0,$c1,$c2);
+        &st($c0,&QWPw(13,$rp));
+        ($c0,$c1,$c2)=($c1,$c2,$c0);
+        &mov("zero",$c2);
+
+        &sqr_add_c($a[7],$c0,$c1,$c2);
+        &st($c0,&QWPw(14,$rp));
+        &st($c1,&QWPw(15,$rp));
+
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/alpha/sub.pl b/src/lib/libcrypto/bn/asm/alpha/sub.pl
new file mode 100644
index 0000000000..d998da5c21
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha/sub.pl
@@ -0,0 +1,108 @@
+#!/usr/local/bin/perl
+# alpha assember
+
+sub bn_sub_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r);
+
+        &init_pool(4);
+        ($cc)=GR("r0");
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+        $count=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &blt($count,&label("finish"));
+
+        ($a0,$b0)=&NR(2);
+        &ld($a0,&QWPw(0,$ap));
+        &ld($b0,&QWPw(0,$bp));
+
+##########################################################
+        &set_label("loop");
+
+        ($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8);
+        &ld($a1,&QWPw(1,$ap));
+         &cmpult($a0,$b0,$tmp); # will we borrow?
+        &ld($b1,&QWPw(1,$bp));
+         &sub($a0,$b0,$a0);             # do the subtract
+        &ld($a2,&QWPw(2,$ap));
+         &cmpult($a0,$cc,$b0);  # will we borrow?
+        &ld($b2,&QWPw(2,$bp));
+         &sub($a0,$cc,$o0);     # will we borrow?
+        &ld($a3,&QWPw(3,$ap));
+         &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp);
+
+        &cmpult($a1,$b1,$t1);   # will we borrow?
+         &sub($a1,$b1,$a1);     # do the subtract
+        &ld($b3,&QWPw(3,$bp));
+         &cmpult($a1,$cc,$b1);  # will we borrow?
+        &sub($a1,$cc,$o1);      # will we borrow?
+         &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1);
+        
+        &cmpult($a2,$b2,$tmp);  # will we borrow?
+         &sub($a2,$b2,$a2);             # do the subtract
+        &st($o0,&QWPw(0,$rp));  &FR($o0); # save
+         &cmpult($a2,$cc,$b2);  # will we borrow?
+        &sub($a2,$cc,$o2);      # will we borrow?
+         &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2);
+
+        &cmpult($a3,$b3,$t3);   # will we borrow?
+         &sub($a3,$b3,$a3);     # do the subtract
+        &st($o1,&QWPw(1,$rp)); &FR($o1);
+         &cmpult($a3,$cc,$b3);  # will we borrow?
+        &sub($a3,$cc,$o3);      # will we borrow?
+         &add($b3,$t3,$cc); &FR($t3,$a3,$b3);
+
+        &st($o2,&QWPw(2,$rp));  &FR($o2);
+         &sub($count,4,$count); # count-=4
+        &st($o3,&QWPw(3,$rp));  &FR($o3);
+         &add($ap,4*$QWS,$ap);  # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+         &add($rp,4*$QWS,$rp);  # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld($a0,&QWPw(0,$ap));  # get a
+         &ld($b0,&QWPw(0,$bp)); # get b
+        &cmpult($a0,$b0,$tmp);  # will we borrow?
+        &sub($a0,$b0,$a0);      # do the subtract
+        &cmpult($a0,$cc,$b0);   # will we borrow?
+        &sub($a0,$cc,$a0);      # will we borrow?
+        &st($a0,&QWPw(0,$rp));  # save
+        &add($b0,$tmp,$cc);     # add the borrows
+
+        &add($ap,$QWS,$ap);
+        &add($bp,$QWS,$bp);
+        &add($rp,$QWS,$rp);
+        &sub($count,1,$count);
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &FR($a0,$b0);
+        &set_label("end");
+        &function_end($name);
+
+        &fin_pool;
+        }
+
+1;
diff --git a/src/lib/libcrypto/bn/asm/bn-alpha.pl b/src/lib/libcrypto/bn/asm/bn-alpha.pl
new file mode 100644
index 0000000000..302edf2376
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/bn-alpha.pl
@@ -0,0 +1,571 @@
+#!/usr/local/bin/perl
+# I have this in perl so I can use more usefull register names and then convert
+# them into alpha registers.
+#
+
+$d=&data();
+$d =~ s/CC/0/g;
+$d =~ s/R1/1/g;
+$d =~ s/R2/2/g;
+$d =~ s/R3/3/g;
+$d =~ s/R4/4/g;
+$d =~ s/L1/5/g;
+$d =~ s/L2/6/g;
+$d =~ s/L3/7/g;
+$d =~ s/L4/8/g;
+$d =~ s/O1/22/g;
+$d =~ s/O2/23/g;
+$d =~ s/O3/24/g;
+$d =~ s/O4/25/g;
+$d =~ s/A1/20/g;
+$d =~ s/A2/21/g;
+$d =~ s/A3/27/g;
+$d =~ s/A4/28/g;
+if (0){
+}
+
+print $d;
+
+sub data
+        {
+        local($data)=<<'EOF';
+
+ # DEC Alpha assember
+ # The bn_div_words is actually gcc output but the other parts are hand done.
+ # Thanks to tzeruch@ceddec.com for sending me the gcc output for
+ # bn_div_words.
+ # I've gone back and re-done most of routines.
+ # The key thing to remeber for the 164 CPU is that while a
+ # multiply operation takes 8 cycles, another one can only be issued
+ # after 4 cycles have elapsed.  I've done modification to help
+ # improve this.  Also, normally, a ld instruction will not be available
+ # for about 3 cycles.
+        .file   1 "bn_asm.c"
+        .set noat
+gcc2_compiled.:
+__gnu_compiled_c:
+        .text
+        .align 3
+        .globl bn_mul_add_words
+        .ent bn_mul_add_words
+bn_mul_add_words:
+bn_mul_add_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+        .align 5
+        subq    $18,4,$18
+        bis     $31,$31,$CC
+        blt     $18,$43         # if we are -1, -2, -3 or -4 goto tail code
+        ldq     $A1,0($17)      # 1 1
+        ldq     $R1,0($16)      # 1 1
+        .align 3
+$42:
+        mulq    $A1,$19,$L1     # 1 2 1 ######
+        ldq     $A2,8($17)      # 2 1
+        ldq     $R2,8($16)      # 2 1
+        umulh   $A1,$19,$A1     # 1 2   ######
+        ldq     $A3,16($17)     # 3 1
+        ldq     $R3,16($16)     # 3 1
+        mulq    $A2,$19,$L2     # 2 2 1 ######
+         ldq    $A4,24($17)     # 4 1
+        addq    $R1,$L1,$R1     # 1 2 2
+         ldq    $R4,24($16)     # 4 1
+        umulh   $A2,$19,$A2     # 2 2   ######
+         cmpult $R1,$L1,$O1     # 1 2 3 1
+        addq    $A1,$O1,$A1     # 1 3 1
+         addq   $R1,$CC,$R1     # 1 2 3 1
+        mulq    $A3,$19,$L3     # 3 2 1 ######
+         cmpult $R1,$CC,$CC     # 1 2 3 2
+        addq    $R2,$L2,$R2     # 2 2 2
+         addq   $A1,$CC,$CC     # 1 3 2 
+        cmpult  $R2,$L2,$O2     # 2 2 3 1
+         addq   $A2,$O2,$A2     # 2 3 1
+        umulh   $A3,$19,$A3     # 3 2   ######
+         addq   $R2,$CC,$R2     # 2 2 3 1
+        cmpult  $R2,$CC,$CC     # 2 2 3 2
+         subq   $18,4,$18
+        mulq    $A4,$19,$L4     # 4 2 1 ######
+         addq   $A2,$CC,$CC     # 2 3 2 
+        addq    $R3,$L3,$R3     # 3 2 2
+         addq   $16,32,$16
+        cmpult  $R3,$L3,$O3     # 3 2 3 1
+         stq    $R1,-32($16)    # 1 2 4
+        umulh   $A4,$19,$A4     # 4 2   ######
+         addq   $A3,$O3,$A3     # 3 3 1
+        addq    $R3,$CC,$R3     # 3 2 3 1
+         stq    $R2,-24($16)    # 2 2 4
+        cmpult  $R3,$CC,$CC     # 3 2 3 2
+         stq    $R3,-16($16)    # 3 2 4
+        addq    $R4,$L4,$R4     # 4 2 2
+         addq   $A3,$CC,$CC     # 3 3 2 
+        cmpult  $R4,$L4,$O4     # 4 2 3 1
+         addq   $17,32,$17
+        addq    $A4,$O4,$A4     # 4 3 1
+         addq   $R4,$CC,$R4     # 4 2 3 1
+        cmpult  $R4,$CC,$CC     # 4 2 3 2
+         stq    $R4,-8($16)     # 4 2 4
+        addq    $A4,$CC,$CC     # 4 3 2 
+         blt    $18,$43
+
+        ldq     $A1,0($17)      # 1 1
+        ldq     $R1,0($16)      # 1 1
+
+        br      $42
+
+        .align 4
+$45:
+        ldq     $A1,0($17)      # 4 1
+        ldq     $R1,0($16)      # 4 1
+        mulq    $A1,$19,$L1     # 4 2 1
+        subq    $18,1,$18
+        addq    $16,8,$16
+        addq    $17,8,$17
+        umulh   $A1,$19,$A1     # 4 2
+        addq    $R1,$L1,$R1     # 4 2 2
+        cmpult  $R1,$L1,$O1     # 4 2 3 1
+        addq    $A1,$O1,$A1     # 4 3 1
+        addq    $R1,$CC,$R1     # 4 2 3 1
+        cmpult  $R1,$CC,$CC     # 4 2 3 2
+        addq    $A1,$CC,$CC     # 4 3 2 
+        stq     $R1,-8($16)     # 4 2 4
+        bgt     $18,$45
+        ret     $31,($26),1     # else exit
+
+        .align 4
+$43:
+        addq    $18,4,$18
+        bgt     $18,$45         # goto tail code
+        ret     $31,($26),1     # else exit
+
+        .end bn_mul_add_words
+        .align 3
+        .globl bn_mul_words
+        .ent bn_mul_words
+bn_mul_words:
+bn_mul_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+        .align 5
+        subq    $18,4,$18
+        bis     $31,$31,$CC
+        blt     $18,$143        # if we are -1, -2, -3 or -4 goto tail code
+        ldq     $A1,0($17)      # 1 1
+        .align 3
+$142:
+
+        mulq    $A1,$19,$L1     # 1 2 1 #####
+         ldq    $A2,8($17)      # 2 1
+         ldq    $A3,16($17)     # 3 1
+        umulh   $A1,$19,$A1     # 1 2   #####
+         ldq    $A4,24($17)     # 4 1
+        mulq    $A2,$19,$L2     # 2 2 1 #####
+         addq   $L1,$CC,$L1     # 1 2 3 1
+        subq    $18,4,$18
+         cmpult $L1,$CC,$CC     # 1 2 3 2
+        umulh   $A2,$19,$A2     # 2 2   #####
+         addq   $A1,$CC,$CC     # 1 3 2 
+        addq    $17,32,$17
+         addq   $L2,$CC,$L2     # 2 2 3 1
+        mulq    $A3,$19,$L3     # 3 2 1 #####
+         cmpult $L2,$CC,$CC     # 2 2 3 2
+        addq    $A2,$CC,$CC     # 2 3 2 
+         addq   $16,32,$16
+        umulh   $A3,$19,$A3     # 3 2   #####
+         stq    $L1,-32($16)    # 1 2 4
+        mulq    $A4,$19,$L4     # 4 2 1 #####
+         addq   $L3,$CC,$L3     # 3 2 3 1
+        stq     $L2,-24($16)    # 2 2 4
+         cmpult $L3,$CC,$CC     # 3 2 3 2
+        umulh   $A4,$19,$A4     # 4 2   #####
+         addq   $A3,$CC,$CC     # 3 3 2 
+        stq     $L3,-16($16)    # 3 2 4
+         addq   $L4,$CC,$L4     # 4 2 3 1
+        cmpult  $L4,$CC,$CC     # 4 2 3 2
+
+        addq    $A4,$CC,$CC     # 4 3 2 
+
+        stq     $L4,-8($16)     # 4 2 4
+
+        blt     $18,$143
+
+        ldq     $A1,0($17)      # 1 1
+
+        br      $142
+
+        .align 4
+$145:
+        ldq     $A1,0($17)      # 4 1
+        mulq    $A1,$19,$L1     # 4 2 1
+        subq    $18,1,$18
+        umulh   $A1,$19,$A1     # 4 2
+        addq    $L1,$CC,$L1     # 4 2 3 1
+         addq   $16,8,$16
+        cmpult  $L1,$CC,$CC     # 4 2 3 2
+         addq   $17,8,$17
+        addq    $A1,$CC,$CC     # 4 3 2 
+        stq     $L1,-8($16)     # 4 2 4
+
+        bgt     $18,$145
+        ret     $31,($26),1     # else exit
+
+        .align 4
+$143:
+        addq    $18,4,$18
+        bgt     $18,$145        # goto tail code
+        ret     $31,($26),1     # else exit
+
+        .end bn_mul_words
+        .align 3
+        .globl bn_sqr_words
+        .ent bn_sqr_words
+bn_sqr_words:
+bn_sqr_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+
+        subq    $18,4,$18
+        blt     $18,$543        # if we are -1, -2, -3 or -4 goto tail code
+        ldq     $A1,0($17)      # 1 1
+        .align 3
+$542:
+        mulq    $A1,$A1,$L1             ######
+         ldq    $A2,8($17)      # 1 1
+        subq    $18,4
+        umulh   $A1,$A1,$R1             ######
+        ldq     $A3,16($17)     # 1 1
+        mulq    $A2,$A2,$L2             ######
+        ldq     $A4,24($17)     # 1 1
+        stq     $L1,0($16)      # r[0]
+        umulh   $A2,$A2,$R2             ######
+        stq     $R1,8($16)      # r[1]
+        mulq    $A3,$A3,$L3             ######
+        stq     $L2,16($16)     # r[0]
+        umulh   $A3,$A3,$R3             ######
+        stq     $R2,24($16)     # r[1]
+        mulq    $A4,$A4,$L4             ######
+        stq     $L3,32($16)     # r[0]
+        umulh   $A4,$A4,$R4             ######
+        stq     $R3,40($16)     # r[1]
+
+        addq    $16,64,$16
+        addq    $17,32,$17
+        stq     $L4,-16($16)    # r[0]
+        stq     $R4,-8($16)     # r[1]
+
+        blt     $18,$543
+        ldq     $A1,0($17)      # 1 1
+        br      $542
+
+$442:
+        ldq     $A1,0($17)   # a[0]
+        mulq    $A1,$A1,$L1  # a[0]*w low part       r2
+        addq    $16,16,$16
+        addq    $17,8,$17
+        subq    $18,1,$18
+        umulh   $A1,$A1,$R1  # a[0]*w high part       r3
+        stq     $L1,-16($16)   # r[0]
+        stq     $R1,-8($16)   # r[1]
+
+        bgt     $18,$442
+        ret     $31,($26),1     # else exit
+
+        .align 4
+$543:
+        addq    $18,4,$18
+        bgt     $18,$442        # goto tail code
+        ret     $31,($26),1     # else exit
+        .end bn_sqr_words
+
+        .align 3
+        .globl bn_add_words
+        .ent bn_add_words
+bn_add_words:
+bn_add_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+
+        subq    $19,4,$19
+        bis     $31,$31,$CC     # carry = 0
+        blt     $19,$900
+        ldq     $L1,0($17)      # a[0]
+        ldq     $R1,0($18)      # b[1]
+        .align 3
+$901:
+        addq    $R1,$L1,$R1     # r=a+b;
+         ldq    $L2,8($17)      # a[1]
+        cmpult  $R1,$L1,$O1     # did we overflow?
+         ldq    $R2,8($18)      # b[1]
+        addq    $R1,$CC,$R1     # c+= overflow
+         ldq    $L3,16($17)     # a[2]
+        cmpult  $R1,$CC,$CC     # overflow?
+         ldq    $R3,16($18)     # b[2]
+        addq    $CC,$O1,$CC
+         ldq    $L4,24($17)     # a[3]
+        addq    $R2,$L2,$R2     # r=a+b;
+         ldq    $R4,24($18)     # b[3]
+        cmpult  $R2,$L2,$O2     # did we overflow?
+         addq   $R3,$L3,$R3     # r=a+b;
+        addq    $R2,$CC,$R2     # c+= overflow
+         cmpult $R3,$L3,$O3     # did we overflow?
+        cmpult  $R2,$CC,$CC     # overflow?
+         addq   $R4,$L4,$R4     # r=a+b;
+        addq    $CC,$O2,$CC
+         cmpult $R4,$L4,$O4     # did we overflow?
+        addq    $R3,$CC,$R3     # c+= overflow
+         stq    $R1,0($16)      # r[0]=c
+        cmpult  $R3,$CC,$CC     # overflow?
+         stq    $R2,8($16)      # r[1]=c
+        addq    $CC,$O3,$CC
+         stq    $R3,16($16)     # r[2]=c
+        addq    $R4,$CC,$R4     # c+= overflow
+         subq   $19,4,$19       # loop--
+        cmpult  $R4,$CC,$CC     # overflow?
+         addq   $17,32,$17      # a++
+        addq    $CC,$O4,$CC
+         stq    $R4,24($16)     # r[3]=c
+        addq    $18,32,$18      # b++
+         addq   $16,32,$16      # r++
+
+        blt     $19,$900
+         ldq    $L1,0($17)      # a[0]
+        ldq     $R1,0($18)      # b[1]
+         br     $901
+        .align 4
+$945:
+        ldq     $L1,0($17)      # a[0]
+         ldq    $R1,0($18)      # b[1]
+        addq    $R1,$L1,$R1     # r=a+b;
+         subq   $19,1,$19       # loop--
+        addq    $R1,$CC,$R1     # c+= overflow
+         addq   $17,8,$17       # a++
+        cmpult  $R1,$L1,$O1     # did we overflow?
+         cmpult $R1,$CC,$CC     # overflow?
+        addq    $18,8,$18       # b++
+         stq    $R1,0($16)      # r[0]=c
+        addq    $CC,$O1,$CC
+         addq   $16,8,$16       # r++
+
+        bgt     $19,$945
+        ret     $31,($26),1     # else exit
+
+$900:
+        addq    $19,4,$19
+        bgt     $19,$945        # goto tail code
+        ret     $31,($26),1     # else exit
+        .end bn_add_words
+
+        .align 3
+        .globl bn_sub_words
+        .ent bn_sub_words
+bn_sub_words:
+bn_sub_words..ng:
+        .frame $30,0,$26,0
+        .prologue 0
+
+        subq    $19,4,$19
+        bis     $31,$31,$CC     # carry = 0
+ br     $800
+        blt     $19,$800
+        ldq     $L1,0($17)      # a[0]
+        ldq     $R1,0($18)      # b[1]
+        .align 3
+$801:
+        addq    $R1,$L1,$R1     # r=a+b;
+         ldq    $L2,8($17)      # a[1]
+        cmpult  $R1,$L1,$O1     # did we overflow?
+         ldq    $R2,8($18)      # b[1]
+        addq    $R1,$CC,$R1     # c+= overflow
+         ldq    $L3,16($17)     # a[2]
+        cmpult  $R1,$CC,$CC     # overflow?
+         ldq    $R3,16($18)     # b[2]
+        addq    $CC,$O1,$CC
+         ldq    $L4,24($17)     # a[3]
+        addq    $R2,$L2,$R2     # r=a+b;
+         ldq    $R4,24($18)     # b[3]
+        cmpult  $R2,$L2,$O2     # did we overflow?
+         addq   $R3,$L3,$R3     # r=a+b;
+        addq    $R2,$CC,$R2     # c+= overflow
+         cmpult $R3,$L3,$O3     # did we overflow?
+        cmpult  $R2,$CC,$CC     # overflow?
+         addq   $R4,$L4,$R4     # r=a+b;
+        addq    $CC,$O2,$CC
+         cmpult $R4,$L4,$O4     # did we overflow?
+        addq    $R3,$CC,$R3     # c+= overflow
+         stq    $R1,0($16)      # r[0]=c
+        cmpult  $R3,$CC,$CC     # overflow?
+         stq    $R2,8($16)      # r[1]=c
+        addq    $CC,$O3,$CC
+         stq    $R3,16($16)     # r[2]=c
+        addq    $R4,$CC,$R4     # c+= overflow
+         subq   $19,4,$19       # loop--
+        cmpult  $R4,$CC,$CC     # overflow?
+         addq   $17,32,$17      # a++
+        addq    $CC,$O4,$CC
+         stq    $R4,24($16)     # r[3]=c
+        addq    $18,32,$18      # b++
+         addq   $16,32,$16      # r++
+
+        blt     $19,$800
+         ldq    $L1,0($17)      # a[0]
+        ldq     $R1,0($18)      # b[1]
+         br     $801
+        .align 4
+$845:
+        ldq     $L1,0($17)      # a[0]
+         ldq    $R1,0($18)      # b[1]
+        cmpult  $L1,$R1,$O1     # will we borrow?
+         subq   $L1,$R1,$R1     # r=a-b;
+        subq    $19,1,$19       # loop--
+         cmpult  $R1,$CC,$O2    # will we borrow?
+        subq    $R1,$CC,$R1     # c+= overflow
+         addq   $17,8,$17       # a++
+        addq    $18,8,$18       # b++
+         stq    $R1,0($16)      # r[0]=c
+        addq    $O2,$O1,$CC
+         addq   $16,8,$16       # r++
+
+        bgt     $19,$845
+        ret     $31,($26),1     # else exit
+
+$800:
+        addq    $19,4,$19
+        bgt     $19,$845        # goto tail code
+        ret     $31,($26),1     # else exit
+        .end bn_sub_words
+
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+        .align 3
+        .globl bn_div_words
+        .ent bn_div_words
+bn_div_words:
+        ldgp $29,0($27)
+bn_div_words..ng:
+        lda $30,-48($30)
+        .frame $30,48,$26,0
+        stq $26,0($30)
+        stq $9,8($30)
+        stq $10,16($30)
+        stq $11,24($30)
+        stq $12,32($30)
+        stq $13,40($30)
+        .mask 0x4003e00,-48
+        .prologue 1
+        bis $16,$16,$9
+        bis $17,$17,$10
+        bis $18,$18,$11
+        bis $31,$31,$13
+        bis $31,2,$12
+        bne $11,$119
+        lda $0,-1
+        br $31,$136
+        .align 4
+$119:
+        bis $11,$11,$16
+        jsr $26,BN_num_bits_word
+        ldgp $29,0($26)
+        subq $0,64,$1
+        beq $1,$120
+        bis $31,1,$1
+        sll $1,$0,$1
+        cmpule $9,$1,$1
+        bne $1,$120
+ #      lda $16,_IO_stderr_
+ #      lda $17,$C32
+ #      bis $0,$0,$18
+ #      jsr $26,fprintf
+ #      ldgp $29,0($26)
+        jsr $26,abort
+        ldgp $29,0($26)
+        .align 4
+$120:
+        bis $31,64,$3
+        cmpult $9,$11,$2
+        subq $3,$0,$1
+        addl $1,$31,$0
+        subq $9,$11,$1
+        cmoveq $2,$1,$9
+        beq $0,$122
+        zapnot $0,15,$2
+        subq $3,$0,$1
+        sll $11,$2,$11
+        sll $9,$2,$3
+        srl $10,$1,$1
+        sll $10,$2,$10
+        bis $3,$1,$9
+$122:
+        srl $11,32,$5
+        zapnot $11,15,$6
+        lda $7,-1
+        .align 5
+$123:
+        srl $9,32,$1
+        subq $1,$5,$1
+        bne $1,$126
+        zapnot $7,15,$27
+        br $31,$127
+        .align 4
+$126:
+        bis $9,$9,$24
+        bis $5,$5,$25
+        divqu $24,$25,$27
+$127:
+        srl $10,32,$4
+        .align 5
+$128:
+        mulq $27,$5,$1
+        subq $9,$1,$3
+        zapnot $3,240,$1
+        bne $1,$129
+        mulq $6,$27,$2
+        sll $3,32,$1
+        addq $1,$4,$1
+        cmpule $2,$1,$2
+        bne $2,$129
+        subq $27,1,$27
+        br $31,$128
+        .align 4
+$129:
+        mulq $27,$6,$1
+        mulq $27,$5,$4
+        srl $1,32,$3
+        sll $1,32,$1
+        addq $4,$3,$4
+        cmpult $10,$1,$2
+        subq $10,$1,$10
+        addq $2,$4,$2
+        cmpult $9,$2,$1
+        bis $2,$2,$4
+        beq $1,$134
+        addq $9,$11,$9
+        subq $27,1,$27
+$134:
+        subl $12,1,$12
+        subq $9,$4,$9
+        beq $12,$124
+        sll $27,32,$13
+        sll $9,32,$2
+        srl $10,32,$1
+        sll $10,32,$10
+        bis $2,$1,$9
+        br $31,$123
+        .align 4
+$124:
+        bis $13,$27,$0
+$136:
+        ldq $26,0($30)
+        ldq $9,8($30)
+        ldq $10,16($30)
+        ldq $11,24($30)
+        ldq $12,32($30)
+        ldq $13,40($30)
+        addq $30,48,$30
+        ret $31,($26),1
+        .end bn_div_words
+EOF
+        return($data);
+        }
+
diff --git a/src/lib/libcrypto/bn/asm/ca.pl b/src/lib/libcrypto/bn/asm/ca.pl
new file mode 100644
index 0000000000..c1ce67a6b4
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/ca.pl
@@ -0,0 +1,33 @@
+#!/usr/local/bin/perl
+# I have this in perl so I can use more usefull register names and then convert
+# them into alpha registers.
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "alpha.pl";
+require "alpha/mul_add.pl";
+require "alpha/mul.pl";
+require "alpha/sqr.pl";
+require "alpha/add.pl";
+require "alpha/sub.pl";
+require "alpha/mul_c8.pl";
+require "alpha/mul_c4.pl";
+require "alpha/sqr_c4.pl";
+require "alpha/sqr_c8.pl";
+require "alpha/div.pl";
+
+&asm_init($ARGV[0],$0);
+
+&bn_mul_words("bn_mul_words");
+&bn_sqr_words("bn_sqr_words");
+&bn_mul_add_words("bn_mul_add_words");
+&bn_add_words("bn_add_words");
+&bn_sub_words("bn_sub_words");
+&bn_div_words("bn_div_words");
+&bn_mul_comba8("bn_mul_comba8");
+&bn_mul_comba4("bn_mul_comba4");
+&bn_sqr_comba4("bn_sqr_comba4");
+&bn_sqr_comba8("bn_sqr_comba8");
+
+&asm_finish();
+
diff --git a/src/lib/libcrypto/bn/asm/co-alpha.pl b/src/lib/libcrypto/bn/asm/co-alpha.pl
new file mode 100644
index 0000000000..67dad3e3d5
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/co-alpha.pl
@@ -0,0 +1,116 @@
+#!/usr/local/bin/perl
+# I have this in perl so I can use more usefull register names and then convert
+# them into alpha registers.
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "alpha.pl";
+
+&asm_init($ARGV[0],$0);
+
+print &bn_sub_words("bn_sub_words");
+
+&asm_finish();
+
+sub bn_sub_words
+        {
+        local($name)=@_;
+        local($cc,$a,$b,$r);
+
+        $cc="r0";
+        $a0="r1"; $b0="r5"; $r0="r9";  $tmp="r13";
+        $a1="r2"; $b1="r6"; $r1="r10"; $t1="r14";
+        $a2="r3"; $b2="r7"; $r2="r11";
+        $a3="r4"; $b3="r8"; $r3="r12"; $t3="r15";
+
+        $rp=&wparam(0);
+        $ap=&wparam(1);
+        $bp=&wparam(2);
+        $count=&wparam(3);
+
+        &function_begin($name,"");
+
+        &comment("");
+        &sub($count,4,$count);
+        &mov("zero",$cc);
+        &blt($count,&label("finish"));
+
+        &ld($a0,&QWPw(0,$ap));
+        &ld($b0,&QWPw(0,$bp));
+
+##########################################################
+        &set_label("loop");
+
+        &ld($a1,&QWPw(1,$ap));
+         &cmpult($a0,$b0,$tmp); # will we borrow?
+        &ld($b1,&QWPw(1,$bp));
+         &sub($a0,$b0,$a0);             # do the subtract
+        &ld($a2,&QWPw(2,$ap));
+         &cmpult($a0,$cc,$b0);  # will we borrow?
+        &ld($b2,&QWPw(2,$bp));
+         &sub($a0,$cc,$a0);     # will we borrow?
+        &ld($a3,&QWPw(3,$ap));
+         &add($b0,$tmp,$cc);    # add the borrows
+
+        &cmpult($a1,$b1,$t1);   # will we borrow?
+         &sub($a1,$b1,$a1);     # do the subtract
+        &ld($b3,&QWPw(3,$bp));
+         &cmpult($a1,$cc,$b1);  # will we borrow?
+        &sub($a1,$cc,$a1);      # will we borrow?
+         &add($b1,$t1,$cc);     # add the borrows
+
+        &cmpult($a2,$b2,$tmp);  # will we borrow?
+         &sub($a2,$b2,$a2);             # do the subtract
+        &st($a0,&QWPw(0,$rp));  # save
+         &cmpult($a2,$cc,$b2);  # will we borrow?
+        &sub($a2,$cc,$a2);      # will we borrow?
+         &add($b2,$tmp,$cc);    # add the borrows
+
+        &cmpult($a3,$b3,$t3);   # will we borrow?
+         &sub($a3,$b3,$a3);             # do the subtract
+        &st($a1,&QWPw(1,$rp));  # save
+         &cmpult($a3,$cc,$b3);  # will we borrow?
+        &sub($a3,$cc,$a3);      # will we borrow?
+         &add($b3,$t3,$cc);     # add the borrows
+
+        &st($a2,&QWPw(2,$rp));  # save
+         &sub($count,4,$count); # count-=4
+        &st($a3,&QWPw(3,$rp));  # save
+         &add($ap,4*$QWS,$ap);  # count+=4
+        &add($bp,4*$QWS,$bp);   # count+=4
+         &add($rp,4*$QWS,$rp);  # count+=4
+
+        &blt($count,&label("finish"));
+        &ld($a0,&QWPw(0,$ap));
+         &ld($b0,&QWPw(0,$bp));
+        &br(&label("loop"));
+##################################################
+        # Do the last 0..3 words
+
+        &set_label("last_loop");
+
+        &ld($a0,&QWPw(0,$ap));  # get a
+         &ld($b0,&QWPw(0,$bp)); # get b
+        &cmpult($a0,$b0,$tmp);  # will we borrow?
+        &sub($a0,$b0,$a0);      # do the subtract
+        &cmpult($a0,$cc,$b0);   # will we borrow?
+        &sub($a0,$cc,$a0);      # will we borrow?
+        &st($a0,&QWPw(0,$rp));  # save
+        &add($b0,$tmp,$cc);     # add the borrows
+
+        &add($ap,$QWS,$ap);
+        &add($bp,$QWS,$bp);
+        &add($rp,$QWS,$rp);
+        &sub($count,1,$count);
+        &bgt($count,&label("last_loop"));
+        &function_end_A($name);
+
+######################################################
+        &set_label("finish");
+        &add($count,4,$count);
+        &bgt($count,&label("last_loop"));
+
+        &set_label("end");
+        &function_end($name);
+        }
+
diff --git a/src/lib/libcrypto/bn/asm/mips1.s b/src/lib/libcrypto/bn/asm/mips1.s
new file mode 100644
index 0000000000..44fa1254c7
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/mips1.s
@@ -0,0 +1,539 @@
+/* This assember is for R2000/R3000 machines, or higher ones that do
+ * no want to do any 64 bit arithmatic.
+ * Make sure that the SSLeay bignum library is compiled with 
+ * THIRTY_TWO_BIT set.
+ * This must either be compiled with the system CC, or, if you use GNU gas,
+ * cc -E mips1.s|gas -o mips1.o
+ */
+        .set    reorder
+        .set    noat
+
+#define R1      $1
+#define CC      $2
+#define R2      $3
+#define R3      $8
+#define R4      $9
+#define L1      $10
+#define L2      $11
+#define L3      $12
+#define L4      $13
+#define H1      $14
+#define H2      $15
+#define H3      $24
+#define H4      $25
+
+#define P1      $4
+#define P2      $5
+#define P3      $6
+#define P4      $7
+
+        .align  2
+        .ent    bn_mul_add_words
+        .globl  bn_mul_add_words
+.text
+bn_mul_add_words:
+        .frame  $sp,0,$31
+        .mask   0x00000000,0
+        .fmask  0x00000000,0
+
+        #blt    P3,4,$lab34
+        
+        subu    R1,P3,4
+        move    CC,$0
+        bltz    R1,$lab34
+$lab2:  
+        lw      R1,0(P1)
+         lw     L1,0(P2)
+        lw      R2,4(P1)
+         lw     L2,4(P2)
+        lw      R3,8(P1)
+         lw     L3,8(P2)
+        lw      R4,12(P1)
+         lw     L4,12(P2)
+        multu   L1,P4
+         addu   R1,R1,CC
+        mflo    L1
+         sltu   CC,R1,CC
+        addu    R1,R1,L1
+         mfhi   H1
+        sltu    L1,R1,L1
+         sw     R1,0(P1)
+        addu    CC,CC,L1
+         multu  L2,P4
+        addu    CC,H1,CC
+        mflo    L2
+         addu   R2,R2,CC
+        sltu    CC,R2,CC
+         mfhi   H2
+        addu    R2,R2,L2
+         addu   P2,P2,16
+        sltu    L2,R2,L2
+         sw     R2,4(P1)
+        addu    CC,CC,L2
+         multu  L3,P4
+        addu    CC,H2,CC
+        mflo    L3
+         addu   R3,R3,CC
+        sltu    CC,R3,CC
+         mfhi   H3
+        addu    R3,R3,L3
+         addu   P1,P1,16
+        sltu    L3,R3,L3
+         sw     R3,-8(P1)
+        addu    CC,CC,L3
+         multu  L4,P4
+        addu    CC,H3,CC
+        mflo    L4
+         addu   R4,R4,CC
+        sltu    CC,R4,CC
+         mfhi   H4
+        addu    R4,R4,L4
+         subu   P3,P3,4
+        sltu    L4,R4,L4
+        addu    CC,CC,L4
+        addu    CC,H4,CC
+
+        subu    R1,P3,4
+        sw      R4,-4(P1)       # delay slot
+        bgez    R1,$lab2
+
+        bleu    P3,0,$lab3
+        .align  2
+$lab33: 
+        lw      L1,0(P2)
+         lw     R1,0(P1)
+        multu   L1,P4
+         addu   R1,R1,CC
+        sltu    CC,R1,CC
+         addu   P1,P1,4
+        mflo    L1
+         mfhi   H1
+        addu    R1,R1,L1
+         addu   P2,P2,4
+        sltu    L1,R1,L1
+         subu   P3,P3,1
+        addu    CC,CC,L1
+         sw     R1,-4(P1)
+        addu    CC,H1,CC
+         bgtz   P3,$lab33
+        j       $31
+        .align  2
+$lab3:
+        j       $31
+        .align  2
+$lab34:
+        bgt     P3,0,$lab33
+        j       $31
+        .end    bn_mul_add_words
+
+        .align  2
+        # Program Unit: bn_mul_words
+        .ent    bn_mul_words
+        .globl  bn_mul_words
+.text
+bn_mul_words:
+        .frame  $sp,0,$31
+        .mask   0x00000000,0
+        .fmask  0x00000000,0
+        
+        subu    P3,P3,4
+        move    CC,$0
+        bltz    P3,$lab45
+$lab44: 
+        lw      L1,0(P2)
+         lw     L2,4(P2)
+        lw      L3,8(P2)
+         lw     L4,12(P2)
+        multu   L1,P4
+         subu   P3,P3,4
+        mflo    L1
+         mfhi   H1
+        addu    L1,L1,CC
+         multu  L2,P4
+        sltu    CC,L1,CC
+         sw     L1,0(P1)
+        addu    CC,H1,CC
+         mflo   L2
+        mfhi    H2
+         addu   L2,L2,CC
+        multu   L3,P4
+         sltu   CC,L2,CC
+        sw      L2,4(P1)
+         addu   CC,H2,CC
+        mflo    L3
+         mfhi   H3
+        addu    L3,L3,CC
+         multu  L4,P4
+        sltu    CC,L3,CC
+         sw     L3,8(P1)
+        addu    CC,H3,CC
+         mflo   L4
+        mfhi    H4
+         addu   L4,L4,CC
+        addu    P1,P1,16
+         sltu   CC,L4,CC
+        addu    P2,P2,16
+         addu   CC,H4,CC
+        sw      L4,-4(P1)
+
+        bgez    P3,$lab44
+        b       $lab45
+$lab46:
+        lw      L1,0(P2)
+         addu   P1,P1,4
+        multu   L1,P4
+         addu   P2,P2,4
+        mflo    L1
+         mfhi   H1
+        addu    L1,L1,CC
+         subu   P3,P3,1
+        sltu    CC,L1,CC
+         sw     L1,-4(P1)
+        addu    CC,H1,CC
+         bgtz   P3,$lab46
+        j       $31
+$lab45:
+        addu    P3,P3,4
+        bgtz    P3,$lab46
+        j       $31
+        .align  2
+        .end    bn_mul_words
+
+        # Program Unit: bn_sqr_words
+        .ent    bn_sqr_words
+        .globl  bn_sqr_words
+.text
+bn_sqr_words:
+        .frame  $sp,0,$31
+        .mask   0x00000000,0
+        .fmask  0x00000000,0
+        
+        subu    P3,P3,4
+        bltz    P3,$lab55
+$lab54:
+        lw      L1,0(P2)
+         lw     L2,4(P2)
+        lw      L3,8(P2)
+         lw     L4,12(P2)
+
+        multu   L1,L1
+         subu   P3,P3,4
+        mflo    L1
+         mfhi   H1
+        sw      L1,0(P1)
+         sw     H1,4(P1)
+
+        multu   L2,L2
+         addu   P1,P1,32
+        mflo    L2
+         mfhi   H2
+        sw      L2,-24(P1)
+         sw     H2,-20(P1)
+
+        multu   L3,L3
+         addu   P2,P2,16
+        mflo    L3
+         mfhi   H3
+        sw      L3,-16(P1)
+         sw     H3,-12(P1)
+
+        multu   L4,L4
+
+        mflo    L4
+         mfhi   H4
+        sw      L4,-8(P1)
+         sw     H4,-4(P1)
+
+        bgtz    P3,$lab54
+        b       $lab55
+$lab56: 
+        lw      L1,0(P2)
+        addu    P1,P1,8
+        multu   L1,L1
+        addu    P2,P2,4
+        subu    P3,P3,1
+        mflo    L1
+        mfhi    H1
+        sw      L1,-8(P1)
+        sw      H1,-4(P1)
+
+        bgtz    P3,$lab56
+        j       $31
+$lab55:
+        addu    P3,P3,4
+        bgtz    P3,$lab56
+        j       $31
+        .align  2
+        .end    bn_sqr_words
+
+        # Program Unit: bn_add_words
+        .ent    bn_add_words
+        .globl  bn_add_words
+.text
+bn_add_words:    # 0x590
+        .frame  $sp,0,$31
+        .mask   0x00000000,0
+        .fmask  0x00000000,0
+        
+        subu    P4,P4,4
+        move    CC,$0
+        bltz    P4,$lab65
+$lab64: 
+        lw      L1,0(P2)
+        lw      R1,0(P3)
+        lw      L2,4(P2)
+        lw      R2,4(P3)
+
+        addu    L1,L1,CC
+         lw     L3,8(P2)
+        sltu    CC,L1,CC
+         addu   L1,L1,R1
+        sltu    R1,L1,R1
+         lw     R3,8(P3)
+        addu    CC,CC,R1
+         lw     L4,12(P2)
+
+        addu    L2,L2,CC
+         lw     R4,12(P3)
+        sltu    CC,L2,CC
+         addu   L2,L2,R2
+        sltu    R2,L2,R2
+         sw     L1,0(P1)
+        addu    CC,CC,R2
+         addu   P1,P1,16
+        addu    L3,L3,CC
+         sw     L2,-12(P1)
+ 
+        sltu    CC,L3,CC
+         addu   L3,L3,R3
+        sltu    R3,L3,R3
+         addu   P2,P2,16
+        addu    CC,CC,R3
+
+        addu    L4,L4,CC
+         addu   P3,P3,16
+        sltu    CC,L4,CC
+         addu   L4,L4,R4
+        subu    P4,P4,4
+         sltu   R4,L4,R4
+        sw      L3,-8(P1)
+         addu   CC,CC,R4
+        sw      L4,-4(P1)
+
+        bgtz    P4,$lab64
+        b       $lab65
+$lab66:
+        lw      L1,0(P2)
+         lw     R1,0(P3)
+        addu    L1,L1,CC
+         addu   P1,P1,4
+        sltu    CC,L1,CC
+         addu   P2,P2,4
+        addu    P3,P3,4
+         addu   L1,L1,R1
+        subu    P4,P4,1
+         sltu   R1,L1,R1
+        sw      L1,-4(P1)
+         addu   CC,CC,R1
+
+        bgtz    P4,$lab66
+        j       $31
+$lab65:
+        addu    P4,P4,4
+        bgtz    P4,$lab66
+        j       $31
+        .end    bn_add_words
+
+        # Program Unit: bn_div64
+        .set    at
+        .set    reorder
+        .text   
+        .align  2
+        .globl  bn_div64
+ # 321          {
+        .ent    bn_div64 2
+bn_div64:
+        subu    $sp, 64
+        sw      $31, 56($sp)
+        sw      $16, 48($sp)
+        .mask   0x80010000, -56
+        .frame  $sp, 64, $31
+        move    $9, $4
+        move    $12, $5
+        move    $16, $6
+ # 322          BN_ULONG dh,dl,q,ret=0,th,tl,t;
+        move    $31, $0
+ # 323          int i,count=2;
+        li      $13, 2
+ # 324  
+ # 325          if (d == 0) return(BN_MASK2);
+        bne     $16, 0, $80
+        li      $2, -1
+        b       $93
+$80:
+ # 326  
+ # 327          i=BN_num_bits_word(d);
+        move    $4, $16
+        sw      $31, 16($sp)
+        sw      $9, 24($sp)
+        sw      $12, 32($sp)
+        sw      $13, 40($sp)
+        .livereg        0x800ff0e,0xfff
+        jal     BN_num_bits_word
+        li      $4, 32
+        lw      $31, 16($sp)
+        lw      $9, 24($sp)
+        lw      $12, 32($sp)
+        lw      $13, 40($sp)
+        move    $3, $2
+ # 328          if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
+        beq     $2, $4, $81
+        li      $14, 1
+        sll     $15, $14, $2
+        bleu    $9, $15, $81
+ # 329                  {
+ # 330  #if !defined(NO_STDIO) && !defined(WIN16)
+ # 331                  fprintf(stderr,"Division would overflow (%d)\n",i);
+ # 332  #endif
+ # 333                  abort();
+        sw      $3, 8($sp)
+        sw      $9, 24($sp)
+        sw      $12, 32($sp)
+        sw      $13, 40($sp)
+        sw      $31, 26($sp)
+        .livereg        0xff0e,0xfff
+        jal     abort
+        lw      $3, 8($sp)
+        li      $4, 32
+        lw      $9, 24($sp)
+        lw      $12, 32($sp)
+        lw      $13, 40($sp)
+        lw      $31, 26($sp)
+ # 334                  }
+$81:
+ # 335          i=BN_BITS2-i;
+        subu    $3, $4, $3
+ # 336          if (h >= d) h-=d;
+        bltu    $9, $16, $82
+        subu    $9, $9, $16
+$82:
+ # 337  
+ # 338          if (i)
+        beq     $3, 0, $83
+ # 339                  {
+ # 340                  d<<=i;
+        sll     $16, $16, $3
+ # 341                  h=(h<<i)|(l>>(BN_BITS2-i));
+        sll     $24, $9, $3
+        subu    $25, $4, $3
+        srl     $14, $12, $25
+        or      $9, $24, $14
+ # 342                  l<<=i;
+        sll     $12, $12, $3
+ # 343                  }
+$83:
+ # 344          dh=(d&BN_MASK2h)>>BN_BITS4;
+ # 345          dl=(d&BN_MASK2l);
+        and     $8, $16, -65536
+        srl     $8, $8, 16
+        and     $10, $16, 65535
+        li      $6, -65536
+$84:
+ # 346          for (;;)
+ # 347                  {
+ # 348                  if ((h>>BN_BITS4) == dh)
+        srl     $15, $9, 16
+        bne     $8, $15, $85
+ # 349                          q=BN_MASK2l;
+        li      $5, 65535
+        b       $86
+$85:
+ # 350                  else
+ # 351                          q=h/dh;
+        divu    $5, $9, $8
+$86:
+ # 352  
+ # 353                  for (;;)
+ # 354                          {
+ # 355                          t=(h-q*dh);
+        mul     $4, $5, $8
+        subu    $2, $9, $4
+        move    $3, $2
+ # 356                          if ((t&BN_MASK2h) ||
+ # 357                                  ((dl*q) <= (
+ # 358                                          (t<<BN_BITS4)+
+ # 359                                          ((l&BN_MASK2h)>>BN_BITS4))))
+        and     $25, $2, $6
+        bne     $25, $0, $87
+        mul     $24, $10, $5
+        sll     $14, $3, 16
+        and     $15, $12, $6
+        srl     $25, $15, 16
+        addu    $15, $14, $25
+        bgtu    $24, $15, $88
+$87:
+ # 360                                  break;
+        mul     $3, $10, $5
+        b       $89
+$88:
+ # 361                          q--;
+        addu    $5, $5, -1
+ # 362                          }
+        b       $86
+$89:
+ # 363                  th=q*dh;
+ # 364                  tl=q*dl;
+ # 365                  t=(tl>>BN_BITS4);
+ # 366                  tl=(tl<<BN_BITS4)&BN_MASK2h;
+        sll     $14, $3, 16
+        and     $2, $14, $6
+        move    $11, $2
+ # 367                  th+=t;
+        srl     $25, $3, 16
+        addu    $7, $4, $25
+ # 368  
+ # 369                  if (l < tl) th++;
+        bgeu    $12, $2, $90
+        addu    $7, $7, 1
+$90:
+ # 370                  l-=tl;
+        subu    $12, $12, $11
+ # 371                  if (h < th)
+        bgeu    $9, $7, $91
+ # 372                          {
+ # 373                          h+=d;
+        addu    $9, $9, $16
+ # 374                          q--;
+        addu    $5, $5, -1
+ # 375                          }
+$91:
+ # 376                  h-=th;
+        subu    $9, $9, $7
+ # 377  
+ # 378                  if (--count == 0) break;
+        addu    $13, $13, -1
+        beq     $13, 0, $92
+ # 379  
+ # 380                  ret=q<<BN_BITS4;
+        sll     $31, $5, 16
+ # 381                  h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
+        sll     $24, $9, 16
+        srl     $15, $12, 16
+        or      $9, $24, $15
+ # 382                  l=(l&BN_MASK2l)<<BN_BITS4;
+        and     $12, $12, 65535
+        sll     $12, $12, 16
+ # 383                  }
+        b       $84
+$92:
+ # 384          ret|=q;
+        or      $31, $31, $5
+ # 385          return(ret);
+        move    $2, $31
+$93:
+        lw      $16, 48($sp)
+        lw      $31, 56($sp)
+        addu    $sp, 64
+        j       $31
+        .end    bn_div64
+
diff --git a/src/lib/libcrypto/bn/asm/mips3.s b/src/lib/libcrypto/bn/asm/mips3.s
new file mode 100644
index 0000000000..191345d920
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/mips3.s
@@ -0,0 +1,2138 @@
+.rdata
+.asciiz "mips3.s, Version 1.0"
+.asciiz "MIPS III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+
+/*
+ * ====================================================================
+ * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+ * project.
+ *
+ * Rights for redistribution and usage in source and binary forms are
+ * granted according to the OpenSSL license. Warranty of any kind is
+ * disclaimed.
+ * ====================================================================
+ */
+
+/*
+ * This is my modest contributon to the OpenSSL project (see
+ * http://www.openssl.org/ for more information about it) and is
+ * a drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c
+ * module. For updates see http://fy.chalmers.se/~appro/hpe/.
+ *
+ * The module is designed to work with either of the "new" MIPS ABI(5),
+ * namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
+ * IRIX 5.x not only because it doesn't support new ABIs but also
+ * because 5.x kernels put R4x00 CPU into 32-bit mode and all those
+ * 64-bit instructions (daddu, dmultu, etc.) found below gonna only
+ * cause illegal instruction exception:-(
+ *
+ * In addition the code depends on preprocessor flags set up by MIPSpro
+ * compiler driver (either as or cc) and therefore (probably?) can't be
+ * compiled by the GNU assembler. GNU C driver manages fine though...
+ * I mean as long as -mmips-as is specified or is the default option,
+ * because then it simply invokes /usr/bin/as which in turn takes
+ * perfect care of the preprocessor definitions. Another neat feature
+ * offered by the MIPSpro assembler is an optimization pass. This gave
+ * me the opportunity to have the code looking more regular as all those
+ * architecture dependent instruction rescheduling details were left to
+ * the assembler. Cool, huh?
+ *
+ * Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
+ * goes way over 3 times faster!
+ *
+ *                                      <appro@fy.chalmers.se>
+ */
+#include <asm.h>
+#include <regdef.h>
+
+#if _MIPS_ISA>=4
+#define MOVNZ(cond,dst,src)     \
+        movn    dst,src,cond
+#else
+#define MOVNZ(cond,dst,src)     \
+        .set    noreorder;      \
+        bnezl   cond,.+8;       \
+        move    dst,src;        \
+        .set    reorder
+#endif
+
+.text
+
+.set    noat
+.set    reorder
+
+#define MINUS4  v1
+
+.align  5
+LEAF(bn_mul_add_words)
+        .set    noreorder
+        bgtzl   a2,.L_bn_mul_add_words_proceed
+        ld      t0,0(a1)
+        jr      ra
+        move    v0,zero
+        .set    reorder
+
+.L_bn_mul_add_words_proceed:
+        li      MINUS4,-4
+        and     ta0,a2,MINUS4
+        move    v0,zero
+        beqz    ta0,.L_bn_mul_add_words_tail
+
+.L_bn_mul_add_words_loop:
+        dmultu  t0,a3
+        ld      t1,0(a0)
+        ld      t2,8(a1)
+        ld      t3,8(a0)
+        ld      ta0,16(a1)
+        ld      ta1,16(a0)
+        daddu   t1,v0
+        sltu    v0,t1,v0        /* All manuals say it "compares 32-bit
+                                 * values", but it seems to work fine
+                                 * even on 64-bit registers. */
+        mflo    AT
+        mfhi    t0
+        daddu   t1,AT
+        daddu   v0,t0
+        sltu    AT,t1,AT
+        sd      t1,0(a0)
+        daddu   v0,AT
+
+        dmultu  t2,a3
+        ld      ta2,24(a1)
+        ld      ta3,24(a0)
+        daddu   t3,v0
+        sltu    v0,t3,v0
+        mflo    AT
+        mfhi    t2
+        daddu   t3,AT
+        daddu   v0,t2
+        sltu    AT,t3,AT
+        sd      t3,8(a0)
+        daddu   v0,AT
+
+        dmultu  ta0,a3
+        subu    a2,4
+        PTR_ADD a0,32
+        PTR_ADD a1,32
+        daddu   ta1,v0
+        sltu    v0,ta1,v0
+        mflo    AT
+        mfhi    ta0
+        daddu   ta1,AT
+        daddu   v0,ta0
+        sltu    AT,ta1,AT
+        sd      ta1,-16(a0)
+        daddu   v0,AT
+
+
+        dmultu  ta2,a3
+        and     ta0,a2,MINUS4
+        daddu   ta3,v0
+        sltu    v0,ta3,v0
+        mflo    AT
+        mfhi    ta2
+        daddu   ta3,AT
+        daddu   v0,ta2
+        sltu    AT,ta3,AT
+        sd      ta3,-8(a0)
+        daddu   v0,AT
+        .set    noreorder
+        bgtzl   ta0,.L_bn_mul_add_words_loop
+        ld      t0,0(a1)
+
+        bnezl   a2,.L_bn_mul_add_words_tail
+        ld      t0,0(a1)
+        .set    reorder
+
+.L_bn_mul_add_words_return:
+        jr      ra
+
+.L_bn_mul_add_words_tail:
+        dmultu  t0,a3
+        ld      t1,0(a0)
+        subu    a2,1
+        daddu   t1,v0
+        sltu    v0,t1,v0
+        mflo    AT
+        mfhi    t0
+        daddu   t1,AT
+        daddu   v0,t0
+        sltu    AT,t1,AT
+        sd      t1,0(a0)
+        daddu   v0,AT
+        beqz    a2,.L_bn_mul_add_words_return
+
+        ld      t0,8(a1)
+        dmultu  t0,a3
+        ld      t1,8(a0)
+        subu    a2,1
+        daddu   t1,v0
+        sltu    v0,t1,v0
+        mflo    AT
+        mfhi    t0
+        daddu   t1,AT
+        daddu   v0,t0
+        sltu    AT,t1,AT
+        sd      t1,8(a0)
+        daddu   v0,AT
+        beqz    a2,.L_bn_mul_add_words_return
+
+        ld      t0,16(a1)
+        dmultu  t0,a3
+        ld      t1,16(a0)
+        daddu   t1,v0
+        sltu    v0,t1,v0
+        mflo    AT
+        mfhi    t0
+        daddu   t1,AT
+        daddu   v0,t0
+        sltu    AT,t1,AT
+        sd      t1,16(a0)
+        daddu   v0,AT
+        jr      ra
+END(bn_mul_add_words)
+
+.align  5
+LEAF(bn_mul_words)
+        .set    noreorder
+        bgtzl   a2,.L_bn_mul_words_proceed
+        ld      t0,0(a1)
+        jr      ra
+        move    v0,zero
+        .set    reorder
+
+.L_bn_mul_words_proceed:
+        li      MINUS4,-4
+        and     ta0,a2,MINUS4
+        move    v0,zero
+        beqz    ta0,.L_bn_mul_words_tail
+
+.L_bn_mul_words_loop:
+        dmultu  t0,a3
+        ld      t2,8(a1)
+        ld      ta0,16(a1)
+        ld      ta2,24(a1)
+        mflo    AT
+        mfhi    t0
+        daddu   v0,AT
+        sltu    t1,v0,AT
+        sd      v0,0(a0)
+        daddu   v0,t1,t0
+
+        dmultu  t2,a3
+        subu    a2,4
+        PTR_ADD a0,32
+        PTR_ADD a1,32
+        mflo    AT
+        mfhi    t2
+        daddu   v0,AT
+        sltu    t3,v0,AT
+        sd      v0,-24(a0)
+        daddu   v0,t3,t2
+
+        dmultu  ta0,a3
+        mflo    AT
+        mfhi    ta0
+        daddu   v0,AT
+        sltu    ta1,v0,AT
+        sd      v0,-16(a0)
+        daddu   v0,ta1,ta0
+
+
+        dmultu  ta2,a3
+        and     ta0,a2,MINUS4
+        mflo    AT
+        mfhi    ta2
+        daddu   v0,AT
+        sltu    ta3,v0,AT
+        sd      v0,-8(a0)
+        daddu   v0,ta3,ta2
+        .set    noreorder
+        bgtzl   ta0,.L_bn_mul_words_loop
+        ld      t0,0(a1)
+
+        bnezl   a2,.L_bn_mul_words_tail
+        ld      t0,0(a1)
+        .set    reorder
+
+.L_bn_mul_words_return:
+        jr      ra
+
+.L_bn_mul_words_tail:
+        dmultu  t0,a3
+        subu    a2,1
+        mflo    AT
+        mfhi    t0
+        daddu   v0,AT
+        sltu    t1,v0,AT
+        sd      v0,0(a0)
+        daddu   v0,t1,t0
+        beqz    a2,.L_bn_mul_words_return
+
+        ld      t0,8(a1)
+        dmultu  t0,a3
+        subu    a2,1
+        mflo    AT
+        mfhi    t0
+        daddu   v0,AT
+        sltu    t1,v0,AT
+        sd      v0,8(a0)
+        daddu   v0,t1,t0
+        beqz    a2,.L_bn_mul_words_return
+
+        ld      t0,16(a1)
+        dmultu  t0,a3
+        mflo    AT
+        mfhi    t0
+        daddu   v0,AT
+        sltu    t1,v0,AT
+        sd      v0,16(a0)
+        daddu   v0,t1,t0
+        jr      ra
+END(bn_mul_words)
+
+.align  5
+LEAF(bn_sqr_words)
+        .set    noreorder
+        bgtzl   a2,.L_bn_sqr_words_proceed
+        ld      t0,0(a1)
+        jr      ra
+        move    v0,zero
+        .set    reorder
+
+.L_bn_sqr_words_proceed:
+        li      MINUS4,-4
+        and     ta0,a2,MINUS4
+        move    v0,zero
+        beqz    ta0,.L_bn_sqr_words_tail
+
+.L_bn_sqr_words_loop:
+        dmultu  t0,t0
+        ld      t2,8(a1)
+        ld      ta0,16(a1)
+        ld      ta2,24(a1)
+        mflo    t1
+        mfhi    t0
+        sd      t1,0(a0)
+        sd      t0,8(a0)
+
+        dmultu  t2,t2
+        subu    a2,4
+        PTR_ADD a0,64
+        PTR_ADD a1,32
+        mflo    t3
+        mfhi    t2
+        sd      t3,-48(a0)
+        sd      t2,-40(a0)
+
+        dmultu  ta0,ta0
+        mflo    ta1
+        mfhi    ta0
+        sd      ta1,-32(a0)
+        sd      ta0,-24(a0)
+
+
+        dmultu  ta2,ta2
+        and     ta0,a2,MINUS4
+        mflo    ta3
+        mfhi    ta2
+        sd      ta3,-16(a0)
+        sd      ta2,-8(a0)
+
+        .set    noreorder
+        bgtzl   ta0,.L_bn_sqr_words_loop
+        ld      t0,0(a1)
+
+        bnezl   a2,.L_bn_sqr_words_tail
+        ld      t0,0(a1)
+        .set    reorder
+
+.L_bn_sqr_words_return:
+        move    v0,zero
+        jr      ra
+
+.L_bn_sqr_words_tail:
+        dmultu  t0,t0
+        subu    a2,1
+        mflo    t1
+        mfhi    t0
+        sd      t1,0(a0)
+        sd      t0,8(a0)
+        beqz    a2,.L_bn_sqr_words_return
+
+        ld      t0,8(a1)
+        dmultu  t0,t0
+        subu    a2,1
+        mflo    t1
+        mfhi    t0
+        sd      t1,16(a0)
+        sd      t0,24(a0)
+        beqz    a2,.L_bn_sqr_words_return
+
+        ld      t0,16(a1)
+        dmultu  t0,t0
+        mflo    t1
+        mfhi    t0
+        sd      t1,32(a0)
+        sd      t0,40(a0)
+        jr      ra
+END(bn_sqr_words)
+
+.align  5
+LEAF(bn_add_words)
+        .set    noreorder
+        bgtzl   a3,.L_bn_add_words_proceed
+        ld      t0,0(a1)
+        jr      ra
+        move    v0,zero
+        .set    reorder
+
+.L_bn_add_words_proceed:
+        li      MINUS4,-4
+        and     AT,a3,MINUS4
+        move    v0,zero
+        beqz    AT,.L_bn_add_words_tail
+
+.L_bn_add_words_loop:
+        ld      ta0,0(a2)
+        ld      t1,8(a1)
+        ld      ta1,8(a2)
+        ld      t2,16(a1)
+        ld      ta2,16(a2)
+        ld      t3,24(a1)
+        ld      ta3,24(a2)
+        daddu   ta0,t0
+        subu    a3,4
+        sltu    t8,ta0,t0
+        daddu   t0,ta0,v0
+        PTR_ADD a0,32
+        sltu    v0,t0,ta0
+        sd      t0,-32(a0)
+        daddu   v0,t8
+
+        daddu   ta1,t1
+        PTR_ADD a1,32
+        sltu    t9,ta1,t1
+        daddu   t1,ta1,v0
+        PTR_ADD a2,32
+        sltu    v0,t1,ta1
+        sd      t1,-24(a0)
+        daddu   v0,t9
+
+        daddu   ta2,t2
+        and     AT,a3,MINUS4
+        sltu    t8,ta2,t2
+        daddu   t2,ta2,v0
+        sltu    v0,t2,ta2
+        sd      t2,-16(a0)
+        daddu   v0,t8
+        
+        daddu   ta3,t3
+        sltu    t9,ta3,t3
+        daddu   t3,ta3,v0
+        sltu    v0,t3,ta3
+        sd      t3,-8(a0)
+        daddu   v0,t9
+        
+        .set    noreorder
+        bgtzl   AT,.L_bn_add_words_loop
+        ld      t0,0(a1)
+
+        bnezl   a3,.L_bn_add_words_tail
+        ld      t0,0(a1)
+        .set    reorder
+
+.L_bn_add_words_return:
+        jr      ra
+
+.L_bn_add_words_tail:
+        ld      ta0,0(a2)
+        daddu   ta0,t0
+        subu    a3,1
+        sltu    t8,ta0,t0
+        daddu   t0,ta0,v0
+        sltu    v0,t0,ta0
+        sd      t0,0(a0)
+        daddu   v0,t8
+        beqz    a3,.L_bn_add_words_return
+
+        ld      t1,8(a1)
+        ld      ta1,8(a2)
+        daddu   ta1,t1
+        subu    a3,1
+        sltu    t9,ta1,t1
+        daddu   t1,ta1,v0
+        sltu    v0,t1,ta1
+        sd      t1,8(a0)
+        daddu   v0,t9
+        beqz    a3,.L_bn_add_words_return
+
+        ld      t2,16(a1)
+        ld      ta2,16(a2)
+        daddu   ta2,t2
+        sltu    t8,ta2,t2
+        daddu   t2,ta2,v0
+        sltu    v0,t2,ta2
+        sd      t2,16(a0)
+        daddu   v0,t8
+        jr      ra
+END(bn_add_words)
+
+.align  5
+LEAF(bn_sub_words)
+        .set    noreorder
+        bgtzl   a3,.L_bn_sub_words_proceed
+        ld      t0,0(a1)
+        jr      ra
+        move    v0,zero
+        .set    reorder
+
+.L_bn_sub_words_proceed:
+        li      MINUS4,-4
+        and     AT,a3,MINUS4
+        move    v0,zero
+        beqz    AT,.L_bn_sub_words_tail
+
+.L_bn_sub_words_loop:
+        ld      ta0,0(a2)
+        ld      t1,8(a1)
+        ld      ta1,8(a2)
+        ld      t2,16(a1)
+        ld      ta2,16(a2)
+        ld      t3,24(a1)
+        ld      ta3,24(a2)
+        sltu    t8,t0,ta0
+        dsubu   t0,ta0
+        subu    a3,4
+        dsubu   ta0,t0,v0
+        and     AT,a3,MINUS4
+        sd      ta0,0(a0)
+        MOVNZ   (t0,v0,t8)
+
+        sltu    t9,t1,ta1
+        dsubu   t1,ta1
+        PTR_ADD a0,32
+        dsubu   ta1,t1,v0
+        PTR_ADD a1,32
+        sd      ta1,-24(a0)
+        MOVNZ   (t1,v0,t9)
+
+
+        sltu    t8,t2,ta2
+        dsubu   t2,ta2
+        dsubu   ta2,t2,v0
+        PTR_ADD a2,32
+        sd      ta2,-16(a0)
+        MOVNZ   (t2,v0,t8)
+
+        sltu    t9,t3,ta3
+        dsubu   t3,ta3
+        dsubu   ta3,t3,v0
+        sd      ta3,-8(a0)
+        MOVNZ   (t3,v0,t9)
+
+        .set    noreorder
+        bgtzl   AT,.L_bn_sub_words_loop
+        ld      t0,0(a1)
+
+        bnezl   a3,.L_bn_sub_words_tail
+        ld      t0,0(a1)
+        .set    reorder
+
+.L_bn_sub_words_return:
+        jr      ra
+
+.L_bn_sub_words_tail:
+        ld      ta0,0(a2)
+        subu    a3,1
+        sltu    t8,t0,ta0
+        dsubu   t0,ta0
+        dsubu   ta0,t0,v0
+        MOVNZ   (t0,v0,t8)
+        sd      ta0,0(a0)
+        beqz    a3,.L_bn_sub_words_return
+
+        ld      t1,8(a1)
+        subu    a3,1
+        ld      ta1,8(a2)
+        sltu    t9,t1,ta1
+        dsubu   t1,ta1
+        dsubu   ta1,t1,v0
+        MOVNZ   (t1,v0,t9)
+        sd      ta1,8(a0)
+        beqz    a3,.L_bn_sub_words_return
+
+        ld      t2,16(a1)
+        ld      ta2,16(a2)
+        sltu    t8,t2,ta2
+        dsubu   t2,ta2
+        dsubu   ta2,t2,v0
+        MOVNZ   (t2,v0,t8)
+        sd      ta2,16(a0)
+        jr      ra
+END(bn_sub_words)
+
+#undef  MINUS4
+
+.align  5
+LEAF(bn_div_words)
+        .set    noreorder
+        bnezl   a2,.L_bn_div_words_proceed
+        move    v1,zero
+        jr      ra
+        li      v0,-1           /* I'd rather signal div-by-zero
+                                 * which can be done with 'break 7' */
+
+.L_bn_div_words_proceed:
+        bltz    a2,.L_bn_div_words_body
+        move    t9,v1
+        dsll    a2,1
+        bgtz    a2,.-4
+        addu    t9,1
+
+        .set    reorder
+        negu    t1,t9
+        li      t2,-1
+        dsll    t2,t1
+        and     t2,a0
+        dsrl    AT,a1,t1
+        .set    noreorder
+        bnezl   t2,.+8
+        break   6               /* signal overflow */
+        .set    reorder
+        dsll    a0,t9
+        dsll    a1,t9
+        or      a0,AT
+
+#define QT      ta0
+#define HH      ta1
+#define DH      v1
+.L_bn_div_words_body:
+        dsrl    DH,a2,32
+        sgeu    AT,a0,a2
+        .set    noreorder
+        bnezl   AT,.+8
+        dsubu   a0,a2
+        .set    reorder
+
+        li      QT,-1
+        dsrl    HH,a0,32
+        dsrl    QT,32   /* q=0xffffffff */
+        beq     DH,HH,.L_bn_div_words_skip_div1
+        ddivu   zero,a0,DH
+        mflo    QT
+.L_bn_div_words_skip_div1:
+        dmultu  a2,QT
+        dsll    t3,a0,32
+        dsrl    AT,a1,32
+        or      t3,AT
+        mflo    t0
+        mfhi    t1
+.L_bn_div_words_inner_loop1:
+        sltu    t2,t3,t0
+        seq     t8,HH,t1
+        sltu    AT,HH,t1
+        and     t2,t8
+        or      AT,t2
+        .set    noreorder
+        beqz    AT,.L_bn_div_words_inner_loop1_done
+        sltu    t2,t0,a2
+        .set    reorder
+        dsubu   QT,1
+        dsubu   t0,a2
+        dsubu   t1,t2
+        b       .L_bn_div_words_inner_loop1
+.L_bn_div_words_inner_loop1_done:       
+
+        dsll    a1,32
+        dsubu   a0,t3,t0
+        dsll    v0,QT,32
+
+        li      QT,-1
+        dsrl    HH,a0,32
+        dsrl    QT,32   /* q=0xffffffff */
+        beq     DH,HH,.L_bn_div_words_skip_div2
+        ddivu   zero,a0,DH
+        mflo    QT
+.L_bn_div_words_skip_div2:
+        dmultu  a2,QT
+        dsll    t3,a0,32
+        dsrl    AT,a1,32
+        or      t3,AT
+        mflo    t0
+        mfhi    t1
+.L_bn_div_words_inner_loop2:
+        sltu    t2,t3,t0
+        seq     t8,HH,t1
+        sltu    AT,HH,t1
+        and     t2,t8
+        or      AT,t2
+        .set    noreorder
+        beqz    AT,.L_bn_div_words_inner_loop2_done
+        sltu    t2,t0,a2
+        .set    reorder
+        dsubu   QT,1
+        dsubu   t0,a2
+        dsubu   t1,t2
+        b       .L_bn_div_words_inner_loop2
+.L_bn_div_words_inner_loop2_done:       
+
+        dsubu   a0,t3,t0
+        or      v0,QT
+        dsrl    v1,a0,t9        /* v1 contains remainder if anybody wants it */
+        dsrl    a2,t9           /* restore a2 */
+        jr      ra
+#undef  HH
+#undef  DH
+#undef  QT
+END(bn_div_words)
+
+.align 5
+LEAF(bn_div_3_words)
+        .set    reorder
+        move    a3,a0           /* we know that bn_div_words doesn't
+                                 * touch a3, ta2, ta3 and preserves a2
+                                 * so that we can save two arguments
+                                 * and return address in registers
+                                 * instead of stack:-)
+                                 */
+        ld      a0,(a3)
+        move    ta2,a2
+        move    a2,a1
+        ld      a1,-8(a3)
+        move    ta3,ra
+        move    v1,zero
+        li      v0,-1
+        beq     a0,a2,.L_bn_div_3_words_skip_div
+        jal     bn_div_words
+        move    ra,ta3
+.L_bn_div_3_words_skip_div:
+        dmultu  ta2,v0
+        ld      t2,-16(a3)
+        mflo    t0
+        mfhi    t1
+.L_bn_div_3_words_inner_loop:
+        sgeu    AT,t2,t0
+        seq     t9,t1,v1
+        sltu    t8,t1,v1
+        and     AT,t9
+        or      AT,t8
+        bnez    AT,.L_bn_div_3_words_inner_loop_done
+        daddu   v1,a2
+        sltu    t3,t0,ta2
+        sltu    AT,v1,a2
+        dsubu   v0,1
+        dsubu   t0,ta2
+        dsubu   t1,t3
+        beqz    AT,.L_bn_div_3_words_inner_loop
+.L_bn_div_3_words_inner_loop_done:
+        jr      ra
+END(bn_div_3_words)
+
+#define a_0     t0
+#define a_1     t1
+#define a_2     t2
+#define a_3     t3
+#define b_0     ta0
+#define b_1     ta1
+#define b_2     ta2
+#define b_3     ta3
+
+#define a_4     s0
+#define a_5     s2
+#define a_6     s4
+#define a_7     a1      /* once we load a[7] we don't need a anymore */
+#define b_4     s1
+#define b_5     s3
+#define b_6     s5
+#define b_7     a2      /* once we load b[7] we don't need b anymore */
+
+#define t_1     t8
+#define t_2     t9
+
+#define c_1     v0
+#define c_2     v1
+#define c_3     a3
+
+#define FRAME_SIZE      48
+
+.align  5
+LEAF(bn_mul_comba8)
+        .set    noreorder
+        PTR_SUB sp,FRAME_SIZE
+        .frame  sp,64,ra
+        .set    reorder
+        ld      a_0,0(a1)       /* If compiled with -mips3 option on
+                                 * R5000 box assembler barks on this
+                                 * line with "shouldn't have mult/div
+                                 * as last instruction in bb (R10K
+                                 * bug)" warning. If anybody out there
+                                 * has a clue about how to circumvent
+                                 * this do send me a note.
+                                 *              <appro@fy.chalmers.se>
+                                 */
+        ld      b_0,0(a2)
+        ld      a_1,8(a1)
+        ld      a_2,16(a1)
+        ld      a_3,24(a1)
+        ld      b_1,8(a2)
+        ld      b_2,16(a2)
+        ld      b_3,24(a2)
+        dmultu  a_0,b_0         /* mul_add_c(a[0],b[0],c1,c2,c3); */
+        sd      s0,0(sp)
+        sd      s1,8(sp)
+        sd      s2,16(sp)
+        sd      s3,24(sp)
+        sd      s4,32(sp)
+        sd      s5,40(sp)
+        mflo    c_1
+        mfhi    c_2
+
+        dmultu  a_0,b_1         /* mul_add_c(a[0],b[1],c2,c3,c1); */
+        ld      a_4,32(a1)
+        ld      a_5,40(a1)
+        ld      a_6,48(a1)
+        ld      a_7,56(a1)
+        ld      b_4,32(a2)
+        ld      b_5,40(a2)
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   c_3,t_2,AT
+        dmultu  a_1,b_0         /* mul_add_c(a[1],b[0],c2,c3,c1); */
+        ld      b_6,48(a2)
+        ld      b_7,56(a2)
+        sd      c_1,0(a0)       /* r[0]=c1; */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        sd      c_2,8(a0)       /* r[1]=c2; */
+
+        dmultu  a_2,b_0         /* mul_add_c(a[2],b[0],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        dmultu  a_1,b_1         /* mul_add_c(a[1],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_0,b_2         /* mul_add_c(a[0],b[2],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,16(a0)      /* r[2]=c3; */
+
+        dmultu  a_0,b_3         /* mul_add_c(a[0],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        dmultu  a_1,b_2         /* mul_add_c(a[1],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_2,b_1         /* mul_add_c(a[2],b[1],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_3,b_0         /* mul_add_c(a[3],b[0],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,24(a0)      /* r[3]=c1; */
+
+        dmultu  a_4,b_0         /* mul_add_c(a[4],b[0],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        dmultu  a_3,b_1         /* mul_add_c(a[3],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_2,b_2         /* mul_add_c(a[2],b[2],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_1,b_3         /* mul_add_c(a[1],b[3],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_0,b_4         /* mul_add_c(a[0],b[4],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,32(a0)      /* r[4]=c2; */
+
+        dmultu  a_0,b_5         /* mul_add_c(a[0],b[5],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        dmultu  a_1,b_4         /* mul_add_c(a[1],b[4],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_2,b_3         /* mul_add_c(a[2],b[3],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_3,b_2         /* mul_add_c(a[3],b[2],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_4,b_1         /* mul_add_c(a[4],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_5,b_0         /* mul_add_c(a[5],b[0],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,40(a0)      /* r[5]=c3; */
+
+        dmultu  a_6,b_0         /* mul_add_c(a[6],b[0],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        dmultu  a_5,b_1         /* mul_add_c(a[5],b[1],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_4,b_2         /* mul_add_c(a[4],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_3,b_3         /* mul_add_c(a[3],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_2,b_4         /* mul_add_c(a[2],b[4],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_1,b_5         /* mul_add_c(a[1],b[5],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_0,b_6         /* mul_add_c(a[0],b[6],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,48(a0)      /* r[6]=c1; */
+
+        dmultu  a_0,b_7         /* mul_add_c(a[0],b[7],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        dmultu  a_1,b_6         /* mul_add_c(a[1],b[6],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_2,b_5         /* mul_add_c(a[2],b[5],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_3,b_4         /* mul_add_c(a[3],b[4],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_4,b_3         /* mul_add_c(a[4],b[3],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_5,b_2         /* mul_add_c(a[5],b[2],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_6,b_1         /* mul_add_c(a[6],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_7,b_0         /* mul_add_c(a[7],b[0],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,56(a0)      /* r[7]=c2; */
+
+        dmultu  a_7,b_1         /* mul_add_c(a[7],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        dmultu  a_6,b_2         /* mul_add_c(a[6],b[2],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_5,b_3         /* mul_add_c(a[5],b[3],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_4,b_4         /* mul_add_c(a[4],b[4],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_3,b_5         /* mul_add_c(a[3],b[5],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_2,b_6         /* mul_add_c(a[2],b[6],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_1,b_7         /* mul_add_c(a[1],b[7],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,64(a0)      /* r[8]=c3; */
+
+        dmultu  a_2,b_7         /* mul_add_c(a[2],b[7],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        dmultu  a_3,b_6         /* mul_add_c(a[3],b[6],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_4,b_5         /* mul_add_c(a[4],b[5],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_5,b_4         /* mul_add_c(a[5],b[4],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_6,b_3         /* mul_add_c(a[6],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_7,b_2         /* mul_add_c(a[7],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,72(a0)      /* r[9]=c1; */
+
+        dmultu  a_7,b_3         /* mul_add_c(a[7],b[3],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        dmultu  a_6,b_4         /* mul_add_c(a[6],b[4],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_5,b_5         /* mul_add_c(a[5],b[5],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_4,b_6         /* mul_add_c(a[4],b[6],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_3,b_7         /* mul_add_c(a[3],b[7],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,80(a0)      /* r[10]=c2; */
+
+        dmultu  a_4,b_7         /* mul_add_c(a[4],b[7],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        dmultu  a_5,b_6         /* mul_add_c(a[5],b[6],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_6,b_5         /* mul_add_c(a[6],b[5],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_7,b_4         /* mul_add_c(a[7],b[4],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,88(a0)      /* r[11]=c3; */
+
+        dmultu  a_7,b_5         /* mul_add_c(a[7],b[5],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        dmultu  a_6,b_6         /* mul_add_c(a[6],b[6],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_5,b_7         /* mul_add_c(a[5],b[7],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,96(a0)      /* r[12]=c1; */
+
+        dmultu  a_6,b_7         /* mul_add_c(a[6],b[7],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        dmultu  a_7,b_6         /* mul_add_c(a[7],b[6],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        sd      c_2,104(a0)     /* r[13]=c2; */
+
+        dmultu  a_7,b_7         /* mul_add_c(a[7],b[7],c3,c1,c2); */
+        ld      s0,0(sp)
+        ld      s1,8(sp)
+        ld      s2,16(sp)
+        ld      s3,24(sp)
+        ld      s4,32(sp)
+        ld      s5,40(sp)
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sd      c_3,112(a0)     /* r[14]=c3; */
+        sd      c_1,120(a0)     /* r[15]=c1; */
+
+        PTR_ADD sp,FRAME_SIZE
+
+        jr      ra
+END(bn_mul_comba8)
+
+.align  5
+LEAF(bn_mul_comba4)
+        .set    reorder
+        ld      a_0,0(a1)
+        ld      b_0,0(a2)
+        ld      a_1,8(a1)
+        ld      a_2,16(a1)
+        dmultu  a_0,b_0         /* mul_add_c(a[0],b[0],c1,c2,c3); */
+        ld      a_3,24(a1)
+        ld      b_1,8(a2)
+        ld      b_2,16(a2)
+        ld      b_3,24(a2)
+        mflo    c_1
+        mfhi    c_2
+        sd      c_1,0(a0)
+
+        dmultu  a_0,b_1         /* mul_add_c(a[0],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   c_3,t_2,AT
+        dmultu  a_1,b_0         /* mul_add_c(a[1],b[0],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        sd      c_2,8(a0)
+
+        dmultu  a_2,b_0         /* mul_add_c(a[2],b[0],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        dmultu  a_1,b_1         /* mul_add_c(a[1],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_0,b_2         /* mul_add_c(a[0],b[2],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,16(a0)
+
+        dmultu  a_0,b_3         /* mul_add_c(a[0],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        dmultu  a_1,b_2         /* mul_add_c(a[1],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_2,b_1         /* mul_add_c(a[2],b[1],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_3,b_0         /* mul_add_c(a[3],b[0],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,24(a0)
+
+        dmultu  a_3,b_1         /* mul_add_c(a[3],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        dmultu  a_2,b_2         /* mul_add_c(a[2],b[2],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_1,b_3         /* mul_add_c(a[1],b[3],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,32(a0)
+
+        dmultu  a_2,b_3         /* mul_add_c(a[2],b[3],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        dmultu  a_3,b_2         /* mul_add_c(a[3],b[2],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        sd      c_3,40(a0)
+
+        dmultu  a_3,b_3         /* mul_add_c(a[3],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sd      c_1,48(a0)
+        sd      c_2,56(a0)
+
+        jr      ra
+END(bn_mul_comba4)
+
+#undef  a_4
+#undef  a_5
+#undef  a_6
+#undef  a_7
+#define a_4     b_0
+#define a_5     b_1
+#define a_6     b_2
+#define a_7     b_3
+
+.align  5
+LEAF(bn_sqr_comba8)
+        .set    reorder
+        ld      a_0,0(a1)
+        ld      a_1,8(a1)
+        ld      a_2,16(a1)
+        ld      a_3,24(a1)
+
+        dmultu  a_0,a_0         /* mul_add_c(a[0],b[0],c1,c2,c3); */
+        ld      a_4,32(a1)
+        ld      a_5,40(a1)
+        ld      a_6,48(a1)
+        ld      a_7,56(a1)
+        mflo    c_1
+        mfhi    c_2
+        sd      c_1,0(a0)
+
+        dmultu  a_0,a_1         /* mul_add_c2(a[0],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   c_3,t_2,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        sd      c_2,8(a0)
+
+        dmultu  a_2,a_0         /* mul_add_c2(a[2],b[0],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_1,a_1         /* mul_add_c(a[1],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,16(a0)
+
+        dmultu  a_0,a_3         /* mul_add_c2(a[0],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_1,a_2         /* mul_add_c2(a[1],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        sltu    AT,c_2,a2
+        daddu   c_3,AT
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,24(a0)
+
+        dmultu  a_4,a_0         /* mul_add_c2(a[4],b[0],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_3,a_1         /* mul_add_c2(a[3],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        sltu    AT,c_3,a2
+        daddu   c_1,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_2,a_2         /* mul_add_c(a[2],b[2],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,32(a0)
+
+        dmultu  a_0,a_5         /* mul_add_c2(a[0],b[5],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_1,a_4         /* mul_add_c2(a[1],b[4],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        sltu    AT,c_1,a2
+        daddu   c_2,AT
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_2,a_3         /* mul_add_c2(a[2],b[3],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        sltu    AT,c_1,a2
+        daddu   c_2,AT
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,40(a0)
+
+        dmultu  a_6,a_0         /* mul_add_c2(a[6],b[0],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_5,a_1         /* mul_add_c2(a[5],b[1],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        sltu    AT,c_2,a2
+        daddu   c_3,AT
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_4,a_2         /* mul_add_c2(a[4],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        sltu    AT,c_2,a2
+        daddu   c_3,AT
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_3,a_3         /* mul_add_c(a[3],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,48(a0)
+
+        dmultu  a_0,a_7         /* mul_add_c2(a[0],b[7],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_1,a_6         /* mul_add_c2(a[1],b[6],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        sltu    AT,c_3,a2
+        daddu   c_1,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_2,a_5         /* mul_add_c2(a[2],b[5],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        sltu    AT,c_3,a2
+        daddu   c_1,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_3,a_4         /* mul_add_c2(a[3],b[4],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        sltu    AT,c_3,a2
+        daddu   c_1,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,56(a0)
+
+        dmultu  a_7,a_1         /* mul_add_c2(a[7],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_6,a_2         /* mul_add_c2(a[6],b[2],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        sltu    AT,c_1,a2
+        daddu   c_2,AT
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_5,a_3         /* mul_add_c2(a[5],b[3],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        sltu    AT,c_1,a2
+        daddu   c_2,AT
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        dmultu  a_4,a_4         /* mul_add_c(a[4],b[4],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,64(a0)
+
+        dmultu  a_2,a_7         /* mul_add_c2(a[2],b[7],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_3,a_6         /* mul_add_c2(a[3],b[6],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        sltu    AT,c_2,a2
+        daddu   c_3,AT
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        dmultu  a_4,a_5         /* mul_add_c2(a[4],b[5],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        sltu    AT,c_2,a2
+        daddu   c_3,AT
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,72(a0)
+
+        dmultu  a_7,a_3         /* mul_add_c2(a[7],b[3],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_6,a_4         /* mul_add_c2(a[6],b[4],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        sltu    AT,c_3,a2
+        daddu   c_1,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        dmultu  a_5,a_5         /* mul_add_c(a[5],b[5],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,80(a0)
+
+        dmultu  a_4,a_7         /* mul_add_c2(a[4],b[7],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_5,a_6         /* mul_add_c2(a[5],b[6],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        sltu    AT,c_1,a2
+        daddu   c_2,AT
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,88(a0)
+
+        dmultu  a_7,a_5         /* mul_add_c2(a[7],b[5],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_6,a_6         /* mul_add_c(a[6],b[6],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,96(a0)
+
+        dmultu  a_6,a_7         /* mul_add_c2(a[6],b[7],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        sd      c_2,104(a0)
+
+        dmultu  a_7,a_7         /* mul_add_c(a[7],b[7],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sd      c_3,112(a0)
+        sd      c_1,120(a0)
+
+        jr      ra
+END(bn_sqr_comba8)
+
+.align  5
+LEAF(bn_sqr_comba4)
+        .set    reorder
+        ld      a_0,0(a1)
+        ld      a_1,8(a1)
+        ld      a_2,16(a1)
+        ld      a_3,24(a1)
+        dmultu  a_0,a_0         /* mul_add_c(a[0],b[0],c1,c2,c3); */
+        mflo    c_1
+        mfhi    c_2
+        sd      c_1,0(a0)
+
+        dmultu  a_0,a_1         /* mul_add_c2(a[0],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   c_3,t_2,AT
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        sd      c_2,8(a0)
+
+        dmultu  a_2,a_0         /* mul_add_c2(a[2],b[0],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        dmultu  a_1,a_1         /* mul_add_c(a[1],b[1],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    AT,c_1,t_2
+        daddu   c_2,AT
+        sd      c_3,16(a0)
+
+        dmultu  a_0,a_3         /* mul_add_c2(a[0],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    c_3,c_2,t_2
+        dmultu  a_1,a_2         /* mul_add_c(a2[1],b[2],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   a2,t_2,AT
+        daddu   c_2,a2
+        sltu    AT,c_2,a2
+        daddu   c_3,AT
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sltu    AT,c_2,t_2
+        daddu   c_3,AT
+        sd      c_1,24(a0)
+
+        dmultu  a_3,a_1         /* mul_add_c2(a[3],b[1],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   a2,t_2,AT
+        daddu   c_3,a2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    c_1,c_3,t_2
+        dmultu  a_2,a_2         /* mul_add_c(a[2],b[2],c2,c3,c1); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_2,t_1
+        sltu    AT,c_2,t_1
+        daddu   t_2,AT
+        daddu   c_3,t_2
+        sltu    AT,c_3,t_2
+        daddu   c_1,AT
+        sd      c_2,32(a0)
+
+        dmultu  a_2,a_3         /* mul_add_c2(a[2],b[3],c3,c1,c2); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   a2,t_2,AT
+        daddu   c_1,a2
+        daddu   c_3,t_1
+        sltu    AT,c_3,t_1
+        daddu   t_2,AT
+        daddu   c_1,t_2
+        sltu    c_2,c_1,t_2
+        sd      c_3,40(a0)
+
+        dmultu  a_3,a_3         /* mul_add_c(a[3],b[3],c1,c2,c3); */
+        mflo    t_1
+        mfhi    t_2
+        daddu   c_1,t_1
+        sltu    AT,c_1,t_1
+        daddu   t_2,AT
+        daddu   c_2,t_2
+        sd      c_1,48(a0)
+        sd      c_2,56(a0)
+
+        jr      ra
+END(bn_sqr_comba4)
diff --git a/src/lib/libcrypto/bn/asm/vms.mar b/src/lib/libcrypto/bn/asm/vms.mar
new file mode 100644
index 0000000000..ac9d57d7b0
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/vms.mar
@@ -0,0 +1,6695 @@
+        .title  vax_bn_mul_add_word  unsigned multiply & add, 32*32+32+32=>64
+;
+; w.j.m. 15-jan-1999
+;
+; it's magic ...
+;
+; ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
+;       ULONG c = 0;
+;       int i;
+;       for(i = 0; i < n; i++) <c,r[i]> := r[i] + c + a[i] * w ;
+;       return c;
+; }
+
+r=4 ;(AP)
+a=8 ;(AP)
+n=12 ;(AP)      n       by value (input)
+w=16 ;(AP)      w       by value (input)
+
+
+        .psect  code,nowrt
+
+.entry  bn_mul_add_words,^m<r2,r3,r4,r5,r6>
+
+        moval   @r(ap),r2
+        moval   @a(ap),r3
+        movl    n(ap),r4        ; assumed >0 by C code
+        movl    w(ap),r5
+        clrl    r6              ; c
+
+0$:
+        emul    r5,(r3),(r2),r0         ; w, a[], r[] considered signed
+
+        ; fixup for "negative" r[]
+        tstl    (r2)
+        bgeq    10$
+        incl    r1
+10$:
+
+        ; add in c
+        addl2   r6,r0
+        adwc    #0,r1
+
+        ; combined fixup for "negative" w, a[]
+        tstl    r5
+        bgeq    20$
+        addl2   (r3),r1
+20$:
+        tstl    (r3)
+        bgeq    30$
+        addl2   r5,r1
+30$:
+
+        movl    r0,(r2)+                ; store lo result in r[] & advance
+        addl    #4,r3                   ; advance a[]
+        movl    r1,r6                   ; store hi result => c
+
+        sobgtr  r4,0$
+
+        movl    r6,r0                   ; return c
+        ret
+
+        .title  vax_bn_mul_word  unsigned multiply & add, 32*32+32=>64
+;
+; w.j.m. 15-jan-1999
+;
+; it's magic ...
+;
+; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
+;       ULONG c = 0;
+;       int i;
+;       for(i = 0; i < num; i++) <c,r[i]> := a[i] * w + c ;
+;       return(c);
+; }
+
+r=4 ;(AP)
+a=8 ;(AP)
+n=12 ;(AP)      n       by value (input)
+w=16 ;(AP)      w       by value (input)
+
+
+        .psect  code,nowrt
+
+.entry  bn_mul_words,^m<r2,r3,r4,r5,r6>
+
+        moval   @r(ap),r2       ; r2 -> r[]
+        moval   @a(ap),r3       ; r3 -> a[]
+        movl    n(ap),r4        ; r4 = loop count (assumed >0 by C code)
+        movl    w(ap),r5        ; r5 = w
+        clrl    r6              ; r6 = c
+
+0$:
+        ; <r1,r0> := w * a[] + c
+        emul    r5,(r3),r6,r0           ; w, a[], c considered signed
+
+        ; fixup for "negative" c
+        tstl    r6                      ; c
+        bgeq    10$
+        incl    r1
+10$:
+
+        ; combined fixup for "negative" w, a[]
+        tstl    r5                      ; w
+        bgeq    20$
+        addl2   (r3),r1                 ; a[]
+20$:
+        tstl    (r3)                    ; a[]
+        bgeq    30$
+        addl2   r5,r1                   ; w
+30$:
+
+        movl    r0,(r2)+                ; store lo result in r[] & advance
+        addl    #4,r3                   ; advance a[]
+        movl    r1,r6                   ; store hi result => c
+
+        sobgtr  r4,0$
+
+        movl    r6,r0                   ; return c
+        ret
+
+        .title  vax_bn_sqr_words  unsigned square, 32*32=>64
+;
+; w.j.m. 15-jan-1999
+;
+; it's magic ...
+;
+; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
+;       int i;
+;       for(i = 0; i < n; i++) <r[2*i+1],r[2*i]> := a[i] * a[i] ;
+; }
+
+r=4 ;(AP)
+a=8 ;(AP)
+n=12 ;(AP)      n       by value (input)
+
+
+        .psect  code,nowrt
+
+.entry  bn_sqr_words,^m<r2,r3,r4,r5>
+
+        moval   @r(ap),r2       ; r2 -> r[]
+        moval   @a(ap),r3       ; r3 -> a[]
+        movl    n(ap),r4        ; r4 = n (assumed >0 by C code)
+
+0$:
+        movl    (r3)+,r5                ; r5 = a[] & advance
+
+        ; <r1,r0> := a[] * a[]
+        emul    r5,r5,#0,r0             ; a[] considered signed
+
+        ; fixup for "negative" a[]
+        tstl    r5                      ; a[]
+        bgeq    30$
+        addl2   r5,r1                   ; a[]
+        addl2   r5,r1                   ; a[]
+30$:
+
+        movl    r0,(r2)+                ; store lo result in r[] & advance
+        movl    r1,(r2)+                ; store hi result in r[] & advance
+
+        sobgtr  r4,0$
+
+        movl    #1,r0                   ; return SS$_NORMAL
+        ret
+
+        .title  (generated)
+
+        .psect  code,nowrt
+
+.entry  BN_DIV_WORDS,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10>
+        subl2   #4,sp
+
+        clrl    r9
+        movl    #2,r8
+
+        tstl    12(ap)
+        bneq    noname.2
+        mnegl   #1,r10
+        brw     noname.3
+        tstl    r0
+        nop     
+noname.2:
+
+        pushl   12(ap)
+        calls   #1,BN_NUM_BITS_WORD
+        movl    r0,r7
+
+        cmpl    r7,#32
+        beql    noname.4
+        ashl    r7,#1,r2
+        cmpl    4(ap),r2
+        blequ   noname.4
+
+        pushl   r7
+        calls   #1,BN_DIV_WORDS_ABORT
+noname.4:
+
+        subl3   r7,#32,r7
+
+        movl    12(ap),r2
+        cmpl    4(ap),r2
+        blssu   noname.5
+        subl2   r2,4(ap)
+noname.5:
+
+        tstl    r7
+        beql    noname.6
+
+        ashl    r7,r2,12(ap)
+
+        ashl    r7,4(ap),r4
+        subl3   r7,#32,r3
+        subl3   r3,#32,r2
+        extzv   r3,r2,8(ap),r2
+        bisl3   r4,r2,4(ap)
+
+        ashl    r7,8(ap),8(ap)
+noname.6:
+
+        bicl3   #65535,12(ap),r2
+        extzv   #16,#16,r2,r5
+
+        bicl3   #-65536,12(ap),r6
+
+noname.7:
+
+        moval   4(ap),r2
+        movzwl  2(r2),r0
+        cmpl    r0,r5
+        bneq    noname.8
+
+        movzwl  #65535,r4
+        brb     noname.9
+noname.8:
+
+        clrl    r1
+        movl    (r2),r0
+        movl    r5,r2
+        bgeq    vcg.1
+        cmpl    r2,r0
+        bgtru   vcg.2
+        incl    r1
+        brb     vcg.2
+        nop     
+vcg.1:
+        ediv    r2,r0,r1,r0
+vcg.2:
+        movl    r1,r4
+noname.9:
+
+noname.10:
+
+        mull3   r5,r4,r0
+        subl3   r0,4(ap),r3
+
+        bicl3   #65535,r3,r0
+        bneq    noname.13
+        mull3   r6,r4,r2
+        ashl    #16,r3,r1
+        bicl3   #65535,8(ap),r0
+        extzv   #16,#16,r0,r0
+        addl2   r0,r1
+        cmpl    r2,r1
+        bgtru   noname.12
+noname.11:
+
+        brb     noname.13
+        nop     
+noname.12:
+
+        decl    r4
+        brb     noname.10
+noname.13:
+
+        mull3   r5,r4,r1
+
+        mull3   r6,r4,r0
+
+        extzv   #16,#16,r0,r3
+
+        ashl    #16,r0,r2
+        bicl3   #65535,r2,r0
+
+        addl2   r3,r1
+
+        moval   8(ap),r3
+        cmpl    (r3),r0
+        bgequ   noname.15
+        incl    r1
+noname.15:
+
+        subl2   r0,(r3)
+
+        cmpl    4(ap),r1
+        bgequ   noname.16
+
+        addl2   12(ap),4(ap)
+
+        decl    r4
+noname.16:
+
+        subl2   r1,4(ap)
+
+        decl    r8
+        beql    noname.18
+noname.17:
+
+        ashl    #16,r4,r9
+
+        ashl    #16,4(ap),r2
+        movzwl  2(r3),r0
+        bisl2   r0,r2
+        bicl3   #0,r2,4(ap)
+
+        bicl3   #-65536,(r3),r0
+        ashl    #16,r0,(r3)
+        brw     noname.7
+        nop     
+noname.18:
+
+        bisl2   r4,r9
+
+        movl    r9,r10
+
+noname.3:
+        movl    r10,r0
+        ret     
+        tstl    r0
+
+
+        .psect  code,nowrt
+
+.entry  BN_ADD_WORDS,^m<r2,r3,r4,r5,r6,r7>
+
+        tstl    16(ap)
+        bgtr    noname.21
+        clrl    r7
+        brw     noname.22
+noname.21:
+
+        clrl    r4
+
+        tstl    r0
+noname.23:
+
+        movl    8(ap),r6
+        addl3   r4,(r6),r2
+
+        bicl2   #0,r2
+
+        clrl    r0
+        cmpl    r2,r4
+        bgequ   vcg.3
+        incl    r0
+vcg.3:
+        movl    r0,r4
+
+        movl    12(ap),r5
+        addl3   (r5),r2,r1
+        bicl2   #0,r1
+
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.4
+        incl    r0
+vcg.4:
+        addl2   r0,r4
+
+        movl    4(ap),r3
+        movl    r1,(r3)
+
+        decl    16(ap)
+        bgtr    gen.1
+        brw     noname.25
+gen.1:
+noname.24:
+
+        addl3   r4,4(r6),r2
+
+        bicl2   #0,r2
+
+        clrl    r0
+        cmpl    r2,r4
+        bgequ   vcg.5
+        incl    r0
+vcg.5:
+        movl    r0,r4
+
+        addl3   4(r5),r2,r1
+        bicl2   #0,r1
+
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.6
+        incl    r0
+vcg.6:
+        addl2   r0,r4
+
+        movl    r1,4(r3)
+
+        decl    16(ap)
+        bleq    noname.25
+noname.26:
+
+        addl3   r4,8(r6),r2
+
+        bicl2   #0,r2
+
+        clrl    r0
+        cmpl    r2,r4
+        bgequ   vcg.7
+        incl    r0
+vcg.7:
+        movl    r0,r4
+
+        addl3   8(r5),r2,r1
+        bicl2   #0,r1
+
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.8
+        incl    r0
+vcg.8:
+        addl2   r0,r4
+
+        movl    r1,8(r3)
+
+        decl    16(ap)
+        bleq    noname.25
+noname.27:
+
+        addl3   r4,12(r6),r2
+
+        bicl2   #0,r2
+
+        clrl    r0
+        cmpl    r2,r4
+        bgequ   vcg.9
+        incl    r0
+vcg.9:
+        movl    r0,r4
+
+        addl3   12(r5),r2,r1
+        bicl2   #0,r1
+
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.10
+        incl    r0
+vcg.10:
+        addl2   r0,r4
+
+        movl    r1,12(r3)
+
+        decl    16(ap)
+        bleq    noname.25
+noname.28:
+
+        addl3   #16,r6,8(ap)
+
+        addl3   #16,r5,12(ap)
+
+        addl3   #16,r3,4(ap)
+        brw     noname.23
+        tstl    r0
+noname.25:
+
+        movl    r4,r7
+
+noname.22:
+        movl    r7,r0
+        ret     
+        nop     
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)     n       by value (input)
+
+        .psect  code,nowrt
+
+.entry  BN_SUB_WORDS,^m<r2,r3,r4,r5,r6,r7>
+
+        clrl    r6
+
+        tstl    16(ap)
+        bgtr    noname.31
+        clrl    r7
+        brw     noname.32
+        tstl    r0
+noname.31:
+
+noname.33:
+
+        movl    8(ap),r5
+        movl    (r5),r1
+        movl    12(ap),r4
+        movl    (r4),r2
+
+        movl    4(ap),r3
+        subl3   r2,r1,r0
+        subl2   r6,r0
+        bicl3   #0,r0,(r3)
+
+        cmpl    r1,r2
+        beql    noname.34
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.11
+        incl    r0
+vcg.11:
+        movl    r0,r6
+noname.34:
+
+        decl    16(ap)
+        bgtr    gen.2
+        brw     noname.36
+gen.2:
+noname.35:
+
+        movl    4(r5),r2
+        movl    4(r4),r1
+
+        subl3   r1,r2,r0
+        subl2   r6,r0
+        bicl3   #0,r0,4(r3)
+
+        cmpl    r2,r1
+        beql    noname.37
+        clrl    r0
+        cmpl    r2,r1
+        bgequ   vcg.12
+        incl    r0
+vcg.12:
+        movl    r0,r6
+noname.37:
+
+        decl    16(ap)
+        bleq    noname.36
+noname.38:
+
+        movl    8(r5),r1
+        movl    8(r4),r2
+
+        subl3   r2,r1,r0
+        subl2   r6,r0
+        bicl3   #0,r0,8(r3)
+
+        cmpl    r1,r2
+        beql    noname.39
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.13
+        incl    r0
+vcg.13:
+        movl    r0,r6
+noname.39:
+
+        decl    16(ap)
+        bleq    noname.36
+noname.40:
+
+        movl    12(r5),r1
+        movl    12(r4),r2
+
+        subl3   r2,r1,r0
+        subl2   r6,r0
+        bicl3   #0,r0,12(r3)
+
+        cmpl    r1,r2
+        beql    noname.41
+        clrl    r0
+        cmpl    r1,r2
+        bgequ   vcg.14
+        incl    r0
+vcg.14:
+        movl    r0,r6
+noname.41:
+
+        decl    16(ap)
+        bleq    noname.36
+noname.42:
+
+        addl3   #16,r5,8(ap)
+
+        addl3   #16,r4,12(ap)
+
+        addl3   #16,r3,4(ap)
+        brw     noname.33
+        tstl    r0
+noname.36:
+
+        movl    r6,r7
+
+noname.32:
+        movl    r7,r0
+        ret     
+        nop     
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)     n       by value (input)
+
+        .psect  code,nowrt
+
+.entry  BN_MUL_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+        movab   -924(sp),sp
+        clrq    r8
+
+        clrl    r10
+
+        movl    8(ap),r6
+        movzwl  2(r6),r3
+        movl    12(ap),r7
+        bicl3   #-65536,(r7),r2
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-12(fp)
+        bicl3   #-65536,r3,-16(fp)
+        mull3   r0,-12(fp),-4(fp)
+        mull2   r2,-12(fp)
+        mull3   r2,-16(fp),-8(fp)
+        mull2   r0,-16(fp)
+        addl3   -4(fp),-8(fp),r0
+        bicl3   #0,r0,-4(fp)
+        cmpl    -4(fp),-8(fp)
+        bgequ   noname.45
+        addl2   #65536,-16(fp)
+noname.45:
+        movzwl  -2(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-16(fp)
+        bicl3   #-65536,-4(fp),r0
+        ashl    #16,r0,-8(fp)
+        addl3   -8(fp),-12(fp),r0
+        bicl3   #0,r0,-12(fp)
+        cmpl    -12(fp),-8(fp)
+        bgequ   noname.46
+        incl    -16(fp)
+noname.46:
+        movl    -12(fp),r1
+        movl    -16(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.47
+        incl    r2
+noname.47:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.48
+        incl    r10
+noname.48:
+
+        movl    4(ap),r11
+        movl    r9,(r11)
+
+        clrl    r9
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-28(fp)
+        bicl3   #-65536,r2,-32(fp)
+        mull3   r0,-28(fp),-20(fp)
+        mull2   r3,-28(fp)
+        mull3   r3,-32(fp),-24(fp)
+        mull2   r0,-32(fp)
+        addl3   -20(fp),-24(fp),r0
+        bicl3   #0,r0,-20(fp)
+        cmpl    -20(fp),-24(fp)
+        bgequ   noname.49
+        addl2   #65536,-32(fp)
+noname.49:
+        movzwl  -18(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-32(fp)
+        bicl3   #-65536,-20(fp),r0
+        ashl    #16,r0,-24(fp)
+        addl3   -24(fp),-28(fp),r0
+        bicl3   #0,r0,-28(fp)
+        cmpl    -28(fp),-24(fp)
+        bgequ   noname.50
+        incl    -32(fp)
+noname.50:
+        movl    -28(fp),r1
+        movl    -32(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.51
+        incl    r2
+noname.51:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.52
+        incl    r9
+noname.52:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-44(fp)
+        bicl3   #-65536,r2,-48(fp)
+        mull3   r0,-44(fp),-36(fp)
+        mull2   r3,-44(fp)
+        mull3   r3,-48(fp),-40(fp)
+        mull2   r0,-48(fp)
+        addl3   -36(fp),-40(fp),r0
+        bicl3   #0,r0,-36(fp)
+        cmpl    -36(fp),-40(fp)
+        bgequ   noname.53
+        addl2   #65536,-48(fp)
+noname.53:
+        movzwl  -34(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-48(fp)
+        bicl3   #-65536,-36(fp),r0
+        ashl    #16,r0,-40(fp)
+        addl3   -40(fp),-44(fp),r0
+        bicl3   #0,r0,-44(fp)
+        cmpl    -44(fp),-40(fp)
+        bgequ   noname.54
+        incl    -48(fp)
+noname.54:
+        movl    -44(fp),r1
+        movl    -48(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.55
+        incl    r2
+noname.55:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.56
+        incl    r9
+noname.56:
+
+        movl    r8,4(r11)
+
+        clrl    r8
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-60(fp)
+        bicl3   #-65536,r2,-64(fp)
+        mull3   r0,-60(fp),-52(fp)
+        mull2   r3,-60(fp)
+        mull3   r3,-64(fp),-56(fp)
+        mull2   r0,-64(fp)
+        addl3   -52(fp),-56(fp),r0
+        bicl3   #0,r0,-52(fp)
+        cmpl    -52(fp),-56(fp)
+        bgequ   noname.57
+        addl2   #65536,-64(fp)
+noname.57:
+        movzwl  -50(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-64(fp)
+        bicl3   #-65536,-52(fp),r0
+        ashl    #16,r0,-56(fp)
+        addl3   -56(fp),-60(fp),r0
+        bicl3   #0,r0,-60(fp)
+        cmpl    -60(fp),-56(fp)
+        bgequ   noname.58
+        incl    -64(fp)
+noname.58:
+        movl    -60(fp),r1
+        movl    -64(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.59
+        incl    r2
+noname.59:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.60
+        incl    r8
+noname.60:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-76(fp)
+        bicl3   #-65536,r2,-80(fp)
+        mull3   r0,-76(fp),-68(fp)
+        mull2   r3,-76(fp)
+        mull3   r3,-80(fp),-72(fp)
+        mull2   r0,-80(fp)
+        addl3   -68(fp),-72(fp),r0
+        bicl3   #0,r0,-68(fp)
+        cmpl    -68(fp),-72(fp)
+        bgequ   noname.61
+        addl2   #65536,-80(fp)
+noname.61:
+        movzwl  -66(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-80(fp)
+        bicl3   #-65536,-68(fp),r0
+        ashl    #16,r0,-72(fp)
+        addl3   -72(fp),-76(fp),r0
+        bicl3   #0,r0,-76(fp)
+        cmpl    -76(fp),-72(fp)
+        bgequ   noname.62
+        incl    -80(fp)
+noname.62:
+        movl    -76(fp),r1
+        movl    -80(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.63
+        incl    r2
+noname.63:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.64
+        incl    r8
+noname.64:
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-92(fp)
+        bicl3   #-65536,r2,-96(fp)
+        mull3   r0,-92(fp),-84(fp)
+        mull2   r3,-92(fp)
+        mull3   r3,-96(fp),-88(fp)
+        mull2   r0,-96(fp)
+        addl3   -84(fp),-88(fp),r0
+        bicl3   #0,r0,-84(fp)
+        cmpl    -84(fp),-88(fp)
+        bgequ   noname.65
+        addl2   #65536,-96(fp)
+noname.65:
+        movzwl  -82(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-96(fp)
+        bicl3   #-65536,-84(fp),r0
+        ashl    #16,r0,-88(fp)
+        addl3   -88(fp),-92(fp),r0
+        bicl3   #0,r0,-92(fp)
+        cmpl    -92(fp),-88(fp)
+        bgequ   noname.66
+        incl    -96(fp)
+noname.66:
+        movl    -92(fp),r1
+        movl    -96(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.67
+        incl    r2
+noname.67:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.68
+        incl    r8
+noname.68:
+
+        movl    r10,8(r11)
+
+        clrl    r10
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-108(fp)
+        bicl3   #-65536,r2,-112(fp)
+        mull3   r0,-108(fp),-100(fp)
+        mull2   r3,-108(fp)
+        mull3   r3,-112(fp),-104(fp)
+        mull2   r0,-112(fp)
+        addl3   -100(fp),-104(fp),r0
+        bicl3   #0,r0,-100(fp)
+        cmpl    -100(fp),-104(fp)
+        bgequ   noname.69
+        addl2   #65536,-112(fp)
+noname.69:
+        movzwl  -98(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-112(fp)
+        bicl3   #-65536,-100(fp),r0
+        ashl    #16,r0,-104(fp)
+        addl3   -104(fp),-108(fp),r0
+        bicl3   #0,r0,-108(fp)
+        cmpl    -108(fp),-104(fp)
+        bgequ   noname.70
+        incl    -112(fp)
+noname.70:
+        movl    -108(fp),r1
+        movl    -112(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.71
+        incl    r2
+noname.71:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.72
+        incl    r10
+noname.72:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-124(fp)
+        bicl3   #-65536,r2,-128(fp)
+        mull3   r0,-124(fp),-116(fp)
+        mull2   r3,-124(fp)
+        mull3   r3,-128(fp),-120(fp)
+        mull2   r0,-128(fp)
+        addl3   -116(fp),-120(fp),r0
+        bicl3   #0,r0,-116(fp)
+        cmpl    -116(fp),-120(fp)
+        bgequ   noname.73
+        addl2   #65536,-128(fp)
+noname.73:
+        movzwl  -114(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-128(fp)
+        bicl3   #-65536,-116(fp),r0
+        ashl    #16,r0,-120(fp)
+        addl3   -120(fp),-124(fp),r0
+        bicl3   #0,r0,-124(fp)
+        cmpl    -124(fp),-120(fp)
+        bgequ   noname.74
+        incl    -128(fp)
+noname.74:
+        movl    -124(fp),r1
+        movl    -128(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.75
+        incl    r2
+noname.75:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.76
+        incl    r10
+noname.76:
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-140(fp)
+        bicl3   #-65536,r2,-144(fp)
+        mull3   r0,-140(fp),-132(fp)
+        mull2   r3,-140(fp)
+        mull3   r3,-144(fp),-136(fp)
+        mull2   r0,-144(fp)
+        addl3   -132(fp),-136(fp),r0
+        bicl3   #0,r0,-132(fp)
+        cmpl    -132(fp),-136(fp)
+        bgequ   noname.77
+        addl2   #65536,-144(fp)
+noname.77:
+        movzwl  -130(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-144(fp)
+        bicl3   #-65536,-132(fp),r0
+        ashl    #16,r0,-136(fp)
+        addl3   -136(fp),-140(fp),r0
+        bicl3   #0,r0,-140(fp)
+        cmpl    -140(fp),-136(fp)
+        bgequ   noname.78
+        incl    -144(fp)
+noname.78:
+        movl    -140(fp),r1
+        movl    -144(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.79
+        incl    r2
+noname.79:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.80
+        incl    r10
+noname.80:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-156(fp)
+        bicl3   #-65536,r2,-160(fp)
+        mull3   r0,-156(fp),-148(fp)
+        mull2   r3,-156(fp)
+        mull3   r3,-160(fp),-152(fp)
+        mull2   r0,-160(fp)
+        addl3   -148(fp),-152(fp),r0
+        bicl3   #0,r0,-148(fp)
+        cmpl    -148(fp),-152(fp)
+        bgequ   noname.81
+        addl2   #65536,-160(fp)
+noname.81:
+        movzwl  -146(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-160(fp)
+        bicl3   #-65536,-148(fp),r0
+        ashl    #16,r0,-152(fp)
+        addl3   -152(fp),-156(fp),r0
+        bicl3   #0,r0,-156(fp)
+        cmpl    -156(fp),-152(fp)
+        bgequ   noname.82
+        incl    -160(fp)
+noname.82:
+        movl    -156(fp),r1
+        movl    -160(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.83
+        incl    r2
+noname.83:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.84
+        incl    r10
+noname.84:
+
+        movl    r9,12(r11)
+
+        clrl    r9
+
+        movzwl  18(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r6),-172(fp)
+        bicl3   #-65536,r2,-176(fp)
+        mull3   r0,-172(fp),-164(fp)
+        mull2   r3,-172(fp)
+        mull3   r3,-176(fp),-168(fp)
+        mull2   r0,-176(fp)
+        addl3   -164(fp),-168(fp),r0
+        bicl3   #0,r0,-164(fp)
+        cmpl    -164(fp),-168(fp)
+        bgequ   noname.85
+        addl2   #65536,-176(fp)
+noname.85:
+        movzwl  -162(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-176(fp)
+        bicl3   #-65536,-164(fp),r0
+        ashl    #16,r0,-168(fp)
+        addl3   -168(fp),-172(fp),r0
+        bicl3   #0,r0,-172(fp)
+        cmpl    -172(fp),-168(fp)
+        bgequ   noname.86
+        incl    -176(fp)
+noname.86:
+        movl    -172(fp),r1
+        movl    -176(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.87
+        incl    r2
+noname.87:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.88
+        incl    r9
+noname.88:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-188(fp)
+        bicl3   #-65536,r2,-192(fp)
+        mull3   r0,-188(fp),-180(fp)
+        mull2   r3,-188(fp)
+        mull3   r3,-192(fp),-184(fp)
+        mull2   r0,-192(fp)
+        addl3   -180(fp),-184(fp),r0
+        bicl3   #0,r0,-180(fp)
+        cmpl    -180(fp),-184(fp)
+        bgequ   noname.89
+        addl2   #65536,-192(fp)
+noname.89:
+        movzwl  -178(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-192(fp)
+        bicl3   #-65536,-180(fp),r0
+        ashl    #16,r0,-184(fp)
+        addl3   -184(fp),-188(fp),r0
+        bicl3   #0,r0,-188(fp)
+        cmpl    -188(fp),-184(fp)
+        bgequ   noname.90
+        incl    -192(fp)
+noname.90:
+        movl    -188(fp),r1
+        movl    -192(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.91
+        incl    r2
+noname.91:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.92
+        incl    r9
+noname.92:
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-204(fp)
+        bicl3   #-65536,r2,-208(fp)
+        mull3   r0,-204(fp),-196(fp)
+        mull2   r3,-204(fp)
+        mull3   r3,-208(fp),-200(fp)
+        mull2   r0,-208(fp)
+        addl3   -196(fp),-200(fp),r0
+        bicl3   #0,r0,-196(fp)
+        cmpl    -196(fp),-200(fp)
+        bgequ   noname.93
+        addl2   #65536,-208(fp)
+noname.93:
+        movzwl  -194(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-208(fp)
+        bicl3   #-65536,-196(fp),r0
+        ashl    #16,r0,-200(fp)
+        addl3   -200(fp),-204(fp),r0
+        bicl3   #0,r0,-204(fp)
+        cmpl    -204(fp),-200(fp)
+        bgequ   noname.94
+        incl    -208(fp)
+noname.94:
+        movl    -204(fp),r1
+        movl    -208(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.95
+        incl    r2
+noname.95:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.96
+        incl    r9
+noname.96:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-220(fp)
+        bicl3   #-65536,r2,-224(fp)
+        mull3   r0,-220(fp),-212(fp)
+        mull2   r3,-220(fp)
+        mull3   r3,-224(fp),-216(fp)
+        mull2   r0,-224(fp)
+        addl3   -212(fp),-216(fp),r0
+        bicl3   #0,r0,-212(fp)
+        cmpl    -212(fp),-216(fp)
+        bgequ   noname.97
+        addl2   #65536,-224(fp)
+noname.97:
+        movzwl  -210(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-224(fp)
+        bicl3   #-65536,-212(fp),r0
+        ashl    #16,r0,-216(fp)
+        addl3   -216(fp),-220(fp),r0
+        bicl3   #0,r0,-220(fp)
+        cmpl    -220(fp),-216(fp)
+        bgequ   noname.98
+        incl    -224(fp)
+noname.98:
+        movl    -220(fp),r1
+        movl    -224(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.99
+        incl    r2
+noname.99:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.100
+        incl    r9
+noname.100:
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,16(r7),r3
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-236(fp)
+        bicl3   #-65536,r2,-240(fp)
+        mull3   r0,-236(fp),-228(fp)
+        mull2   r3,-236(fp)
+        mull3   r3,-240(fp),-232(fp)
+        mull2   r0,-240(fp)
+        addl3   -228(fp),-232(fp),r0
+        bicl3   #0,r0,-228(fp)
+        cmpl    -228(fp),-232(fp)
+        bgequ   noname.101
+        addl2   #65536,-240(fp)
+noname.101:
+        movzwl  -226(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-240(fp)
+        bicl3   #-65536,-228(fp),r0
+        ashl    #16,r0,-232(fp)
+        addl3   -232(fp),-236(fp),r0
+        bicl3   #0,r0,-236(fp)
+        cmpl    -236(fp),-232(fp)
+        bgequ   noname.102
+        incl    -240(fp)
+noname.102:
+        movl    -236(fp),r1
+        movl    -240(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.103
+        incl    r2
+noname.103:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.104
+        incl    r9
+noname.104:
+
+        movl    r8,16(r11)
+
+        clrl    r8
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,20(r7),r3
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-252(fp)
+        bicl3   #-65536,r2,-256(fp)
+        mull3   r0,-252(fp),-244(fp)
+        mull2   r3,-252(fp)
+        mull3   r3,-256(fp),-248(fp)
+        mull2   r0,-256(fp)
+        addl3   -244(fp),-248(fp),r0
+        bicl3   #0,r0,-244(fp)
+        cmpl    -244(fp),-248(fp)
+        bgequ   noname.105
+        addl2   #65536,-256(fp)
+noname.105:
+        movzwl  -242(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-256(fp)
+        bicl3   #-65536,-244(fp),r0
+        ashl    #16,r0,-248(fp)
+        addl3   -248(fp),-252(fp),r0
+        bicl3   #0,r0,-252(fp)
+        cmpl    -252(fp),-248(fp)
+        bgequ   noname.106
+        incl    -256(fp)
+noname.106:
+        movl    -252(fp),r1
+        movl    -256(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.107
+        incl    r2
+noname.107:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.108
+        incl    r8
+noname.108:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,16(r7),r3
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-268(fp)
+        bicl3   #-65536,r2,-272(fp)
+        mull3   r0,-268(fp),-260(fp)
+        mull2   r3,-268(fp)
+        mull3   r3,-272(fp),-264(fp)
+        mull2   r0,-272(fp)
+        addl3   -260(fp),-264(fp),r0
+        bicl3   #0,r0,-260(fp)
+        cmpl    -260(fp),-264(fp)
+        bgequ   noname.109
+        addl2   #65536,-272(fp)
+noname.109:
+        movzwl  -258(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-272(fp)
+        bicl3   #-65536,-260(fp),r0
+        ashl    #16,r0,-264(fp)
+        addl3   -264(fp),-268(fp),r0
+        bicl3   #0,r0,-268(fp)
+        cmpl    -268(fp),-264(fp)
+        bgequ   noname.110
+        incl    -272(fp)
+noname.110:
+        movl    -268(fp),r1
+        movl    -272(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.111
+        incl    r2
+noname.111:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.112
+        incl    r8
+noname.112:
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-284(fp)
+        bicl3   #-65536,r2,-288(fp)
+        mull3   r0,-284(fp),-276(fp)
+        mull2   r3,-284(fp)
+        mull3   r3,-288(fp),-280(fp)
+        mull2   r0,-288(fp)
+        addl3   -276(fp),-280(fp),r0
+        bicl3   #0,r0,-276(fp)
+        cmpl    -276(fp),-280(fp)
+        bgequ   noname.113
+        addl2   #65536,-288(fp)
+noname.113:
+        movzwl  -274(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-288(fp)
+        bicl3   #-65536,-276(fp),r0
+        ashl    #16,r0,-280(fp)
+        addl3   -280(fp),-284(fp),r0
+        bicl3   #0,r0,-284(fp)
+        cmpl    -284(fp),-280(fp)
+        bgequ   noname.114
+        incl    -288(fp)
+noname.114:
+        movl    -284(fp),r1
+        movl    -288(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.115
+        incl    r2
+noname.115:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.116
+        incl    r8
+noname.116:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-300(fp)
+        bicl3   #-65536,r2,-304(fp)
+        mull3   r0,-300(fp),-292(fp)
+        mull2   r3,-300(fp)
+        mull3   r3,-304(fp),-296(fp)
+        mull2   r0,-304(fp)
+        addl3   -292(fp),-296(fp),r0
+        bicl3   #0,r0,-292(fp)
+        cmpl    -292(fp),-296(fp)
+        bgequ   noname.117
+        addl2   #65536,-304(fp)
+noname.117:
+        movzwl  -290(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-304(fp)
+        bicl3   #-65536,-292(fp),r0
+        ashl    #16,r0,-296(fp)
+        addl3   -296(fp),-300(fp),r0
+        bicl3   #0,r0,-300(fp)
+        cmpl    -300(fp),-296(fp)
+        bgequ   noname.118
+        incl    -304(fp)
+noname.118:
+        movl    -300(fp),r1
+        movl    -304(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.119
+        incl    r2
+noname.119:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.120
+        incl    r8
+noname.120:
+
+        movzwl  18(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r6),-316(fp)
+        bicl3   #-65536,r2,-320(fp)
+        mull3   r0,-316(fp),-308(fp)
+        mull2   r3,-316(fp)
+        mull3   r3,-320(fp),-312(fp)
+        mull2   r0,-320(fp)
+        addl3   -308(fp),-312(fp),r0
+        bicl3   #0,r0,-308(fp)
+        cmpl    -308(fp),-312(fp)
+        bgequ   noname.121
+        addl2   #65536,-320(fp)
+noname.121:
+        movzwl  -306(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-320(fp)
+        bicl3   #-65536,-308(fp),r0
+        ashl    #16,r0,-312(fp)
+        addl3   -312(fp),-316(fp),r0
+        bicl3   #0,r0,-316(fp)
+        cmpl    -316(fp),-312(fp)
+        bgequ   noname.122
+        incl    -320(fp)
+noname.122:
+        movl    -316(fp),r1
+        movl    -320(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.123
+        incl    r2
+
+noname.123:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.124
+        incl    r8
+noname.124:
+
+        movzwl  22(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,20(r6),-332(fp)
+        bicl3   #-65536,r2,-336(fp)
+        mull3   r0,-332(fp),-324(fp)
+        mull2   r3,-332(fp)
+        mull3   r3,-336(fp),-328(fp)
+        mull2   r0,-336(fp)
+        addl3   -324(fp),-328(fp),r0
+        bicl3   #0,r0,-324(fp)
+        cmpl    -324(fp),-328(fp)
+        bgequ   noname.125
+        addl2   #65536,-336(fp)
+noname.125:
+        movzwl  -322(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-336(fp)
+        bicl3   #-65536,-324(fp),r0
+        ashl    #16,r0,-328(fp)
+        addl3   -328(fp),-332(fp),r0
+        bicl3   #0,r0,-332(fp)
+        cmpl    -332(fp),-328(fp)
+        bgequ   noname.126
+        incl    -336(fp)
+noname.126:
+        movl    -332(fp),r1
+        movl    -336(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.127
+        incl    r2
+noname.127:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.128
+        incl    r8
+noname.128:
+
+        movl    r10,20(r11)
+
+        clrl    r10
+
+        movzwl  26(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,24(r6),-348(fp)
+        bicl3   #-65536,r2,-352(fp)
+        mull3   r0,-348(fp),-340(fp)
+        mull2   r3,-348(fp)
+        mull3   r3,-352(fp),-344(fp)
+        mull2   r0,-352(fp)
+        addl3   -340(fp),-344(fp),r0
+        bicl3   #0,r0,-340(fp)
+        cmpl    -340(fp),-344(fp)
+        bgequ   noname.129
+        addl2   #65536,-352(fp)
+noname.129:
+        movzwl  -338(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-352(fp)
+        bicl3   #-65536,-340(fp),r0
+        ashl    #16,r0,-344(fp)
+        addl3   -344(fp),-348(fp),r0
+        bicl3   #0,r0,-348(fp)
+        cmpl    -348(fp),-344(fp)
+        bgequ   noname.130
+        incl    -352(fp)
+noname.130:
+        movl    -348(fp),r1
+        movl    -352(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.131
+        incl    r2
+noname.131:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.132
+        incl    r10
+noname.132:
+
+        movzwl  22(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,20(r6),-364(fp)
+        bicl3   #-65536,r2,-368(fp)
+        mull3   r0,-364(fp),-356(fp)
+        mull2   r3,-364(fp)
+        mull3   r3,-368(fp),-360(fp)
+        mull2   r0,-368(fp)
+        addl3   -356(fp),-360(fp),r0
+        bicl3   #0,r0,-356(fp)
+        cmpl    -356(fp),-360(fp)
+        bgequ   noname.133
+        addl2   #65536,-368(fp)
+noname.133:
+        movzwl  -354(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-368(fp)
+        bicl3   #-65536,-356(fp),r0
+        ashl    #16,r0,-360(fp)
+        addl3   -360(fp),-364(fp),r0
+        bicl3   #0,r0,-364(fp)
+        cmpl    -364(fp),-360(fp)
+        bgequ   noname.134
+        incl    -368(fp)
+noname.134:
+        movl    -364(fp),r1
+        movl    -368(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.135
+        incl    r2
+noname.135:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.136
+        incl    r10
+noname.136:
+
+        movzwl  18(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r6),-380(fp)
+        bicl3   #-65536,r2,-384(fp)
+        mull3   r0,-380(fp),-372(fp)
+        mull2   r3,-380(fp)
+        mull3   r3,-384(fp),-376(fp)
+        mull2   r0,-384(fp)
+        addl3   -372(fp),-376(fp),r0
+        bicl3   #0,r0,-372(fp)
+        cmpl    -372(fp),-376(fp)
+        bgequ   noname.137
+        addl2   #65536,-384(fp)
+noname.137:
+        movzwl  -370(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-384(fp)
+        bicl3   #-65536,-372(fp),r0
+        ashl    #16,r0,-376(fp)
+        addl3   -376(fp),-380(fp),r0
+        bicl3   #0,r0,-380(fp)
+        cmpl    -380(fp),-376(fp)
+        bgequ   noname.138
+        incl    -384(fp)
+noname.138:
+        movl    -380(fp),r1
+        movl    -384(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.139
+        incl    r2
+noname.139:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.140
+        incl    r10
+noname.140:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-396(fp)
+        bicl3   #-65536,r2,-400(fp)
+        mull3   r0,-396(fp),-388(fp)
+        mull2   r3,-396(fp)
+        mull3   r3,-400(fp),-392(fp)
+        mull2   r0,-400(fp)
+        addl3   -388(fp),-392(fp),r0
+        bicl3   #0,r0,-388(fp)
+        cmpl    -388(fp),-392(fp)
+        bgequ   noname.141
+        addl2   #65536,-400(fp)
+noname.141:
+        movzwl  -386(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-400(fp)
+        bicl3   #-65536,-388(fp),r0
+        ashl    #16,r0,-392(fp)
+        addl3   -392(fp),-396(fp),r0
+        bicl3   #0,r0,-396(fp)
+        cmpl    -396(fp),-392(fp)
+        bgequ   noname.142
+        incl    -400(fp)
+noname.142:
+        movl    -396(fp),r1
+        movl    -400(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.143
+        incl    r2
+noname.143:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.144
+        incl    r10
+noname.144:
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,16(r7),r3
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-412(fp)
+        bicl3   #-65536,r2,-416(fp)
+        mull3   r0,-412(fp),-404(fp)
+        mull2   r3,-412(fp)
+        mull3   r3,-416(fp),-408(fp)
+        mull2   r0,-416(fp)
+        addl3   -404(fp),-408(fp),r0
+        bicl3   #0,r0,-404(fp)
+        cmpl    -404(fp),-408(fp)
+        bgequ   noname.145
+        addl2   #65536,-416(fp)
+noname.145:
+        movzwl  -402(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-416(fp)
+        bicl3   #-65536,-404(fp),r0
+        ashl    #16,r0,-408(fp)
+        addl3   -408(fp),-412(fp),r0
+        bicl3   #0,r0,-412(fp)
+        cmpl    -412(fp),-408(fp)
+        bgequ   noname.146
+        incl    -416(fp)
+noname.146:
+        movl    -412(fp),r1
+        movl    -416(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.147
+        incl    r2
+noname.147:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.148
+        incl    r10
+noname.148:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,20(r7),r3
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-428(fp)
+        bicl3   #-65536,r2,-432(fp)
+        mull3   r0,-428(fp),-420(fp)
+        mull2   r3,-428(fp)
+        mull3   r3,-432(fp),-424(fp)
+        mull2   r0,-432(fp)
+        addl3   -420(fp),-424(fp),r0
+        bicl3   #0,r0,-420(fp)
+        cmpl    -420(fp),-424(fp)
+        bgequ   noname.149
+        addl2   #65536,-432(fp)
+noname.149:
+        movzwl  -418(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-432(fp)
+        bicl3   #-65536,-420(fp),r0
+        ashl    #16,r0,-424(fp)
+        addl3   -424(fp),-428(fp),r0
+        bicl3   #0,r0,-428(fp)
+        cmpl    -428(fp),-424(fp)
+        bgequ   noname.150
+        incl    -432(fp)
+noname.150:
+        movl    -428(fp),r1
+        movl    -432(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.151
+        incl    r2
+noname.151:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.152
+        incl    r10
+noname.152:
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,24(r7),r3
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-444(fp)
+        bicl3   #-65536,r2,-448(fp)
+        mull3   r0,-444(fp),-436(fp)
+        mull2   r3,-444(fp)
+        mull3   r3,-448(fp),-440(fp)
+        mull2   r0,-448(fp)
+        addl3   -436(fp),-440(fp),r0
+        bicl3   #0,r0,-436(fp)
+        cmpl    -436(fp),-440(fp)
+        bgequ   noname.153
+        addl2   #65536,-448(fp)
+noname.153:
+        movzwl  -434(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-448(fp)
+        bicl3   #-65536,-436(fp),r0
+        ashl    #16,r0,-440(fp)
+        addl3   -440(fp),-444(fp),r0
+        bicl3   #0,r0,-444(fp)
+        cmpl    -444(fp),-440(fp)
+        bgequ   noname.154
+        incl    -448(fp)
+noname.154:
+        movl    -444(fp),r1
+        movl    -448(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.155
+        incl    r2
+noname.155:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.156
+        incl    r10
+noname.156:
+
+        movl    r9,24(r11)
+
+        clrl    r9
+
+        movzwl  2(r6),r2
+        bicl3   #-65536,28(r7),r3
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,(r6),-460(fp)
+        bicl3   #-65536,r2,-464(fp)
+        mull3   r0,-460(fp),-452(fp)
+        mull2   r3,-460(fp)
+        mull3   r3,-464(fp),-456(fp)
+        mull2   r0,-464(fp)
+        addl3   -452(fp),-456(fp),r0
+        bicl3   #0,r0,-452(fp)
+        cmpl    -452(fp),-456(fp)
+        bgequ   noname.157
+        addl2   #65536,-464(fp)
+noname.157:
+        movzwl  -450(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-464(fp)
+        bicl3   #-65536,-452(fp),r0
+        ashl    #16,r0,-456(fp)
+        addl3   -456(fp),-460(fp),r0
+        bicl3   #0,r0,-460(fp)
+        cmpl    -460(fp),-456(fp)
+        bgequ   noname.158
+        incl    -464(fp)
+noname.158:
+        movl    -460(fp),r1
+        movl    -464(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.159
+        incl    r2
+noname.159:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.160
+        incl    r9
+noname.160:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,24(r7),r3
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-476(fp)
+        bicl3   #-65536,r2,-480(fp)
+        mull3   r0,-476(fp),-468(fp)
+        mull2   r3,-476(fp)
+        mull3   r3,-480(fp),-472(fp)
+        mull2   r0,-480(fp)
+        addl3   -468(fp),-472(fp),r0
+        bicl3   #0,r0,-468(fp)
+        cmpl    -468(fp),-472(fp)
+        bgequ   noname.161
+        addl2   #65536,-480(fp)
+noname.161:
+        movzwl  -466(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-480(fp)
+        bicl3   #-65536,-468(fp),r0
+        ashl    #16,r0,-472(fp)
+        addl3   -472(fp),-476(fp),r0
+        bicl3   #0,r0,-476(fp)
+        cmpl    -476(fp),-472(fp)
+        bgequ   noname.162
+        incl    -480(fp)
+noname.162:
+        movl    -476(fp),r1
+        movl    -480(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.163
+        incl    r2
+noname.163:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.164
+        incl    r9
+noname.164:
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,20(r7),r3
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-492(fp)
+        bicl3   #-65536,r2,-496(fp)
+        mull3   r0,-492(fp),-484(fp)
+        mull2   r3,-492(fp)
+        mull3   r3,-496(fp),-488(fp)
+        mull2   r0,-496(fp)
+        addl3   -484(fp),-488(fp),r0
+        bicl3   #0,r0,-484(fp)
+        cmpl    -484(fp),-488(fp)
+        bgequ   noname.165
+        addl2   #65536,-496(fp)
+noname.165:
+        movzwl  -482(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-496(fp)
+        bicl3   #-65536,-484(fp),r0
+        ashl    #16,r0,-488(fp)
+        addl3   -488(fp),-492(fp),r0
+        bicl3   #0,r0,-492(fp)
+        cmpl    -492(fp),-488(fp)
+        bgequ   noname.166
+        incl    -496(fp)
+noname.166:
+        movl    -492(fp),r1
+        movl    -496(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.167
+        incl    r2
+noname.167:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.168
+        incl    r9
+noname.168:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,16(r7),r3
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-508(fp)
+        bicl3   #-65536,r2,-512(fp)
+        mull3   r0,-508(fp),-500(fp)
+        mull2   r3,-508(fp)
+        mull3   r3,-512(fp),-504(fp)
+        mull2   r0,-512(fp)
+        addl3   -500(fp),-504(fp),r0
+        bicl3   #0,r0,-500(fp)
+        cmpl    -500(fp),-504(fp)
+        bgequ   noname.169
+        addl2   #65536,-512(fp)
+noname.169:
+        movzwl  -498(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-512(fp)
+        bicl3   #-65536,-500(fp),r0
+        ashl    #16,r0,-504(fp)
+        addl3   -504(fp),-508(fp),r0
+        bicl3   #0,r0,-508(fp)
+        cmpl    -508(fp),-504(fp)
+        bgequ   noname.170
+        incl    -512(fp)
+noname.170:
+        movl    -508(fp),r1
+        movl    -512(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.171
+        incl    r2
+noname.171:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.172
+        incl    r9
+noname.172:
+
+        movzwl  18(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r6),-524(fp)
+        bicl3   #-65536,r2,-528(fp)
+        mull3   r0,-524(fp),-516(fp)
+        mull2   r3,-524(fp)
+        mull3   r3,-528(fp),-520(fp)
+        mull2   r0,-528(fp)
+        addl3   -516(fp),-520(fp),r0
+        bicl3   #0,r0,-516(fp)
+        cmpl    -516(fp),-520(fp)
+        bgequ   noname.173
+        addl2   #65536,-528(fp)
+noname.173:
+        movzwl  -514(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-528(fp)
+        bicl3   #-65536,-516(fp),r0
+        ashl    #16,r0,-520(fp)
+        addl3   -520(fp),-524(fp),r0
+        bicl3   #0,r0,-524(fp)
+        cmpl    -524(fp),-520(fp)
+        bgequ   noname.174
+        incl    -528(fp)
+noname.174:
+        movl    -524(fp),r1
+        movl    -528(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.175
+        incl    r2
+noname.175:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.176
+        incl    r9
+noname.176:
+
+        movzwl  22(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,20(r6),-540(fp)
+        bicl3   #-65536,r2,-544(fp)
+        mull3   r0,-540(fp),-532(fp)
+        mull2   r3,-540(fp)
+        mull3   r3,-544(fp),-536(fp)
+        mull2   r0,-544(fp)
+        addl3   -532(fp),-536(fp),r0
+        bicl3   #0,r0,-532(fp)
+        cmpl    -532(fp),-536(fp)
+        bgequ   noname.177
+        addl2   #65536,-544(fp)
+noname.177:
+        movzwl  -530(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-544(fp)
+        bicl3   #-65536,-532(fp),r0
+        ashl    #16,r0,-536(fp)
+        addl3   -536(fp),-540(fp),r0
+        bicl3   #0,r0,-540(fp)
+        cmpl    -540(fp),-536(fp)
+        bgequ   noname.178
+        incl    -544(fp)
+noname.178:
+        movl    -540(fp),r1
+        movl    -544(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.179
+        incl    r2
+noname.179:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.180
+        incl    r9
+noname.180:
+
+        movzwl  26(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,24(r6),-556(fp)
+        bicl3   #-65536,r2,-560(fp)
+        mull3   r0,-556(fp),-548(fp)
+        mull2   r3,-556(fp)
+        mull3   r3,-560(fp),-552(fp)
+        mull2   r0,-560(fp)
+        addl3   -548(fp),-552(fp),r0
+        bicl3   #0,r0,-548(fp)
+        cmpl    -548(fp),-552(fp)
+        bgequ   noname.181
+        addl2   #65536,-560(fp)
+noname.181:
+        movzwl  -546(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-560(fp)
+        bicl3   #-65536,-548(fp),r0
+        ashl    #16,r0,-552(fp)
+        addl3   -552(fp),-556(fp),r0
+        bicl3   #0,r0,-556(fp)
+        cmpl    -556(fp),-552(fp)
+        bgequ   noname.182
+        incl    -560(fp)
+noname.182:
+        movl    -556(fp),r1
+        movl    -560(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.183
+        incl    r2
+noname.183:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.184
+        incl    r9
+noname.184:
+
+        movzwl  30(r6),r2
+        bicl3   #-65536,(r7),r3
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,28(r6),-572(fp)
+        bicl3   #-65536,r2,-576(fp)
+        mull3   r0,-572(fp),-564(fp)
+        mull2   r3,-572(fp)
+        mull3   r3,-576(fp),-568(fp)
+        mull2   r0,-576(fp)
+        addl3   -564(fp),-568(fp),r0
+        bicl3   #0,r0,-564(fp)
+        cmpl    -564(fp),-568(fp)
+        bgequ   noname.185
+        addl2   #65536,-576(fp)
+noname.185:
+        movzwl  -562(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-576(fp)
+        bicl3   #-65536,-564(fp),r0
+        ashl    #16,r0,-568(fp)
+        addl3   -568(fp),-572(fp),r0
+        bicl3   #0,r0,-572(fp)
+        cmpl    -572(fp),-568(fp)
+        bgequ   noname.186
+        incl    -576(fp)
+noname.186:
+        movl    -572(fp),r1
+        movl    -576(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.187
+        incl    r2
+noname.187:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.188
+        incl    r9
+noname.188:
+
+        movl    r8,28(r11)
+
+        clrl    r8
+
+        movzwl  30(r6),r2
+        bicl3   #-65536,4(r7),r3
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,28(r6),-588(fp)
+        bicl3   #-65536,r2,-592(fp)
+        mull3   r0,-588(fp),-580(fp)
+        mull2   r3,-588(fp)
+        mull3   r3,-592(fp),-584(fp)
+        mull2   r0,-592(fp)
+        addl3   -580(fp),-584(fp),r0
+        bicl3   #0,r0,-580(fp)
+        cmpl    -580(fp),-584(fp)
+        bgequ   noname.189
+        addl2   #65536,-592(fp)
+noname.189:
+        movzwl  -578(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-592(fp)
+        bicl3   #-65536,-580(fp),r0
+        ashl    #16,r0,-584(fp)
+        addl3   -584(fp),-588(fp),r0
+        bicl3   #0,r0,-588(fp)
+        cmpl    -588(fp),-584(fp)
+        bgequ   noname.190
+        incl    -592(fp)
+noname.190:
+        movl    -588(fp),r1
+        movl    -592(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.191
+        incl    r2
+noname.191:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.192
+        incl    r8
+noname.192:
+
+        movzwl  26(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,24(r6),-604(fp)
+        bicl3   #-65536,r2,-608(fp)
+        mull3   r0,-604(fp),-596(fp)
+        mull2   r3,-604(fp)
+        mull3   r3,-608(fp),-600(fp)
+        mull2   r0,-608(fp)
+        addl3   -596(fp),-600(fp),r0
+        bicl3   #0,r0,-596(fp)
+        cmpl    -596(fp),-600(fp)
+        bgequ   noname.193
+        addl2   #65536,-608(fp)
+noname.193:
+        movzwl  -594(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-608(fp)
+        bicl3   #-65536,-596(fp),r0
+        ashl    #16,r0,-600(fp)
+        addl3   -600(fp),-604(fp),r0
+        bicl3   #0,r0,-604(fp)
+        cmpl    -604(fp),-600(fp)
+        bgequ   noname.194
+        incl    -608(fp)
+noname.194:
+        movl    -604(fp),r1
+        movl    -608(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.195
+        incl    r2
+noname.195:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.196
+        incl    r8
+noname.196:
+
+        movzwl  22(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,20(r6),-620(fp)
+        bicl3   #-65536,r2,-624(fp)
+        mull3   r0,-620(fp),-612(fp)
+        mull2   r3,-620(fp)
+        mull3   r3,-624(fp),-616(fp)
+        mull2   r0,-624(fp)
+        addl3   -612(fp),-616(fp),r0
+        bicl3   #0,r0,-612(fp)
+        cmpl    -612(fp),-616(fp)
+        bgequ   noname.197
+        addl2   #65536,-624(fp)
+noname.197:
+        movzwl  -610(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-624(fp)
+        bicl3   #-65536,-612(fp),r0
+        ashl    #16,r0,-616(fp)
+        addl3   -616(fp),-620(fp),r0
+        bicl3   #0,r0,-620(fp)
+        cmpl    -620(fp),-616(fp)
+        bgequ   noname.198
+        incl    -624(fp)
+noname.198:
+        movl    -620(fp),r1
+        movl    -624(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.199
+        incl    r2
+noname.199:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.200
+        incl    r8
+noname.200:
+
+        movzwl  18(r6),r2
+        bicl3   #-65536,16(r7),r3
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r6),-636(fp)
+        bicl3   #-65536,r2,-640(fp)
+        mull3   r0,-636(fp),-628(fp)
+        mull2   r3,-636(fp)
+        mull3   r3,-640(fp),-632(fp)
+        mull2   r0,-640(fp)
+        addl3   -628(fp),-632(fp),r0
+        bicl3   #0,r0,-628(fp)
+        cmpl    -628(fp),-632(fp)
+        bgequ   noname.201
+        addl2   #65536,-640(fp)
+noname.201:
+        movzwl  -626(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-640(fp)
+        bicl3   #-65536,-628(fp),r0
+        ashl    #16,r0,-632(fp)
+        addl3   -632(fp),-636(fp),r0
+        bicl3   #0,r0,-636(fp)
+        cmpl    -636(fp),-632(fp)
+        bgequ   noname.202
+        incl    -640(fp)
+noname.202:
+        movl    -636(fp),r1
+        movl    -640(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.203
+        incl    r2
+noname.203:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.204
+        incl    r8
+noname.204:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,20(r7),r3
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-652(fp)
+        bicl3   #-65536,r2,-656(fp)
+        mull3   r0,-652(fp),-644(fp)
+        mull2   r3,-652(fp)
+        mull3   r3,-656(fp),-648(fp)
+        mull2   r0,-656(fp)
+        addl3   -644(fp),-648(fp),r0
+        bicl3   #0,r0,-644(fp)
+        cmpl    -644(fp),-648(fp)
+        bgequ   noname.205
+        addl2   #65536,-656(fp)
+noname.205:
+        movzwl  -642(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-656(fp)
+        bicl3   #-65536,-644(fp),r0
+        ashl    #16,r0,-648(fp)
+        addl3   -648(fp),-652(fp),r0
+        bicl3   #0,r0,-652(fp)
+        cmpl    -652(fp),-648(fp)
+        bgequ   noname.206
+        incl    -656(fp)
+noname.206:
+        movl    -652(fp),r1
+        movl    -656(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.207
+        incl    r2
+noname.207:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.208
+        incl    r8
+noname.208:
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,24(r7),r3
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-668(fp)
+        bicl3   #-65536,r2,-672(fp)
+        mull3   r0,-668(fp),-660(fp)
+        mull2   r3,-668(fp)
+        mull3   r3,-672(fp),-664(fp)
+        mull2   r0,-672(fp)
+        addl3   -660(fp),-664(fp),r0
+        bicl3   #0,r0,-660(fp)
+        cmpl    -660(fp),-664(fp)
+        bgequ   noname.209
+        addl2   #65536,-672(fp)
+noname.209:
+        movzwl  -658(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-672(fp)
+        bicl3   #-65536,-660(fp),r0
+        ashl    #16,r0,-664(fp)
+        addl3   -664(fp),-668(fp),r0
+        bicl3   #0,r0,-668(fp)
+        cmpl    -668(fp),-664(fp)
+        bgequ   noname.210
+        incl    -672(fp)
+noname.210:
+        movl    -668(fp),r1
+        movl    -672(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.211
+        incl    r2
+noname.211:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.212
+        incl    r8
+noname.212:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,28(r7),r3
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-684(fp)
+        bicl3   #-65536,r2,-688(fp)
+        mull3   r0,-684(fp),-676(fp)
+        mull2   r3,-684(fp)
+        mull3   r3,-688(fp),-680(fp)
+        mull2   r0,-688(fp)
+        addl3   -676(fp),-680(fp),r0
+        bicl3   #0,r0,-676(fp)
+        cmpl    -676(fp),-680(fp)
+        bgequ   noname.213
+        addl2   #65536,-688(fp)
+noname.213:
+        movzwl  -674(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-688(fp)
+        bicl3   #-65536,-676(fp),r0
+        ashl    #16,r0,-680(fp)
+        addl3   -680(fp),-684(fp),r0
+        bicl3   #0,r0,-684(fp)
+        cmpl    -684(fp),-680(fp)
+        bgequ   noname.214
+        incl    -688(fp)
+noname.214:
+        movl    -684(fp),r1
+        movl    -688(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.215
+        incl    r2
+noname.215:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.216
+        incl    r8
+noname.216:
+
+        movl    r10,32(r11)
+
+        clrl    r10
+
+        movzwl  10(r6),r2
+        bicl3   #-65536,28(r7),r3
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r6),-700(fp)
+        bicl3   #-65536,r2,-704(fp)
+        mull3   r0,-700(fp),-692(fp)
+        mull2   r3,-700(fp)
+        mull3   r3,-704(fp),-696(fp)
+        mull2   r0,-704(fp)
+        addl3   -692(fp),-696(fp),r0
+        bicl3   #0,r0,-692(fp)
+        cmpl    -692(fp),-696(fp)
+        bgequ   noname.217
+        addl2   #65536,-704(fp)
+noname.217:
+        movzwl  -690(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-704(fp)
+        bicl3   #-65536,-692(fp),r0
+        ashl    #16,r0,-696(fp)
+        addl3   -696(fp),-700(fp),r0
+        bicl3   #0,r0,-700(fp)
+        cmpl    -700(fp),-696(fp)
+        bgequ   noname.218
+        incl    -704(fp)
+noname.218:
+        movl    -700(fp),r1
+        movl    -704(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.219
+        incl    r2
+noname.219:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.220
+        incl    r10
+noname.220:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,24(r7),r3
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-716(fp)
+        bicl3   #-65536,r2,-720(fp)
+        mull3   r0,-716(fp),-708(fp)
+        mull2   r3,-716(fp)
+        mull3   r3,-720(fp),-712(fp)
+        mull2   r0,-720(fp)
+        addl3   -708(fp),-712(fp),r0
+        bicl3   #0,r0,-708(fp)
+        cmpl    -708(fp),-712(fp)
+        bgequ   noname.221
+        addl2   #65536,-720(fp)
+noname.221:
+        movzwl  -706(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-720(fp)
+        bicl3   #-65536,-708(fp),r0
+        ashl    #16,r0,-712(fp)
+        addl3   -712(fp),-716(fp),r0
+        bicl3   #0,r0,-716(fp)
+        cmpl    -716(fp),-712(fp)
+        bgequ   noname.222
+        incl    -720(fp)
+noname.222:
+        movl    -716(fp),r1
+        movl    -720(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.223
+        incl    r2
+noname.223:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.224
+        incl    r10
+noname.224:
+
+        movzwl  18(r6),r2
+        bicl3   #-65536,20(r7),r3
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r6),-732(fp)
+        bicl3   #-65536,r2,-736(fp)
+        mull3   r0,-732(fp),-724(fp)
+        mull2   r3,-732(fp)
+        mull3   r3,-736(fp),-728(fp)
+        mull2   r0,-736(fp)
+        addl3   -724(fp),-728(fp),r0
+        bicl3   #0,r0,-724(fp)
+        cmpl    -724(fp),-728(fp)
+        bgequ   noname.225
+        addl2   #65536,-736(fp)
+noname.225:
+        movzwl  -722(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-736(fp)
+        bicl3   #-65536,-724(fp),r0
+        ashl    #16,r0,-728(fp)
+        addl3   -728(fp),-732(fp),r0
+        bicl3   #0,r0,-732(fp)
+        cmpl    -732(fp),-728(fp)
+        bgequ   noname.226
+        incl    -736(fp)
+noname.226:
+        movl    -732(fp),r1
+        movl    -736(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.227
+        incl    r2
+noname.227:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.228
+        incl    r10
+noname.228:
+
+        movzwl  22(r6),r2
+        bicl3   #-65536,16(r7),r3
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,20(r6),-748(fp)
+        bicl3   #-65536,r2,-752(fp)
+        mull3   r0,-748(fp),-740(fp)
+        mull2   r3,-748(fp)
+        mull3   r3,-752(fp),-744(fp)
+        mull2   r0,-752(fp)
+        addl3   -740(fp),-744(fp),r0
+        bicl3   #0,r0,-740(fp)
+        cmpl    -740(fp),-744(fp)
+        bgequ   noname.229
+        addl2   #65536,-752(fp)
+noname.229:
+        movzwl  -738(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-752(fp)
+        bicl3   #-65536,-740(fp),r0
+        ashl    #16,r0,-744(fp)
+        addl3   -744(fp),-748(fp),r0
+        bicl3   #0,r0,-748(fp)
+        cmpl    -748(fp),-744(fp)
+        bgequ   noname.230
+        incl    -752(fp)
+noname.230:
+        movl    -748(fp),r1
+        movl    -752(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.231
+        incl    r2
+noname.231:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.232
+        incl    r10
+noname.232:
+
+        movzwl  26(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,24(r6),-764(fp)
+        bicl3   #-65536,r2,-768(fp)
+        mull3   r0,-764(fp),-756(fp)
+        mull2   r3,-764(fp)
+        mull3   r3,-768(fp),-760(fp)
+        mull2   r0,-768(fp)
+        addl3   -756(fp),-760(fp),r0
+        bicl3   #0,r0,-756(fp)
+        cmpl    -756(fp),-760(fp)
+        bgequ   noname.233
+        addl2   #65536,-768(fp)
+noname.233:
+        movzwl  -754(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-768(fp)
+        bicl3   #-65536,-756(fp),r0
+        ashl    #16,r0,-760(fp)
+        addl3   -760(fp),-764(fp),r0
+        bicl3   #0,r0,-764(fp)
+        cmpl    -764(fp),-760(fp)
+        bgequ   noname.234
+        incl    -768(fp)
+noname.234:
+        movl    -764(fp),r1
+        movl    -768(fp),r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.235
+        incl    r2
+noname.235:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.236
+        incl    r10
+noname.236:
+
+        bicl3   #-65536,28(r6),r3
+        movzwl  30(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,8(r7),r2
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-772(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-776(fp)
+        mull2   r0,r4
+        addl3   -772(fp),-776(fp),r0
+        bicl3   #0,r0,-772(fp)
+        cmpl    -772(fp),-776(fp)
+        bgequ   noname.237
+        addl2   #65536,r4
+noname.237:
+        movzwl  -770(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-772(fp),r0
+        ashl    #16,r0,-776(fp)
+        addl2   -776(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-776(fp)
+        bgequ   noname.238
+        incl    r4
+noname.238:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.239
+        incl    r2
+noname.239:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.240
+        incl    r10
+noname.240:
+
+        movl    r9,36(r11)
+
+        clrl    r9
+
+        bicl3   #-65536,28(r6),r3
+        movzwl  30(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r7),r2
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-780(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-784(fp)
+        mull2   r0,r4
+        addl3   -780(fp),-784(fp),r0
+        bicl3   #0,r0,-780(fp)
+        cmpl    -780(fp),-784(fp)
+        bgequ   noname.241
+        addl2   #65536,r4
+noname.241:
+        movzwl  -778(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-780(fp),r0
+        ashl    #16,r0,-784(fp)
+        addl2   -784(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-784(fp)
+        bgequ   noname.242
+        incl    r4
+noname.242:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.243
+        incl    r2
+noname.243:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.244
+        incl    r9
+noname.244:
+
+        bicl3   #-65536,24(r6),r3
+        movzwl  26(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r7),r2
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-788(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-792(fp)
+        mull2   r0,r4
+        addl3   -788(fp),-792(fp),r0
+        bicl3   #0,r0,-788(fp)
+        cmpl    -788(fp),-792(fp)
+        bgequ   noname.245
+        addl2   #65536,r4
+noname.245:
+        movzwl  -786(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-788(fp),r0
+        ashl    #16,r0,-792(fp)
+        addl2   -792(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-792(fp)
+        bgequ   noname.246
+        incl    r4
+noname.246:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.247
+        incl    r2
+noname.247:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.248
+        incl    r9
+noname.248:
+
+        bicl3   #-65536,20(r6),r3
+        movzwl  22(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r7),r2
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-796(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-800(fp)
+        mull2   r0,r4
+        addl3   -796(fp),-800(fp),r0
+        bicl3   #0,r0,-796(fp)
+        cmpl    -796(fp),-800(fp)
+        bgequ   noname.249
+        addl2   #65536,r4
+noname.249:
+        movzwl  -794(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-796(fp),r0
+        ashl    #16,r0,-800(fp)
+        addl2   -800(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-800(fp)
+        bgequ   noname.250
+        incl    r4
+noname.250:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.251
+        incl    r2
+noname.251:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.252
+        incl    r9
+noname.252:
+
+        bicl3   #-65536,16(r6),r3
+        movzwl  18(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,24(r7),r2
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-804(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-808(fp)
+        mull2   r0,r4
+        addl3   -804(fp),-808(fp),r0
+        bicl3   #0,r0,-804(fp)
+        cmpl    -804(fp),-808(fp)
+        bgequ   noname.253
+        addl2   #65536,r4
+noname.253:
+        movzwl  -802(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-804(fp),r0
+        ashl    #16,r0,-808(fp)
+        addl2   -808(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-808(fp)
+        bgequ   noname.254
+        incl    r4
+noname.254:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.255
+        incl    r2
+noname.255:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.256
+        incl    r9
+noname.256:
+
+        bicl3   #-65536,12(r6),r3
+        movzwl  14(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,28(r7),r2
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-812(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-816(fp)
+        mull2   r0,r4
+        addl3   -812(fp),-816(fp),r0
+        bicl3   #0,r0,-812(fp)
+        cmpl    -812(fp),-816(fp)
+        bgequ   noname.257
+        addl2   #65536,r4
+noname.257:
+        movzwl  -810(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-812(fp),r0
+        ashl    #16,r0,-816(fp)
+        addl2   -816(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-816(fp)
+        bgequ   noname.258
+        incl    r4
+noname.258:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.259
+        incl    r2
+noname.259:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.260
+        incl    r9
+noname.260:
+
+        movl    r8,40(r11)
+
+        clrl    r8
+
+        bicl3   #-65536,16(r6),r3
+        movzwl  18(r6),r2
+        bicl3   #-65536,28(r7),r1
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r4
+        bicl3   #-65536,r2,-828(fp)
+        mull3   r0,r4,-820(fp)
+        mull2   r1,r4
+        mull3   r1,-828(fp),-824(fp)
+        mull2   r0,-828(fp)
+        addl3   -820(fp),-824(fp),r0
+        bicl3   #0,r0,-820(fp)
+        cmpl    -820(fp),-824(fp)
+        bgequ   noname.261
+        addl2   #65536,-828(fp)
+noname.261:
+        movzwl  -818(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-828(fp)
+        bicl3   #-65536,-820(fp),r0
+        ashl    #16,r0,-824(fp)
+        addl2   -824(fp),r4
+        bicl2   #0,r4
+        cmpl    r4,-824(fp)
+        bgequ   noname.262
+        incl    -828(fp)
+noname.262:
+        movl    r4,r1
+        movl    -828(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.263
+        incl    r2
+noname.263:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.264
+        incl    r8
+noname.264:
+
+        movzwl  22(r6),r2
+        bicl3   #-65536,24(r7),r3
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,20(r6),-840(fp)
+        bicl3   #-65536,r2,-844(fp)
+        mull3   r0,-840(fp),-832(fp)
+        mull2   r3,-840(fp)
+        mull3   r3,-844(fp),-836(fp)
+        mull2   r0,-844(fp)
+        addl3   -832(fp),-836(fp),r0
+        bicl3   #0,r0,-832(fp)
+        cmpl    -832(fp),-836(fp)
+        bgequ   noname.265
+        addl2   #65536,-844(fp)
+noname.265:
+        movzwl  -830(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-844(fp)
+        bicl3   #-65536,-832(fp),r0
+        ashl    #16,r0,-836(fp)
+        addl3   -836(fp),-840(fp),r0
+        bicl3   #0,r0,-840(fp)
+        cmpl    -840(fp),-836(fp)
+        bgequ   noname.266
+        incl    -844(fp)
+noname.266:
+        movl    -840(fp),r1
+        movl    -844(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.267
+        incl    r2
+noname.267:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.268
+        incl    r8
+noname.268:
+
+        bicl3   #-65536,24(r6),r3
+        movzwl  26(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r7),r2
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-848(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-852(fp)
+        mull2   r0,r4
+        addl3   -848(fp),-852(fp),r0
+        bicl3   #0,r0,-848(fp)
+        cmpl    -848(fp),-852(fp)
+        bgequ   noname.269
+        addl2   #65536,r4
+noname.269:
+        movzwl  -846(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-848(fp),r0
+        ashl    #16,r0,-852(fp)
+        addl2   -852(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-852(fp)
+        bgequ   noname.270
+        incl    r4
+noname.270:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.271
+        incl    r2
+noname.271:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.272
+        incl    r8
+noname.272:
+
+        bicl3   #-65536,28(r6),r3
+        movzwl  30(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r7),r2
+        movzwl  18(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-856(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-860(fp)
+        mull2   r0,r4
+        addl3   -856(fp),-860(fp),r0
+        bicl3   #0,r0,-856(fp)
+        cmpl    -856(fp),-860(fp)
+        bgequ   noname.273
+        addl2   #65536,r4
+noname.273:
+        movzwl  -854(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-856(fp),r0
+        ashl    #16,r0,-860(fp)
+        addl2   -860(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-860(fp)
+        bgequ   noname.274
+        incl    r4
+noname.274:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.275
+        incl    r2
+noname.275:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.276
+        incl    r8
+noname.276:
+
+        movl    r10,44(r11)
+
+        clrl    r10
+
+        bicl3   #-65536,28(r6),r3
+        movzwl  30(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r7),r2
+        movzwl  22(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-864(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-868(fp)
+        mull2   r0,r4
+        addl3   -864(fp),-868(fp),r0
+        bicl3   #0,r0,-864(fp)
+        cmpl    -864(fp),-868(fp)
+        bgequ   noname.277
+        addl2   #65536,r4
+noname.277:
+        movzwl  -862(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-864(fp),r0
+        ashl    #16,r0,-868(fp)
+        addl2   -868(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-868(fp)
+        bgequ   noname.278
+        incl    r4
+noname.278:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.279
+        incl    r2
+noname.279:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.280
+        incl    r10
+noname.280:
+
+        bicl3   #-65536,24(r6),r3
+        movzwl  26(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,24(r7),r2
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-872(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-876(fp)
+        mull2   r0,r4
+        addl3   -872(fp),-876(fp),r0
+        bicl3   #0,r0,-872(fp)
+        cmpl    -872(fp),-876(fp)
+        bgequ   noname.281
+        addl2   #65536,r4
+noname.281:
+        movzwl  -870(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-872(fp),r0
+        ashl    #16,r0,-876(fp)
+        addl2   -876(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-876(fp)
+        bgequ   noname.282
+        incl    r4
+noname.282:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.283
+        incl    r2
+noname.283:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.284
+        incl    r10
+noname.284:
+
+        bicl3   #-65536,20(r6),r3
+        movzwl  22(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,28(r7),r2
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-880(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-884(fp)
+        mull2   r0,r4
+        addl3   -880(fp),-884(fp),r0
+        bicl3   #0,r0,-880(fp)
+        cmpl    -880(fp),-884(fp)
+        bgequ   noname.285
+        addl2   #65536,r4
+noname.285:
+        movzwl  -878(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-880(fp),r0
+        ashl    #16,r0,-884(fp)
+        addl2   -884(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-884(fp)
+        bgequ   noname.286
+        incl    r4
+noname.286:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.287
+        incl    r2
+noname.287:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.288
+        incl    r10
+noname.288:
+
+        movl    r9,48(r11)
+
+        clrl    r9
+
+        bicl3   #-65536,24(r6),r3
+        movzwl  26(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,28(r7),r2
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-888(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-892(fp)
+        mull2   r0,r4
+        addl3   -888(fp),-892(fp),r0
+        bicl3   #0,r0,-888(fp)
+        cmpl    -888(fp),-892(fp)
+        bgequ   noname.289
+        addl2   #65536,r4
+noname.289:
+        movzwl  -886(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-888(fp),r0
+        ashl    #16,r0,-892(fp)
+        addl2   -892(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-892(fp)
+        bgequ   noname.290
+        incl    r4
+noname.290:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.291
+        incl    r2
+noname.291:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.292
+        incl    r9
+noname.292:
+
+        movzwl  30(r6),r2
+        bicl3   #-65536,24(r7),r3
+        movzwl  26(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,28(r6),-904(fp)
+        bicl3   #-65536,r2,-908(fp)
+        mull3   r0,-904(fp),-896(fp)
+        mull2   r3,-904(fp)
+        mull3   r3,-908(fp),-900(fp)
+        mull2   r0,-908(fp)
+        addl3   -896(fp),-900(fp),r0
+        bicl3   #0,r0,-896(fp)
+        cmpl    -896(fp),-900(fp)
+        bgequ   noname.293
+        addl2   #65536,-908(fp)
+noname.293:
+        movzwl  -894(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-908(fp)
+        bicl3   #-65536,-896(fp),r0
+        ashl    #16,r0,-900(fp)
+        addl3   -900(fp),-904(fp),r0
+        bicl3   #0,r0,-904(fp)
+        cmpl    -904(fp),-900(fp)
+        bgequ   noname.294
+        incl    -908(fp)
+noname.294:
+        movl    -904(fp),r1
+        movl    -908(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.295
+        incl    r2
+noname.295:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.296
+        incl    r9
+noname.296:
+
+        movl    r8,52(r11)
+
+        clrl    r8
+
+        movzwl  30(r6),r2
+        bicl3   #-65536,28(r7),r3
+        movzwl  30(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,28(r6),-920(fp)
+        bicl3   #-65536,r2,-924(fp)
+        mull3   r0,-920(fp),-912(fp)
+        mull2   r3,-920(fp)
+        mull3   r3,-924(fp),-916(fp)
+        mull2   r0,-924(fp)
+        addl3   -912(fp),-916(fp),r0
+        bicl3   #0,r0,-912(fp)
+        cmpl    -912(fp),-916(fp)
+        bgequ   noname.297
+        addl2   #65536,-924(fp)
+noname.297:
+        movzwl  -910(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-924(fp)
+        bicl3   #-65536,-912(fp),r0
+        ashl    #16,r0,-916(fp)
+        addl3   -916(fp),-920(fp),r0
+        bicl3   #0,r0,-920(fp)
+        cmpl    -920(fp),-916(fp)
+        bgequ   noname.298
+        incl    -924(fp)
+noname.298:
+        movl    -920(fp),r1
+        movl    -924(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.299
+        incl    r2
+noname.299:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.300
+        incl    r8
+noname.300:
+
+        movl    r10,56(r11)
+
+        movl    r9,60(r11)
+
+        ret     
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)     n       by value (input)
+
+        .psect  code,nowrt
+
+.entry  BN_MUL_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+        movab   -156(sp),sp
+
+        clrq    r9
+
+        clrl    r8
+
+        movl    8(ap),r6
+        bicl3   #-65536,(r6),r3
+        movzwl  2(r6),r2
+        bicl2   #-65536,r2
+        movl    12(ap),r7
+        bicl3   #-65536,(r7),r1
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r2,r4
+        mull3   r0,r5,-4(fp)
+        mull2   r1,r5
+        mull3   r1,r4,-8(fp)
+        mull2   r0,r4
+        addl3   -4(fp),-8(fp),r0
+        bicl3   #0,r0,-4(fp)
+        cmpl    -4(fp),-8(fp)
+        bgequ   noname.303
+        addl2   #65536,r4
+noname.303:
+        movzwl  -2(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-4(fp),r0
+        ashl    #16,r0,-8(fp)
+        addl2   -8(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-8(fp)
+        bgequ   noname.304
+        incl    r4
+noname.304:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.305
+        incl    r2
+noname.305:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.306
+        incl    r8
+noname.306:
+
+        movl    4(ap),r11
+        movl    r10,(r11)
+
+        clrl    r10
+
+        bicl3   #-65536,(r6),r3
+        movzwl  2(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r7),r2
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-12(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-16(fp)
+        mull2   r0,r4
+        addl3   -12(fp),-16(fp),r0
+        bicl3   #0,r0,-12(fp)
+        cmpl    -12(fp),-16(fp)
+        bgequ   noname.307
+        addl2   #65536,r4
+noname.307:
+        movzwl  -10(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-12(fp),r0
+        ashl    #16,r0,-16(fp)
+        addl2   -16(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-16(fp)
+        bgequ   noname.308
+        incl    r4
+noname.308:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.309
+        incl    r2
+noname.309:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.310
+        incl    r10
+noname.310:
+
+        bicl3   #-65536,4(r6),r3
+        movzwl  6(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,(r7),r2
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-20(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-24(fp)
+        mull2   r0,r4
+        addl3   -20(fp),-24(fp),r0
+        bicl3   #0,r0,-20(fp)
+        cmpl    -20(fp),-24(fp)
+        bgequ   noname.311
+        addl2   #65536,r4
+noname.311:
+        movzwl  -18(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-20(fp),r0
+        ashl    #16,r0,-24(fp)
+        addl2   -24(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-24(fp)
+        bgequ   noname.312
+        incl    r4
+noname.312:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.313
+        incl    r2
+noname.313:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.314
+        incl    r10
+noname.314:
+
+        movl    r9,4(r11)
+
+        clrl    r9
+
+        bicl3   #-65536,8(r6),r3
+        movzwl  10(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,(r7),r2
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-28(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-32(fp)
+        mull2   r0,r4
+        addl3   -28(fp),-32(fp),r0
+        bicl3   #0,r0,-28(fp)
+        cmpl    -28(fp),-32(fp)
+        bgequ   noname.315
+        addl2   #65536,r4
+noname.315:
+        movzwl  -26(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-28(fp),r0
+        ashl    #16,r0,-32(fp)
+        addl2   -32(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-32(fp)
+        bgequ   noname.316
+        incl    r4
+noname.316:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.317
+        incl    r2
+noname.317:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.318
+        incl    r9
+noname.318:
+
+        bicl3   #-65536,4(r6),r3
+        movzwl  6(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r7),r2
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-36(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-40(fp)
+        mull2   r0,r4
+        addl3   -36(fp),-40(fp),r0
+        bicl3   #0,r0,-36(fp)
+        cmpl    -36(fp),-40(fp)
+        bgequ   noname.319
+        addl2   #65536,r4
+noname.319:
+        movzwl  -34(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-36(fp),r0
+        ashl    #16,r0,-40(fp)
+        addl2   -40(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-40(fp)
+        bgequ   noname.320
+        incl    r4
+noname.320:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.321
+        incl    r2
+noname.321:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.322
+        incl    r9
+noname.322:
+
+        bicl3   #-65536,(r6),r3
+        movzwl  2(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,8(r7),r2
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-44(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-48(fp)
+        mull2   r0,r4
+        addl3   -44(fp),-48(fp),r0
+        bicl3   #0,r0,-44(fp)
+        cmpl    -44(fp),-48(fp)
+        bgequ   noname.323
+        addl2   #65536,r4
+noname.323:
+        movzwl  -42(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-44(fp),r0
+        ashl    #16,r0,-48(fp)
+        addl2   -48(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-48(fp)
+        bgequ   noname.324
+        incl    r4
+noname.324:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.325
+        incl    r2
+noname.325:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.326
+        incl    r9
+noname.326:
+
+        movl    r8,8(r11)
+
+        clrl    r8
+
+        bicl3   #-65536,(r6),r3
+        movzwl  2(r6),r2
+        bicl3   #-65536,12(r7),r1
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r4
+        bicl3   #-65536,r2,-60(fp)
+        mull3   r0,r4,-52(fp)
+        mull2   r1,r4
+        mull3   r1,-60(fp),-56(fp)
+        mull2   r0,-60(fp)
+        addl3   -52(fp),-56(fp),r0
+        bicl3   #0,r0,-52(fp)
+        cmpl    -52(fp),-56(fp)
+        bgequ   noname.327
+        addl2   #65536,-60(fp)
+noname.327:
+        movzwl  -50(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-60(fp)
+        bicl3   #-65536,-52(fp),r0
+        ashl    #16,r0,-56(fp)
+        addl2   -56(fp),r4
+        bicl2   #0,r4
+        cmpl    r4,-56(fp)
+        bgequ   noname.328
+        incl    -60(fp)
+noname.328:
+        movl    r4,r1
+        movl    -60(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.329
+        incl    r2
+noname.329:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.330
+        incl    r8
+noname.330:
+
+        movzwl  6(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r6),-72(fp)
+        bicl3   #-65536,r2,-76(fp)
+        mull3   r0,-72(fp),-64(fp)
+        mull2   r3,-72(fp)
+        mull3   r3,-76(fp),-68(fp)
+        mull2   r0,-76(fp)
+        addl3   -64(fp),-68(fp),r0
+        bicl3   #0,r0,-64(fp)
+        cmpl    -64(fp),-68(fp)
+        bgequ   noname.331
+        addl2   #65536,-76(fp)
+noname.331:
+        movzwl  -62(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-76(fp)
+        bicl3   #-65536,-64(fp),r0
+        ashl    #16,r0,-68(fp)
+        addl3   -68(fp),-72(fp),r0
+        bicl3   #0,r0,-72(fp)
+        cmpl    -72(fp),-68(fp)
+        bgequ   noname.332
+        incl    -76(fp)
+noname.332:
+        movl    -72(fp),r1
+        movl    -76(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.333
+        incl    r2
+noname.333:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.334
+        incl    r8
+noname.334:
+
+        bicl3   #-65536,8(r6),r3
+        movzwl  10(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r7),r2
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-80(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-84(fp)
+        mull2   r0,r4
+        addl3   -80(fp),-84(fp),r0
+        bicl3   #0,r0,-80(fp)
+        cmpl    -80(fp),-84(fp)
+        bgequ   noname.335
+        addl2   #65536,r4
+noname.335:
+        movzwl  -78(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-80(fp),r0
+        ashl    #16,r0,-84(fp)
+        addl2   -84(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-84(fp)
+        bgequ   noname.336
+        incl    r4
+noname.336:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.337
+        incl    r2
+noname.337:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.338
+        incl    r8
+noname.338:
+
+        bicl3   #-65536,12(r6),r3
+        movzwl  14(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,(r7),r2
+        movzwl  2(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-88(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-92(fp)
+        mull2   r0,r4
+        addl3   -88(fp),-92(fp),r0
+        bicl3   #0,r0,-88(fp)
+        cmpl    -88(fp),-92(fp)
+        bgequ   noname.339
+        addl2   #65536,r4
+noname.339:
+        movzwl  -86(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-88(fp),r0
+        ashl    #16,r0,-92(fp)
+        addl2   -92(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-92(fp)
+        bgequ   noname.340
+        incl    r4
+noname.340:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.341
+        incl    r2
+noname.341:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.342
+        incl    r8
+noname.342:
+
+        movl    r10,12(r11)
+
+        clrl    r10
+
+        bicl3   #-65536,12(r6),r3
+        movzwl  14(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r7),r2
+        movzwl  6(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-96(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-100(fp)
+        mull2   r0,r4
+        addl3   -96(fp),-100(fp),r0
+        bicl3   #0,r0,-96(fp)
+        cmpl    -96(fp),-100(fp)
+        bgequ   noname.343
+        addl2   #65536,r4
+noname.343:
+        movzwl  -94(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-96(fp),r0
+        ashl    #16,r0,-100(fp)
+        addl2   -100(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-100(fp)
+        bgequ   noname.344
+        incl    r4
+noname.344:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.345
+        incl    r2
+noname.345:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.346
+        incl    r10
+noname.346:
+
+        bicl3   #-65536,8(r6),r3
+        movzwl  10(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,8(r7),r2
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-104(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-108(fp)
+        mull2   r0,r4
+        addl3   -104(fp),-108(fp),r0
+        bicl3   #0,r0,-104(fp)
+        cmpl    -104(fp),-108(fp)
+        bgequ   noname.347
+        addl2   #65536,r4
+noname.347:
+        movzwl  -102(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-104(fp),r0
+        ashl    #16,r0,-108(fp)
+        addl2   -108(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-108(fp)
+        bgequ   noname.348
+        incl    r4
+noname.348:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.349
+        incl    r2
+noname.349:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.350
+        incl    r10
+noname.350:
+
+        bicl3   #-65536,4(r6),r3
+        movzwl  6(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r7),r2
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-112(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-116(fp)
+        mull2   r0,r4
+        addl3   -112(fp),-116(fp),r0
+        bicl3   #0,r0,-112(fp)
+        cmpl    -112(fp),-116(fp)
+        bgequ   noname.351
+        addl2   #65536,r4
+noname.351:
+        movzwl  -110(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-112(fp),r0
+        ashl    #16,r0,-116(fp)
+        addl2   -116(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-116(fp)
+        bgequ   noname.352
+        incl    r4
+noname.352:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.353
+        incl    r2
+noname.353:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.354
+        incl    r10
+noname.354:
+
+        movl    r9,16(r11)
+
+        clrl    r9
+
+        bicl3   #-65536,8(r6),r3
+        movzwl  10(r6),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r7),r2
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-120(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-124(fp)
+        mull2   r0,r4
+        addl3   -120(fp),-124(fp),r0
+        bicl3   #0,r0,-120(fp)
+        cmpl    -120(fp),-124(fp)
+        bgequ   noname.355
+        addl2   #65536,r4
+noname.355:
+        movzwl  -118(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-120(fp),r0
+        ashl    #16,r0,-124(fp)
+        addl2   -124(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-124(fp)
+        bgequ   noname.356
+        incl    r4
+noname.356:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.357
+        incl    r2
+noname.357:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.358
+        incl    r9
+noname.358:
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,8(r7),r3
+        movzwl  10(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-136(fp)
+        bicl3   #-65536,r2,-140(fp)
+        mull3   r0,-136(fp),-128(fp)
+        mull2   r3,-136(fp)
+        mull3   r3,-140(fp),-132(fp)
+        mull2   r0,-140(fp)
+        addl3   -128(fp),-132(fp),r0
+        bicl3   #0,r0,-128(fp)
+        cmpl    -128(fp),-132(fp)
+        bgequ   noname.359
+        addl2   #65536,-140(fp)
+noname.359:
+        movzwl  -126(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-140(fp)
+        bicl3   #-65536,-128(fp),r0
+        ashl    #16,r0,-132(fp)
+        addl3   -132(fp),-136(fp),r0
+        bicl3   #0,r0,-136(fp)
+        cmpl    -136(fp),-132(fp)
+        bgequ   noname.360
+        incl    -140(fp)
+noname.360:
+        movl    -136(fp),r1
+        movl    -140(fp),r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.361
+        incl    r2
+noname.361:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.362
+        incl    r9
+noname.362:
+
+        movl    r8,20(r11)
+
+        clrl    r8
+
+        movzwl  14(r6),r2
+        bicl3   #-65536,12(r7),r3
+        movzwl  14(r7),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r6),-152(fp)
+        bicl3   #-65536,r2,-156(fp)
+        mull3   r0,-152(fp),-144(fp)
+        mull2   r3,-152(fp)
+        mull3   r3,-156(fp),-148(fp)
+        mull2   r0,-156(fp)
+        addl3   -144(fp),-148(fp),r0
+        bicl3   #0,r0,-144(fp)
+        cmpl    -144(fp),-148(fp)
+        bgequ   noname.363
+        addl2   #65536,-156(fp)
+noname.363:
+        movzwl  -142(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-156(fp)
+        bicl3   #-65536,-144(fp),r0
+        ashl    #16,r0,-148(fp)
+        addl3   -148(fp),-152(fp),r0
+        bicl3   #0,r0,-152(fp)
+        cmpl    -152(fp),-148(fp)
+        bgequ   noname.364
+        incl    -156(fp)
+noname.364:
+        movl    -152(fp),r1
+        movl    -156(fp),r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.365
+        incl    r2
+noname.365:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.366
+        incl    r8
+noname.366:
+
+        movl    r10,24(r11)
+
+        movl    r9,28(r11)
+
+        ret     
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)     n       by value (input)
+
+        .psect  code,nowrt
+
+.entry  BN_SQR_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9>
+        movab   -444(sp),sp
+
+        clrq    r8
+
+        clrl    r7
+
+        movl    8(ap),r4
+        movl    (r4),r3
+        bicl3   #-65536,r3,-4(fp)
+        extzv   #16,#16,r3,r0
+        bicl3   #-65536,r0,r3
+        movl    -4(fp),r0
+        mull3   r0,r3,-8(fp)
+        mull3   r0,r0,-4(fp)
+        mull2   r3,r3
+        bicl3   #32767,-8(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r3
+        bicl3   #-65536,-8(fp),r0
+        ashl    #17,r0,-8(fp)
+        addl3   -4(fp),-8(fp),r0
+        bicl3   #0,r0,-4(fp)
+        cmpl    -4(fp),-8(fp)
+        bgequ   noname.369
+        incl    r3
+noname.369:
+        movl    -4(fp),r1
+        movl    r3,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.370
+        incl    r2
+noname.370:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.371
+        incl    r7
+noname.371:
+
+        movl    r9,@4(ap)
+
+        clrl    r9
+
+        movzwl  6(r4),r2
+        bicl3   #-65536,(r4),r3
+        movzwl  2(r4),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,4(r4),-20(fp)
+        bicl3   #-65536,r2,-24(fp)
+        mull3   r0,-20(fp),-12(fp)
+        mull2   r3,-20(fp)
+        mull3   r3,-24(fp),-16(fp)
+        mull2   r0,-24(fp)
+        addl3   -12(fp),-16(fp),r0
+        bicl3   #0,r0,-12(fp)
+        cmpl    -12(fp),-16(fp)
+        bgequ   noname.372
+        addl2   #65536,-24(fp)
+noname.372:
+        movzwl  -10(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-24(fp)
+        bicl3   #-65536,-12(fp),r0
+        ashl    #16,r0,-16(fp)
+        addl3   -16(fp),-20(fp),r0
+        bicl3   #0,r0,-20(fp)
+        cmpl    -20(fp),-16(fp)
+        bgequ   noname.373
+        incl    -24(fp)
+noname.373:
+        movl    -20(fp),r3
+        movl    -24(fp),r2
+        bbc     #31,r2,noname.374
+        incl    r9
+noname.374:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.375
+        incl    r2
+noname.375:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.376
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.376
+        incl    r9
+noname.376:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.377
+        incl    r9
+noname.377:
+
+        movl    4(ap),r0
+        movl    r8,4(r0)
+
+        clrl    r8
+
+        movl    8(ap),r4
+        movl    4(r4),r3
+        bicl3   #-65536,r3,-28(fp)
+        extzv   #16,#16,r3,r0
+        bicl3   #-65536,r0,r3
+        movl    -28(fp),r0
+        mull3   r0,r3,-32(fp)
+        mull3   r0,r0,-28(fp)
+        mull2   r3,r3
+        bicl3   #32767,-32(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r3
+        bicl3   #-65536,-32(fp),r0
+        ashl    #17,r0,-32(fp)
+        addl3   -28(fp),-32(fp),r0
+        bicl3   #0,r0,-28(fp)
+        cmpl    -28(fp),-32(fp)
+        bgequ   noname.378
+        incl    r3
+noname.378:
+        movl    -28(fp),r1
+        movl    r3,r2
+        addl2   r1,r7
+        bicl2   #0,r7
+        cmpl    r7,r1
+        bgequ   noname.379
+        incl    r2
+noname.379:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.380
+        incl    r8
+noname.380:
+
+        movzwl  10(r4),r2
+        bicl3   #-65536,(r4),r3
+        movzwl  2(r4),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,8(r4),-44(fp)
+        bicl3   #-65536,r2,-48(fp)
+        mull3   r0,-44(fp),-36(fp)
+        mull2   r3,-44(fp)
+        mull3   r3,-48(fp),-40(fp)
+        mull2   r0,-48(fp)
+        addl3   -36(fp),-40(fp),r0
+        bicl3   #0,r0,-36(fp)
+        cmpl    -36(fp),-40(fp)
+        bgequ   noname.381
+        addl2   #65536,-48(fp)
+noname.381:
+        movzwl  -34(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-48(fp)
+        bicl3   #-65536,-36(fp),r0
+        ashl    #16,r0,-40(fp)
+        addl3   -40(fp),-44(fp),r0
+        bicl3   #0,r0,-44(fp)
+        cmpl    -44(fp),-40(fp)
+        bgequ   noname.382
+        incl    -48(fp)
+noname.382:
+        movl    -44(fp),r3
+        movl    -48(fp),r2
+        bbc     #31,r2,noname.383
+        incl    r8
+noname.383:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.384
+        incl    r2
+noname.384:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.385
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.385
+        incl    r8
+noname.385:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.386
+        incl    r8
+noname.386:
+
+        movl    4(ap),r0
+        movl    r7,8(r0)
+
+        clrl    r7
+
+        movl    8(ap),r0
+        movzwl  14(r0),r2
+        bicl3   #-65536,(r0),r3
+        movzwl  2(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r0),-60(fp)
+        bicl3   #-65536,r2,-64(fp)
+        mull3   r1,-60(fp),-52(fp)
+        mull2   r3,-60(fp)
+        mull3   r3,-64(fp),-56(fp)
+        mull2   r1,-64(fp)
+        addl3   -52(fp),-56(fp),r0
+        bicl3   #0,r0,-52(fp)
+        cmpl    -52(fp),-56(fp)
+        bgequ   noname.387
+        addl2   #65536,-64(fp)
+noname.387:
+        movzwl  -50(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-64(fp)
+        bicl3   #-65536,-52(fp),r0
+        ashl    #16,r0,-56(fp)
+        addl3   -56(fp),-60(fp),r0
+        bicl3   #0,r0,-60(fp)
+        cmpl    -60(fp),-56(fp)
+        bgequ   noname.388
+        incl    -64(fp)
+noname.388:
+        movl    -60(fp),r3
+        movl    -64(fp),r2
+        bbc     #31,r2,noname.389
+        incl    r7
+noname.389:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.390
+        incl    r2
+noname.390:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.391
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.391
+        incl    r7
+noname.391:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.392
+        incl    r7
+noname.392:
+
+        movl    8(ap),r0
+        movzwl  10(r0),r2
+        bicl3   #-65536,4(r0),r3
+        movzwl  6(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,8(r0),-76(fp)
+        bicl3   #-65536,r2,-80(fp)
+        mull3   r1,-76(fp),-68(fp)
+        mull2   r3,-76(fp)
+        mull3   r3,-80(fp),-72(fp)
+        mull2   r1,-80(fp)
+        addl3   -68(fp),-72(fp),r0
+        bicl3   #0,r0,-68(fp)
+        cmpl    -68(fp),-72(fp)
+        bgequ   noname.393
+        addl2   #65536,-80(fp)
+noname.393:
+        movzwl  -66(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-80(fp)
+        bicl3   #-65536,-68(fp),r0
+        ashl    #16,r0,-72(fp)
+        addl3   -72(fp),-76(fp),r0
+        bicl3   #0,r0,-76(fp)
+        cmpl    -76(fp),-72(fp)
+        bgequ   noname.394
+        incl    -80(fp)
+noname.394:
+        movl    -76(fp),r3
+        movl    -80(fp),r2
+        bbc     #31,r2,noname.395
+        incl    r7
+noname.395:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.396
+        incl    r2
+noname.396:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.397
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.397
+        incl    r7
+noname.397:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.398
+        incl    r7
+noname.398:
+
+        movl    4(ap),r0
+        movl    r9,12(r0)
+
+        clrl    r9
+
+        movl    8(ap),r2
+        movl    8(r2),r4
+        bicl3   #-65536,r4,-84(fp)
+        extzv   #16,#16,r4,r0
+        bicl3   #-65536,r0,r4
+        movl    -84(fp),r0
+        mull3   r0,r4,-88(fp)
+        mull3   r0,r0,-84(fp)
+        mull2   r4,r4
+        bicl3   #32767,-88(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r4
+        bicl3   #-65536,-88(fp),r0
+        ashl    #17,r0,-88(fp)
+        addl3   -84(fp),-88(fp),r0
+        bicl3   #0,r0,-84(fp)
+        cmpl    -84(fp),-88(fp)
+        bgequ   noname.399
+        incl    r4
+noname.399:
+        movl    -84(fp),r1
+        movl    r4,r3
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.400
+        incl    r3
+noname.400:
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.401
+        incl    r9
+noname.401:
+
+        movzwl  14(r2),r3
+        bicl3   #-65536,4(r2),r1
+        movzwl  6(r2),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,12(r2),-100(fp)
+        bicl3   #-65536,r3,-104(fp)
+        mull3   r0,-100(fp),-92(fp)
+        mull2   r1,-100(fp)
+        mull3   r1,-104(fp),-96(fp)
+        mull2   r0,-104(fp)
+        addl3   -92(fp),-96(fp),r0
+        bicl3   #0,r0,-92(fp)
+        cmpl    -92(fp),-96(fp)
+        bgequ   noname.402
+        addl2   #65536,-104(fp)
+noname.402:
+        movzwl  -90(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-104(fp)
+        bicl3   #-65536,-92(fp),r0
+        ashl    #16,r0,-96(fp)
+        addl3   -96(fp),-100(fp),r0
+        bicl3   #0,r0,-100(fp)
+        cmpl    -100(fp),-96(fp)
+        bgequ   noname.403
+        incl    -104(fp)
+noname.403:
+        movl    -100(fp),r3
+        movl    -104(fp),r2
+        bbc     #31,r2,noname.404
+        incl    r9
+noname.404:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.405
+        incl    r2
+noname.405:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.406
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.406
+        incl    r9
+noname.406:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.407
+        incl    r9
+noname.407:
+
+        movl    8(ap),r0
+        movzwl  18(r0),r2
+        bicl3   #-65536,(r0),r3
+        movzwl  2(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r0),-116(fp)
+        bicl3   #-65536,r2,-120(fp)
+        mull3   r1,-116(fp),-108(fp)
+        mull2   r3,-116(fp)
+        mull3   r3,-120(fp),-112(fp)
+        mull2   r1,-120(fp)
+        addl3   -108(fp),-112(fp),r0
+        bicl3   #0,r0,-108(fp)
+        cmpl    -108(fp),-112(fp)
+        bgequ   noname.408
+        addl2   #65536,-120(fp)
+noname.408:
+        movzwl  -106(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-120(fp)
+        bicl3   #-65536,-108(fp),r0
+        ashl    #16,r0,-112(fp)
+        addl3   -112(fp),-116(fp),r0
+        bicl3   #0,r0,-116(fp)
+        cmpl    -116(fp),-112(fp)
+        bgequ   noname.409
+        incl    -120(fp)
+noname.409:
+        movl    -116(fp),r3
+        movl    -120(fp),r2
+        bbc     #31,r2,noname.410
+        incl    r9
+noname.410:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.411
+        incl    r2
+noname.411:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.412
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.412
+        incl    r9
+noname.412:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.413
+        incl    r9
+noname.413:
+
+        movl    4(ap),r0
+        movl    r8,16(r0)
+
+        clrl    r8
+
+        movl    8(ap),r0
+        movzwl  22(r0),r2
+        bicl3   #-65536,(r0),r3
+        movzwl  2(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r0),-132(fp)
+        bicl3   #-65536,r2,-136(fp)
+        mull3   r1,-132(fp),-124(fp)
+        mull2   r3,-132(fp)
+        mull3   r3,-136(fp),-128(fp)
+        mull2   r1,-136(fp)
+        addl3   -124(fp),-128(fp),r0
+        bicl3   #0,r0,-124(fp)
+        cmpl    -124(fp),-128(fp)
+        bgequ   noname.414
+        addl2   #65536,-136(fp)
+noname.414:
+        movzwl  -122(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-136(fp)
+        bicl3   #-65536,-124(fp),r0
+        ashl    #16,r0,-128(fp)
+        addl3   -128(fp),-132(fp),r0
+        bicl3   #0,r0,-132(fp)
+        cmpl    -132(fp),-128(fp)
+        bgequ   noname.415
+        incl    -136(fp)
+noname.415:
+        movl    -132(fp),r3
+        movl    -136(fp),r2
+        bbc     #31,r2,noname.416
+        incl    r8
+noname.416:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.417
+        incl    r2
+noname.417:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.418
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.418
+        incl    r8
+noname.418:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.419
+        incl    r8
+noname.419:
+
+        movl    8(ap),r0
+        movzwl  18(r0),r2
+        bicl3   #-65536,4(r0),r3
+        movzwl  6(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r0),-148(fp)
+        bicl3   #-65536,r2,-152(fp)
+        mull3   r1,-148(fp),-140(fp)
+        mull2   r3,-148(fp)
+        mull3   r3,-152(fp),-144(fp)
+        mull2   r1,-152(fp)
+        addl3   -140(fp),-144(fp),r0
+        bicl3   #0,r0,-140(fp)
+        cmpl    -140(fp),-144(fp)
+        bgequ   noname.420
+        addl2   #65536,-152(fp)
+noname.420:
+        movzwl  -138(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-152(fp)
+        bicl3   #-65536,-140(fp),r0
+        ashl    #16,r0,-144(fp)
+        addl3   -144(fp),-148(fp),r0
+        bicl3   #0,r0,-148(fp)
+        cmpl    -148(fp),-144(fp)
+        bgequ   noname.421
+        incl    -152(fp)
+noname.421:
+        movl    -148(fp),r3
+        movl    -152(fp),r2
+        bbc     #31,r2,noname.422
+        incl    r8
+noname.422:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.423
+        incl    r2
+noname.423:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.424
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.424
+        incl    r8
+noname.424:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.425
+        incl    r8
+noname.425:
+
+        movl    8(ap),r0
+        movzwl  14(r0),r2
+        bicl3   #-65536,8(r0),r3
+        movzwl  10(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r0),-164(fp)
+        bicl3   #-65536,r2,-168(fp)
+        mull3   r1,-164(fp),-156(fp)
+        mull2   r3,-164(fp)
+        mull3   r3,-168(fp),-160(fp)
+        mull2   r1,-168(fp)
+        addl3   -156(fp),-160(fp),r0
+        bicl3   #0,r0,-156(fp)
+        cmpl    -156(fp),-160(fp)
+        bgequ   noname.426
+        addl2   #65536,-168(fp)
+noname.426:
+        movzwl  -154(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-168(fp)
+        bicl3   #-65536,-156(fp),r0
+        ashl    #16,r0,-160(fp)
+        addl3   -160(fp),-164(fp),r0
+        bicl3   #0,r0,-164(fp)
+        cmpl    -164(fp),-160(fp)
+        bgequ   noname.427
+        incl    -168(fp)
+noname.427:
+        movl    -164(fp),r3
+        movl    -168(fp),r2
+        bbc     #31,r2,noname.428
+        incl    r8
+noname.428:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.429
+        incl    r2
+noname.429:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.430
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.430
+        incl    r8
+noname.430:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.431
+        incl    r8
+noname.431:
+
+        movl    4(ap),r0
+        movl    r7,20(r0)
+
+        clrl    r7
+
+        movl    8(ap),r2
+        movl    12(r2),r4
+        bicl3   #-65536,r4,-172(fp)
+        extzv   #16,#16,r4,r0
+        bicl3   #-65536,r0,r4
+        movl    -172(fp),r0
+        mull3   r0,r4,-176(fp)
+        mull3   r0,r0,-172(fp)
+        mull2   r4,r4
+        bicl3   #32767,-176(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r4
+        bicl3   #-65536,-176(fp),r0
+        ashl    #17,r0,-176(fp)
+        addl3   -172(fp),-176(fp),r0
+        bicl3   #0,r0,-172(fp)
+        cmpl    -172(fp),-176(fp)
+        bgequ   noname.432
+        incl    r4
+noname.432:
+        movl    -172(fp),r1
+        movl    r4,r3
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.433
+        incl    r3
+noname.433:
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.434
+        incl    r7
+noname.434:
+
+        movzwl  18(r2),r3
+        bicl3   #-65536,8(r2),r1
+        movzwl  10(r2),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,16(r2),-188(fp)
+        bicl3   #-65536,r3,-192(fp)
+        mull3   r0,-188(fp),-180(fp)
+        mull2   r1,-188(fp)
+        mull3   r1,-192(fp),-184(fp)
+        mull2   r0,-192(fp)
+        addl3   -180(fp),-184(fp),r0
+        bicl3   #0,r0,-180(fp)
+        cmpl    -180(fp),-184(fp)
+        bgequ   noname.435
+        addl2   #65536,-192(fp)
+noname.435:
+        movzwl  -178(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-192(fp)
+        bicl3   #-65536,-180(fp),r0
+        ashl    #16,r0,-184(fp)
+        addl3   -184(fp),-188(fp),r0
+        bicl3   #0,r0,-188(fp)
+        cmpl    -188(fp),-184(fp)
+        bgequ   noname.436
+        incl    -192(fp)
+noname.436:
+        movl    -188(fp),r3
+        movl    -192(fp),r2
+        bbc     #31,r2,noname.437
+        incl    r7
+noname.437:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.438
+        incl    r2
+noname.438:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.439
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.439
+        incl    r7
+noname.439:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.440
+        incl    r7
+noname.440:
+
+        movl    8(ap),r0
+        movzwl  22(r0),r2
+        bicl3   #-65536,4(r0),r3
+        movzwl  6(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r0),-204(fp)
+        bicl3   #-65536,r2,-208(fp)
+        mull3   r1,-204(fp),-196(fp)
+        mull2   r3,-204(fp)
+        mull3   r3,-208(fp),-200(fp)
+        mull2   r1,-208(fp)
+        addl3   -196(fp),-200(fp),r0
+        bicl3   #0,r0,-196(fp)
+        cmpl    -196(fp),-200(fp)
+        bgequ   noname.441
+        addl2   #65536,-208(fp)
+noname.441:
+        movzwl  -194(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-208(fp)
+        bicl3   #-65536,-196(fp),r0
+        ashl    #16,r0,-200(fp)
+        addl3   -200(fp),-204(fp),r0
+        bicl3   #0,r0,-204(fp)
+        cmpl    -204(fp),-200(fp)
+        bgequ   noname.442
+        incl    -208(fp)
+noname.442:
+        movl    -204(fp),r3
+        movl    -208(fp),r2
+        bbc     #31,r2,noname.443
+        incl    r7
+noname.443:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.444
+        incl    r2
+noname.444:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.445
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.445
+        incl    r7
+noname.445:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.446
+        incl    r7
+noname.446:
+
+        movl    8(ap),r0
+        movzwl  26(r0),r2
+        bicl3   #-65536,(r0),r3
+        movzwl  2(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,24(r0),-220(fp)
+        bicl3   #-65536,r2,-224(fp)
+        mull3   r1,-220(fp),-212(fp)
+        mull2   r3,-220(fp)
+        mull3   r3,-224(fp),-216(fp)
+        mull2   r1,-224(fp)
+        addl3   -212(fp),-216(fp),r0
+        bicl3   #0,r0,-212(fp)
+        cmpl    -212(fp),-216(fp)
+        bgequ   noname.447
+        addl2   #65536,-224(fp)
+noname.447:
+        movzwl  -210(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-224(fp)
+        bicl3   #-65536,-212(fp),r0
+        ashl    #16,r0,-216(fp)
+        addl3   -216(fp),-220(fp),r0
+        bicl3   #0,r0,-220(fp)
+        cmpl    -220(fp),-216(fp)
+        bgequ   noname.448
+        incl    -224(fp)
+noname.448:
+        movl    -220(fp),r3
+        movl    -224(fp),r2
+        bbc     #31,r2,noname.449
+        incl    r7
+noname.449:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.450
+        incl    r2
+noname.450:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.451
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.451
+        incl    r7
+noname.451:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.452
+        incl    r7
+noname.452:
+
+        movl    4(ap),r0
+        movl    r9,24(r0)
+
+        clrl    r9
+
+        movl    8(ap),r0
+        movzwl  30(r0),r2
+        bicl3   #-65536,(r0),r3
+        movzwl  2(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,28(r0),-236(fp)
+        bicl3   #-65536,r2,-240(fp)
+        mull3   r1,-236(fp),-228(fp)
+        mull2   r3,-236(fp)
+        mull3   r3,-240(fp),-232(fp)
+        mull2   r1,-240(fp)
+        addl3   -228(fp),-232(fp),r0
+        bicl3   #0,r0,-228(fp)
+        cmpl    -228(fp),-232(fp)
+        bgequ   noname.453
+        addl2   #65536,-240(fp)
+noname.453:
+        movzwl  -226(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-240(fp)
+        bicl3   #-65536,-228(fp),r0
+        ashl    #16,r0,-232(fp)
+        addl3   -232(fp),-236(fp),r0
+        bicl3   #0,r0,-236(fp)
+        cmpl    -236(fp),-232(fp)
+        bgequ   noname.454
+        incl    -240(fp)
+noname.454:
+        movl    -236(fp),r3
+        movl    -240(fp),r2
+        bbc     #31,r2,noname.455
+        incl    r9
+noname.455:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.456
+        incl    r2
+noname.456:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.457
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.457
+        incl    r9
+noname.457:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.458
+        incl    r9
+noname.458:
+
+        movl    8(ap),r0
+        movzwl  26(r0),r2
+        bicl3   #-65536,4(r0),r3
+        movzwl  6(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,24(r0),-252(fp)
+        bicl3   #-65536,r2,-256(fp)
+        mull3   r1,-252(fp),-244(fp)
+        mull2   r3,-252(fp)
+        mull3   r3,-256(fp),-248(fp)
+        mull2   r1,-256(fp)
+        addl3   -244(fp),-248(fp),r0
+        bicl3   #0,r0,-244(fp)
+        cmpl    -244(fp),-248(fp)
+        bgequ   noname.459
+        addl2   #65536,-256(fp)
+noname.459:
+        movzwl  -242(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-256(fp)
+        bicl3   #-65536,-244(fp),r0
+        ashl    #16,r0,-248(fp)
+        addl3   -248(fp),-252(fp),r0
+        bicl3   #0,r0,-252(fp)
+        cmpl    -252(fp),-248(fp)
+        bgequ   noname.460
+        incl    -256(fp)
+noname.460:
+        movl    -252(fp),r3
+        movl    -256(fp),r2
+        bbc     #31,r2,noname.461
+        incl    r9
+noname.461:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.462
+        incl    r2
+noname.462:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.463
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.463
+        incl    r9
+noname.463:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.464
+        incl    r9
+noname.464:
+
+        movl    8(ap),r0
+        movzwl  22(r0),r2
+        bicl3   #-65536,8(r0),r3
+        movzwl  10(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r0),-268(fp)
+        bicl3   #-65536,r2,-272(fp)
+        mull3   r1,-268(fp),-260(fp)
+        mull2   r3,-268(fp)
+        mull3   r3,-272(fp),-264(fp)
+        mull2   r1,-272(fp)
+        addl3   -260(fp),-264(fp),r0
+        bicl3   #0,r0,-260(fp)
+        cmpl    -260(fp),-264(fp)
+        bgequ   noname.465
+        addl2   #65536,-272(fp)
+noname.465:
+        movzwl  -258(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-272(fp)
+        bicl3   #-65536,-260(fp),r0
+        ashl    #16,r0,-264(fp)
+        addl3   -264(fp),-268(fp),r0
+        bicl3   #0,r0,-268(fp)
+        cmpl    -268(fp),-264(fp)
+        bgequ   noname.466
+        incl    -272(fp)
+noname.466:
+        movl    -268(fp),r3
+        movl    -272(fp),r2
+        bbc     #31,r2,noname.467
+        incl    r9
+noname.467:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.468
+        incl    r2
+noname.468:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.469
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.469
+        incl    r9
+noname.469:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.470
+        incl    r9
+noname.470:
+
+        movl    8(ap),r0
+        movzwl  18(r0),r2
+        bicl3   #-65536,12(r0),r3
+        movzwl  14(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r0),-284(fp)
+        bicl3   #-65536,r2,-288(fp)
+        mull3   r1,-284(fp),-276(fp)
+        mull2   r3,-284(fp)
+        mull3   r3,-288(fp),-280(fp)
+        mull2   r1,-288(fp)
+        addl3   -276(fp),-280(fp),r0
+        bicl3   #0,r0,-276(fp)
+        cmpl    -276(fp),-280(fp)
+        bgequ   noname.471
+        addl2   #65536,-288(fp)
+noname.471:
+        movzwl  -274(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-288(fp)
+        bicl3   #-65536,-276(fp),r0
+        ashl    #16,r0,-280(fp)
+        addl3   -280(fp),-284(fp),r0
+        bicl3   #0,r0,-284(fp)
+        cmpl    -284(fp),-280(fp)
+        bgequ   noname.472
+        incl    -288(fp)
+noname.472:
+        movl    -284(fp),r3
+        movl    -288(fp),r2
+        bbc     #31,r2,noname.473
+        incl    r9
+noname.473:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.474
+        incl    r2
+noname.474:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.475
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.475
+        incl    r9
+noname.475:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.476
+        incl    r9
+noname.476:
+
+        movl    4(ap),r0
+        movl    r8,28(r0)
+
+        clrl    r8
+
+        movl    8(ap),r3
+        movl    16(r3),r4
+        bicl3   #-65536,r4,r5
+        extzv   #16,#16,r4,r0
+        bicl3   #-65536,r0,r4
+        mull3   r5,r4,-292(fp)
+        mull2   r5,r5
+        mull2   r4,r4
+        bicl3   #32767,-292(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r4
+        bicl3   #-65536,-292(fp),r0
+        ashl    #17,r0,-292(fp)
+        addl2   -292(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-292(fp)
+        bgequ   noname.477
+        incl    r4
+noname.477:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r7
+        bicl2   #0,r7
+        cmpl    r7,r1
+        bgequ   noname.478
+        incl    r2
+noname.478:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.479
+        incl    r8
+noname.479:
+
+        bicl3   #-65536,20(r3),r4
+        movzwl  22(r3),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r3),r2
+        movzwl  14(r3),r0
+        bicl2   #-65536,r0
+        movl    r4,r6
+        movl    r1,r5
+        mull3   r0,r6,-296(fp)
+        mull2   r2,r6
+        mull3   r2,r5,-300(fp)
+        mull2   r0,r5
+        addl3   -296(fp),-300(fp),r0
+        bicl3   #0,r0,-296(fp)
+        cmpl    -296(fp),-300(fp)
+        bgequ   noname.480
+        addl2   #65536,r5
+noname.480:
+        movzwl  -294(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r5
+        bicl3   #-65536,-296(fp),r0
+        ashl    #16,r0,-300(fp)
+        addl2   -300(fp),r6
+        bicl2   #0,r6
+        cmpl    r6,-300(fp)
+        bgequ   noname.481
+        incl    r5
+noname.481:
+        movl    r6,r3
+        movl    r5,r2
+        bbc     #31,r2,noname.482
+        incl    r8
+noname.482:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.483
+        incl    r2
+noname.483:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.484
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.484
+        incl    r8
+noname.484:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.485
+        incl    r8
+noname.485:
+
+        movl    8(ap),r0
+        bicl3   #-65536,24(r0),r3
+        movzwl  26(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,8(r0),r2
+        movzwl  10(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-304(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-308(fp)
+        mull2   r0,r4
+        addl3   -304(fp),-308(fp),r0
+        bicl3   #0,r0,-304(fp)
+        cmpl    -304(fp),-308(fp)
+        bgequ   noname.486
+        addl2   #65536,r4
+noname.486:
+        movzwl  -302(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-304(fp),r0
+        ashl    #16,r0,-308(fp)
+        addl2   -308(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-308(fp)
+        bgequ   noname.487
+        incl    r4
+noname.487:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.488
+        incl    r8
+noname.488:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.489
+        incl    r2
+noname.489:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.490
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.490
+        incl    r8
+noname.490:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.491
+        incl    r8
+noname.491:
+
+        movl    8(ap),r0
+        bicl3   #-65536,28(r0),r3
+        movzwl  30(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r0),r2
+        movzwl  6(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-312(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-316(fp)
+        mull2   r0,r4
+        addl3   -312(fp),-316(fp),r0
+        bicl3   #0,r0,-312(fp)
+        cmpl    -312(fp),-316(fp)
+        bgequ   noname.492
+        addl2   #65536,r4
+noname.492:
+        movzwl  -310(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-312(fp),r0
+        ashl    #16,r0,-316(fp)
+        addl2   -316(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-316(fp)
+        bgequ   noname.493
+        incl    r4
+noname.493:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.494
+        incl    r8
+noname.494:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.495
+        incl    r2
+noname.495:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.496
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.496
+        incl    r8
+noname.496:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.497
+        incl    r8
+noname.497:
+
+        movl    4(ap),r0
+        movl    r7,32(r0)
+
+        clrl    r7
+
+        movl    8(ap),r0
+        bicl3   #-65536,28(r0),r3
+        movzwl  30(r0),r2
+        bicl3   #-65536,8(r0),r1
+        movzwl  10(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r4
+        bicl3   #-65536,r2,-328(fp)
+        mull3   r0,r4,-320(fp)
+        mull2   r1,r4
+        mull3   r1,-328(fp),-324(fp)
+        mull2   r0,-328(fp)
+        addl3   -320(fp),-324(fp),r0
+        bicl3   #0,r0,-320(fp)
+        cmpl    -320(fp),-324(fp)
+        bgequ   noname.498
+        addl2   #65536,-328(fp)
+noname.498:
+        movzwl  -318(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-328(fp)
+        bicl3   #-65536,-320(fp),r0
+        ashl    #16,r0,-324(fp)
+        addl2   -324(fp),r4
+        bicl2   #0,r4
+        cmpl    r4,-324(fp)
+        bgequ   noname.499
+        incl    -328(fp)
+noname.499:
+        movl    r4,r3
+        movl    -328(fp),r2
+        bbc     #31,r2,noname.500
+        incl    r7
+noname.500:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.501
+        incl    r2
+noname.501:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.502
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.502
+        incl    r7
+noname.502:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.503
+        incl    r7
+noname.503:
+
+        movl    8(ap),r0
+        movzwl  26(r0),r2
+        bicl3   #-65536,12(r0),r3
+        movzwl  14(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,24(r0),-340(fp)
+        bicl3   #-65536,r2,-344(fp)
+        mull3   r1,-340(fp),-332(fp)
+        mull2   r3,-340(fp)
+        mull3   r3,-344(fp),-336(fp)
+        mull2   r1,-344(fp)
+        addl3   -332(fp),-336(fp),r0
+        bicl3   #0,r0,-332(fp)
+        cmpl    -332(fp),-336(fp)
+        bgequ   noname.504
+        addl2   #65536,-344(fp)
+noname.504:
+        movzwl  -330(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-344(fp)
+        bicl3   #-65536,-332(fp),r0
+        ashl    #16,r0,-336(fp)
+        addl3   -336(fp),-340(fp),r0
+        bicl3   #0,r0,-340(fp)
+        cmpl    -340(fp),-336(fp)
+        bgequ   noname.505
+        incl    -344(fp)
+noname.505:
+        movl    -340(fp),r3
+        movl    -344(fp),r2
+        bbc     #31,r2,noname.506
+        incl    r7
+noname.506:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.507
+        incl    r2
+noname.507:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.508
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.508
+        incl    r7
+noname.508:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.509
+        incl    r7
+noname.509:
+
+        movl    8(ap),r0
+        movzwl  22(r0),r2
+        bicl3   #-65536,16(r0),r3
+        movzwl  18(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r0),-356(fp)
+        bicl3   #-65536,r2,-360(fp)
+        mull3   r1,-356(fp),-348(fp)
+        mull2   r3,-356(fp)
+        mull3   r3,-360(fp),-352(fp)
+        mull2   r1,-360(fp)
+        addl3   -348(fp),-352(fp),r0
+        bicl3   #0,r0,-348(fp)
+        cmpl    -348(fp),-352(fp)
+        bgequ   noname.510
+        addl2   #65536,-360(fp)
+noname.510:
+        movzwl  -346(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-360(fp)
+        bicl3   #-65536,-348(fp),r0
+        ashl    #16,r0,-352(fp)
+        addl3   -352(fp),-356(fp),r0
+        bicl3   #0,r0,-356(fp)
+        cmpl    -356(fp),-352(fp)
+        bgequ   noname.511
+        incl    -360(fp)
+noname.511:
+        movl    -356(fp),r3
+        movl    -360(fp),r2
+        bbc     #31,r2,noname.512
+        incl    r7
+noname.512:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.513
+        incl    r2
+noname.513:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.514
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.514
+        incl    r7
+noname.514:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.515
+        incl    r7
+noname.515:
+
+        movl    4(ap),r0
+        movl    r9,36(r0)
+
+        clrl    r9
+
+        movl    8(ap),r3
+        movl    20(r3),r4
+        bicl3   #-65536,r4,-364(fp)
+        extzv   #16,#16,r4,r0
+        bicl3   #-65536,r0,r4
+        movl    -364(fp),r0
+        mull3   r0,r4,-368(fp)
+        mull3   r0,r0,-364(fp)
+        mull2   r4,r4
+        bicl3   #32767,-368(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r4
+        bicl3   #-65536,-368(fp),r0
+        ashl    #17,r0,-368(fp)
+        addl3   -364(fp),-368(fp),r0
+        bicl3   #0,r0,-364(fp)
+        cmpl    -364(fp),-368(fp)
+        bgequ   noname.516
+        incl    r4
+noname.516:
+        movl    -364(fp),r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.517
+        incl    r2
+noname.517:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.518
+        incl    r9
+noname.518:
+
+        bicl3   #-65536,24(r3),r4
+        movzwl  26(r3),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r3),r2
+        movzwl  18(r3),r0
+        bicl2   #-65536,r0
+        movl    r4,r6
+        movl    r1,r5
+        mull3   r0,r6,-372(fp)
+        mull2   r2,r6
+        mull3   r2,r5,-376(fp)
+        mull2   r0,r5
+        addl3   -372(fp),-376(fp),r0
+        bicl3   #0,r0,-372(fp)
+        cmpl    -372(fp),-376(fp)
+        bgequ   noname.519
+        addl2   #65536,r5
+noname.519:
+        movzwl  -370(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r5
+        bicl3   #-65536,-372(fp),r0
+        ashl    #16,r0,-376(fp)
+        addl2   -376(fp),r6
+        bicl2   #0,r6
+        cmpl    r6,-376(fp)
+        bgequ   noname.520
+        incl    r5
+noname.520:
+        movl    r6,r3
+        movl    r5,r2
+        bbc     #31,r2,noname.521
+        incl    r9
+noname.521:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.522
+        incl    r2
+noname.522:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.523
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.523
+        incl    r9
+noname.523:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.524
+        incl    r9
+noname.524:
+
+        movl    8(ap),r0
+        bicl3   #-65536,28(r0),r3
+        movzwl  30(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,12(r0),r2
+        movzwl  14(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-380(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-384(fp)
+        mull2   r0,r4
+        addl3   -380(fp),-384(fp),r0
+        bicl3   #0,r0,-380(fp)
+        cmpl    -380(fp),-384(fp)
+        bgequ   noname.525
+        addl2   #65536,r4
+noname.525:
+        movzwl  -378(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-380(fp),r0
+        ashl    #16,r0,-384(fp)
+        addl2   -384(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-384(fp)
+        bgequ   noname.526
+        incl    r4
+noname.526:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.527
+        incl    r9
+noname.527:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.528
+        incl    r2
+noname.528:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.529
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.529
+        incl    r9
+noname.529:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.530
+        incl    r9
+noname.530:
+        movl    4(ap),r0
+        movl    r8,40(r0)
+
+        clrl    r8
+
+        movl    8(ap),r0
+        bicl3   #-65536,28(r0),r3
+        movzwl  30(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,16(r0),r2
+        movzwl  18(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-388(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-392(fp)
+        mull2   r0,r4
+        addl3   -388(fp),-392(fp),r0
+        bicl3   #0,r0,-388(fp)
+        cmpl    -388(fp),-392(fp)
+        bgequ   noname.531
+        addl2   #65536,r4
+noname.531:
+        movzwl  -386(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-388(fp),r0
+        ashl    #16,r0,-392(fp)
+        addl2   -392(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-392(fp)
+        bgequ   noname.532
+        incl    r4
+noname.532:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.533
+        incl    r8
+noname.533:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.534
+        incl    r2
+noname.534:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.535
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.535
+        incl    r8
+noname.535:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.536
+        incl    r8
+noname.536:
+
+        movl    8(ap),r0
+        bicl3   #-65536,24(r0),r3
+        movzwl  26(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,20(r0),r2
+        movzwl  22(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-396(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-400(fp)
+        mull2   r0,r4
+        addl3   -396(fp),-400(fp),r0
+        bicl3   #0,r0,-396(fp)
+        cmpl    -396(fp),-400(fp)
+        bgequ   noname.537
+        addl2   #65536,r4
+noname.537:
+        movzwl  -394(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-396(fp),r0
+        ashl    #16,r0,-400(fp)
+        addl2   -400(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-400(fp)
+        bgequ   noname.538
+        incl    r4
+noname.538:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.539
+        incl    r8
+noname.539:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.540
+        incl    r2
+noname.540:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r7
+        bicl2   #0,r7
+        cmpl    r7,r3
+        bgequ   noname.541
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.541
+        incl    r8
+noname.541:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.542
+        incl    r8
+noname.542:
+
+        movl    4(ap),r0
+        movl    r7,44(r0)
+
+        clrl    r7
+
+        movl    8(ap),r3
+        movl    24(r3),r4
+        bicl3   #-65536,r4,r5
+        extzv   #16,#16,r4,r0
+        bicl3   #-65536,r0,r4
+        mull3   r5,r4,-404(fp)
+        mull2   r5,r5
+        mull2   r4,r4
+        bicl3   #32767,-404(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r4
+        bicl3   #-65536,-404(fp),r0
+        ashl    #17,r0,-404(fp)
+        addl2   -404(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-404(fp)
+        bgequ   noname.543
+        incl    r4
+noname.543:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.544
+        incl    r2
+noname.544:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.545
+        incl    r7
+noname.545:
+
+        movzwl  30(r3),r2
+        bicl3   #-65536,20(r3),r1
+        movzwl  22(r3),r0
+        bicl2   #-65536,r0
+        bicl3   #-65536,28(r3),-416(fp)
+        bicl3   #-65536,r2,-420(fp)
+        mull3   r0,-416(fp),-408(fp)
+        mull2   r1,-416(fp)
+        mull3   r1,-420(fp),-412(fp)
+        mull2   r0,-420(fp)
+        addl3   -408(fp),-412(fp),r0
+        bicl3   #0,r0,-408(fp)
+        cmpl    -408(fp),-412(fp)
+        bgequ   noname.546
+        addl2   #65536,-420(fp)
+noname.546:
+        movzwl  -406(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-420(fp)
+        bicl3   #-65536,-408(fp),r0
+        ashl    #16,r0,-412(fp)
+        addl3   -412(fp),-416(fp),r0
+        bicl3   #0,r0,-416(fp)
+        cmpl    -416(fp),-412(fp)
+        bgequ   noname.547
+        incl    -420(fp)
+noname.547:
+        movl    -416(fp),r3
+        movl    -420(fp),r2
+        bbc     #31,r2,noname.548
+        incl    r7
+noname.548:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.549
+        incl    r2
+noname.549:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.550
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.550
+        incl    r7
+noname.550:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.551
+        incl    r7
+noname.551:
+
+        movl    4(ap),r0
+        movl    r9,48(r0)
+
+        clrl    r9
+
+        movl    8(ap),r0
+        movzwl  30(r0),r2
+        bicl3   #-65536,24(r0),r3
+        movzwl  26(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,28(r0),-432(fp)
+        bicl3   #-65536,r2,-436(fp)
+        mull3   r1,-432(fp),-424(fp)
+        mull2   r3,-432(fp)
+        mull3   r3,-436(fp),-428(fp)
+        mull2   r1,-436(fp)
+        addl3   -424(fp),-428(fp),r0
+        bicl3   #0,r0,-424(fp)
+        cmpl    -424(fp),-428(fp)
+        bgequ   noname.552
+        addl2   #65536,-436(fp)
+noname.552:
+        movzwl  -422(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,-436(fp)
+        bicl3   #-65536,-424(fp),r0
+        ashl    #16,r0,-428(fp)
+        addl3   -428(fp),-432(fp),r0
+        bicl3   #0,r0,-432(fp)
+        cmpl    -432(fp),-428(fp)
+        bgequ   noname.553
+        incl    -436(fp)
+noname.553:
+        movl    -432(fp),r3
+        movl    -436(fp),r2
+        bbc     #31,r2,noname.554
+        incl    r9
+noname.554:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.555
+        incl    r2
+noname.555:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.556
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.556
+        incl    r9
+noname.556:
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.557
+        incl    r9
+noname.557:
+
+        movl    4(ap),r4
+        movl    r8,52(r4)
+
+        clrl    r8
+
+        movl    8(ap),r0
+        movl    28(r0),r3
+        bicl3   #-65536,r3,-440(fp)
+        extzv   #16,#16,r3,r0
+        bicl3   #-65536,r0,r3
+        movl    -440(fp),r0
+        mull3   r0,r3,-444(fp)
+        mull3   r0,r0,-440(fp)
+        mull2   r3,r3
+        bicl3   #32767,-444(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r3
+        bicl3   #-65536,-444(fp),r0
+        ashl    #17,r0,-444(fp)
+        addl3   -440(fp),-444(fp),r0
+        bicl3   #0,r0,-440(fp)
+        cmpl    -440(fp),-444(fp)
+        bgequ   noname.558
+        incl    r3
+noname.558:
+        movl    -440(fp),r1
+        movl    r3,r2
+        addl2   r1,r7
+        bicl2   #0,r7
+        cmpl    r7,r1
+        bgequ   noname.559
+        incl    r2
+noname.559:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.560
+        incl    r8
+noname.560:
+
+        movl    r7,56(r4)
+
+        movl    r9,60(r4)
+
+        ret     
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)     n       by value (input)
+
+        .psect  code,nowrt
+
+.entry  BN_SQR_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10>
+        subl2   #44,sp
+
+        clrq    r8
+
+        clrl    r10
+
+        movl    8(ap),r5
+        movl    (r5),r3
+        bicl3   #-65536,r3,r4
+        extzv   #16,#16,r3,r0
+        bicl3   #-65536,r0,r3
+        mull3   r4,r3,-4(fp)
+        mull2   r4,r4
+        mull2   r3,r3
+        bicl3   #32767,-4(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r3
+        bicl3   #-65536,-4(fp),r0
+        ashl    #17,r0,-4(fp)
+        addl2   -4(fp),r4
+        bicl2   #0,r4
+        cmpl    r4,-4(fp)
+        bgequ   noname.563
+        incl    r3
+noname.563:
+        movl    r4,r1
+        movl    r3,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.564
+        incl    r2
+noname.564:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.565
+        incl    r10
+noname.565:
+
+        movl    r9,@4(ap)
+
+        clrl    r9
+
+        bicl3   #-65536,4(r5),r3
+        movzwl  6(r5),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,(r5),r2
+        movzwl  2(r5),r0
+        bicl2   #-65536,r0
+        movl    r3,r6
+        movl    r1,r4
+        mull3   r0,r6,-8(fp)
+        mull2   r2,r6
+        mull2   r4,r2
+        mull2   r0,r4
+        addl3   -8(fp),r2,r0
+        bicl3   #0,r0,-8(fp)
+        cmpl    -8(fp),r2
+        bgequ   noname.566
+        addl2   #65536,r4
+noname.566:
+        movzwl  -6(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-8(fp),r0
+        ashl    #16,r0,r1
+        addl2   r1,r6
+        bicl2   #0,r6
+        cmpl    r6,r1
+        bgequ   noname.567
+        incl    r4
+noname.567:
+        movl    r6,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.568
+        incl    r9
+noname.568:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.569
+        incl    r2
+noname.569:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.570
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.570
+        incl    r9
+noname.570:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.571
+        incl    r9
+noname.571:
+
+        movl    4(ap),r0
+        movl    r8,4(r0)
+
+        clrl    r8
+
+        movl    8(ap),r4
+        movl    4(r4),r3
+        bicl3   #-65536,r3,r5
+        extzv   #16,#16,r3,r0
+        bicl3   #-65536,r0,r3
+        mull3   r5,r3,r1
+        mull2   r5,r5
+        mull2   r3,r3
+        bicl3   #32767,r1,r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r3
+        bicl2   #-65536,r1
+        ashl    #17,r1,r1
+        addl2   r1,r5
+        bicl2   #0,r5
+        cmpl    r5,r1
+        bgequ   noname.572
+        incl    r3
+noname.572:
+        movl    r5,r1
+        movl    r3,r2
+        addl2   r1,r10
+        bicl2   #0,r10
+        cmpl    r10,r1
+        bgequ   noname.573
+        incl    r2
+noname.573:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.574
+        incl    r8
+noname.574:
+
+        bicl3   #-65536,8(r4),r3
+        movzwl  10(r4),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,(r4),r2
+        movzwl  2(r4),r0
+        bicl2   #-65536,r0
+        movl    r3,r6
+        movl    r1,r5
+        mull3   r0,r6,r7
+        mull2   r2,r6
+        mull2   r5,r2
+        mull2   r0,r5
+        addl2   r2,r7
+        bicl2   #0,r7
+        cmpl    r7,r2
+        bgequ   noname.575
+        addl2   #65536,r5
+noname.575:
+        extzv   #16,#16,r7,r0
+        bicl2   #-65536,r0
+        addl2   r0,r5
+        bicl3   #-65536,r7,r0
+        ashl    #16,r0,r1
+        addl2   r1,r6
+        bicl2   #0,r6
+        cmpl    r6,r1
+        bgequ   noname.576
+        incl    r5
+noname.576:
+        movl    r6,r3
+        movl    r5,r2
+        bbc     #31,r2,noname.577
+        incl    r8
+noname.577:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.578
+        incl    r2
+noname.578:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r10
+        bicl2   #0,r10
+        cmpl    r10,r3
+        bgequ   noname.579
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.579
+        incl    r8
+noname.579:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.580
+        incl    r8
+noname.580:
+
+        movl    4(ap),r0
+        movl    r10,8(r0)
+
+        clrl    r10
+
+        movl    8(ap),r0
+        bicl3   #-65536,12(r0),r3
+        movzwl  14(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,(r0),r2
+        movzwl  2(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,r6
+        mull2   r2,r5
+        mull3   r2,r4,-12(fp)
+        mull2   r0,r4
+        addl2   -12(fp),r6
+        bicl2   #0,r6
+        cmpl    r6,-12(fp)
+        bgequ   noname.581
+        addl2   #65536,r4
+noname.581:
+        extzv   #16,#16,r6,r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,r6,r0
+        ashl    #16,r0,-12(fp)
+        addl2   -12(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-12(fp)
+        bgequ   noname.582
+        incl    r4
+noname.582:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.583
+        incl    r10
+noname.583:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.584
+        incl    r2
+noname.584:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.585
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.585
+        incl    r10
+noname.585:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.586
+        incl    r10
+noname.586:
+
+        movl    8(ap),r0
+        bicl3   #-65536,8(r0),r3
+        movzwl  10(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r0),r2
+        movzwl  6(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-16(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-20(fp)
+        mull2   r0,r4
+        addl3   -16(fp),-20(fp),r0
+        bicl3   #0,r0,-16(fp)
+        cmpl    -16(fp),-20(fp)
+        bgequ   noname.587
+        addl2   #65536,r4
+noname.587:
+        movzwl  -14(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-16(fp),r0
+        ashl    #16,r0,-20(fp)
+        addl2   -20(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-20(fp)
+        bgequ   noname.588
+        incl    r4
+noname.588:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.589
+        incl    r10
+noname.589:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.590
+        incl    r2
+noname.590:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r9
+        bicl2   #0,r9
+        cmpl    r9,r3
+        bgequ   noname.591
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.591
+        incl    r10
+noname.591:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.592
+        incl    r10
+noname.592:
+        movl    4(ap),r0
+        movl    r9,12(r0)
+
+        clrl    r9
+
+        movl    8(ap),r3
+        movl    8(r3),r4
+        bicl3   #-65536,r4,r5
+        extzv   #16,#16,r4,r0
+        bicl3   #-65536,r0,r4
+        mull3   r5,r4,-24(fp)
+        mull2   r5,r5
+        mull2   r4,r4
+        bicl3   #32767,-24(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r4
+        bicl3   #-65536,-24(fp),r0
+        ashl    #17,r0,-24(fp)
+        addl2   -24(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-24(fp)
+        bgequ   noname.593
+        incl    r4
+noname.593:
+        movl    r5,r1
+        movl    r4,r2
+        addl2   r1,r8
+        bicl2   #0,r8
+        cmpl    r8,r1
+        bgequ   noname.594
+        incl    r2
+noname.594:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.595
+        incl    r9
+noname.595:
+
+        bicl3   #-65536,12(r3),r4
+        movzwl  14(r3),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,4(r3),r2
+        movzwl  6(r3),r0
+        bicl2   #-65536,r0
+        movl    r4,r6
+        movl    r1,r5
+        mull3   r0,r6,-28(fp)
+        mull2   r2,r6
+        mull3   r2,r5,-32(fp)
+        mull2   r0,r5
+        addl3   -28(fp),-32(fp),r0
+        bicl3   #0,r0,-28(fp)
+        cmpl    -28(fp),-32(fp)
+        bgequ   noname.596
+        addl2   #65536,r5
+noname.596:
+        movzwl  -26(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r5
+        bicl3   #-65536,-28(fp),r0
+        ashl    #16,r0,-32(fp)
+        addl2   -32(fp),r6
+        bicl2   #0,r6
+        cmpl    r6,-32(fp)
+        bgequ   noname.597
+        incl    r5
+noname.597:
+        movl    r6,r3
+        movl    r5,r2
+        bbc     #31,r2,noname.598
+        incl    r9
+noname.598:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.599
+        incl    r2
+noname.599:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r8
+        bicl2   #0,r8
+        cmpl    r8,r3
+        bgequ   noname.600
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.600
+        incl    r9
+noname.600:
+        addl2   r2,r10
+        bicl2   #0,r10
+        cmpl    r10,r2
+        bgequ   noname.601
+        incl    r9
+noname.601:
+
+        movl    4(ap),r0
+        movl    r8,16(r0)
+
+        clrl    r8
+
+        movl    8(ap),r0
+        bicl3   #-65536,12(r0),r3
+        movzwl  14(r0),r1
+        bicl2   #-65536,r1
+        bicl3   #-65536,8(r0),r2
+        movzwl  10(r0),r0
+        bicl2   #-65536,r0
+        movl    r3,r5
+        movl    r1,r4
+        mull3   r0,r5,-36(fp)
+        mull2   r2,r5
+        mull3   r2,r4,-40(fp)
+        mull2   r0,r4
+        addl3   -36(fp),-40(fp),r0
+        bicl3   #0,r0,-36(fp)
+        cmpl    -36(fp),-40(fp)
+        bgequ   noname.602
+        addl2   #65536,r4
+noname.602:
+        movzwl  -34(fp),r0
+        bicl2   #-65536,r0
+        addl2   r0,r4
+        bicl3   #-65536,-36(fp),r0
+        ashl    #16,r0,-40(fp)
+        addl2   -40(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-40(fp)
+        bgequ   noname.603
+        incl    r4
+noname.603:
+        movl    r5,r3
+        movl    r4,r2
+        bbc     #31,r2,noname.604
+        incl    r8
+noname.604:
+        addl2   r2,r2
+        bicl2   #0,r2
+        bbc     #31,r3,noname.605
+        incl    r2
+noname.605:
+        addl2   r3,r3
+        bicl2   #0,r3
+        addl2   r3,r10
+        bicl2   #0,r10
+        cmpl    r10,r3
+        bgequ   noname.606
+        incl    r2
+        bicl3   #0,r2,r0
+        bneq    noname.606
+        incl    r8
+noname.606:
+        addl2   r2,r9
+        bicl2   #0,r9
+        cmpl    r9,r2
+        bgequ   noname.607
+        incl    r8
+noname.607:
+
+        movl    4(ap),r4
+        movl    r10,20(r4)
+
+        clrl    r10
+
+        movl    8(ap),r0
+        movl    12(r0),r3
+        bicl3   #-65536,r3,r5
+        extzv   #16,#16,r3,r0
+        bicl3   #-65536,r0,r3
+        mull3   r5,r3,-44(fp)
+        mull2   r5,r5
+        mull2   r3,r3
+        bicl3   #32767,-44(fp),r0
+        extzv   #15,#17,r0,r0
+        addl2   r0,r3
+        bicl3   #-65536,-44(fp),r0
+        ashl    #17,r0,-44(fp)
+        addl2   -44(fp),r5
+        bicl2   #0,r5
+        cmpl    r5,-44(fp)
+        bgequ   noname.608
+        incl    r3
+noname.608:
+        movl    r5,r1
+        movl    r3,r2
+        addl2   r1,r9
+        bicl2   #0,r9
+        cmpl    r9,r1
+        bgequ   noname.609
+        incl    r2
+noname.609:
+        addl2   r2,r8
+        bicl2   #0,r8
+        cmpl    r8,r2
+        bgequ   noname.610
+        incl    r10
+noname.610:
+
+        movl    r9,24(r4)
+
+        movl    r8,28(r4)
+
+        ret     
+
+; For now, the code below doesn't work, so I end this prematurely.
+.end
+
+        .title  vax_bn_div64    division 64/32=>32
+; 
+; r.l. 16-jan-1998
+;
+; unsigned int bn_div64(unsigned long h, unsigned long l, unsigned long d)
+;       return <h,l>/d;
+;
+
+        .psect  code,nowrt
+
+h=4 ;(AP)       by value (input)
+l=8 ;(AP)       by value (input)
+d=12 ;(AP)      by value (input)
+
+.entry  bn_div64,^m<r2,r3,r4,r5,r6,r7,r8,r9>
+
+        movl    l(ap),r2        ; l
+        movl    h(ap),r3        ; h
+        movl    d(ap),r4        ; d
+        clrl    r5              ; q
+        clrl    r6              ; r
+
+        ; Treat "negative" specially
+        tstl    r3
+        blss    30$
+
+        tstl    r4
+        beql    90$
+
+        ediv    r4,r2,r5,r6
+        bvs     666$
+
+        movl    r5,r0
+        ret
+
+30$:
+        ; The theory here is to do some harmless shifting and a little
+        ; bit of rounding (brackets are to designate when decimals are
+        ; cut off):
+        ;
+        ;       result = 2 * [ ([<h,0>/2] + [d/2]) / d ] + [ l / d ]
+
+        movl    #0,r7
+        movl    r3,r8           ; copy h
+        ashq    #-1,r7,r7       ; [<h,0>/2] => <r8,r7>
+        bicl2   #^X80000000,r8  ; Remove "sign"
+
+        movl    r4,r9           ; copy d
+        ashl    #-1,r9,r9       ; [d/2] => r9
+        bicl2   #^X80000000,r9  ; Remove "sign"
+
+        addl2   r9,r7
+        adwc    #0,r8           ; [<h,0>/2] + [d/2] => <r8,r7>
+
+        ediv    r4,r7,r5,r6     ; [ ([<h,0>/2] + [d/2]) / d ] => <r5,r6>
+        bvs     666$
+
+        movl    #0,r6
+        ashq    #1,r5,r5        ; 2 * [ ([<h,0>/2] + [d/2]) / d ] => r5
+
+        movl    #0,r3
+        ediv    r4,r2,r8,r9     ; [ l / d ] => <r8,r9>
+
+        addl2   r8,r5           ;
+        bcs     666$
+
+        movl    r5,r0
+        ret
+                
+90$:
+        movl    #-1,r0
+        ret
+
+666$:
+
+        
+.end
diff --git a/src/lib/libcrypto/bn/asm/x86/f b/src/lib/libcrypto/bn/asm/x86/f
new file mode 100644
index 0000000000..22e4112224
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/x86/f
@@ -0,0 +1,3 @@
+#!/usr/local/bin/perl
+# x86 assember
+
diff --git a/src/lib/libcrypto/bn/bn.mul b/src/lib/libcrypto/bn/bn.mul
new file mode 100644
index 0000000000..9728870d38
--- /dev/null
+++ b/src/lib/libcrypto/bn/bn.mul
@@ -0,0 +1,19 @@
+We need
+
+* bn_mul_comba8
+* bn_mul_comba4
+* bn_mul_normal
+* bn_mul_recursive
+
+* bn_sqr_comba8
+* bn_sqr_comba4
+bn_sqr_normal -> BN_sqr
+* bn_sqr_recursive
+
+* bn_mul_low_recursive
+* bn_mul_low_normal
+* bn_mul_high
+
+* bn_mul_part_recursive # symetric but not power of 2
+
+bn_mul_asymetric_recursive # uneven, but do the chop up.
diff --git a/src/lib/libcrypto/bn/divtest.c b/src/lib/libcrypto/bn/divtest.c
new file mode 100644
index 0000000000..13ba86e3c4
--- /dev/null
+++ b/src/lib/libcrypto/bn/divtest.c
@@ -0,0 +1,41 @@
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+
+static int rand(n)
+{
+    unsigned char x[2];
+    RAND_pseudo_bytes(x,2);
+    return (x[0] + 2*x[1]);
+}
+
+static void bug(char *m, BIGNUM *a, BIGNUM *b)
+{
+    printf("%s!\na=",m);
+    BN_print_fp(stdout, a);
+    printf("\nb=");
+    BN_print_fp(stdout, b);
+    printf("\n");
+    fflush(stdout);
+}
+
+main()
+{
+    BIGNUM *a=BN_new(), *b=BN_new(), *c=BN_new(), *d=BN_new(),
+        *C=BN_new(), *D=BN_new();
+    BN_RECP_CTX *recp=BN_RECP_CTX_new();
+    BN_CTX *ctx=BN_CTX_new();
+
+    for(;;) {
+        BN_pseudo_rand(a,rand(),0,0);
+        BN_pseudo_rand(b,rand(),0,0);
+        if (BN_is_zero(b)) continue;
+
+        BN_RECP_CTX_set(recp,b,ctx);
+        if (BN_div(C,D,a,b,ctx) != 1)
+            bug("BN_div failed",a,b);
+        if (BN_div_recp(c,d,a,recp,ctx) != 1)
+            bug("BN_div_recp failed",a,b);
+        else if (BN_cmp(c,C) != 0 || BN_cmp(c,C) != 0)
+            bug("mismatch",a,b);
+    }
+}
diff --git a/src/lib/libcrypto/bn/exp.c b/src/lib/libcrypto/bn/exp.c
new file mode 100644
index 0000000000..ec443459d8
--- /dev/null
+++ b/src/lib/libcrypto/bn/exp.c
@@ -0,0 +1,60 @@
+#include <stdio.h>
+#include <openssl/tmdiff.h>
+#include "bn_lcl.h"
+
+#define SIZE    256
+#define NUM     (8*8*8)
+#define MOD     (8*8*8*8*8)
+
+main(argc,argv)
+int argc;
+char *argv[];
+        {
+        BN_CTX ctx;
+        BIGNUM a,b,c,r,rr,t,l;
+        int j,i,size=SIZE,num=NUM,mod=MOD;
+        char *start,*end;
+        BN_MONT_CTX mont;
+        double d,md;
+
+        BN_MONT_CTX_init(&mont);
+        BN_CTX_init(&ctx);
+        BN_init(&a);
+        BN_init(&b);
+        BN_init(&c);
+        BN_init(&r);
+
+        start=ms_time_new();
+        end=ms_time_new();
+        while (size <= 1024*8)
+                {
+                BN_rand(&a,size,0,0);
+                BN_rand(&b,size,1,0);
+                BN_rand(&c,size,0,1);
+
+                BN_mod(&a,&a,&c,&ctx);
+
+                ms_time_get(start);
+                for (i=0; i<10; i++)
+                        BN_MONT_CTX_set(&mont,&c,&ctx);
+                ms_time_get(end);
+                md=ms_time_diff(start,end);
+
+                ms_time_get(start);
+                for (i=0; i<num; i++)
+                        {
+                        /* bn_mull(&r,&a,&b,&ctx); */
+                        /* BN_sqr(&r,&a,&ctx); */
+                        BN_mod_exp_mont(&r,&a,&b,&c,&ctx,&mont);
+                        }
+                ms_time_get(end);
+                d=ms_time_diff(start,end)/* *50/33 */;
+                printf("%5d bit:%6.2f %6d %6.4f %4d m_set(%5.4f)\n",size,
+                        d,num,d/num,(int)((d/num)*mod),md/10.0);
+                num/=8;
+                mod/=8;
+                if (num <= 0) num=1;
+                size*=2;
+                }
+
+        }
diff --git a/src/lib/libcrypto/bn/todo b/src/lib/libcrypto/bn/todo
new file mode 100644
index 0000000000..e47e381aea
--- /dev/null
+++ b/src/lib/libcrypto/bn/todo
@@ -0,0 +1,3 @@
+Cache RECP_CTX values
+make the result argument independant of the inputs.
+split up the _exp_ functions
diff --git a/src/lib/libcrypto/bn/vms-helper.c b/src/lib/libcrypto/bn/vms-helper.c
new file mode 100644
index 0000000000..73af337069
--- /dev/null
+++ b/src/lib/libcrypto/bn/vms-helper.c
@@ -0,0 +1,66 @@
+/* vms-helper.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+bn_div_words_abort(int i)
+{
+#if !defined(NO_STDIO) && !defined(WIN16)
+        fprintf(stderr,"Division would overflow (%d)\n",i);
+#endif
+        abort();
+}
diff --git a/src/lib/libcrypto/crypto-lib.com b/src/lib/libcrypto/crypto-lib.com
new file mode 100644
index 0000000000..bf916528eb
--- /dev/null
+++ b/src/lib/libcrypto/crypto-lib.com
@@ -0,0 +1,1218 @@
+$!
+$!  CRYPTO-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command files compiles and creates the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" 
+$!  library for OpenSSL.  The "xxx" denotes the machine architecture of AXP
+$!  or VAX.
+$!
+$!  It was re-written so it would try to determine what "C" compiler to use 
+$!  or you can specify which "C" compiler to use.
+$!
+$!  Specify RSAREF as P1 to compile with the RSAREF library instead of
+$!  the regular one.  If you specify NORSAREF it will compile with the
+$!  regular RSAREF routines.  (Note: If you are in the United States
+$!  you MUST compile with RSAREF unless you have a license from RSA).
+$!
+$!  Note: The RSAREF libraries are NOT INCLUDED and you have to
+$!        download it from "ftp://ftp.rsa.com/rsaref".  You have to
+$!        get the ".tar-Z" file as the ".zip" file dosen't have the
+$!        directory structure stored.  You have to extract the file
+$!        into the [.RSAREF] directory under the root directory as that
+$!        is where the scripts will look for the files.
+$!
+$!  Specify DEBUG or NODEBUG as P2 to compile with or without debugger
+$!  information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!         VAXC  For VAX C.
+$!         DECC  For DEC C.
+$!         GNUC  For GNU C.
+$!
+$!  If you don't speficy a compiler, it will try to determine which
+$!  "C" compiler to use.
+$!
+$!  P4, if defined, sets a TCP/IP library to use, through one of the following
+$!  keywords:
+$!
+$!      UCX             for UCX
+$!      SOCKETSHR       for SOCKETSHR+NETLIB
+$!
+$!  P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!  P6, if defined, sets a choice of crypto methods to compile.
+$!  WARNING: this should only be done to recompile some part of an already
+$!  fully compiled library.
+$!
+$!
+$! Define A TCP/IP Library That We Will Need To Link To.
+$! (That Is, If We Need To Link To One.)
+$!
+$ TCPIP_LIB = ""
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").GE.128)
+$ THEN
+$!
+$!  The Architecture Is AXP
+$!
+$   ARCH := AXP
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH := VAX
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Define The Different Encryption Types.
+$!
+$ ENCRYPT_TYPES = ",MD2,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
+                  "DES,RC2,RC4,RC5,IDEA,BF,CAST,"+ -
+                  "BN,RSA,DSA,DH,"+ -
+                  "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ -
+                  "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
+                  "CONF,TXT_DB,PKCS7,PKCS12,COMP"
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
+$! Define The OBJ Directory.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO]
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The EXE Directory.
+$!
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library...
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'LIB_NAME'
+$!
+$! End The Library Check.
+$!
+$ ENDIF
+$!
+$! Define The Different Encryption "library" Strings.
+$!
+$ LIB_ = "cryptlib,mem,cversion,ex_data,tmdiff,cpt_err"
+$ LIB_MD2 = "md2_dgst,md2_one"
+$ LIB_MD5 = "md5_dgst,md5_one"
+$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one"
+$ LIB_MDC2 = "mdc2dgst,mdc2_one"
+$ LIB_HMAC = "hmac"
+$ LIB_RIPEMD = "rmd_dgst,rmd_one"
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
+        "ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
+        "enc_read,enc_writ,ofb64enc,"+ -
+        "ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
+        "des_enc,fcrypt_b,read2pwd,"+ -
+        "fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp,ede_cbcm_enc"
+$ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64"
+$ LIB_RC4 = "rc4_skey,rc4_enc"
+$ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
+$ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey"
+$ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64"
+$ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
+$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
+$ IF F$TRNLNM("OPENSSL_NO_ASM") .NES. "" THEN LIB_BN_ASM = "bn_asm"
+$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_mul,"+ -
+        "bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
+        "bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+",bn_recp,bn_mont,"+ -
+        "bn_mpi,bn_exp2"
+$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
+        "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk"
+$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,dsa_err"
+$ LIB_DH = "dh_gen,dh_key,dh_lib,dh_check,dh_err"
+$ LIB_BUFFER = "buffer,buf_err"
+$ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
+        "bss_mem,bss_null,bss_fd,"+ -
+        "bss_file,bss_sock,bss_conn,"+ -
+        "bf_null,bf_buff,b_print,b_dump,"+ -
+        "b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio" ! + ",bss_log" for syslog
+$ LIB_STACK = "stack"
+$ LIB_LHASH = "lhash,lh_stats"
+$ LIB_RAND = "md_rand,randfile,rand_lib"
+$ LIB_ERR = "err,err_all,err_prn"
+$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err"
+$ LIB_EVP = "encode,digest,evp_enc,evp_key,"+ -
+        "e_ecb_d,e_cbc_d,e_cfb_d,e_ofb_d,"+ -
+        "e_ecb_i,e_cbc_i,e_cfb_i,e_ofb_i,"+ -
+        "e_ecb_3d,e_cbc_3d,e_rc4,names,"+ -
+        "e_cfb_3d,e_ofb_3d,e_xcbc_d,"+ -
+        "e_ecb_r2,e_cbc_r2,e_cfb_r2,e_ofb_r2,"+ -
+        "e_ecb_bf,e_cbc_bf,e_cfb_bf,e_ofb_bf"
+$ LIB_EVP_2 = "e_ecb_c,e_cbc_c,e_cfb_c,e_ofb_c,"+ -
+        "e_ecb_r5,e_cbc_r5,e_cfb_r5,e_ofb_r5,"+ -
+        "m_null,m_md2,m_md5,m_sha,m_sha1,m_dss,m_dss1,m_mdc2,"+ -
+        "m_ripemd,"+ -
+        "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ -
+        "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ -
+        "c_all,evp_lib,bio_ok,evp_pkey,evp_pbe,p5_crpt,p5_crpt2"
+$ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
+        "a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,a_bmp,"+ -
+        "a_enum,a_vis,a_utf8,a_sign,a_digest,a_verify,"+ -
+        "x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,"+ -
+        "x_name,x_cinf,x_x509,x_crl,x_info,x_spki,nsseq,"+ -
+        "d2i_r_pr,i2d_r_pr,d2i_r_pu,i2d_r_pu,"+ -
+        "d2i_s_pr,i2d_s_pr,d2i_s_pu,i2d_s_pu,"+ -
+        "d2i_pu,d2i_pr,i2d_pu,i2d_pr"
+$ LIB_ASN1_2 = "t_req,t_x509,t_crl,t_pkey,"+ -
+        "p7_i_s,p7_signi,p7_signd,p7_recip,p7_enc_c,p7_evp,"+ -
+        "p7_dgst,p7_s_e,p7_enc,p7_lib,"+ -
+        "f_int,f_string,i2d_dhp,i2d_dsap,d2i_dhp,d2i_dsap,n_pkey,"+ -
+        "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ -
+        "asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,"+ -
+        "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey"
+$ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err"
+$ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ -
+        "x509_obj,x509_req,x509_vfy,"+ -
+        "x509_set,x509rset,x509_err,"+ -
+        "x509name,x509_v3,x509_ext,"+ -
+        "x509type,x509_lu,x_all,x509_txt,"+ -
+        "by_file,by_dir"
+$ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ -
+        "v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ -
+        "v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld"
+$ LIB_CONF = "conf,conf_err"
+$ LIB_TXT_DB = "txt_db"
+$ LIB_PKCS7 = "pk7_lib,pkcs7err,pk7_doit"
+$ LIB_PKCS12 = "p12_add,p12_attr,p12_bags,p12_crpt,p12_crt,p12_decr,"+ -
+        "p12_init,p12_key,p12_kiss,p12_lib,p12_mac,p12_mutl,"+ -
+        "p12_sbag,p12_utl,pk12err"
+$ LIB_COMP = "comp_lib,"+ -
+        "c_rle,c_zlib"
+$!
+$! Setup exceptional compilations
+$!
+$ COMPILEWITH_CC3 = ",bss_rtcp,"
+$ COMPILEWITH_CC4 = ",a_utctm,"
+$ COMPILEWITH_CC5 = ",md2_dgst,md5_dgst,mdc2dgst,sha_dgst,sha1dgst," + -
+                    "rmd_dgst,bf_enc,"
+$!
+$! Check To See If We Are Going To Use RSAREF.
+$!
+$ IF (RSAREF.EQS."TRUE" .AND. ENCRYPT_TYPES - "RSA".NES.ENCRYPT_TYPES)
+$ THEN
+$!
+$!  Check To See If The File [-.RSAREF]RSAREF.C Is Actually There.
+$!
+$   IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAREF.C").EQS."")
+$   THEN
+$!
+$!    Tell The User That The File Dosen't Exist.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The File [-.RSAREF]RSAREF.C Dosen't Exist."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Exit The Build.
+$!
+$     GOTO EXIT
+$!
+$!  End The [-.RSAREF]RSAREF.C Check.
+$!
+$   ENDIF
+$!
+$!  Tell The User We Are Compiling The [-.RSAREF]RSAREF File.
+$!
+$   WRITE SYS$OUTPUT "Compiling The [-.RSAREF]RSAREF File."
+$!
+$!  Compile [-.RSAREF]RSAREF.C
+$!
+$   CC/OBJECT='OBJ_DIR'RSAREF.OBJ SYS$DISK:[-.RSAREF]RSAREF.C
+$!
+$!  Add It To The Library.
+$!
+$   LIBRARY/REPLACE 'LIB_NAME' 'OBJ_DIR'RSAREF.OBJ
+$!
+$!  Delete The Object File.
+$!
+$   DELETE 'OBJ_DIR'RSAREF.OBJ;*
+$!
+$!  Check To See If The File [-.RSAREF]RSAR_ERR.C Is Actually There.
+$!
+$   IF (F$SEARCH("SYS$DISK:[-.RSAREF]RSAR_ERR.C").EQS."")
+$   THEN
+$!
+$!    Tell The User That The File Dosen't Exist.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The File [-.RSAREF]RSAR_ERR.C Dosen't Exist."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Exit The Build.
+$!
+$     GOTO EXIT
+$!
+$!  End The [-.RSAREF]RSAR_ERR.C File Check.
+$!
+$   ENDIF
+$!
+$!  Tell The User We Are Compiling The [-.RSAREF]RSAR_ERR File.
+$!
+$   WRITE SYS$OUTPUT "Compiling The [-.RSAREF]RSAR_ERR File."
+$!
+$!  Compile [-.RSAREF]RSAR_ERR.C
+$!
+$   CC/OBJECT='OBJ_DIR'RSAR_ERR.OBJ SYS$DISK:[-.RSAREF]RSAR_ERR.C
+$!
+$!  Add It To The Library.
+$!
+$   LIBRARY/REPLACE 'LIB_NAME' 'OBJ_DIR'RSAR_ERR.OBJ
+$!
+$!  Delete The Object File.
+$!
+$   DELETE 'OBJ_DIR'RSAR_ERR.OBJ;*
+$!
+$! End The RSAREF Check.
+$!
+$ ENDIF
+$!
+$! Figure Out What Other Modules We Are To Build.
+$!
+$ BUILD_SET:
+$!
+$! Define A Module Counter.
+$!
+$ MODULE_COUNTER = 0
+$!
+$! Top Of The Loop.
+$!
+$ MODULE_NEXT:
+$!
+$! Extract The Module Name From The Encryption List.
+$!
+$ MODULE_NAME = F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES)
+$!
+$! Check To See If We Are At The End Of The Module List.
+$!
+$ IF (MODULE_NAME.EQS.",") 
+$ THEN 
+$!
+$!  We Are At The End Of The Module List, Go To MODULE_DONE.
+$!
+$   GOTO MODULE_DONE
+$!
+$! End The Module List Check.
+$!
+$ ENDIF
+$!
+$! Increment The Moudle Counter.
+$!
+$ MODULE_COUNTER = MODULE_COUNTER + 1
+$!
+$! Tell The User What Module We Are Building.
+$!
+$ IF (MODULE_NAME.NES."") 
+$ THEN
+$   WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME," Files."
+$ ENDIF
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Create The Library Module Name.
+$!
+$ LIB_MODULE = "LIB_" + MODULE_NAME
+$ IF (MODULE_NAME.EQS."ASN1_2")
+$ THEN
+$   MODULE_NAME = "ASN1"
+$ ENDIF
+$ IF (MODULE_NAME.EQS."EVP_2")
+$ THEN
+$   MODULE_NAME = "EVP"
+$ ENDIF
+$!
+$! Check if the library module name actually is defined
+$!
+$ IF F$TYPE('LIB_MODULE') .EQS. ""
+$ THEN
+$   WRITE SYS$ERROR ""
+$   WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist.  Continuing..."
+$   WRITE SYS$ERROR ""
+$   GOTO MODULE_NEXT
+$ ENDIF
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE')
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") 
+$ THEN 
+$!
+$!  We Are At The End Of The File List, Goto FILE_DONE.
+$!
+$   GOTO FILE_DONE
+$!
+$! End The File List Check.
+$!
+$ ENDIF
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ TMP_FILE_NAME = F$ELEMENT(1,"]",FILE_NAME)
+$ IF TMP_FILE_NAME .EQS. "]" THEN TMP_FILE_NAME = FILE_NAME
+$ IF F$ELEMENT(0,".",TMP_FILE_NAME) .EQS. TMP_FILE_NAME THEN -
+        FILE_NAME = FILE_NAME + ".c"
+$ IF (MODULE_NAME.NES."")
+$ THEN
+$   SOURCE_FILE = "SYS$DISK:[." + MODULE_NAME+ "]" + FILE_NAME
+$ ELSE
+$   SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME
+$ ENDIF
+$ SOURCE_FILE = SOURCE_FILE - "]["
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Is Actually There.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   GOTO EXIT
+$!
+$! End The File Exist Check.
+$!
+$ ENDIF
+$!
+$! Tell The User We Are Compiling The File.
+$!
+$ IF (MODULE_NAME.EQS."")
+$ THEN
+     WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File."
+$ ENDIF
+$ IF (MODULE_NAME.NES."")
+$ THEN 
+$   WRITE SYS$OUTPUT "  ",FILE_NAME,""
+$ ENDIF
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME)
+$ IF FILE_NAME - ".mar" .NES. FILE_NAME
+$ THEN
+$   MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ ELSE
+$   IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3
+$   THEN
+$     CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$   ELSE
+$     IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4
+$     THEN
+$       CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$     ELSE
+$       IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
+$       THEN
+$         CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$       ELSE
+$         CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$       ENDIF
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Add It To The Library.
+$!
+$ LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE'
+$!
+$! Time To Clean Up The Object File.
+$!
+$ DELETE 'OBJECT_FILE';*
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! Go Back And Get The Next Module.
+$!
+$ GOTO MODULE_NEXT
+$!
+$! All Done With This Module.
+$!
+$ MODULE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "All Done..."
+$ EXIT:
+$ GOSUB CLEANUP
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!
+$     IF ARCH .EQS. "VAX"
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The AXP Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For AXP To Link Agianst 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The VAX/AXP DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."     
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."NORSAREF")
+$ THEN
+$!
+$!   P1 Is NORSAREF, So Compile With The Regular RSA Libraries.
+$!
+$    RSAREF = "FALSE"
+$ ELSE
+$!
+$!  Check To See If We Are To Use The RSAREF Library.
+$!
+$   IF (P1.EQS."RSAREF")
+$   THEN
+$!
+$!    Check To Make Sure We Have The RSAREF Source Code Directory.
+$!
+$     IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."")
+$     THEN
+$!
+$!      We Don't Have The RSAREF Souce Code Directory, So Tell The
+$!      User This.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code."
+$       WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'.  You have to"
+$       WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the"
+$       WRITE SYS$OUTPUT "directory structure stored.  You have to extract the file"
+$       WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory"
+$       WRITE SYS$OUTPUT "as that is where the scripts will look for the files."
+$       WRITE SYS$OUTPUT ""
+$!
+$!      Time To Exit.
+$!
+$       EXIT
+$!
+$!    Else, Compile Using The RSAREF Library.
+$!
+$     ELSE
+$       RSAREF = "TRUE"
+$     ENDIF
+$   ELSE 
+$!
+$!    They Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "     RSAREF   :  Compile With The RSAREF Library."
+$     WRITE SYS$OUTPUT "     NORSAREF :  Compile With The Regular RSA Library."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P2 Is Blank.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!   P2 Is NODEBUG, So Compile Without The Debugger Information.
+$!
+$    DEBUGGER = "NODEBUG"
+$    TRACEBACK = "NOTRACEBACK" 
+$    GCC_OPTIMIZE = "OPTIMIZE"
+$    CC_OPTIMIZE = "OPTIMIZE"
+$    MACRO_OPTIMIZE = "OPTIMIZE"
+$    WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$    WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER = "DEBUG"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     MACRO_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$   ELSE 
+$!
+$!    They Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "     DEBUG   :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "     NODEBUG :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P5.
+$!
+$ IF (P5.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P5 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     P4 = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+         .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+         .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!      Last resort: a UCX or UCX-compatible library
+$!
+$       P4 = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!      That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "VMS=1,TCPIP_TYPE_''P4'"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = ""
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+        CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
+$!
+$!  Check To See If The User Entered A Valid Paramter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+         THEN CC = "CC/DECC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
+           "/NOLIST/PREFIX=ALL/INCLUDE=SYS$DISK:[]" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."AXP"
+$     THEN
+$       WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$       EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST/INCLUDE=SYS$DISK:[]" + -
+           CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+           "/INCLUDE=SYS$DISK:[]" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Check To See If We Are To Compile With RSAREF Routines.
+$!
+$   IF (RSAREF.EQS."TRUE")
+$   THEN
+$!
+$!    Compile With RSAREF.
+$!
+$     CCDEFS = CCDEFS + ",""RSAref=1"""
+$!
+$!    Tell The User This.
+$!
+$     WRITE SYS$OUTPUT "Compiling With RSAREF Routines."
+$!
+$!    Else, We Don't Care.  Compile Without The RSAREF Library.
+$!
+$   ELSE
+$!
+$!    Tell The User We Are Compile Without The RSAREF Routines.
+$!
+$     WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines.
+$!
+$!  End The RSAREF Check.
+$!
+$   ENDIF
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
+$   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$   IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG"
+$   THEN
+$     CC5 = CC + "/OPTIMIZE=NODISJOINT"
+$   ELSE
+$     CC5 = CC + "/NOOPTIMIZE"
+$   ENDIF
+$   CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main C Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The Valid Arguement Check.
+$!
+$ ENDIF
+$!
+$! Build a MACRO command for the architecture at hand
+$!
+$ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'"
+$ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P4.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = "[-.VMS]SOCKETSHR_SHR.OPT/OPT"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P4.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     P4 = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P4.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = "[-.VMS]UCX_SHR_DECC.OPT/OPT"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = "[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+          TCPIP_LIB = "[-.VMS]UCX_SHR_VAXC.OPT/OPT"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P4," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Check if the user wanted to compile just a subset of all the encryption
+$! methods.
+$!
+$ IF P6 .NES. ""
+$ THEN
+$   ENCRYPT_TYPES = P6
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __TOP = __HERE - "CRYPTO]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL/NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the logical name OPENSSL if it had a value
+$!
+$ IF __SAVE_OPENSSL .EQS. ""
+$ THEN
+$   DEASSIGN OPENSSL
+$ ELSE
+$   DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
+$ ENDIF
+$!
+$! Done
+$!
+$ RETURN
diff --git a/src/lib/libcrypto/des/des-lib.com b/src/lib/libcrypto/des/des-lib.com
new file mode 100644
index 0000000000..2aea7a0dea
--- /dev/null
+++ b/src/lib/libcrypto/des/des-lib.com
@@ -0,0 +1,1003 @@
+$!
+$!  DES-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command files compiles and creates the 
+$!  "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" library.  The "xxx" denotes the machine 
+$!  architecture of AXP or VAX.
+$!
+$!  It was re-written to try to determine which "C" compiler to try to use
+$!  or the user can specify a compiler in P3.
+$!
+$!  Specify one of the following to build just that part, specify "ALL" to
+$!  just build everything.
+$!
+$!         ALL       To Just Build "Everything".
+$!         LIBRARY   To Just Build The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library.
+$!         DESTEST   To Just Build The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program.
+$!         SPEED     To Just Build The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program.
+$!         RPW       To Just Build The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program.
+$!         DES       To Just Build The [.xxx.EXE.CRYPTO.DES]DES.EXE Program.
+$!         DES_OPTS  To Just Build The [.xxx.EXE.CRYPTO.DES]DES_OPTS.EXE Program.
+$!
+$!  Specify either DEBUG or NODEBUG as P2 to compile with or without
+$!  debugging information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!         VAXC  For VAX C.
+$!         DECC  For DEC C.
+$!         GNUC  For GNU C.
+$!
+$!  If you don't speficy a compiler, it will try to determine which
+$!  "C" compiler to try to use.
+$!
+$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$! Make sure we know what architecture we run on.
+$!
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").GE.128)
+$ THEN
+$!
+$!  The Architecture Is AXP.
+$!
+$   ARCH := AXP
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH := VAX
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
+$! Define The OBJ Directory Name.
+$!
+$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The EXE Directory Name.
+$!
+$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ LIB_NAME := 'EXE_DIR'LIBDES.OLB
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDALL.EQS."TRUE")
+$ THEN
+$!
+$!  Since Nothing Special Was Specified, Do Everything.
+$!
+$   GOSUB LIBRARY
+$   GOSUB DESTEST
+$   GOSUB SPEED
+$   GOSUB RPW
+$   GOSUB DES
+$   GOSUB DES_OPTS
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!    Build Just What The User Wants Us To Build.
+$!
+$     GOSUB 'BUILDALL'
+$!
+$! End The BUILDALL Check.
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$ LIBRARY:
+$!
+$! Tell The User That We Are Compiling.
+$!
+$ WRITE SYS$OUTPUT "Compiling The ",LIB_NAME," Files."
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" Library...
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'LIB_NAME'
+$!
+$! End The Library Exist Check.
+$!
+$ ENDIF
+$!
+$! Define The DES Library Files.
+$!
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
+                "ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
+                "enc_read,enc_writ,ofb64enc,"+ -
+                "ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
+                "des_enc,fcrypt_b,read2pwd,"+ -
+                "fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp"
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",LIB_DES)
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$!  Tell The User We Are Compiling The Source File.
+$!
+$ WRITE SYS$OUTPUT "    ",FILE_NAME,".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + "." + ARCH + "OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The File Exists Check.
+$!
+$ ENDIF
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$!
+$! Add It To The Library.
+$!
+$ LIBRARY/REPLACE/OBJECT 'LIB_NAME' 'OBJECT_FILE'
+$!
+$! Time To Clean Up The Object File.
+$!
+$ DELETE 'OBJECT_FILE';*
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "Library ",LIB_NAME," Built."
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DESTEST Program.
+$!
+$ DESTEST:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DESTEST.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DESTEST.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DESTEST.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DESTEST.EXE"
+$!
+$! Compile The DESTEST Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DESTEST.OBJ SYS$DISK:[]DESTEST.C
+$!
+$! Link The DESTEST Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DESTEST.EXE -
+      'OBJ_DIR'DESTEST.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The SPEED Program.
+$!
+$ SPEED:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]SPEED.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File SPEED.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The SPEED.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"SPEED.EXE"
+$!
+$! Compile The SPEED Program.
+$!
+$ CC/OBJECT='OBJ_DIR'SPEED.OBJ SYS$DISK:[]SPEED.C
+$!
+$! Link The SPEED Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'SPEED.EXE -
+      'OBJ_DIR'SPEED.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The RPW Program.
+$!
+$ RPW:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]RPW.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File RPW.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The RPW.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"RPW.EXE"
+$!
+$! Compile The RPW Program.
+$!
+$ CC/OBJECT='OBJ_DIR'RPW.OBJ SYS$DISK:[]RPW.C
+$!
+$! Link The RPW Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'RPW.EXE -
+      'OBJ_DIR'RPW.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES Program.
+$!
+$ DES:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES.EXE"
+$!
+$! Compile The DES Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]DES.C
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]CBC3_ENC.C
+$!
+$! Link The DES Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES.EXE -
+      'OBJ_DIR'DES.OBJ,'OBJ_DIR'CBC3_ENC.OBJ,-
+      'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES_OPTS Program.
+$!
+$ DES_OPTS:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES_OPTS.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES_OPTS.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES_OPTS.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES_OPTS.EXE"
+$!
+$! Compile The DES_OPTS Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES_OPTS.OBJ SYS$DISK:[]DES_OPTS.C
+$!
+$! Link The DES_OPTS Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES_OPTS.EXE -
+      'OBJ_DIR'DES_OPTS.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!
+$     IF (F$GETSYI("CPU").LT.128)
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The AXP Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For AXP To Link Agianst 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The VAX/AXP DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."     
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Library Check.
+$!
+$ LIB_CHECK:
+$!
+$!  Look For The Library LIBDES.OLB.
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$!    Tell The User We Can't Find The [.xxx.CRYPTO.DES]LIBDES.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",LIB_NAME,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!    Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If We Are To "Just Build Everything".
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is "ALL", So Build Everything.
+$!
+$    BUILDALL = "TRUE"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Arguement.
+$!
+$   IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") -
+       .OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS")
+$   THEN
+$!
+$!    A Valid Arguement.
+$!
+$     BUILDALL = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything.
+$     WRITE SYS$OUTPUT "    LIBRARY  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library."
+$     WRITE SYS$OUTPUT "    DESTEST  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program."
+$     WRITE SYS$OUTPUT "    SPEED    :  To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program."
+$     WRITE SYS$OUTPUT "    RPW      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program."
+$     WRITE SYS$OUTPUT "    DES      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DES.EXE Program."
+$     WRITE SYS$OUTPUT "    DES_OPTS :  To Compile Just The [.xxx.EXE.CRYTPO.DES]DES_OPTS.EXE Program."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For: "
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Are To Compile Without Debugger Information.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!   P2 Is Blank, So Compile Without Debugger Information.
+$!
+$    DEBUGGER  = "NODEBUG"
+$    TRACEBACK = "NOTRACEBACK" 
+$    GCC_OPTIMIZE = "OPTIMIZE"
+$    CC_OPTIMIZE = "OPTIMIZE"
+$    WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$    WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later.
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN := ""
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "VMS=1"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = ""
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+        CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
+$!
+$!  Check To See If The User Entered A Valid Paramter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+         THEN CC = "CC/DECC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
+           "/NOLIST/PREFIX=ALL" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."AXP"
+$     THEN
+$       WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$       EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
diff --git a/src/lib/libcrypto/des/des.pod b/src/lib/libcrypto/des/des.pod
new file mode 100644
index 0000000000..bf479e83d2
--- /dev/null
+++ b/src/lib/libcrypto/des/des.pod
@@ -0,0 +1,217 @@
+=pod
+
+=head1 NAME
+
+des - encrypt or decrypt data using Data Encryption Standard
+
+=head1 SYNOPSIS
+
+B<des>
+(
+B<-e>
+|
+B<-E>
+) | (
+B<-d>
+|
+B<-D>
+) | (
+B<->[B<cC>][B<ckname>]
+) |
+[
+B<-b3hfs>
+] [
+B<-k>
+I<key>
+]
+] [
+B<-u>[I<uuname>]
+[
+I<input-file>
+[
+I<output-file>
+] ]
+
+=head1 NOTE
+
+This page describes the B<des> stand-alone program, not the B<openssl des>
+command.
+
+=head1 DESCRIPTION
+
+B<des>
+encrypts and decrypts data using the
+Data Encryption Standard algorithm.
+One of
+B<-e>, B<-E>
+(for encrypt) or
+B<-d>, B<-D>
+(for decrypt) must be specified.
+It is also possible to use
+B<-c>
+or
+B<-C>
+in conjunction or instead of the a encrypt/decrypt option to generate
+a 16 character hexadecimal checksum, generated via the
+I<des_cbc_cksum>.
+
+Two standard encryption modes are supported by the
+B<des>
+program, Cipher Block Chaining (the default) and Electronic Code Book
+(specified with
+B<-b>).
+
+The key used for the DES
+algorithm is obtained by prompting the user unless the
+B<-k>
+I<key>
+option is given.
+If the key is an argument to the
+B<des>
+command, it is potentially visible to users executing
+ps(1)
+or a derivative.  To minimise this possibility,
+B<des>
+takes care to destroy the key argument immediately upon entry.
+If your shell keeps a history file be careful to make sure it is not
+world readable.
+
+Since this program attempts to maintain compatibility with sunOS's
+des(1) command, there are 2 different methods used to convert the user
+supplied key to a des key.
+Whenever and one or more of
+B<-E>, B<-D>, B<-C>
+or
+B<-3>
+options are used, the key conversion procedure will not be compatible
+with the sunOS des(1) version but will use all the user supplied
+character to generate the des key.
+B<des>
+command reads from standard input unless
+I<input-file>
+is specified and writes to standard output unless
+I<output-file>
+is given.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-b>
+
+Select ECB
+(eight bytes at a time) encryption mode.
+
+=item B<-3>
+
+Encrypt using triple encryption.
+By default triple cbc encryption is used but if the
+B<-b>
+option is used then triple ECB encryption is performed.
+If the key is less than 8 characters long, the flag has no effect.
+
+=item B<-e>
+
+Encrypt data using an 8 byte key in a manner compatible with sunOS
+des(1).
+
+=item B<-E>
+
+Encrypt data using a key of nearly unlimited length (1024 bytes).
+This will product a more secure encryption.
+
+=item B<-d>
+
+Decrypt data that was encrypted with the B<-e> option.
+
+=item B<-D>
+
+Decrypt data that was encrypted with the B<-E> option.
+
+=item B<-c>
+
+Generate a 16 character hexadecimal cbc checksum and output this to
+stderr.
+If a filename was specified after the
+B<-c>
+option, the checksum is output to that file.
+The checksum is generated using a key generated in a sunOS compatible
+manner.
+
+=item B<-C>
+
+A cbc checksum is generated in the same manner as described for the
+B<-c>
+option but the DES key is generated in the same manner as used for the
+B<-E>
+and
+B<-D>
+options
+
+=item B<-f>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-s>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-k> I<key>
+
+Use the encryption 
+I<key>
+specified.
+
+=item B<-h>
+
+The
+I<key>
+is assumed to be a 16 character hexadecimal number.
+If the
+B<-3>
+option is used the key is assumed to be a 32 character hexadecimal
+number.
+
+=item B<-u>
+
+This flag is used to read and write uuencoded files.  If decrypting,
+the input file is assumed to contain uuencoded, DES encrypted data.
+If encrypting, the characters following the B<-u> are used as the name of
+the uuencoded file to embed in the begin line of the uuencoded
+output.  If there is no name specified after the B<-u>, the name text.des
+will be embedded in the header.
+
+=head1 SEE ALSO
+
+ps(1),
+L<des_crypt(3)|des_crypt(3)>
+
+=head1 BUGS
+
+The problem with using the
+B<-e>
+option is the short key length.
+It would be better to use a real 56-bit key rather than an
+ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
+radically reduces the time necessary for a brute-force cryptographic attack.
+My attempt to remove this problem is to add an alternative text-key to
+DES-key function.  This alternative function (accessed via
+B<-E>, B<-D>, B<-S>
+and
+B<-3>)
+uses DES to help generate the key.
+
+Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
+not decrypt filename (the B<-u> option will gobble the B<-d> option).
+
+The VMS operating system operates in a world where files are always a
+multiple of 512 bytes.  This causes problems when encrypted data is
+send from Unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the B<-u> option
+to uuencode the data before it is send to the VMS system.
+
+=head1 AUTHOR
+
+Eric Young (eay@cryptsoft.com)
+
+=cut
diff --git a/src/lib/libcrypto/des/des_old.c b/src/lib/libcrypto/des/des_old.c
new file mode 100644
index 0000000000..7e4cd7180d
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old.c
@@ -0,0 +1,271 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with libdes.  OpenSSL now provides
+ * functions where "des_" has been replaced with "DES_" in the names,
+ * to make it possible to make incompatible changes that are needed
+ * for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+const char *_ossl_old_des_options(void)
+        {
+        return DES_options();
+        }
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        des_key_schedule ks1,des_key_schedule ks2,
+        des_key_schedule ks3, int enc)
+        {
+        DES_ecb3_encrypt((const_DES_cblock *)input, output,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, enc);
+        }
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
+        {
+        return DES_cbc_cksum((unsigned char *)input, output, length,
+                (DES_key_schedule *)schedule, ivec);
+        }
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,
+        _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc)
+        {
+        DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, inw, outw, enc);
+        }
+void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+        long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_cfb_encrypt(in, out, numbits, length,
+                (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        des_key_schedule ks,int enc)
+        {
+        DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt(DES_LONG *data,des_key_schedule ks, int enc)
+        {
+        DES_encrypt1(data, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc)
+        {
+        DES_encrypt2(data, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+        des_key_schedule ks2, des_key_schedule ks3)
+        {
+        DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3);
+        }
+void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+        des_key_schedule ks2, des_key_schedule ks3)
+        {
+        DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3);
+        }
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
+        long length, des_key_schedule ks1, des_key_schedule ks2, 
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc)
+        {
+        DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, enc);
+        }
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, des_key_schedule ks1, des_key_schedule ks2,
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc)
+        {
+        DES_ede3_cfb64_encrypt(in, out, length,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, num, enc);
+        }
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, des_key_schedule ks1, des_key_schedule ks2,
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num)
+        {
+        DES_ede3_ofb64_encrypt(in, out, length,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, num);
+        }
+
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
+        _ossl_old_des_cblock (*out_white))
+        {
+        DES_xwhite_in2out(des_key, in_white, out_white);
+        }
+
+int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+        _ossl_old_des_cblock *iv)
+        {
+        return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
+        }
+int _ossl_old_des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+        _ossl_old_des_cblock *iv)
+        {
+        return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
+        }
+char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret)
+        {
+        return DES_fcrypt(buf, salt, ret);
+        }
+char *_ossl_old_des_crypt(const char *buf,const char *salt)
+        {
+        return DES_crypt(buf, salt);
+        }
+char *_ossl_old_crypt(const char *buf,const char *salt)
+        {
+        return DES_crypt(buf, salt);
+        }
+void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
+        int numbits,long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
+        {
+        DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
+                ivec);
+        }
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,int out_count,_ossl_old_des_cblock *seed)
+        {
+        return DES_quad_cksum((unsigned char *)input, output, length,
+                out_count, seed);
+        }
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
+        {
+        RAND_seed(key, sizeof(_ossl_old_des_cblock));
+        }
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
+        {
+        DES_random_key((DES_cblock *)ret);
+        }
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+                                int verify)
+        {
+        return DES_read_password(key, prompt, verify);
+        }
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1, _ossl_old_des_cblock *key2,
+        const char *prompt, int verify)
+        {
+        return DES_read_2passwords(key1, key2, prompt, verify);
+        }
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
+        {
+        DES_set_odd_parity(key);
+        }
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
+        {
+        return DES_is_weak_key(key);
+        }
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,des_key_schedule schedule)
+        {
+        return DES_set_key(key, (DES_key_schedule *)schedule);
+        }
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,des_key_schedule schedule)
+        {
+        return DES_key_sched(key, (DES_key_schedule *)schedule);
+        }
+void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key)
+        {
+        DES_string_to_key(str, key);
+        }
+void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2)
+        {
+        DES_string_to_2keys(str, key1, key2);
+        }
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc)
+        {
+        DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                ivec, num, enc);
+        }
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num)
+        {
+        DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                ivec, num);
+        }
diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h
new file mode 100644
index 0000000000..3778f93c15
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old.h
@@ -0,0 +1,437 @@
+/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with openssl 0.9.6 and older as
+ * well as libdes.  OpenSSL now provides functions where "des_" has
+ * been replaced with "DES_" in the names, to make it possible to
+ * make incompatible changes that are needed for C type security and
+ * other stuff.
+ *
+ * This include files has two compatibility modes:
+ *
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
+ *     that is compatible with libdes and SSLeay.
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
+ *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
+ *
+ * Note that these modes break earlier snapshots of OpenSSL, where
+ * libdes compatibility was the only available mode or (later on) the
+ * prefered compatibility mode.  However, after much consideration
+ * (and more or less violent discussions with external parties), it
+ * was concluded that OpenSSL should be compatible with earlier versions
+ * of itself before anything else.  Also, in all honesty, libdes is
+ * an old beast that shouldn't really be used any more.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will disappear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DES_OLD_H
+#define HEADER_DES_OLD_H
+
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
+#endif
+
+#ifndef HEADER_DES_H
+#error You must include des.h, not des_old.h directly.
+#endif
+
+#ifdef _KERBEROS_DES_H
+#error <openssl/des_old.h> replaces <kerberos/des.h>.
+#endif
+
+#include <openssl/opensslconf.h> /* DES_LONG */
+#include <openssl/e_os2.h>      /* OPENSSL_EXTERN */
+#include <openssl/symhacks.h>
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef unsigned char _ossl_old_des_cblock[8];
+typedef struct _ossl_old_des_ks_struct
+        {
+        union   {
+                _ossl_old_des_cblock _;
+                /* make sure things are correct size on machines with
+                 * 8 byte longs */
+                DES_LONG pad[2];
+                } ks;
+        } _ossl_old_des_key_schedule[16];
+
+#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
+#define des_cblock DES_cblock
+#define const_des_cblock const_DES_cblock
+#define des_key_schedule DES_key_schedule
+#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
+#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
+#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
+        DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
+#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
+#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
+#define des_options()\
+        DES_options()
+#define des_cbc_cksum(i,o,l,k,iv)\
+        DES_cbc_cksum((i),(o),(l),&(k),(iv))
+#define des_cbc_encrypt(i,o,l,k,iv,e)\
+        DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
+#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
+#define des_ecb_encrypt(i,o,k,e)\
+        DES_ecb_encrypt((i),(o),&(k),(e))
+#define des_encrypt1(d,k,e)\
+        DES_encrypt1((d),&(k),(e))
+#define des_encrypt2(d,k,e)\
+        DES_encrypt2((d),&(k),(e))
+#define des_encrypt3(d,k1,k2,k3)\
+        DES_encrypt3((d),&(k1),&(k2),&(k3))
+#define des_decrypt3(d,k1,k2,k3)\
+        DES_decrypt3((d),&(k1),&(k2),&(k3))
+#define des_xwhite_in2out(k,i,o)\
+        DES_xwhite_in2out((k),(i),(o))
+#define des_enc_read(f,b,l,k,iv)\
+        DES_enc_read((f),(b),(l),&(k),(iv))
+#define des_enc_write(f,b,l,k,iv)\
+        DES_enc_write((f),(b),(l),&(k),(iv))
+#define des_fcrypt(b,s,r)\
+        DES_fcrypt((b),(s),(r))
+#define des_crypt(b,s)\
+        DES_crypt((b),(s))
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
+#define crypt(b,s)\
+        DES_crypt((b),(s))
+#endif
+#define des_ofb_encrypt(i,o,n,l,k,iv)\
+        DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
+#define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_quad_cksum(i,o,l,c,s)\
+        DES_quad_cksum((i),(o),(l),(c),(s))
+#define des_random_seed(k)\
+        _ossl_096_des_random_seed((k))
+#define des_random_key(r)\
+        DES_random_key((r))
+#define des_read_password(k,p,v) \
+        DES_read_password((k),(p),(v))
+#define des_read_2passwords(k1,k2,p,v) \
+        DES_read_2passwords((k1),(k2),(p),(v))
+#define des_set_odd_parity(k)\
+        DES_set_odd_parity((k))
+#define des_check_key_parity(k)\
+        DES_check_key_parity((k))
+#define des_is_weak_key(k)\
+        DES_is_weak_key((k))
+#define des_set_key(k,ks)\
+        DES_set_key((k),&(ks))
+#define des_key_sched(k,ks)\
+        DES_key_sched((k),&(ks))
+#define des_set_key_checked(k,ks)\
+        DES_set_key_checked((k),&(ks))
+#define des_set_key_unchecked(k,ks)\
+        DES_set_key_unchecked((k),&(ks))
+#define des_string_to_key(s,k)\
+        DES_string_to_key((s),(k))
+#define des_string_to_2keys(s,k1,k2)\
+        DES_string_to_2keys((s),(k1),(k2))
+#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
+#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
+                
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define des_check_key DES_check_key
+#define des_rw_mode DES_rw_mode
+#else /* libdes compatibility */
+/* Map all symbol names to _ossl_old_des_* form, so we avoid all
+   clashes with libdes */
+#define des_cblock _ossl_old_des_cblock
+#define des_key_schedule _ossl_old_des_key_schedule
+#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
+#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
+#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
+#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
+#define des_options()\
+        _ossl_old_des_options()
+#define des_cbc_cksum(i,o,l,k,iv)\
+        _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
+#define des_cbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
+#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
+#define des_ecb_encrypt(i,o,k,e)\
+        _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
+#define des_encrypt(d,k,e)\
+        _ossl_old_des_encrypt((d),(k),(e))
+#define des_encrypt2(d,k,e)\
+        _ossl_old_des_encrypt2((d),(k),(e))
+#define des_encrypt3(d,k1,k2,k3)\
+        _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
+#define des_decrypt3(d,k1,k2,k3)\
+        _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
+#define des_xwhite_in2out(k,i,o)\
+        _ossl_old_des_xwhite_in2out((k),(i),(o))
+#define des_enc_read(f,b,l,k,iv)\
+        _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
+#define des_enc_write(f,b,l,k,iv)\
+        _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
+#define des_fcrypt(b,s,r)\
+        _ossl_old_des_fcrypt((b),(s),(r))
+#define des_crypt(b,s)\
+        _ossl_old_des_crypt((b),(s))
+#define crypt(b,s)\
+        _ossl_old_crypt((b),(s))
+#define des_ofb_encrypt(i,o,n,l,k,iv)\
+        _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
+#define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_quad_cksum(i,o,l,c,s)\
+        _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
+#define des_random_seed(k)\
+        _ossl_old_des_random_seed((k))
+#define des_random_key(r)\
+        _ossl_old_des_random_key((r))
+#define des_read_password(k,p,v) \
+        _ossl_old_des_read_password((k),(p),(v))
+#define des_read_2passwords(k1,k2,p,v) \
+        _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
+#define des_set_odd_parity(k)\
+        _ossl_old_des_set_odd_parity((k))
+#define des_is_weak_key(k)\
+        _ossl_old_des_is_weak_key((k))
+#define des_set_key(k,ks)\
+        _ossl_old_des_set_key((k),(ks))
+#define des_key_sched(k,ks)\
+        _ossl_old_des_key_sched((k),(ks))
+#define des_string_to_key(s,k)\
+        _ossl_old_des_string_to_key((s),(k))
+#define des_string_to_2keys(s,k1,k2)\
+        _ossl_old_des_string_to_2keys((s),(k1),(k2))
+#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
+#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
+                
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define des_check_key DES_check_key
+#define des_rw_mode DES_rw_mode
+#endif
+
+const char *_ossl_old_des_options(void);
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        _ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, int enc);
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
+        _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
+void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+        long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        _ossl_old_des_key_schedule ks,int enc);
+void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+        _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+        _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, 
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
+        _ossl_old_des_cblock (*out_white));
+
+int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
+        _ossl_old_des_cblock *iv);
+int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
+        _ossl_old_des_cblock *iv);
+char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
+char *_ossl_old_des_crypt(const char *buf,const char *salt);
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
+char *_ossl_old_crypt(const char *buf,const char *salt);
+#endif
+void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
+        int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,int out_count,_ossl_old_des_cblock *seed);
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
+        const char *prompt,int verify);
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
+void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key);
+void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_096_des_random_seed(des_cblock *key);
+
+/* The following definitions provide compatibility with the MIT Kerberos
+ * library. The _ossl_old_des_key_schedule structure is not binary compatible. */
+
+#define _KERBEROS_DES_H
+
+#define KRBDES_ENCRYPT DES_ENCRYPT
+#define KRBDES_DECRYPT DES_DECRYPT
+
+#ifdef KERBEROS
+#  define ENCRYPT DES_ENCRYPT
+#  define DECRYPT DES_DECRYPT
+#endif
+
+#ifndef NCOMPAT
+#  define C_Block des_cblock
+#  define Key_schedule des_key_schedule
+#  define KEY_SZ DES_KEY_SZ
+#  define string_to_key des_string_to_key
+#  define read_pw_string des_read_pw_string
+#  define random_key des_random_key
+#  define pcbc_encrypt des_pcbc_encrypt
+#  define set_key des_set_key
+#  define key_sched des_key_sched
+#  define ecb_encrypt des_ecb_encrypt
+#  define cbc_encrypt des_cbc_encrypt
+#  define ncbc_encrypt des_ncbc_encrypt
+#  define xcbc_encrypt des_xcbc_encrypt
+#  define cbc_cksum des_cbc_cksum
+#  define quad_cksum des_quad_cksum
+#  define check_parity des_check_key_parity
+#endif
+
+#define des_fixup_key_parity DES_fixup_key_parity
+
+#ifdef  __cplusplus
+}
+#endif
+
+/* for DES_read_pw_string et al */
+#include <openssl/ui_compat.h>
+
+#endif
diff --git a/src/lib/libcrypto/des/des_old2.c b/src/lib/libcrypto/des/des_old2.c
new file mode 100644
index 0000000000..c8fa3ee135
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old2.c
@@ -0,0 +1,82 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with OpenSSL 0.9.6c.  OpenSSL now
+ * provides functions where "des_" has been replaced with "DES_" in
+ * the names, to make it possible to make incompatible changes that
+ * are needed for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#undef OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+void _ossl_096_des_random_seed(DES_cblock *key)
+        {
+        RAND_seed(key, sizeof(DES_cblock));
+        }
diff --git a/src/lib/libcrypto/dso/README b/src/lib/libcrypto/dso/README
new file mode 100644
index 0000000000..6ba03c5631
--- /dev/null
+++ b/src/lib/libcrypto/dso/README
@@ -0,0 +1,24 @@
+TODO
+----
+
+Find a way where name-translation can be done in a way that is
+sensitive to particular methods (ie. generic code could still do
+different path/filename substitutions on win32 to what it does on
+*nix) but doesn't assume some canonical form. Already one case
+exists where the "blah -> (libblah.so,blah.dll)" mapping doesn't
+suffice. I suspect a callback with an enumerated (or string?)
+parameter could be the way to go here ... DSO_ctrl the callback
+into place and it can be invoked to handle name translation with
+some clue to the calling code as to what kind of system it is.
+
+NOTES
+-----
+
+I've checked out HPUX (well, version 11 at least) and shl_t is
+a pointer type so it's safe to use in the way it has been in
+dso_dl.c. On the other hand, HPUX11 support dlfcn too and
+according to their man page, prefer developers to move to that.
+I'll leave Richard's changes there as I guess dso_dl is needed
+for HPUX10.20.
+
+
diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c
new file mode 100644
index 0000000000..69810fc3bb
--- /dev/null
+++ b/src/lib/libcrypto/dso/dso_dl.c
@@ -0,0 +1,251 @@
+/* dso_dl.c */
+/* Written by Richard Levitte (levitte@openssl.org) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef DSO_DL
+DSO_METHOD *DSO_METHOD_dl(void)
+       {
+       return NULL;
+       }
+#else
+
+#include <dl.h>
+
+/* Part of the hack in "dl_load" ... */
+#define DSO_MAX_TRANSLATED_SIZE 256
+
+static int dl_load(DSO *dso, const char *filename);
+static int dl_unload(DSO *dso);
+static void *dl_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname);
+#if 0
+static int dl_unbind_var(DSO *dso, char *symname, void *symptr);
+static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int dl_init(DSO *dso);
+static int dl_finish(DSO *dso);
+#endif
+static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
+
+static DSO_METHOD dso_meth_dl = {
+        "OpenSSL 'dl' shared library method",
+        dl_load,
+        dl_unload,
+        dl_bind_var,
+        dl_bind_func,
+/* For now, "unbind" doesn't exist */
+#if 0
+        NULL, /* unbind_var */
+        NULL, /* unbind_func */
+#endif
+        dl_ctrl,
+        NULL, /* init */
+        NULL  /* finish */
+        };
+
+DSO_METHOD *DSO_METHOD_dl(void)
+        {
+        return(&dso_meth_dl);
+        }
+
+/* For this DSO_METHOD, our meth_data STACK will contain;
+ * (i) the handle (shl_t) returned from shl_load().
+ * NB: I checked on HPUX11 and shl_t is itself a pointer
+ * type so the cast is safe.
+ */
+
+static int dl_load(DSO *dso, const char *filename)
+        {
+        shl_t ptr;
+        char translated[DSO_MAX_TRANSLATED_SIZE];
+        int len;
+
+        /* The same comment as in dlfcn_load applies here. bleurgh. */
+        len = strlen(filename);
+        if((dso->flags & DSO_FLAG_NAME_TRANSLATION) &&
+                        (len + 6 < DSO_MAX_TRANSLATED_SIZE) &&
+                        (strstr(filename, "/") == NULL))
+                {
+                sprintf(translated, "lib%s.so", filename);
+                ptr = shl_load(translated, BIND_IMMEDIATE, NULL);
+                }
+        else
+                ptr = shl_load(filename, BIND_IMMEDIATE, NULL);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_DL_LOAD,DSO_R_LOAD_FAILED);
+                return(0);
+                }
+        if(!sk_push(dso->meth_data, (char *)ptr))
+                {
+                DSOerr(DSO_F_DL_LOAD,DSO_R_STACK_ERROR);
+                shl_unload(ptr);
+                return(0);
+                }
+        return(1);
+        }
+
+static int dl_unload(DSO *dso)
+        {
+        shl_t ptr;
+        if(dso == NULL)
+                {
+                DSOerr(DSO_F_DL_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                return(1);
+        /* Is this statement legal? */
+        ptr = (shl_t)sk_pop(dso->meth_data);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_DL_UNLOAD,DSO_R_NULL_HANDLE);
+                /* Should push the value back onto the stack in
+                 * case of a retry. */
+                sk_push(dso->meth_data, (char *)ptr);
+                return(0);
+                }
+        shl_unload(ptr);
+        return(1);
+        }
+
+static void *dl_bind_var(DSO *dso, const char *symname)
+        {
+        shl_t ptr;
+        void *sym;
+
+        if((dso == NULL) || (symname == NULL))
+                {
+                DSOerr(DSO_F_DL_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
+                return(NULL);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                {
+                DSOerr(DSO_F_DL_BIND_VAR,DSO_R_STACK_ERROR);
+                return(NULL);
+                }
+        ptr = (shl_t)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_DL_BIND_VAR,DSO_R_NULL_HANDLE);
+                return(NULL);
+                }
+        if (shl_findsym(ptr, symname, TYPE_UNDEFINED, &sym) < 0)
+                {
+                DSOerr(DSO_F_DL_BIND_VAR,DSO_R_SYM_FAILURE);
+                return(NULL);
+                }
+        return(sym);
+        }
+
+static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
+        {
+        shl_t ptr;
+        void *sym;
+
+        if((dso == NULL) || (symname == NULL))
+                {
+                DSOerr(DSO_F_DL_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
+                return(NULL);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                {
+                DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_STACK_ERROR);
+                return(NULL);
+                }
+        ptr = (shl_t)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_NULL_HANDLE);
+                return(NULL);
+                }
+        if (shl_findsym(ptr, symname, TYPE_UNDEFINED, &sym) < 0)
+                {
+                DSOerr(DSO_F_DL_BIND_FUNC,DSO_R_SYM_FAILURE);
+                return(NULL);
+                }
+        return((DSO_FUNC_TYPE)sym);
+        }
+
+static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg)
+        {
+        if(dso == NULL)
+                {
+                DSOerr(DSO_F_DL_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                return(-1);
+                }
+        switch(cmd)
+                {
+        case DSO_CTRL_GET_FLAGS:
+                return dso->flags;
+        case DSO_CTRL_SET_FLAGS:
+                dso->flags = (int)larg;
+                return(0);
+        case DSO_CTRL_OR_FLAGS:
+                dso->flags |= (int)larg;
+                return(0);
+        default:
+                break;
+                }
+        DSOerr(DSO_F_DL_CTRL,DSO_R_UNKNOWN_COMMAND);
+        return(-1);
+        }
+
+#endif /* DSO_DL */
diff --git a/src/lib/libcrypto/dso/dso_vms.c b/src/lib/libcrypto/dso/dso_vms.c
new file mode 100644
index 0000000000..8ff7090129
--- /dev/null
+++ b/src/lib/libcrypto/dso/dso_vms.c
@@ -0,0 +1,371 @@
+/* dso_vms.c */
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#ifdef VMS
+#pragma message disable DOLLARID
+#include <lib$routines.h>
+#include <libfisdef.h>
+#include <stsdef.h>
+#include <descrip.h>
+#include <starlet.h>
+#endif
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef VMS
+DSO_METHOD *DSO_METHOD_vms(void)
+        {
+        return NULL;
+        }
+#else
+#pragma message disable DOLLARID
+
+static int vms_load(DSO *dso, const char *filename);
+static int vms_unload(DSO *dso);
+static void *vms_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname);
+#if 0
+static int vms_unbind_var(DSO *dso, char *symname, void *symptr);
+static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int vms_init(DSO *dso);
+static int vms_finish(DSO *dso);
+#endif
+static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg);
+
+static DSO_METHOD dso_meth_vms = {
+        "OpenSSL 'VMS' shared library method",
+        vms_load,
+        NULL, /* unload */
+        vms_bind_var,
+        vms_bind_func,
+/* For now, "unbind" doesn't exist */
+#if 0
+        NULL, /* unbind_var */
+        NULL, /* unbind_func */
+#endif
+        vms_ctrl,
+        NULL, /* init */
+        NULL  /* finish */
+        };
+
+/* On VMS, the only "handle" is the file name.  LIB$FIND_IMAGE_SYMBOL depends
+ * on the reference to the file name being the same for all calls regarding
+ * one shared image, so we'll just store it in an instance of the following
+ * structure and put a pointer to that instance in the meth_data stack.
+ */
+typedef struct dso_internal_st
+        {
+        /* This should contain the name only, no directory,
+         * no extension, nothing but a name. */
+        struct dsc$descriptor_s filename_dsc;
+        char filename[FILENAME_MAX+1];
+        /* This contains whatever is not in filename, if needed.
+         * Normally not defined. */
+        struct dsc$descriptor_s imagename_dsc;
+        char imagename[FILENAME_MAX+1];
+        } DSO_VMS_INTERNAL;
+
+
+DSO_METHOD *DSO_METHOD_vms(void)
+        {
+        return(&dso_meth_vms);
+        }
+
+static int vms_load(DSO *dso, const char *filename)
+        {
+        DSO_VMS_INTERNAL *p;
+        const char *sp1, *sp2;  /* Search result */
+
+        /* A file specification may look like this:
+         *
+         *      node::dev:[dir-spec]name.type;ver
+         *
+         * or (for compatibility with TOPS-20):
+         *
+         *      node::dev:<dir-spec>name.type;ver
+         *
+         * and the dir-spec uses '.' as separator.  Also, a dir-spec
+         * may consist of several parts, with mixed use of [] and <>:
+         *
+         *      [dir1.]<dir2>
+         *
+         * We need to split the file specification into the name and
+         * the rest (both before and after the name itself).
+         */
+        /* Start with trying to find the end of a dir-spec, and save the
+           position of the byte after in sp1 */
+        sp1 = strrchr(filename, ']');
+        sp2 = strrchr(filename, '>');
+        if (sp1 == NULL) sp1 = sp2;
+        if (sp2 != NULL && sp2 > sp1) sp1 = sp2;
+        if (sp1 == NULL) sp1 = strrchr(filename, ':');
+        if (sp1 == NULL)
+                sp1 = filename;
+        else
+                sp1++;          /* The byte after the found character */
+        /* Now, let's see if there's a type, and save the position in sp2 */
+        sp2 = strchr(sp1, '.');
+        /* If we found it, that's where we'll cut.  Otherwise, look for a
+           version number and save the position in sp2 */
+        if (sp2 == NULL) sp2 = strchr(sp1, ';');
+        /* If there was still nothing to find, set sp2 to point at the end of
+           the string */
+        if (sp2 == NULL) sp2 = sp1 + strlen(sp1);
+
+        /* Check that we won't get buffer overflows */
+        if (sp2 - sp1 > FILENAME_MAX
+                || (sp1 - filename) + strlen(sp2) > FILENAME_MAX)
+                {
+                DSOerr(DSO_F_VMS_LOAD,DSO_R_FILENAME_TOO_BIG);
+                return(0);
+                }
+
+        p = (DSO_VMS_INTERNAL *)OPENSSL_malloc(sizeof(DSO_VMS_INTERNAL));
+        if(p == NULL)
+                {
+                DSOerr(DSO_F_VMS_LOAD,ERR_R_MALLOC_FAILURE);
+                return(0);
+                }
+
+        strncpy(p->filename, sp1, sp2-sp1);
+        p->filename[sp2-sp1] = '\0';
+
+        strncpy(p->imagename, filename, sp1-filename);
+        p->imagename[sp1-filename] = '\0';
+        strcat(p->imagename, sp2);
+
+        p->filename_dsc.dsc$w_length = strlen(p->filename);
+        p->filename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+        p->filename_dsc.dsc$b_class = DSC$K_CLASS_S;
+        p->filename_dsc.dsc$a_pointer = p->filename;
+        p->imagename_dsc.dsc$w_length = strlen(p->imagename);
+        p->imagename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+        p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
+        p->imagename_dsc.dsc$a_pointer = p->imagename;
+
+        if(!sk_push(dso->meth_data, (char *)p))
+                {
+                DSOerr(DSO_F_VMS_LOAD,DSO_R_STACK_ERROR);
+                OPENSSL_free(p);
+                return(0);
+                }
+        return(1);
+        }
+
+/* Note that this doesn't actually unload the shared image, as there is no
+ * such thing in VMS.  Next time it get loaded again, a new copy will
+ * actually be loaded.
+ */
+static int vms_unload(DSO *dso)
+        {
+        DSO_VMS_INTERNAL *p;
+        if(dso == NULL)
+                {
+                DSOerr(DSO_F_VMS_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                return(1);
+        p = (DSO_VMS_INTERNAL *)sk_pop(dso->meth_data);
+        if(p == NULL)
+                {
+                DSOerr(DSO_F_VMS_UNLOAD,DSO_R_NULL_HANDLE);
+                return(0);
+                }
+        /* Cleanup */
+        OPENSSL_free(p);
+        return(1);
+        }
+
+/* We must do this in a separate function because of the way the exception
+   handler works (it makes this function return */
+static int do_find_symbol(DSO_VMS_INTERNAL *ptr,
+        struct dsc$descriptor_s *symname_dsc, void **sym,
+        unsigned long flags)
+        {
+        /* Make sure that signals are caught and returned instead of
+           aborting the program.  The exception handler gets unestablished
+           automatically on return from this function.  */
+        lib$establish(lib$sig_to_ret);
+
+        if(ptr->imagename_dsc.dsc$w_length)
+                return lib$find_image_symbol(&ptr->filename_dsc,
+                        symname_dsc, sym,
+                        &ptr->imagename_dsc, flags);
+        else
+                return lib$find_image_symbol(&ptr->filename_dsc,
+                        symname_dsc, sym,
+                        0, flags);
+        }
+
+void vms_bind_sym(DSO *dso, const char *symname, void **sym)
+        {
+        DSO_VMS_INTERNAL *ptr;
+        int status;
+        int flags = LIB$M_FIS_MIXEDCASE;
+        struct dsc$descriptor_s symname_dsc;
+        *sym = NULL;
+
+        symname_dsc.dsc$w_length = strlen(symname);
+        symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+        symname_dsc.dsc$b_class = DSC$K_CLASS_S;
+        symname_dsc.dsc$a_pointer = (char *)symname; /* The cast is needed */
+
+        if((dso == NULL) || (symname == NULL))
+                {
+                DSOerr(DSO_F_VMS_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
+                return;
+                }
+        if(sk_num(dso->meth_data) < 1)
+                {
+                DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_STACK_ERROR);
+                return;
+                }
+        ptr = (DSO_VMS_INTERNAL *)sk_value(dso->meth_data,
+                sk_num(dso->meth_data) - 1);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_NULL_HANDLE);
+                return;
+                }
+
+        if(dso->flags & DSO_FLAG_UPCASE_SYMBOL) flags = 0;
+
+        status = do_find_symbol(ptr, &symname_dsc, sym, flags);
+
+        if(!$VMS_STATUS_SUCCESS(status))
+                {
+                unsigned short length;
+                char errstring[257];
+                struct dsc$descriptor_s errstring_dsc;
+
+                errstring_dsc.dsc$w_length = sizeof(errstring);
+                errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+                errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
+                errstring_dsc.dsc$a_pointer = errstring;
+
+                *sym = NULL;
+
+                status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
+
+                if (!$VMS_STATUS_SUCCESS(status))
+                        lib$signal(status); /* This is really bad.  Abort!  */
+                else
+                        {
+                        errstring[length] = '\0';
+
+                        DSOerr(DSO_F_VMS_BIND_VAR,DSO_R_SYM_FAILURE);
+                        if (ptr->imagename_dsc.dsc$w_length)
+                                ERR_add_error_data(9,
+                                        "Symbol ", symname,
+                                        " in ", ptr->filename,
+                                        " (", ptr->imagename, ")",
+                                        ": ", errstring);
+                        else
+                                ERR_add_error_data(6,
+                                        "Symbol ", symname,
+                                        " in ", ptr->filename,
+                                        ": ", errstring);
+                        }
+                return;
+                }
+        return;
+        }
+
+static void *vms_bind_var(DSO *dso, const char *symname)
+        {
+        void *sym = 0;
+        vms_bind_sym(dso, symname, &sym);
+        return sym;
+        }
+
+static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname)
+        {
+        DSO_FUNC_TYPE sym = 0;
+        vms_bind_sym(dso, symname, (void **)&sym);
+        return sym;
+        }
+
+static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg)
+        {
+        if(dso == NULL)
+                {
+                DSOerr(DSO_F_VMS_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                return(-1);
+                }
+        switch(cmd)
+                {
+        case DSO_CTRL_GET_FLAGS:
+                return dso->flags;
+        case DSO_CTRL_SET_FLAGS:
+                dso->flags = (int)larg;
+                return(0);
+        case DSO_CTRL_OR_FLAGS:
+                dso->flags |= (int)larg;
+                return(0);
+        default:
+                break;
+                }
+        DSOerr(DSO_F_VMS_CTRL,DSO_R_UNKNOWN_COMMAND);
+        return(-1);
+        }
+
+#endif /* VMS */
diff --git a/src/lib/libcrypto/dso/dso_win32.c b/src/lib/libcrypto/dso/dso_win32.c
new file mode 100644
index 0000000000..7f1d904806
--- /dev/null
+++ b/src/lib/libcrypto/dso/dso_win32.c
@@ -0,0 +1,273 @@
+/* dso_win32.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef WIN32
+DSO_METHOD *DSO_METHOD_win32(void)
+        {
+        return NULL;
+        }
+#else
+
+/* Part of the hack in "win32_load" ... */
+#define DSO_MAX_TRANSLATED_SIZE 256
+
+static int win32_load(DSO *dso, const char *filename);
+static int win32_unload(DSO *dso);
+static void *win32_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname);
+#if 0
+static int win32_unbind_var(DSO *dso, char *symname, void *symptr);
+static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int win32_init(DSO *dso);
+static int win32_finish(DSO *dso);
+#endif
+static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg);
+
+static DSO_METHOD dso_meth_win32 = {
+        "OpenSSL 'win32' shared library method",
+        win32_load,
+        win32_unload,
+        win32_bind_var,
+        win32_bind_func,
+/* For now, "unbind" doesn't exist */
+#if 0
+        NULL, /* unbind_var */
+        NULL, /* unbind_func */
+#endif
+        win32_ctrl,
+        NULL, /* init */
+        NULL  /* finish */
+        };
+
+DSO_METHOD *DSO_METHOD_win32(void)
+        {
+        return(&dso_meth_win32);
+        }
+
+/* For this DSO_METHOD, our meth_data STACK will contain;
+ * (i) a pointer to the handle (HINSTANCE) returned from
+ *     LoadLibrary(), and copied.
+ */
+
+static int win32_load(DSO *dso, const char *filename)
+        {
+        HINSTANCE h, *p;
+        char translated[DSO_MAX_TRANSLATED_SIZE];
+        int len;
+
+        /* NB: This is a hideous hack, but I'm not yet sure what
+         * to replace it with. This attempts to convert any filename,
+         * that looks like it has no path information, into a
+         * translated form, e. "blah" -> "blah.dll" ... I'm more
+         * comfortable putting hacks into win32 code though ;-) */
+        len = strlen(filename);
+        if((dso->flags & DSO_FLAG_NAME_TRANSLATION) &&
+                        (len + 4 < DSO_MAX_TRANSLATED_SIZE) &&
+                        (strstr(filename, "/") == NULL) &&
+                        (strstr(filename, "\\") == NULL) &&
+                        (strstr(filename, ":") == NULL))
+                {
+                sprintf(translated, "%s.dll", filename);
+                h = LoadLibrary(translated);
+                }
+        else
+                h = LoadLibrary(filename);
+        if(h == NULL)
+                {
+                DSOerr(DSO_F_WIN32_LOAD,DSO_R_LOAD_FAILED);
+                return(0);
+                }
+        p = (HINSTANCE *)OPENSSL_malloc(sizeof(HINSTANCE));
+        if(p == NULL)
+                {
+                DSOerr(DSO_F_WIN32_LOAD,ERR_R_MALLOC_FAILURE);
+                FreeLibrary(h);
+                return(0);
+                }
+        *p = h;
+        if(!sk_push(dso->meth_data, (char *)p))
+                {
+                DSOerr(DSO_F_WIN32_LOAD,DSO_R_STACK_ERROR);
+                FreeLibrary(h);
+                OPENSSL_free(p);
+                return(0);
+                }
+        return(1);
+        }
+
+static int win32_unload(DSO *dso)
+        {
+        HINSTANCE *p;
+        if(dso == NULL)
+                {
+                DSOerr(DSO_F_WIN32_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
+                return(0);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                return(1);
+        p = (HINSTANCE *)sk_pop(dso->meth_data);
+        if(p == NULL)
+                {
+                DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE);
+                return(0);
+                }
+        if(!FreeLibrary(*p))
+                {
+                DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED);
+                /* We should push the value back onto the stack in
+                 * case of a retry. */
+                sk_push(dso->meth_data, (char *)p);
+                return(0);
+                }
+        /* Cleanup */
+        OPENSSL_free(p);
+        return(1);
+        }
+
+/* Using GetProcAddress for variables? TODO: Check this out in
+ * the Win32 API docs, there's probably a variant for variables. */
+static void *win32_bind_var(DSO *dso, const char *symname)
+        {
+        HINSTANCE *ptr;
+        void *sym;
+
+        if((dso == NULL) || (symname == NULL))
+                {
+                DSOerr(DSO_F_WIN32_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
+                return(NULL);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                {
+                DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_STACK_ERROR);
+                return(NULL);
+                }
+        ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_NULL_HANDLE);
+                return(NULL);
+                }
+        sym = GetProcAddress(*ptr, symname);
+        if(sym == NULL)
+                {
+                DSOerr(DSO_F_WIN32_BIND_VAR,DSO_R_SYM_FAILURE);
+                return(NULL);
+                }
+        return(sym);
+        }
+
+static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
+        {
+        HINSTANCE *ptr;
+        void *sym;
+
+        if((dso == NULL) || (symname == NULL))
+                {
+                DSOerr(DSO_F_WIN32_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
+                return(NULL);
+                }
+        if(sk_num(dso->meth_data) < 1)
+                {
+                DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_STACK_ERROR);
+                return(NULL);
+                }
+        ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+        if(ptr == NULL)
+                {
+                DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_NULL_HANDLE);
+                return(NULL);
+                }
+        sym = GetProcAddress(*ptr, symname);
+        if(sym == NULL)
+                {
+                DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_SYM_FAILURE);
+                return(NULL);
+                }
+        return((DSO_FUNC_TYPE)sym);
+        }
+
+static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg)
+        {
+        if(dso == NULL)
+                {
+                DSOerr(DSO_F_WIN32_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                return(-1);
+                }
+        switch(cmd)
+                {
+        case DSO_CTRL_GET_FLAGS:
+                return dso->flags;
+        case DSO_CTRL_SET_FLAGS:
+                dso->flags = (int)larg;
+                return(0);
+        case DSO_CTRL_OR_FLAGS:
+                dso->flags |= (int)larg;
+                return(0);
+        default:
+                break;
+                }
+        DSOerr(DSO_F_WIN32_CTRL,DSO_R_UNKNOWN_COMMAND);
+        return(-1);
+        }
+
+#endif /* WIN32 */
diff --git a/src/lib/libcrypto/ebcdic.c b/src/lib/libcrypto/ebcdic.c
new file mode 100644
index 0000000000..31397b2add
--- /dev/null
+++ b/src/lib/libcrypto/ebcdic.c
@@ -0,0 +1,217 @@
+/* crypto/ebcdic.c */
+
+#ifdef CHARSET_EBCDIC
+#include "ebcdic.h"
+/*      Initial Port for  Apache-1.3     by <Martin.Kraemer@Mch.SNI.De>
+ *      Adapted for       OpenSSL-0.9.4  by <Martin.Kraemer@Mch.SNI.De>
+ */
+
+#ifdef _OSD_POSIX
+/*
+    "BS2000 OSD" is a POSIX subsystem on a main frame.
+    It is made by Siemens AG, Germany, for their BS2000 mainframe machines.
+    Within the POSIX subsystem, the same character set was chosen as in
+    "native BS2000", namely EBCDIC. (EDF04)
+
+    The name "ASCII" in these routines is misleading: actually, conversion
+    is not between EBCDIC and ASCII, but EBCDIC(EDF04) and ISO-8859.1;
+    that means that (western european) national characters are preserved.
+
+    This table is identical to the one used by rsh/rcp/ftp and other POSIX tools.
+*/
+
+/* Here's the bijective ebcdic-to-ascii table: */
+const unsigned char os_toascii[256] = {
+/*00*/ 0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f,
+       0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /*................*/
+/*10*/ 0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97,
+       0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /*................*/
+/*20*/ 0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b,
+       0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /*................*/
+/*30*/ 0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04,
+       0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /*................*/
+/*40*/ 0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5,
+       0xe7, 0xf1, 0x60, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /* .........`.<(+|*/
+/*50*/ 0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef,
+       0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x9f, /*&.........!$*);.*/
+/*60*/ 0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5,
+       0xc7, 0xd1, 0x5e, 0x2c, 0x25, 0x5f, 0x3e, 0x3f, /*-/........^,%_>?*/
+/*70*/ 0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf,
+       0xcc, 0xa8, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /*..........:#@'="*/
+/*80*/ 0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
+       0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /*.abcdefghi......*/
+/*90*/ 0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70,
+       0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /*.jklmnopqr......*/
+/*a0*/ 0xb5, 0xaf, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+       0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0xdd, 0xde, 0xae, /*..stuvwxyz......*/
+/*b0*/ 0xa2, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc,
+       0xbd, 0xbe, 0xac, 0x5b, 0x5c, 0x5d, 0xb4, 0xd7, /*...........[\]..*/
+/*c0*/ 0xf9, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+       0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /*.ABCDEFGHI......*/
+/*d0*/ 0xa6, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
+       0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xdb, 0xfa, 0xff, /*.JKLMNOPQR......*/
+/*e0*/ 0xd9, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58,
+       0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /*..STUVWXYZ......*/
+/*f0*/ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+       0x38, 0x39, 0xb3, 0x7b, 0xdc, 0x7d, 0xda, 0x7e  /*0123456789.{.}.~*/
+};
+
+
+/* The ascii-to-ebcdic table: */
+const unsigned char os_toebcdic[256] = {
+/*00*/  0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f,
+        0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,  /*................*/
+/*10*/  0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26,
+        0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f,  /*................*/
+/*20*/  0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d,
+        0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61,  /* !"#$%&'()*+,-./ */
+/*30*/  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+        0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f,  /*0123456789:;<=>?*/
+/*40*/  0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+        0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6,  /*@ABCDEFGHIJKLMNO*/
+/*50*/  0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6,
+        0xe7, 0xe8, 0xe9, 0xbb, 0xbc, 0xbd, 0x6a, 0x6d,  /*PQRSTUVWXYZ[\]^_*/
+/*60*/  0x4a, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+        0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96,  /*`abcdefghijklmno*/
+/*70*/  0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6,
+        0xa7, 0xa8, 0xa9, 0xfb, 0x4f, 0xfd, 0xff, 0x07,  /*pqrstuvwxyz{|}~.*/
+/*80*/  0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08,
+        0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14,  /*................*/
+/*90*/  0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17,
+        0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0x5f,  /*................*/
+/*a0*/  0x41, 0xaa, 0xb0, 0xb1, 0x9f, 0xb2, 0xd0, 0xb5,
+        0x79, 0xb4, 0x9a, 0x8a, 0xba, 0xca, 0xaf, 0xa1,  /*................*/
+/*b0*/  0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3,
+        0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab,  /*................*/
+/*c0*/  0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68,
+        0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77,  /*................*/
+/*d0*/  0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf,
+        0x80, 0xe0, 0xfe, 0xdd, 0xfc, 0xad, 0xae, 0x59,  /*................*/
+/*e0*/  0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48,
+        0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57,  /*................*/
+/*f0*/  0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1,
+        0x70, 0xc0, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf   /*................*/
+};
+
+#else  /*_OSD_POSIX*/
+
+/*
+This code does basic character mapping for IBM's TPF and OS/390 operating systems.
+It is a modified version of the BS2000 table.
+
+Bijective EBCDIC (character set IBM-1047) to US-ASCII table:
+This table is bijective - there are no ambigous or duplicate characters.
+*/
+const unsigned char os_toascii[256] = {
+    0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f, /* 00-0f:           */
+    0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
+    0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97, /* 10-1f:           */
+    0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
+    0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b, /* 20-2f:           */
+    0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /* ................ */
+    0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04, /* 30-3f:           */
+    0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /* ................ */
+    0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5, /* 40-4f:           */
+    0xe7, 0xf1, 0xa2, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /*  ...........<(+| */
+    0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef, /* 50-5f:           */
+    0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x5e, /* &.........!$*);^ */
+    0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5, /* 60-6f:           */
+    0xc7, 0xd1, 0xa6, 0x2c, 0x25, 0x5f, 0x3e, 0x3f, /* -/.........,%_>? */
+    0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf, /* 70-7f:           */
+    0xcc, 0x60, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /* .........`:#@'=" */
+    0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, /* 80-8f:           */
+    0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /* .abcdefghi...... */
+    0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, /* 90-9f:           */
+    0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /* .jklmnopqr...... */
+    0xb5, 0x7e, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, /* a0-af:           */
+    0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0x5b, 0xde, 0xae, /* .~stuvwxyz...[.. */
+    0xac, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc, /* b0-bf:           */
+    0xbd, 0xbe, 0xdd, 0xa8, 0xaf, 0x5d, 0xb4, 0xd7, /* .............].. */
+    0x7b, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, /* c0-cf:           */
+    0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /* {ABCDEFGHI...... */
+    0x7d, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, /* d0-df:           */
+    0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xf9, 0xfa, 0xff, /* }JKLMNOPQR...... */
+    0x5c, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, /* e0-ef:           */
+    0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /* \.STUVWXYZ...... */
+    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* f0-ff:           */
+    0x38, 0x39, 0xb3, 0xdb, 0xdc, 0xd9, 0xda, 0x9f  /* 0123456789...... */
+};
+
+
+/*
+The US-ASCII to EBCDIC (character set IBM-1047) table:
+This table is bijective (no ambiguous or duplicate characters)
+*/
+const unsigned char os_toebcdic[256] = {
+    0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f, /* 00-0f:           */
+    0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
+    0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26, /* 10-1f:           */
+    0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
+    0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d, /* 20-2f:           */
+    0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61, /*  !"#$%&'()*+,-./ */
+    0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, /* 30-3f:           */
+    0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f, /* 0123456789:;<=>? */
+    0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, /* 40-4f:           */
+    0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, /* @ABCDEFGHIJKLMNO */
+    0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, /* 50-5f:           */
+    0xe7, 0xe8, 0xe9, 0xad, 0xe0, 0xbd, 0x5f, 0x6d, /* PQRSTUVWXYZ[\]^_ */
+    0x79, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, /* 60-6f:           */
+    0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, /* `abcdefghijklmno */
+    0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, /* 70-7f:           */
+    0xa7, 0xa8, 0xa9, 0xc0, 0x4f, 0xd0, 0xa1, 0x07, /* pqrstuvwxyz{|}~. */
+    0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08, /* 80-8f:           */
+    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14, /* ................ */
+    0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17, /* 90-9f:           */
+    0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0xff, /* ................ */
+    0x41, 0xaa, 0x4a, 0xb1, 0x9f, 0xb2, 0x6a, 0xb5, /* a0-af:           */
+    0xbb, 0xb4, 0x9a, 0x8a, 0xb0, 0xca, 0xaf, 0xbc, /* ................ */
+    0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3, /* b0-bf:           */
+    0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab, /* ................ */
+    0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68, /* c0-cf:           */
+    0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77, /* ................ */
+    0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf, /* d0-df:           */
+    0x80, 0xfd, 0xfe, 0xfb, 0xfc, 0xba, 0xae, 0x59, /* ................ */
+    0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48, /* e0-ef:           */
+    0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57, /* ................ */
+    0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1, /* f0-ff:           */
+    0x70, 0xdd, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf  /* ................ */
+};
+#endif /*_OSD_POSIX*/
+
+/* Translate a memory block from EBCDIC (host charset) to ASCII (net charset)
+ * dest and srce may be identical, or separate memory blocks, but
+ * should not overlap. These functions intentionally have an interface
+ * compatible to memcpy(3).
+ */
+
+void *
+ebcdic2ascii(void *dest, const void *srce, size_t count)
+{
+    unsigned char *udest = dest;
+    const unsigned char *usrce = srce;
+
+    while (count-- != 0) {
+        *udest++ = os_toascii[*usrce++];
+    }
+
+    return dest;
+}
+
+void *
+ascii2ebcdic(void *dest, const void *srce, size_t count)
+{
+    unsigned char *udest = dest;
+    const unsigned char *usrce = srce;
+
+    while (count-- != 0) {
+        *udest++ = os_toebcdic[*usrce++];
+    }
+
+    return dest;
+}
+
+#else /*CHARSET_EBCDIC*/
+#ifdef PEDANTIC
+static void *dummy=&dummy;
+#endif
+#endif
diff --git a/src/lib/libcrypto/ebcdic.h b/src/lib/libcrypto/ebcdic.h
new file mode 100644
index 0000000000..d3b4e98b12
--- /dev/null
+++ b/src/lib/libcrypto/ebcdic.h
@@ -0,0 +1,17 @@
+#ifndef HEADER_EBCDIC_H
+#define HEADER_EBCDIC_H
+
+#include <sys/types.h>
+
+/* Avoid name clashes with other applications */
+#define os_toascii   _eay2000_os_toascii
+#define os_toebcdic  _eay2000_os_toebcdic
+#define ebcdic2ascii _eay2000_ebcdic2ascii
+#define ascii2ebcdic _eay2000_ascii2ebcdic
+
+extern const unsigned char os_toascii[256];
+extern const unsigned char os_toebcdic[256];
+void ebcdic2ascii(unsigned char *dest, const unsigned char *srce, size_t count);
+void ascii2ebcdic(unsigned char *dest, const unsigned char *srce, size_t count);
+
+#endif
diff --git a/src/lib/libcrypto/ec/ecp_recp.c b/src/lib/libcrypto/ec/ecp_recp.c
new file mode 100644
index 0000000000..fec843b5c8
--- /dev/null
+++ b/src/lib/libcrypto/ec/ecp_recp.c
@@ -0,0 +1,133 @@
+/* crypto/ec/ecp_recp.c */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ec_lcl.h"
+
+#if 0
+const EC_METHOD *EC_GFp_recp_method(void)
+        {
+        static const EC_METHOD ret = {
+                ec_GFp_recp_group_init,
+                ec_GFp_recp_group_finish,
+                ec_GFp_recp_group_clear_finish,
+                ec_GFp_recp_group_copy,
+                ec_GFp_recp_group_set_curve_GFp,
+                ec_GFp_simple_group_get_curve_GFp,
+                ec_GFp_simple_group_set_generator,
+                ec_GFp_simple_group_get0_generator,
+                ec_GFp_simple_group_get_order,
+                ec_GFp_simple_group_get_cofactor,
+                ec_GFp_simple_point_init,
+                ec_GFp_simple_point_finish,
+                ec_GFp_simple_point_clear_finish,
+                ec_GFp_simple_point_copy,
+                ec_GFp_simple_point_set_to_infinity,
+                ec_GFp_simple_set_Jprojective_coordinates_GFp,
+                ec_GFp_simple_get_Jprojective_coordinates_GFp,
+                ec_GFp_simple_point_set_affine_coordinates_GFp,
+                ec_GFp_simple_point_get_affine_coordinates_GFp,
+                ec_GFp_simple_set_compressed_coordinates_GFp,
+                ec_GFp_simple_point2oct,
+                ec_GFp_simple_oct2point,
+                ec_GFp_simple_add,
+                ec_GFp_simple_dbl,
+                ec_GFp_simple_invert,
+                ec_GFp_simple_is_at_infinity,
+                ec_GFp_simple_is_on_curve,
+                ec_GFp_simple_cmp,
+                ec_GFp_simple_make_affine,
+                ec_GFp_simple_points_make_affine,
+                ec_GFp_recp_field_mul,
+                ec_GFp_recp_field_sqr,
+                0 /* field_encode */,
+                0 /* field_decode */,
+                0 /* field_set_to_one */ };
+
+        return &ret;
+        }
+#endif
+
+int ec_GFp_recp_group_init(EC_GROUP *group)
+        {
+        int ok;
+
+        ok = ec_GFp_simple_group_init(group);
+        group->field_data1 = NULL;
+        return ok;
+        }
+
+
+int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+/* TODO */
+
+
+void ec_GFp_recp_group_finish(EC_GROUP *group);
+/* TODO */
+
+
+void ec_GFp_recp_group_clear_finish(EC_GROUP *group);
+/* TODO */
+
+
+int ec_GFp_recp_group_copy(EC_GROUP *dest, const EC_GROUP *src);
+/* TODO */
+
+
+int ec_GFp_recp_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+/* TODO */
+
+
+int ec_GFp_recp_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
+/* TODO */
diff --git a/src/lib/libcrypto/ec/ectest.c b/src/lib/libcrypto/ec/ectest.c
new file mode 100644
index 0000000000..243cd83fb5
--- /dev/null
+++ b/src/lib/libcrypto/ec/ectest.c
@@ -0,0 +1,634 @@
+/* crypto/ec/ectest.c */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+
+#ifdef OPENSSL_NO_EC
+int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); return 0; }
+#else
+
+
+#include <openssl/ec.h>
+#include <openssl/engine.h>
+#include <openssl/err.h>
+
+#define ABORT do { \
+        fflush(stdout); \
+        fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
+        ERR_print_errors_fp(stderr); \
+        exit(1); \
+} while (0)
+
+
+void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
+        {
+        clock_t clck;
+        int i, j;
+        BIGNUM *s, *s0;
+        EC_POINT *P;
+                
+        s = BN_new();
+        s0 = BN_new();
+        if (s == NULL || s0 == NULL) ABORT;
+
+        if (!EC_GROUP_get_curve_GFp(group, s, NULL, NULL, ctx)) ABORT;
+        fprintf(stdout, "Timings for %d bit prime, ", (int)BN_num_bits(s));
+        if (!EC_GROUP_get_order(group, s, ctx)) ABORT;
+        fprintf(stdout, "%d bit scalars ", (int)BN_num_bits(s));
+        fflush(stdout);
+
+        P = EC_POINT_new(group);
+        if (P == NULL) ABORT;
+        EC_POINT_copy(P, EC_GROUP_get0_generator(group));
+
+        clck = clock();
+        for (i = 0; i < 10; i++)
+                {
+                if (!BN_pseudo_rand(s, BN_num_bits(s), 0, 0)) ABORT;
+                if (multi)
+                        {
+                        if (!BN_pseudo_rand(s0, BN_num_bits(s), 0, 0)) ABORT;
+                        }
+                for (j = 0; j < 10; j++)
+                        {
+                        if (!EC_POINT_mul(group, P, s, multi ? P : NULL, multi ? s0 : NULL, ctx)) ABORT;
+                        }
+                fprintf(stdout, ".");
+                fflush(stdout);
+                }
+        fprintf(stdout, "\n");
+        
+        clck = clock() - clck;
+
+#ifdef CLOCKS_PER_SEC
+        /* "To determine the time in seconds, the value returned
+         * by the clock function should be divided by the value
+         * of the macro CLOCKS_PER_SEC."
+         *                                       -- ISO/IEC 9899 */
+#       define UNIT "s"
+#else
+        /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
+         *                            -- cc on NeXTstep/OpenStep */
+#       define UNIT "units"
+#       define CLOCKS_PER_SEC 1
+#endif
+
+        fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j,
+                multi ? "s*P+t*Q operations" : "point multiplications",
+                (double)clck/CLOCKS_PER_SEC);
+        fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j));
+
+        EC_POINT_free(P);
+        BN_free(s);
+        BN_free(s0);
+        }
+
+
+int main(int argc, char *argv[])
+        {       
+        BN_CTX *ctx = NULL;
+        BIGNUM *p, *a, *b;
+        EC_GROUP *group;
+        EC_GROUP *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL;
+        EC_POINT *P, *Q, *R;
+        BIGNUM *x, *y, *z;
+        unsigned char buf[100];
+        size_t i, len;
+        int k;
+        
+        /* enable memory leak checking unless explicitly disabled */
+        if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+                {
+                CRYPTO_malloc_debug_init();
+                CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+                }
+        else
+                {
+                /* OPENSSL_DEBUG_MEMORY=off */
+                CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+                }
+        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+        ERR_load_crypto_strings();
+
+#if 1 /* optional */
+        ctx = BN_CTX_new();
+        if (!ctx) ABORT;
+#endif
+
+        p = BN_new();
+        a = BN_new();
+        b = BN_new();
+        if (!p || !a || !b) ABORT;
+
+        if (!BN_hex2bn(&p, "17")) ABORT;
+        if (!BN_hex2bn(&a, "1")) ABORT;
+        if (!BN_hex2bn(&b, "1")) ABORT;
+        
+        group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use EC_GROUP_new_curve_GFp
+                                                     * so that the library gets to choose the EC_METHOD */
+        if (!group) ABORT;
+
+        if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        {
+                EC_GROUP *tmp;
+                tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+                if (!tmp) ABORT;
+                if (!EC_GROUP_copy(tmp, group));
+                EC_GROUP_free(group);
+                group = tmp;
+        }
+        
+        if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        fprintf(stdout, "Curve defined by Weierstrass equation\n     y^2 = x^3 + a*x + b  (mod 0x");
+        BN_print_fp(stdout, p);
+        fprintf(stdout, ")\n     a = 0x");
+        BN_print_fp(stdout, a);
+        fprintf(stdout, "\n     b = 0x");
+        BN_print_fp(stdout, b);
+        fprintf(stdout, "\n");
+
+        P = EC_POINT_new(group);
+        Q = EC_POINT_new(group);
+        R = EC_POINT_new(group);
+        if (!P || !Q || !R) ABORT;
+        
+        if (!EC_POINT_set_to_infinity(group, P)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+        buf[0] = 0;
+        if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) ABORT;
+
+        if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+        x = BN_new();
+        y = BN_new();
+        z = BN_new();
+        if (!x || !y || !z) ABORT;
+
+        if (!BN_hex2bn(&x, "D")) ABORT;
+        if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, Q, ctx))
+                {
+                if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx)) ABORT;
+                fprintf(stderr, "Point is not on curve: x = 0x");
+                BN_print_fp(stderr, x);
+                fprintf(stderr, ", y = 0x");
+                BN_print_fp(stderr, y);
+                fprintf(stderr, "\n");
+                ABORT;
+                }
+
+        fprintf(stdout, "A cyclic subgroup:\n");
+        k = 100;
+        do
+                {
+                if (k-- == 0) ABORT;
+
+                if (EC_POINT_is_at_infinity(group, P))
+                        fprintf(stdout, "     point at infinity\n");
+                else
+                        {
+                        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+
+                        fprintf(stdout, "     x = 0x");
+                        BN_print_fp(stdout, x);
+                        fprintf(stdout, ", y = 0x");
+                        BN_print_fp(stdout, y);
+                        fprintf(stdout, "\n");
+                        }
+                
+                if (!EC_POINT_copy(R, P)) ABORT;
+                if (!EC_POINT_add(group, P, P, Q, ctx)) ABORT;
+
+#if 0 /* optional */
+                {
+                        EC_POINT *points[3];
+                
+                        points[0] = R;
+                        points[1] = Q;
+                        points[2] = P;
+                        if (!EC_POINTs_make_affine(group, 2, points, ctx)) ABORT;
+                }
+#endif
+
+                }
+        while (!EC_POINT_is_at_infinity(group, P));
+
+        if (!EC_POINT_add(group, P, Q, R, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+        len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof buf, ctx);
+        if (len == 0) ABORT;
+        if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
+        if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
+        fprintf(stdout, "Generator as octect string, compressed form:\n     ");
+        for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
+        
+        len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof buf, ctx);
+        if (len == 0) ABORT;
+        if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
+        if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
+        fprintf(stdout, "\nGenerator as octect string, uncompressed form:\n     ");
+        for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
+        
+        len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, ctx);
+        if (len == 0) ABORT;
+        if (!EC_POINT_oct2point(group, P, buf, len, ctx)) ABORT;
+        if (0 != EC_POINT_cmp(group, P, Q, ctx)) ABORT;
+        fprintf(stdout, "\nGenerator as octect string, hybrid form:\n     ");
+        for (i = 0; i < len; i++) fprintf(stdout, "%02X", buf[i]);
+        
+        if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx)) ABORT;
+        fprintf(stdout, "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n     X = 0x");
+        BN_print_fp(stdout, x);
+        fprintf(stdout, ", Y = 0x");
+        BN_print_fp(stdout, y);
+        fprintf(stdout, ", Z = 0x");
+        BN_print_fp(stdout, z);
+        fprintf(stdout, "\n");
+
+        if (!EC_POINT_invert(group, P, ctx)) ABORT;
+        if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT;
+
+
+        /* Curve P-192 (FIPS PUB 186-2, App. 6) */
+        
+        if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT;
+        if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
+        if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT;
+        if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT;
+        if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")) ABORT;
+        if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
+        if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")) ABORT;
+        if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
+
+        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+        fprintf(stdout, "\nNIST curve P-192 -- Generator:\n     x = 0x");
+        BN_print_fp(stdout, x);
+        fprintf(stdout, "\n     y = 0x");
+        BN_print_fp(stdout, y);
+        fprintf(stdout, "\n");
+        /* G_y value taken from the standard: */
+        if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT;
+        if (0 != BN_cmp(y, z)) ABORT;
+        
+        fprintf(stdout, "verify group order ...");
+        fflush(stdout);
+        if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, ".");
+        fflush(stdout);
+        if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, " ok\n");
+
+        if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
+        if (!EC_GROUP_copy(P_192, group)) ABORT;
+
+
+        /* Curve P-224 (FIPS PUB 186-2, App. 6) */
+        
+        if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT;
+        if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
+        if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT;
+        if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT;
+        if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        if (!BN_hex2bn(&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21")) ABORT;
+        if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
+        if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")) ABORT;
+        if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
+
+        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+        fprintf(stdout, "\nNIST curve P-224 -- Generator:\n     x = 0x");
+        BN_print_fp(stdout, x);
+        fprintf(stdout, "\n     y = 0x");
+        BN_print_fp(stdout, y);
+        fprintf(stdout, "\n");
+        /* G_y value taken from the standard: */
+        if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT;
+        if (0 != BN_cmp(y, z)) ABORT;
+        
+        fprintf(stdout, "verify group order ...");
+        fflush(stdout);
+        if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, ".");
+        fflush(stdout);
+        if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, " ok\n");
+
+        if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
+        if (!EC_GROUP_copy(P_224, group)) ABORT;
+
+
+        /* Curve P-256 (FIPS PUB 186-2, App. 6) */
+        
+        if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT;
+        if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
+        if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT;
+        if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT;
+        if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        if (!BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) ABORT;
+        if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
+        if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
+                "84F3B9CAC2FC632551")) ABORT;
+        if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
+
+        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+        fprintf(stdout, "\nNIST curve P-256 -- Generator:\n     x = 0x");
+        BN_print_fp(stdout, x);
+        fprintf(stdout, "\n     y = 0x");
+        BN_print_fp(stdout, y);
+        fprintf(stdout, "\n");
+        /* G_y value taken from the standard: */
+        if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT;
+        if (0 != BN_cmp(y, z)) ABORT;
+        
+        fprintf(stdout, "verify group order ...");
+        fflush(stdout);
+        if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, ".");
+        fflush(stdout);
+        if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, " ok\n");
+
+        if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
+        if (!EC_GROUP_copy(P_256, group)) ABORT;
+
+
+        /* Curve P-384 (FIPS PUB 186-2, App. 6) */
+        
+        if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT;
+        if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
+        if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT;
+        if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
+                "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")) ABORT;
+        if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
+                "9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) ABORT;
+        if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
+        if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) ABORT;
+        if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
+
+        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+        fprintf(stdout, "\nNIST curve P-384 -- Generator:\n     x = 0x");
+        BN_print_fp(stdout, x);
+        fprintf(stdout, "\n     y = 0x");
+        BN_print_fp(stdout, y);
+        fprintf(stdout, "\n");
+        /* G_y value taken from the standard: */
+        if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
+                "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT;
+        if (0 != BN_cmp(y, z)) ABORT;
+        
+        fprintf(stdout, "verify group order ...");
+        fflush(stdout);
+        if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, ".");
+        fflush(stdout);
+        if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, " ok\n");
+
+        if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
+        if (!EC_GROUP_copy(P_384, group)) ABORT;
+
+
+        /* Curve P-521 (FIPS PUB 186-2, App. 6) */
+        
+        if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT;
+        if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT;
+        if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT;
+        if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
+                "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
+                "DF883D2C34F1EF451FD46B503F00")) ABORT;
+        if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
+
+        if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
+                "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
+                "3C1856A429BF97E7E31C2E5BD66")) ABORT;
+        if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
+        if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
+                "C9B8899C47AEBB6FB71E91386409")) ABORT;
+        if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
+
+        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+        fprintf(stdout, "\nNIST curve P-521 -- Generator:\n     x = 0x");
+        BN_print_fp(stdout, x);
+        fprintf(stdout, "\n     y = 0x");
+        BN_print_fp(stdout, y);
+        fprintf(stdout, "\n");
+        /* G_y value taken from the standard: */
+        if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
+                "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
+                "7086A272C24088BE94769FD16650")) ABORT;
+        if (0 != BN_cmp(y, z)) ABORT;
+        
+        fprintf(stdout, "verify group order ...");
+        fflush(stdout);
+        if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, ".");
+        fflush(stdout);
+        if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+        if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+        fprintf(stdout, " ok\n");
+
+        if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
+        if (!EC_GROUP_copy(P_521, group)) ABORT;
+
+
+        /* more tests using the last curve */
+
+        if (!EC_POINT_copy(Q, P)) ABORT;
+        if (EC_POINT_is_at_infinity(group, Q)) ABORT;
+        if (!EC_POINT_dbl(group, P, P, ctx)) ABORT;
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
+        if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */
+
+        if (!EC_POINT_add(group, R, P, Q, ctx)) ABORT;
+        if (!EC_POINT_add(group, R, R, Q, ctx)) ABORT;
+        if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */
+
+        {
+                const EC_POINT *points[3];
+                const BIGNUM *scalars[3];
+        
+                if (EC_POINT_is_at_infinity(group, Q)) ABORT;
+                points[0] = Q;
+                points[1] = Q;
+                points[2] = Q;
+
+                if (!BN_add(y, z, BN_value_one())) ABORT;
+                if (BN_is_odd(y)) ABORT;
+                if (!BN_rshift1(y, y)) ABORT;
+                scalars[0] = y; /* (group order + 1)/2,  so  y*Q + y*Q = Q */
+                scalars[1] = y;
+
+                fprintf(stdout, "combined multiplication ...");
+                fflush(stdout);
+
+                /* z is still the group order */
+                if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
+                if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) ABORT;
+                if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT;
+                if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT;
+
+                fprintf(stdout, ".");
+                fflush(stdout);
+
+                if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT;
+                if (!BN_add(z, z, y)) ABORT;
+                z->neg = 1;
+                scalars[0] = y;
+                scalars[1] = z; /* z = -(order + y) */
+
+                if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
+                if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+                fprintf(stdout, ".");
+                fflush(stdout);
+
+                if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT;
+                if (!BN_add(z, x, y)) ABORT;
+                z->neg = 1;
+                scalars[0] = x;
+                scalars[1] = y;
+                scalars[2] = z; /* z = -(x+y) */
+
+                if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT;
+                if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+                fprintf(stdout, " ok\n\n");
+        }
+
+
+#if 0
+        timings(P_192, 0, ctx);
+        timings(P_192, 1, ctx);
+        timings(P_224, 0, ctx);
+        timings(P_224, 1, ctx);
+        timings(P_256, 0, ctx);
+        timings(P_256, 1, ctx);
+        timings(P_384, 0, ctx);
+        timings(P_384, 1, ctx);
+        timings(P_521, 0, ctx);
+        timings(P_521, 1, ctx);
+#endif
+
+
+        if (ctx)
+                BN_CTX_free(ctx);
+        BN_free(p); BN_free(a); BN_free(b);
+        EC_GROUP_free(group);
+        EC_POINT_free(P);
+        EC_POINT_free(Q);
+        EC_POINT_free(R);
+        BN_free(x); BN_free(y); BN_free(z);
+
+        if (P_192) EC_GROUP_free(P_192);
+        if (P_224) EC_GROUP_free(P_224);
+        if (P_256) EC_GROUP_free(P_256);
+        if (P_384) EC_GROUP_free(P_384);
+        if (P_521) EC_GROUP_free(P_521);
+
+        ENGINE_cleanup();
+        CRYPTO_cleanup_all_ex_data();
+        ERR_free_strings();
+        ERR_remove_state(0);
+        CRYPTO_mem_leaks_fp(stderr);
+        
+        return 0;
+        }
+#endif
diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c
new file mode 100644
index 0000000000..a5a3c47fcb
--- /dev/null
+++ b/src/lib/libcrypto/engine/enginetest.c
@@ -0,0 +1,251 @@
+/* crypto/engine/enginetest.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/engine.h>
+#include <openssl/err.h>
+
+static void display_engine_list()
+        {
+        ENGINE *h;
+        int loop;
+
+        h = ENGINE_get_first();
+        loop = 0;
+        printf("listing available engine types\n");
+        while(h)
+                {
+                printf("engine %i, id = \"%s\", name = \"%s\"\n",
+                        loop++, ENGINE_get_id(h), ENGINE_get_name(h));
+                h = ENGINE_get_next(h);
+                }
+        printf("end of list\n");
+        }
+
+int main(int argc, char *argv[])
+        {
+        ENGINE *block[512];
+        char buf[256];
+        const char *id, *name;
+        ENGINE *ptr;
+        int loop;
+        int to_return = 1;
+        ENGINE *new_h1 = NULL;
+        ENGINE *new_h2 = NULL;
+        ENGINE *new_h3 = NULL;
+        ENGINE *new_h4 = NULL;
+
+        ERR_load_crypto_strings();
+
+        memset(block, 0, 512 * sizeof(ENGINE *));
+        if(((new_h1 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h1, "test_id0") ||
+                        !ENGINE_set_name(new_h1, "First test item") ||
+                        ((new_h2 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h2, "test_id1") ||
+                        !ENGINE_set_name(new_h2, "Second test item") ||
+                        ((new_h3 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h3, "test_id2") ||
+                        !ENGINE_set_name(new_h3, "Third test item") ||
+                        ((new_h4 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h4, "test_id3") ||
+                        !ENGINE_set_name(new_h4, "Fourth test item"))
+                {
+                printf("Couldn't set up test ENGINE structures\n");
+                goto end;
+                }
+        printf("\nenginetest beginning\n\n");
+        display_engine_list();
+        if(!ENGINE_add(new_h1))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        ptr = ENGINE_get_first();
+        if(!ENGINE_remove(ptr))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h2))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_add(new_h4))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(ENGINE_add(new_h3))
+                {
+                printf("Add *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Add that should fail did.\n");
+        ERR_clear_error();
+        if(ENGINE_remove(new_h2))
+                {
+                printf("Remove *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Remove that should fail did.\n");
+        if(!ENGINE_remove(new_h1))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h3))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h4))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        /* Depending on whether there's any hardware support compiled
+         * in, this remove may be destined to fail. */
+        ptr = ENGINE_get_first();
+        if(ptr)
+                if(!ENGINE_remove(ptr))
+                        printf("Remove failed!i - probably no hardware "
+                                "support present.\n");
+        display_engine_list();
+        if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
+                {
+                printf("Couldn't add and remove to an empty list!\n");
+                goto end;
+                }
+        else
+                printf("Successfully added and removed to an empty list!\n");
+        printf("About to beef up the engine-type list\n");
+        for(loop = 0; loop < 512; loop++)
+                {
+                sprintf(buf, "id%i", loop);
+                id = strdup(buf);
+                sprintf(buf, "Fake engine type %i", loop);
+                name = strdup(buf);
+                if(((block[loop] = ENGINE_new()) == NULL) ||
+                                !ENGINE_set_id(block[loop], id) ||
+                                !ENGINE_set_name(block[loop], name))
+                        {
+                        printf("Couldn't create block of ENGINE structures.\n"
+                                "I'll probably also core-dump now, damn.\n");
+                        goto end;
+                        }
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                if(!ENGINE_add(block[loop]))
+                        {
+                        printf("\nAdding stopped at %i, (%s,%s)\n",
+                                loop, ENGINE_get_id(block[loop]),
+                                ENGINE_get_name(block[loop]));
+                        goto cleanup_loop;
+                        }
+                else
+                        printf("."); fflush(stdout);
+                }
+cleanup_loop:
+        printf("\nAbout to empty the engine-type list\n");
+        while((ptr = ENGINE_get_first()) != NULL)
+                {
+                if(!ENGINE_remove(ptr))
+                        {
+                        printf("\nRemove failed!\n");
+                        goto end;
+                        }
+                printf("."); fflush(stdout);
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                free((char *)(ENGINE_get_id(block[loop])));
+                free((char *)(ENGINE_get_name(block[loop])));
+                }
+        printf("\nTests completed happily\n");
+        to_return = 0;
+end:
+        if(to_return)
+                ERR_print_errors_fp(stderr);
+        if(new_h1) ENGINE_free(new_h1);
+        if(new_h2) ENGINE_free(new_h2);
+        if(new_h3) ENGINE_free(new_h3);
+        if(new_h4) ENGINE_free(new_h4);
+        for(loop = 0; loop < 512; loop++)
+                if(block[loop])
+                        ENGINE_free(block[loop]);
+        return to_return;
+        }
diff --git a/src/lib/libcrypto/engine/hw.ec b/src/lib/libcrypto/engine/hw.ec
new file mode 100644
index 0000000000..5481a43918
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw.ec
@@ -0,0 +1,8 @@
+L AEPHK         hw_aep_err.h                    hw_aep_err.c
+L ATALLA        hw_atalla_err.h                 hw_atalla_err.c
+L CSWIFT        hw_cswift_err.h                 hw_cswift_err.c
+L HWCRHK        hw_ncipher_err.h                hw_ncipher_err.c
+L NURON         hw_nuron_err.h                  hw_nuron_err.c
+L SUREWARE      hw_sureware_err.h               hw_sureware_err.c
+L UBSEC         hw_ubsec_err.h                  hw_ubsec_err.c
+L CCA4758       hw_4758_cca_err.h               hw_4758_cca_err.c
diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c
new file mode 100644
index 0000000000..959d8f1a61
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_4758_cca.c
@@ -0,0 +1,950 @@
+/* Author: Maurice Gittens <maurice@gittens.nl>                       */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+/* #include <openssl/pem.h> */
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/engine.h>
+
+#ifndef OPENSSL_NO_HW
+#ifndef OPENSSL_NO_HW_4758_CCA
+
+#ifdef FLAT_INC
+#include "hw_4758_cca.h"
+#else
+#include "vendor_defns/hw_4758_cca.h"
+#endif
+
+#include "hw_4758_cca_err.c"
+
+static int ibm_4758_cca_destroy(ENGINE *e);
+static int ibm_4758_cca_init(ENGINE *e);
+static int ibm_4758_cca_finish(ENGINE *e);
+static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
+
+/* rsa functions */
+/*---------------*/
+#ifndef OPENSSL_NO_RSA
+static int cca_rsa_pub_enc(int flen, const unsigned char *from,
+                unsigned char *to, RSA *rsa,int padding);
+static int cca_rsa_priv_dec(int flen, const unsigned char *from,
+                unsigned char *to, RSA *rsa,int padding);
+static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
+                unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
+                unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
+
+/* utility functions */
+/*-----------------------*/
+static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*,
+                UI_METHOD *ui_method, void *callback_data);
+static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*,
+                UI_METHOD *ui_method, void *callback_data);
+
+static int getModulusAndExponent(const unsigned char *token, long *exponentLength,
+                unsigned char *exponent, long *modulusLength,
+                long *modulusFieldLength, unsigned char *modulus);
+#endif
+
+/* RAND number functions */
+/*-----------------------*/
+static int cca_get_random_bytes(unsigned char*, int );
+static int cca_random_status(void);
+
+static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+                int idx,long argl, void *argp);
+
+/* Function pointers for CCA verbs */
+/*---------------------------------*/
+#ifndef OPENSSL_NO_RSA
+static F_KEYRECORDREAD keyRecordRead;
+static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
+static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
+static F_PUBLICKEYEXTRACT publicKeyExtract;
+static F_PKAENCRYPT pkaEncrypt;
+static F_PKADECRYPT pkaDecrypt;
+#endif
+static F_RANDOMNUMBERGENERATE randomNumberGenerate;
+
+/* static variables */
+/*------------------*/
+static const char def_CCA4758_LIB_NAME[] = CCA_LIB_NAME;
+static const char *CCA4758_LIB_NAME = def_CCA4758_LIB_NAME;
+#ifndef OPENSSL_NO_RSA
+static const char* n_keyRecordRead = CSNDKRR;
+static const char* n_digitalSignatureGenerate = CSNDDSG;
+static const char* n_digitalSignatureVerify = CSNDDSV;
+static const char* n_publicKeyExtract = CSNDPKX;
+static const char* n_pkaEncrypt = CSNDPKE;
+static const char* n_pkaDecrypt = CSNDPKD;
+#endif
+static const char* n_randomNumberGenerate = CSNBRNG;
+
+static int hndidx = -1;
+static DSO *dso = NULL;
+
+/* openssl engine initialization structures */
+/*------------------------------------------*/
+
+#define CCA4758_CMD_SO_PATH             ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN    cca4758_cmd_defns[] = {
+        {CCA4758_CMD_SO_PATH,
+                "SO_PATH",
+                "Specifies the path to the '4758cca' shared library",
+                ENGINE_CMD_FLAG_STRING},
+        {0, NULL, NULL, 0}
+        };
+
+#ifndef OPENSSL_NO_RSA
+static RSA_METHOD ibm_4758_cca_rsa =
+        {
+        "IBM 4758 CCA RSA method",
+        cca_rsa_pub_enc,
+        NULL,
+        NULL,
+        cca_rsa_priv_dec,
+        NULL, /*rsa_mod_exp,*/
+        NULL, /*mod_exp_mont,*/
+        NULL, /* init */
+        NULL, /* finish */
+        RSA_FLAG_SIGN_VER,        /* flags */
+        NULL, /* app_data */
+        cca_rsa_sign, /* rsa_sign */
+        cca_rsa_verify  /* rsa_verify */
+        };
+#endif
+
+static RAND_METHOD ibm_4758_cca_rand =
+        {
+        /* "IBM 4758 RAND method", */
+        NULL, /* seed */
+        cca_get_random_bytes, /* get random bytes from the card */
+        NULL, /* cleanup */
+        NULL, /* add */
+        cca_get_random_bytes, /* pseudo rand */
+        cca_random_status, /* status */
+        };
+
+static const char *engine_4758_cca_id = "4758cca";
+static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support";
+
+/* engine implementation */
+/*-----------------------*/
+static int bind_helper(ENGINE *e)
+        {
+        if(!ENGINE_set_id(e, engine_4758_cca_id) ||
+                        !ENGINE_set_name(e, engine_4758_cca_name) ||
+#ifndef OPENSSL_NO_RSA
+                        !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
+#endif
+                        !ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
+                        !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
+                        !ENGINE_set_init_function(e, ibm_4758_cca_init) ||
+                        !ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
+                        !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
+                        !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
+                        !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
+                        !ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
+                return 0;
+        /* Ensure the error handling is set up */
+        ERR_load_CCA4758_strings();
+        return 1;
+        }
+
+static ENGINE *engine_4758_cca(void)
+        {
+        ENGINE *ret = ENGINE_new();
+        if(!ret)
+                return NULL;
+        if(!bind_helper(ret))
+                {
+                ENGINE_free(ret);
+                return NULL;
+                }
+        return ret;
+        }
+
+void ENGINE_load_4758cca(void)
+        {
+        ENGINE *e_4758 = engine_4758_cca();
+        if (!e_4758) return;
+        ENGINE_add(e_4758);
+        ENGINE_free(e_4758);
+        ERR_clear_error();   
+        }
+
+static int ibm_4758_cca_destroy(ENGINE *e)
+        {
+        ERR_unload_CCA4758_strings();
+        return 1;
+        }
+
+static int ibm_4758_cca_init(ENGINE *e)
+        {
+        if(dso)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_ALREADY_LOADED);
+                goto err;
+                }
+
+        dso = DSO_load(NULL, CCA4758_LIB_NAME , NULL, 0);
+        if(!dso)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
+                goto err;
+                }
+
+#ifndef OPENSSL_NO_RSA
+        if(!(keyRecordRead = (F_KEYRECORDREAD)
+                                DSO_bind_func(dso, n_keyRecordRead)) ||
+                        !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
+                                DSO_bind_func(dso, n_randomNumberGenerate)) ||
+                        !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)
+                                DSO_bind_func(dso, n_digitalSignatureGenerate)) ||
+                        !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)
+                                DSO_bind_func(dso, n_digitalSignatureVerify)) ||
+                        !(publicKeyExtract = (F_PUBLICKEYEXTRACT)
+                                DSO_bind_func(dso, n_publicKeyExtract)) ||
+                        !(pkaEncrypt = (F_PKAENCRYPT)
+                                DSO_bind_func(dso, n_pkaEncrypt)) ||
+                        !(pkaDecrypt = (F_PKADECRYPT)
+                                DSO_bind_func(dso, n_pkaDecrypt)))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
+                goto err;
+                }
+#else
+        if(!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
+                                DSO_bind_func(dso, n_randomNumberGenerate)))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
+                goto err;
+                }
+#endif
+
+        hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
+                NULL, NULL, cca_ex_free);
+
+        return 1;
+err:
+        if(dso)
+                DSO_free(dso);
+        dso = NULL;
+
+        keyRecordRead = (F_KEYRECORDREAD)NULL;
+        randomNumberGenerate = (F_RANDOMNUMBERGENERATE)NULL;
+        digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)NULL;
+        digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)NULL;
+        publicKeyExtract = (F_PUBLICKEYEXTRACT)NULL;
+        pkaEncrypt = (F_PKAENCRYPT)NULL;
+        pkaDecrypt = (F_PKADECRYPT)NULL;
+        return 0;
+        }
+
+static int ibm_4758_cca_finish(ENGINE *e)
+        {
+        if(dso)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
+                                CCA4758_R_NOT_LOADED);
+                return 0;
+                }
+        if(!DSO_free(dso))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
+                                CCA4758_R_UNIT_FAILURE);
+                return 0;
+                }
+        dso = NULL;
+        keyRecordRead = (F_KEYRECORDREAD)NULL;
+        randomNumberGenerate = (F_RANDOMNUMBERGENERATE)NULL;
+        digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)NULL;
+        digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)NULL;
+        publicKeyExtract = (F_PUBLICKEYEXTRACT)NULL;
+        pkaEncrypt = (F_PKAENCRYPT)NULL;
+        pkaDecrypt = (F_PKADECRYPT)NULL;
+        return 1;
+        }
+
+static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+        {
+        int initialised = ((dso == NULL) ? 0 : 1);
+        switch(cmd)
+                {
+        case CCA4758_CMD_SO_PATH:
+                if(p == NULL)
+                        {
+                        CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
+                                        ERR_R_PASSED_NULL_PARAMETER);
+                        return 0;
+                        }
+                if(initialised)
+                        {
+                        CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
+                                        CCA4758_R_ALREADY_LOADED);
+                        return 0;
+                        }
+                CCA4758_LIB_NAME = (const char *)p;
+                return 1;
+        default:
+                break;
+                }
+        CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
+                        CCA4758_R_COMMAND_NOT_IMPLEMENTED);
+        return 0;
+        }
+
+#ifndef OPENSSL_NO_RSA
+
+#define MAX_CCA_PKA_TOKEN_SIZE 2500
+
+static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
+                        UI_METHOD *ui_method, void *callback_data)
+        {
+        RSA *rtmp = NULL;
+        EVP_PKEY *res = NULL;
+        unsigned char* keyToken = NULL;
+        unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
+        long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
+        long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
+        long returnCode;
+        long reasonCode;
+        long exitDataLength = 0;
+        long ruleArrayLength = 0;
+        unsigned char exitData[8];
+        unsigned char ruleArray[8];
+        unsigned char keyLabel[64];
+        long keyLabelLength = strlen(key_id);
+        unsigned char modulus[256];
+        long modulusFieldLength = sizeof(modulus);
+        long modulusLength = 0;
+        unsigned char exponent[256];
+        long exponentLength = sizeof(exponent);
+
+        if (keyLabelLength > sizeof(keyLabel))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return NULL;
+                }
+
+        memset(keyLabel,' ', sizeof(keyLabel));
+        memcpy(keyLabel, key_id, keyLabelLength);
+
+        keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
+        if (!keyToken)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                                ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+
+        keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
+                exitData, &ruleArrayLength, ruleArray, keyLabel,
+                &keyTokenLength, keyToken+sizeof(long));
+
+        if (returnCode)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                        CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
+                goto err;
+                }
+
+        publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
+                exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
+                keyToken+sizeof(long), &pubKeyTokenLength, pubKeyToken);
+
+        if (returnCode)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                        CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
+                goto err;
+                }
+
+        if (!getModulusAndExponent(pubKeyToken, &exponentLength,
+                        exponent, &modulusLength, &modulusFieldLength,
+                        modulus))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                        CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
+                goto err;
+                }
+
+        (*(long*)keyToken) = keyTokenLength;
+        rtmp = RSA_new_method(e);
+        RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
+
+        rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
+        rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
+        rtmp->flags |= RSA_FLAG_EXT_PKEY;
+
+        res = EVP_PKEY_new();
+        EVP_PKEY_assign_RSA(res, rtmp);
+
+        return res;
+err:
+        if (keyToken)
+                OPENSSL_free(keyToken);
+        if (res)
+                EVP_PKEY_free(res);
+        if (rtmp)
+                RSA_free(rtmp);
+        return NULL;
+        }
+
+static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
+                        UI_METHOD *ui_method, void *callback_data)
+        {
+        RSA *rtmp = NULL;
+        EVP_PKEY *res = NULL;
+        unsigned char* keyToken = NULL;
+        long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
+        long returnCode;
+        long reasonCode;
+        long exitDataLength = 0;
+        long ruleArrayLength = 0;
+        unsigned char exitData[8];
+        unsigned char ruleArray[8];
+        unsigned char keyLabel[64];
+        long keyLabelLength = strlen(key_id);
+        unsigned char modulus[512];
+        long modulusFieldLength = sizeof(modulus);
+        long modulusLength = 0;
+        unsigned char exponent[512];
+        long exponentLength = sizeof(exponent);
+
+        if (keyLabelLength > sizeof(keyLabel))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                        CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return NULL;
+                }
+
+        memset(keyLabel,' ', sizeof(keyLabel));
+        memcpy(keyLabel, key_id, keyLabelLength);
+
+        keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
+        if (!keyToken)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,
+                                ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+
+        keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
+                &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
+                keyToken+sizeof(long));
+
+        if (returnCode)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                                ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+
+        if (!getModulusAndExponent(keyToken+sizeof(long), &exponentLength,
+                        exponent, &modulusLength, &modulusFieldLength, modulus))
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
+                        CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
+                goto err;
+                }
+
+        (*(long*)keyToken) = keyTokenLength;
+        rtmp = RSA_new_method(e);
+        RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
+        rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
+        rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
+        rtmp->flags |= RSA_FLAG_EXT_PKEY;
+        res = EVP_PKEY_new();
+        EVP_PKEY_assign_RSA(res, rtmp);
+
+        return res;
+err:
+        if (keyToken)
+                OPENSSL_free(keyToken);
+        if (res)
+                EVP_PKEY_free(res);
+        if (rtmp)
+                RSA_free(rtmp);
+        return NULL;
+        }
+
+static int cca_rsa_pub_enc(int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa,int padding)
+        {
+        long returnCode;
+        long reasonCode;
+        long lflen = flen;
+        long exitDataLength = 0;
+        unsigned char exitData[8];
+        long ruleArrayLength = 1;
+        unsigned char ruleArray[8] = "PKCS-1.2";
+        long dataStructureLength = 0;
+        unsigned char dataStructure[8];
+        long outputLength = RSA_size(rsa);
+        long keyTokenLength;
+        unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
+
+        keyTokenLength = *(long*)keyToken;
+        keyToken+=sizeof(long);
+
+        pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
+                &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from,
+                &dataStructureLength, dataStructure, &keyTokenLength,
+                keyToken, &outputLength, to);
+
+        if (returnCode || reasonCode)
+                return -(returnCode << 16 | reasonCode);
+        return outputLength;
+        }
+
+static int cca_rsa_priv_dec(int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa,int padding)
+        {
+        long returnCode;
+        long reasonCode;
+        long lflen = flen;
+        long exitDataLength = 0;
+        unsigned char exitData[8];
+        long ruleArrayLength = 1;
+        unsigned char ruleArray[8] = "PKCS-1.2";
+        long dataStructureLength = 0;
+        unsigned char dataStructure[8];
+        long outputLength = RSA_size(rsa);
+        long keyTokenLength;
+        unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
+
+        keyTokenLength = *(long*)keyToken;
+        keyToken+=sizeof(long);
+
+        pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
+                &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from,
+                &dataStructureLength, dataStructure, &keyTokenLength,
+                keyToken, &outputLength, to);
+
+        return (returnCode | reasonCode) ? 0 : 1;
+        }
+
+#define SSL_SIG_LEN 36
+
+static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
+                unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
+        {
+        long returnCode;
+        long reasonCode;
+        long lsiglen = siglen;
+        long exitDataLength = 0;
+        unsigned char exitData[8];
+        long ruleArrayLength = 1;
+        unsigned char ruleArray[8] = "PKCS-1.1";
+        long keyTokenLength;
+        unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
+        long length = SSL_SIG_LEN;
+        long keyLength ;
+        unsigned char *hashBuffer = NULL;
+        X509_SIG sig;
+        ASN1_TYPE parameter;
+        X509_ALGOR algorithm;
+        ASN1_OCTET_STRING digest;
+
+        keyTokenLength = *(long*)keyToken;
+        keyToken+=sizeof(long);
+
+        if (type == NID_md5 || type == NID_sha1)
+                {
+                sig.algor = &algorithm;
+                algorithm.algorithm = OBJ_nid2obj(type);
+
+                if (!algorithm.algorithm)
+                        {
+                        CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
+                        return 0;
+                        }
+
+                if (!algorithm.algorithm->length)
+                        {
+                        CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
+                        return 0;
+                        }
+
+                parameter.type = V_ASN1_NULL;
+                parameter.value.ptr = NULL;
+                algorithm.parameter = &parameter;
+
+                sig.digest = &digest;
+                sig.digest->data = (unsigned char*)m;
+                sig.digest->length = m_len;
+
+                length = i2d_X509_SIG(&sig, NULL);
+                }
+
+        keyLength = RSA_size(rsa);
+
+        if (length - RSA_PKCS1_PADDING > keyLength)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                        CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return 0;
+                }
+
+        switch (type)
+                {
+                case NID_md5_sha1 :
+                        if (m_len != SSL_SIG_LEN)
+                                {
+                                CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                                return 0;
+                                }
+
+                        hashBuffer = (unsigned char *)m;
+                        length = m_len;
+                        break;
+                case NID_md5 :
+                        {
+                        unsigned char *ptr;
+                        ptr = hashBuffer = OPENSSL_malloc(
+                                        (unsigned int)keyLength+1);
+                        if (!hashBuffer)
+                                {
+                                CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                                ERR_R_MALLOC_FAILURE);
+                                return 0;
+                                }
+
+                        i2d_X509_SIG(&sig, &ptr);
+                        }
+                        break;
+                case NID_sha1 :
+                        {
+                        unsigned char *ptr;
+                        ptr = hashBuffer = OPENSSL_malloc(
+                                        (unsigned int)keyLength+1);
+                        if (!hashBuffer)
+                                {
+                                CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                                ERR_R_MALLOC_FAILURE);
+                                return 0;
+                                }
+                        i2d_X509_SIG(&sig, &ptr);
+                        }
+                        break;
+                default:
+                        return 0;
+                }
+
+        digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
+                exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
+                keyToken, &length, hashBuffer, &lsiglen, sigbuf);
+
+        if (type == NID_sha1 || type == NID_md5)
+                {
+                memset(hashBuffer, keyLength+1, 0);
+                OPENSSL_free(hashBuffer);
+                }
+
+        return ((returnCode || reasonCode) ? 0 : 1);
+        }
+
+#define SSL_SIG_LEN 36
+
+static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
+                unsigned char *sigret, unsigned int *siglen, const RSA *rsa)
+        {
+        long returnCode;
+        long reasonCode;
+        long exitDataLength = 0;
+        unsigned char exitData[8];
+        long ruleArrayLength = 1;
+        unsigned char ruleArray[8] = "PKCS-1.1";
+        long outputLength=256;
+        long outputBitLength;
+        long keyTokenLength;
+        unsigned char *hashBuffer = NULL;
+        unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
+        long length = SSL_SIG_LEN;
+        long keyLength ;
+        X509_SIG sig;
+        ASN1_TYPE parameter;
+        X509_ALGOR algorithm;
+        ASN1_OCTET_STRING digest;
+
+        keyTokenLength = *(long*)keyToken;
+        keyToken+=sizeof(long);
+
+        if (type == NID_md5 || type == NID_sha1)
+                {
+                sig.algor = &algorithm;
+                algorithm.algorithm = OBJ_nid2obj(type);
+
+                if (!algorithm.algorithm)
+                        {
+                        CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+                                CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
+                        return 0;
+                        }
+
+                if (!algorithm.algorithm->length)
+                        {
+                        CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+                                CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
+                        return 0;
+                        }
+
+                parameter.type = V_ASN1_NULL;
+                parameter.value.ptr = NULL;
+                algorithm.parameter = &parameter;
+
+                sig.digest = &digest;
+                sig.digest->data = (unsigned char*)m;
+                sig.digest->length = m_len;
+
+                length = i2d_X509_SIG(&sig, NULL);
+                }
+
+        keyLength = RSA_size(rsa);
+
+        if (length - RSA_PKCS1_PADDING > keyLength)
+                {
+                CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+                        CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return 0;
+                }
+
+        switch (type)
+                {
+                case NID_md5_sha1 :
+                        if (m_len != SSL_SIG_LEN)
+                                {
+                                CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
+                                CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                                return 0;
+                                }
+                        hashBuffer = (unsigned char*)m;
+                        length = m_len;
+                        break;
+                case NID_md5 :
+                        {
+                        unsigned char *ptr;
+                        ptr = hashBuffer = OPENSSL_malloc(
+                                        (unsigned int)keyLength+1);
+                        if (!hashBuffer)
+                                {
+                                CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                                ERR_R_MALLOC_FAILURE);
+                                return 0;
+                                }
+                        i2d_X509_SIG(&sig, &ptr);
+                        }
+                        break;
+                case NID_sha1 :
+                        {
+                        unsigned char *ptr;
+                        ptr = hashBuffer = OPENSSL_malloc(
+                                        (unsigned int)keyLength+1);
+                        if (!hashBuffer)
+                                {
+                                CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
+                                                ERR_R_MALLOC_FAILURE);
+                                return 0;
+                                }
+                        i2d_X509_SIG(&sig, &ptr);
+                        }
+                        break;
+                default:
+                        return 0;
+                }
+
+        digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
+                exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
+                keyToken, &length, hashBuffer, &outputLength, &outputBitLength,
+                sigret);
+
+        if (type == NID_sha1 || type == NID_md5)
+                {
+                memset(hashBuffer, keyLength+1, 0);
+                OPENSSL_free(hashBuffer);
+                }
+
+        *siglen = outputLength;
+
+        return ((returnCode || reasonCode) ? 0 : 1);
+        }
+
+static int getModulusAndExponent(const unsigned char*token, long *exponentLength,
+                unsigned char *exponent, long *modulusLength, long *modulusFieldLength,
+                unsigned char *modulus)
+        {
+        unsigned long len;
+
+        if (*token++ != (char)0x1E) /* internal PKA token? */
+                return 0;
+
+        if (*token++) /* token version must be zero */
+                return 0;
+
+        len = *token++;
+        len = len << 8;
+        len |= (unsigned char)*token++;
+
+        token += 4; /* skip reserved bytes */
+
+        if (*token++ == (char)0x04)
+                {
+                if (*token++) /* token version must be zero */
+                        return 0;
+
+                len = *token++;
+                len = len << 8;
+                len |= (unsigned char)*token++;
+
+                token+=2; /* skip reserved section */
+
+                len = *token++;
+                len = len << 8;
+                len |= (unsigned char)*token++;
+
+                *exponentLength = len;
+
+                len = *token++;
+                len = len << 8;
+                len |= (unsigned char)*token++;
+
+                *modulusLength = len;
+
+                len = *token++;
+                len = len << 8;
+                len |= (unsigned char)*token++;
+
+                *modulusFieldLength = len;
+
+                memcpy(exponent, token, *exponentLength);
+                token+= *exponentLength;
+
+                memcpy(modulus, token, *modulusFieldLength);
+                return 1;
+                }
+        return 0;
+        }
+
+#endif /* OPENSSL_NO_RSA */
+
+static int cca_random_status(void)
+        {
+        return 1;
+        }
+
+static int cca_get_random_bytes(unsigned char* buf, int num)
+        {
+        long ret_code;
+        long reason_code;
+        long exit_data_length;
+        unsigned char exit_data[4];
+        unsigned char form[] = "RANDOM  ";
+        unsigned char rand_buf[8];
+
+        while(num >= sizeof(rand_buf))
+                {
+                randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
+                        exit_data, form, rand_buf);
+                if (ret_code)
+                        return 0;
+                num -= sizeof(rand_buf);
+                memcpy(buf, rand_buf, sizeof(rand_buf));
+                buf += sizeof(rand_buf);
+                }
+
+        if (num)
+                {
+                randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
+                        form, rand_buf);
+                if (ret_code)
+                        return 0;
+                memcpy(buf, rand_buf, num);
+                }
+
+        return 1;
+        }
+
+static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
+                long argl, void *argp)
+        {
+        if (item)
+                OPENSSL_free(item);
+        }
+
+/* Goo to handle building as a dynamic engine */
+#ifdef ENGINE_DYNAMIC_SUPPORT 
+static int bind_fn(ENGINE *e, const char *id)
+        {
+        if(id && (strcmp(id, engine_cswift_id) != 0))
+                return 0;
+        if(!bind_helper(e))
+                return 0;
+        return 1;
+        }       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
+#endif /* !OPENSSL_NO_HW_4758_CCA */
+#endif /* !OPENSSL_NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_4758_cca_err.c b/src/lib/libcrypto/engine/hw_4758_cca_err.c
new file mode 100644
index 0000000000..7ea5c63707
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_4758_cca_err.c
@@ -0,0 +1,149 @@
+/* hw_4758_cca_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_4758_cca_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA CCA4758_str_functs[]=
+        {
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_CTRL,0),     "IBM_4758_CCA_CTRL"},
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_FINISH,0),   "IBM_4758_CCA_FINISH"},
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_INIT,0),     "IBM_4758_CCA_INIT"},
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,0),     "IBM_4758_CCA_LOAD_PRIVKEY"},
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,0),      "IBM_4758_CCA_LOAD_PUBKEY"},
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_SIGN,0),     "IBM_4758_CCA_SIGN"},
+{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_VERIFY,0),   "IBM_4758_CCA_VERIFY"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA CCA4758_str_reasons[]=
+        {
+{CCA4758_R_ALREADY_LOADED                ,"already loaded"},
+{CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD       ,"asn1 oid unknown for md"},
+{CCA4758_R_COMMAND_NOT_IMPLEMENTED       ,"command not implemented"},
+{CCA4758_R_DSO_FAILURE                   ,"dso failure"},
+{CCA4758_R_FAILED_LOADING_PRIVATE_KEY    ,"failed loading private key"},
+{CCA4758_R_FAILED_LOADING_PUBLIC_KEY     ,"failed loading public key"},
+{CCA4758_R_NOT_LOADED                    ,"not loaded"},
+{CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL   ,"size too large or too small"},
+{CCA4758_R_UNIT_FAILURE                  ,"unit failure"},
+{CCA4758_R_UNKNOWN_ALGORITHM_TYPE        ,"unknown algorithm type"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef CCA4758_LIB_NAME
+static ERR_STRING_DATA CCA4758_lib_name[]=
+        {
+{0      ,CCA4758_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int CCA4758_lib_error_code=0;
+static int CCA4758_error_init=1;
+
+static void ERR_load_CCA4758_strings(void)
+        {
+        if (CCA4758_lib_error_code == 0)
+                CCA4758_lib_error_code=ERR_get_next_error_library();
+
+        if (CCA4758_error_init)
+                {
+                CCA4758_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_functs);
+                ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_reasons);
+#endif
+
+#ifdef CCA4758_LIB_NAME
+                CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code,0,0);
+                ERR_load_strings(0,CCA4758_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_CCA4758_strings(void)
+        {
+        if (CCA4758_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_functs);
+                ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_reasons);
+#endif
+
+#ifdef CCA4758_LIB_NAME
+                ERR_unload_strings(0,CCA4758_lib_name);
+#endif
+                CCA4758_error_init=1;
+                }
+        }
+
+static void ERR_CCA4758_error(int function, int reason, char *file, int line)
+        {
+        if (CCA4758_lib_error_code == 0)
+                CCA4758_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(CCA4758_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_4758_cca_err.h b/src/lib/libcrypto/engine/hw_4758_cca_err.h
new file mode 100644
index 0000000000..2fc563ab11
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_4758_cca_err.h
@@ -0,0 +1,93 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CCA4758_ERR_H
+#define HEADER_CCA4758_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CCA4758_strings(void);
+static void ERR_unload_CCA4758_strings(void);
+static void ERR_CCA4758_error(int function, int reason, char *file, int line);
+#define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CCA4758 functions. */
+
+/* Function codes. */
+#define CCA4758_F_IBM_4758_CCA_CTRL                      100
+#define CCA4758_F_IBM_4758_CCA_FINISH                    101
+#define CCA4758_F_IBM_4758_CCA_INIT                      102
+#define CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY              103
+#define CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY               104
+#define CCA4758_F_IBM_4758_CCA_SIGN                      105
+#define CCA4758_F_IBM_4758_CCA_VERIFY                    106
+
+/* Reason codes. */
+#define CCA4758_R_ALREADY_LOADED                         100
+#define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD                101
+#define CCA4758_R_COMMAND_NOT_IMPLEMENTED                102
+#define CCA4758_R_DSO_FAILURE                            103
+#define CCA4758_R_FAILED_LOADING_PRIVATE_KEY             104
+#define CCA4758_R_FAILED_LOADING_PUBLIC_KEY              105
+#define CCA4758_R_NOT_LOADED                             106
+#define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL            107
+#define CCA4758_R_UNIT_FAILURE                           108
+#define CCA4758_R_UNKNOWN_ALGORITHM_TYPE                 109
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_aep.c b/src/lib/libcrypto/engine/hw_aep.c
new file mode 100644
index 0000000000..cf4507cff1
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_aep.c
@@ -0,0 +1,1101 @@
+/* crypto/engine/hw_aep.c */
+/*
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+#include <string.h>
+
+#include <openssl/e_os2.h>
+#ifndef OPENSSL_SYS_MSDOS
+#include <sys/types.h>
+#include <unistd.h>
+#else
+#include <process.h>
+typedef int pid_t;
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+
+#ifndef OPENSSL_NO_HW
+#ifndef OPENSSL_NO_HW_AEP
+#ifdef FLAT_INC
+#include "aep.h"
+#else
+#include "vendor_defns/aep.h"
+#endif
+
+#define AEP_LIB_NAME "aep engine"
+#define FAIL_TO_SW 0x10101010
+
+#include "hw_aep_err.c"
+
+static int aep_init(ENGINE *e);
+static int aep_finish(ENGINE *e);
+static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
+static int aep_destroy(ENGINE *e);
+
+static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection);
+static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection);
+static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
+static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
+
+/* BIGNUM stuff */
+static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+        const BIGNUM *m, BN_CTX *ctx);
+
+static AEP_RV aep_mod_exp_crt(BIGNUM *r,const  BIGNUM *a, const BIGNUM *p,
+        const BIGNUM *q, const BIGNUM *dmp1,const BIGNUM *dmq1,
+        const BIGNUM *iqmp, BN_CTX *ctx);
+
+/* RSA stuff */
+#ifndef OPENSSL_NO_RSA
+static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+        const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+/* DSA stuff */
+#ifndef OPENSSL_NO_DSA
+static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+        BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+        BN_CTX *ctx, BN_MONT_CTX *in_mont);
+
+static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+        BN_MONT_CTX *m_ctx);
+#endif
+
+/* DH stuff */
+/* This function is aliased to mod_exp (with the DH and mont dropped). */
+#ifndef OPENSSL_NO_DH
+static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
+
+/* rand stuff   */
+#ifdef AEPRAND
+static int aep_rand(unsigned char *buf, int num);
+static int aep_rand_status(void);
+#endif
+
+/* Bignum conversion stuff */
+static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize);
+static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
+        unsigned char* AEP_BigNum);
+static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize,
+        unsigned char* AEP_BigNum);
+
+/* The definitions for control commands specific to this engine */
+#define AEP_CMD_SO_PATH         ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN aep_cmd_defns[] =
+        {
+        { AEP_CMD_SO_PATH,
+          "SO_PATH",
+          "Specifies the path to the 'aep' shared library",
+          ENGINE_CMD_FLAG_STRING
+        },
+        {0, NULL, NULL, 0}
+        };
+
+#ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD aep_rsa =
+        {
+        "Aep RSA method",
+        NULL,                /*rsa_pub_encrypt*/
+        NULL,                /*rsa_pub_decrypt*/
+        NULL,                /*rsa_priv_encrypt*/
+        NULL,                /*rsa_priv_encrypt*/
+        aep_rsa_mod_exp,     /*rsa_mod_exp*/
+        aep_mod_exp_mont,    /*bn_mod_exp*/
+        NULL,                /*init*/
+        NULL,                /*finish*/
+        0,                   /*flags*/
+        NULL,                /*app_data*/
+        NULL,                /*rsa_sign*/
+        NULL                 /*rsa_verify*/
+        };
+#endif
+
+#ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD aep_dsa =
+        {
+        "Aep DSA method",
+        NULL,                /* dsa_do_sign */
+        NULL,                /* dsa_sign_setup */
+        NULL,                /* dsa_do_verify */
+        aep_dsa_mod_exp,     /* dsa_mod_exp */
+        aep_mod_exp_dsa,     /* bn_mod_exp */
+        NULL,                /* init */
+        NULL,                /* finish */
+        0,                   /* flags */
+        NULL                 /* app_data */
+        };
+#endif
+
+#ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD aep_dh =
+        {
+        "Aep DH method",
+        NULL,
+        NULL,
+        aep_mod_exp_dh,
+        NULL,
+        NULL,
+        0,
+        NULL
+        };
+#endif
+
+#ifdef AEPRAND
+/* our internal RAND_method that we provide pointers to  */
+static RAND_METHOD aep_random =
+        {
+        /*"AEP RAND method", */
+        NULL,
+        aep_rand,
+        NULL,
+        NULL,
+        aep_rand,
+        aep_rand_status,
+        };
+#endif
+
+/*Define an array of structures to hold connections*/
+static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS];
+
+/*Used to determine if this is a new process*/
+static pid_t    recorded_pid = 0;
+
+#ifdef AEPRAND
+static AEP_U8   rand_block[RAND_BLK_SIZE];
+static AEP_U32  rand_block_bytes = 0;
+#endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_aep_id = "aep";
+static const char *engine_aep_name = "Aep hardware engine support";
+
+static int max_key_len = 2176;
+
+
+/* This internal function is used by ENGINE_aep() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_aep(ENGINE *e)
+        {
+#ifndef OPENSSL_NO_RSA
+        const RSA_METHOD  *meth1;
+#endif
+#ifndef OPENSSL_NO_DSA
+        const DSA_METHOD  *meth2;
+#endif
+#ifndef OPENSSL_NO_DH
+        const DH_METHOD   *meth3;
+#endif
+
+        if(!ENGINE_set_id(e, engine_aep_id) ||
+                !ENGINE_set_name(e, engine_aep_name) ||
+#ifndef OPENSSL_NO_RSA
+                !ENGINE_set_RSA(e, &aep_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
+                !ENGINE_set_DSA(e, &aep_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
+                !ENGINE_set_DH(e, &aep_dh) ||
+#endif
+#ifdef AEPRAND
+                !ENGINE_set_RAND(e, &aep_random) ||
+#endif
+                !ENGINE_set_init_function(e, aep_init) ||
+                !ENGINE_set_destroy_function(e, aep_destroy) ||
+                !ENGINE_set_finish_function(e, aep_finish) ||
+                !ENGINE_set_ctrl_function(e, aep_ctrl) ||
+                !ENGINE_set_cmd_defns(e, aep_cmd_defns))
+                return 0;
+
+#ifndef OPENSSL_NO_RSA
+        /* We know that the "PKCS1_SSLeay()" functions hook properly
+         * to the aep-specific mod_exp and mod_exp_crt so we use
+         * those functions. NB: We don't use ENGINE_openssl() or
+         * anything "more generic" because something like the RSAref
+         * code may not hook properly, and if you own one of these
+         * cards then you have the right to do RSA operations on it
+         * anyway! */
+        meth1 = RSA_PKCS1_SSLeay();
+        aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+        aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+        aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+        aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#endif
+
+
+#ifndef OPENSSL_NO_DSA
+        /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
+         * bits. */
+        meth2 = DSA_OpenSSL();
+        aep_dsa.dsa_do_sign    = meth2->dsa_do_sign;
+        aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
+        aep_dsa.dsa_do_verify  = meth2->dsa_do_verify;
+
+        aep_dsa = *DSA_get_default_method(); 
+        aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; 
+        aep_dsa.bn_mod_exp = aep_mod_exp_dsa;
+#endif
+
+#ifndef OPENSSL_NO_DH
+        /* Much the same for Diffie-Hellman */
+        meth3 = DH_OpenSSL();
+        aep_dh.generate_key = meth3->generate_key;
+        aep_dh.compute_key  = meth3->compute_key;
+        aep_dh.bn_mod_exp   = meth3->bn_mod_exp;
+#endif
+
+        /* Ensure the aep error handling is set up */
+        ERR_load_AEPHK_strings();
+
+        return 1;
+}
+
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_helper(ENGINE *e, const char *id)
+        {
+        if(id && (strcmp(id, engine_aep_id) != 0))
+                return 0;
+        if(!bind_aep(e))
+                return 0;
+        return 1;
+        }       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+#else
+static ENGINE *engine_aep(void)
+        {
+        ENGINE *ret = ENGINE_new();
+        if(!ret)
+                return NULL;
+        if(!bind_aep(ret))
+                {
+                ENGINE_free(ret);
+                return NULL;
+                }
+        return ret;
+        }
+
+void ENGINE_load_aep(void)
+        {
+        /* Copied from eng_[openssl|dyn].c */
+        ENGINE *toadd = engine_aep();
+        if(!toadd) return;
+        ENGINE_add(toadd);
+        ENGINE_free(toadd);
+        ERR_clear_error();
+        }
+#endif
+
+/* This is a process-global DSO handle used for loading and unloading
+ * the Aep library. NB: This is only set (or unset) during an
+ * init() or finish() call (reference counts permitting) and they're
+ * operating with global locks, so this should be thread-safe
+ * implicitly. */
+static DSO *aep_dso = NULL;
+
+/* These are the static string constants for the DSO file name and the function
+ * symbol names to bind to. 
+*/
+static const char *AEP_LIBNAME = "aep";
+
+static const char *AEP_F1    = "AEP_ModExp";
+static const char *AEP_F2    = "AEP_ModExpCrt";
+#ifdef AEPRAND
+static const char *AEP_F3    = "AEP_GenRandom";
+#endif
+static const char *AEP_F4    = "AEP_Finalize";
+static const char *AEP_F5    = "AEP_Initialize";
+static const char *AEP_F6    = "AEP_OpenConnection";
+static const char *AEP_F7    = "AEP_SetBNCallBacks";
+static const char *AEP_F8    = "AEP_CloseConnection";
+
+/* These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded. */
+static t_AEP_OpenConnection    *p_AEP_OpenConnection  = NULL;
+static t_AEP_CloseConnection   *p_AEP_CloseConnection = NULL;
+static t_AEP_ModExp            *p_AEP_ModExp          = NULL;
+static t_AEP_ModExpCrt         *p_AEP_ModExpCrt       = NULL;
+#ifdef AEPRAND
+static t_AEP_GenRandom         *p_AEP_GenRandom       = NULL;
+#endif
+static t_AEP_Initialize        *p_AEP_Initialize      = NULL;
+static t_AEP_Finalize          *p_AEP_Finalize        = NULL;
+static t_AEP_SetBNCallBacks    *p_AEP_SetBNCallBacks  = NULL;
+
+/* (de)initialisation functions. */
+static int aep_init(ENGINE *e)
+        {
+        t_AEP_ModExp          *p1;
+        t_AEP_ModExpCrt       *p2;
+#ifdef AEPRAND
+        t_AEP_GenRandom       *p3;
+#endif
+        t_AEP_Finalize        *p4;
+        t_AEP_Initialize      *p5;
+        t_AEP_OpenConnection  *p6;
+        t_AEP_SetBNCallBacks  *p7;
+        t_AEP_CloseConnection *p8;
+
+        int to_return = 0;
+ 
+        if(aep_dso != NULL)
+                {
+                AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_ALREADY_LOADED);
+                goto err;
+                }
+        /* Attempt to load libaep.so. */
+
+        aep_dso = DSO_load(NULL, AEP_LIBNAME, NULL, 0);
+  
+        if(aep_dso == NULL)
+                {
+                AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED);
+                goto err;
+                }
+
+        if(     !(p1 = (t_AEP_ModExp *)     DSO_bind_func( aep_dso,AEP_F1))  ||
+                !(p2 = (t_AEP_ModExpCrt*)   DSO_bind_func( aep_dso,AEP_F2))  ||
+#ifdef AEPRAND
+                !(p3 = (t_AEP_GenRandom*)   DSO_bind_func( aep_dso,AEP_F3))  ||
+#endif
+                !(p4 = (t_AEP_Finalize*)    DSO_bind_func( aep_dso,AEP_F4))  ||
+                !(p5 = (t_AEP_Initialize*)  DSO_bind_func( aep_dso,AEP_F5))  ||
+                !(p6 = (t_AEP_OpenConnection*) DSO_bind_func( aep_dso,AEP_F6))  ||
+                !(p7 = (t_AEP_SetBNCallBacks*) DSO_bind_func( aep_dso,AEP_F7))  ||
+                !(p8 = (t_AEP_CloseConnection*) DSO_bind_func( aep_dso,AEP_F8)))
+                {
+                AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED);
+                goto err;
+                }
+
+        /* Copy the pointers */
+  
+        p_AEP_ModExp           = p1;
+        p_AEP_ModExpCrt        = p2;
+#ifdef AEPRAND
+        p_AEP_GenRandom        = p3;
+#endif
+        p_AEP_Finalize         = p4;
+        p_AEP_Initialize       = p5;
+        p_AEP_OpenConnection   = p6;
+        p_AEP_SetBNCallBacks   = p7;
+        p_AEP_CloseConnection  = p8;
+ 
+        to_return = 1;
+ 
+        return to_return;
+
+ err: 
+
+        if(aep_dso)
+                DSO_free(aep_dso);
+                
+        p_AEP_OpenConnection    = NULL;
+        p_AEP_ModExp            = NULL;
+        p_AEP_ModExpCrt         = NULL;
+#ifdef AEPRAND
+        p_AEP_GenRandom         = NULL;
+#endif
+        p_AEP_Initialize        = NULL;
+        p_AEP_Finalize          = NULL;
+        p_AEP_SetBNCallBacks    = NULL;
+        p_AEP_CloseConnection   = NULL;
+
+        return to_return;
+        }
+
+/* Destructor (complements the "ENGINE_aep()" constructor) */
+static int aep_destroy(ENGINE *e)
+        {
+        ERR_unload_AEPHK_strings();
+        return 1;
+        }
+
+static int aep_finish(ENGINE *e)
+        {
+        int to_return = 0, in_use;
+        AEP_RV rv;
+
+        if(aep_dso == NULL)
+                {
+                AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_NOT_LOADED);
+                goto err;
+                }
+
+        rv = aep_close_all_connections(0, &in_use);
+        if (rv != AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CLOSE_HANDLES_FAILED);
+                goto err;
+                }
+        if (in_use)
+                {
+                AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CONNECTIONS_IN_USE);
+                goto err;
+                }
+
+        rv = p_AEP_Finalize();
+        if (rv != AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_FINALIZE_FAILED);
+                goto err;
+                }
+
+        if(!DSO_free(aep_dso))
+                {
+                AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_UNIT_FAILURE);
+                goto err;
+                }
+
+        aep_dso = NULL;
+        p_AEP_CloseConnection   = NULL;
+        p_AEP_OpenConnection    = NULL;
+        p_AEP_ModExp            = NULL;
+        p_AEP_ModExpCrt         = NULL;
+#ifdef AEPRAND
+        p_AEP_GenRandom         = NULL;
+#endif
+        p_AEP_Initialize        = NULL;
+        p_AEP_Finalize          = NULL;
+        p_AEP_SetBNCallBacks    = NULL;
+
+        to_return = 1;
+ err:
+        return to_return;
+        }
+
+static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+        {
+        int initialised = ((aep_dso == NULL) ? 0 : 1);
+        switch(cmd)
+                {
+        case AEP_CMD_SO_PATH:
+                if(p == NULL)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_CTRL,
+                                ERR_R_PASSED_NULL_PARAMETER);
+                        return 0;
+                        }
+                if(initialised)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_CTRL,
+                                AEPHK_R_ALREADY_LOADED);
+                        return 0;
+                        }
+                AEP_LIBNAME = (const char *)p;
+                return 1;
+        default:
+                break;
+                }
+        AEPHKerr(AEPHK_F_AEP_CTRL,AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+        return 0;
+        }
+
+static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+        const BIGNUM *m, BN_CTX *ctx)
+        {
+        int to_return = 0;
+        int     r_len = 0;
+        AEP_CONNECTION_HNDL hConnection;
+        AEP_RV rv;
+        
+        r_len = BN_num_bits(m);
+
+        /* Perform in software if modulus is too large for hardware. */
+
+        if (r_len > max_key_len){
+                AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return BN_mod_exp(r, a, p, m, ctx);
+        } 
+
+        /*Grab a connection from the pool*/
+        rv = aep_get_connection(&hConnection);
+        if (rv != AEP_R_OK)
+                {     
+                AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_GET_HANDLE_FAILED);
+                return BN_mod_exp(r, a, p, m, ctx);
+                }
+
+        /*To the card with the mod exp*/
+        rv = p_AEP_ModExp(hConnection,(void*)a, (void*)p,(void*)m, (void*)r,NULL);
+
+        if (rv !=  AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_MOD_EXP_FAILED);
+                rv = aep_close_connection(hConnection);
+                return BN_mod_exp(r, a, p, m, ctx);
+                }
+
+        /*Return the connection to the pool*/
+        rv = aep_return_connection(hConnection);
+        if (rv != AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
+                goto err;
+                }
+
+        to_return = 1;
+ err:
+        return to_return;
+        }
+        
+static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+        const BIGNUM *q, const BIGNUM *dmp1,
+        const BIGNUM *dmq1,const BIGNUM *iqmp, BN_CTX *ctx)
+        {
+        AEP_RV rv = AEP_R_OK;
+        AEP_CONNECTION_HNDL hConnection;
+
+        /*Grab a connection from the pool*/
+        rv = aep_get_connection(&hConnection);
+        if (rv != AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_GET_HANDLE_FAILED);
+                return FAIL_TO_SW;
+                }
+
+        /*To the card with the mod exp*/
+        rv = p_AEP_ModExpCrt(hConnection,(void*)a, (void*)p, (void*)q, (void*)dmp1,(void*)dmq1,
+                (void*)iqmp,(void*)r,NULL);
+        if (rv != AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_MOD_EXP_CRT_FAILED);
+                rv = aep_close_connection(hConnection);
+                return FAIL_TO_SW;
+                }
+
+        /*Return the connection to the pool*/
+        rv = aep_return_connection(hConnection);
+        if (rv != AEP_R_OK)
+                {
+                AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
+                goto err;
+                }
+ 
+ err:
+        return rv;
+        }
+        
+
+#ifdef AEPRAND
+static int aep_rand(unsigned char *buf,int len )
+        {
+        AEP_RV rv = AEP_R_OK;
+        AEP_CONNECTION_HNDL hConnection;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+        /*Can the request be serviced with what's already in the buffer?*/
+        if (len <= rand_block_bytes)
+                {
+                memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
+                rand_block_bytes -= len;
+                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+                }
+        else
+                /*If not the get another block of random bytes*/
+                {
+                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+                rv = aep_get_connection(&hConnection);
+                if (rv !=  AEP_R_OK)
+                        { 
+                        AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_HANDLE_FAILED);             
+                        goto err_nounlock;
+                        }
+
+                if (len > RAND_BLK_SIZE)
+                        {
+                        rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL);
+                        if (rv !=  AEP_R_OK)
+                                {  
+                                AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED); 
+                                goto err_nounlock;
+                                }
+                        }
+                else
+                        {
+                        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+                        rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2, &rand_block[0], NULL);
+                        if (rv !=  AEP_R_OK)
+                                {       
+                                AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED); 
+              
+                                goto err;
+                                }
+
+                        rand_block_bytes = RAND_BLK_SIZE;
+
+                        memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
+                        rand_block_bytes -= len;
+
+                        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+                        }
+
+                rv = aep_return_connection(hConnection);
+                if (rv != AEP_R_OK)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED); 
+          
+                        goto err_nounlock;
+                        }
+                }
+  
+        return 1;
+ err:
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ err_nounlock:
+        return 0;
+        }
+        
+static int aep_rand_status(void)
+{
+        return 1;
+}
+#endif
+
+#ifndef OPENSSL_NO_RSA
+static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+        {
+        BN_CTX *ctx = NULL;
+        int to_return = 0;
+        AEP_RV rv = AEP_R_OK;
+
+        if ((ctx = BN_CTX_new()) == NULL)
+                goto err;
+
+        if (!aep_dso)
+                {
+                AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_NOT_LOADED);
+                goto err;
+                }
+
+        /*See if we have all the necessary bits for a crt*/
+        if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp)
+                {
+                rv =  aep_mod_exp_crt(r0,I,rsa->p,rsa->q, rsa->dmp1,rsa->dmq1,rsa->iqmp,ctx);
+
+                if (rv == FAIL_TO_SW){
+                        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+                        to_return = (*meth->rsa_mod_exp)(r0, I, rsa);
+                        goto err;
+                }
+                else if (rv != AEP_R_OK)
+                        goto err;
+                }
+        else
+                {
+                if (!rsa->d || !rsa->n)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_MISSING_KEY_COMPONENTS);
+                        goto err;
+                        }
+ 
+                rv = aep_mod_exp(r0,I,rsa->d,rsa->n,ctx);
+                if  (rv != AEP_R_OK)
+                        goto err;
+        
+                }
+
+        to_return = 1;
+
+ err:
+        if(ctx)
+                BN_CTX_free(ctx);
+        return to_return;
+}
+#endif
+
+#ifndef OPENSSL_NO_DSA
+static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+        BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+        BN_CTX *ctx, BN_MONT_CTX *in_mont)
+        {
+        BIGNUM t;
+        int to_return = 0;
+        BN_init(&t);
+
+        /* let rr = a1 ^ p1 mod m */
+        if (!aep_mod_exp(rr,a1,p1,m,ctx)) goto end;
+        /* let t = a2 ^ p2 mod m */
+        if (!aep_mod_exp(&t,a2,p2,m,ctx)) goto end;
+        /* let rr = rr * t mod m */
+        if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
+        to_return = 1;
+ end: 
+        BN_free(&t);
+        return to_return;
+        }
+
+static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+        BN_MONT_CTX *m_ctx)
+        {  
+        return aep_mod_exp(r, a, p, m, ctx); 
+        }
+#endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+        const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return aep_mod_exp(r, a, p, m, ctx);
+        }
+
+#ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+        BN_MONT_CTX *m_ctx)
+        {
+        return aep_mod_exp(r, a, p, m, ctx);
+        }
+#endif
+
+static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
+        {
+        int count;
+        AEP_RV rv = AEP_R_OK;
+
+        /*Get the current process id*/
+        pid_t curr_pid;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+
+        curr_pid = getpid();
+
+        /*Check if this is the first time this is being called from the current
+          process*/
+        if (recorded_pid != curr_pid)
+                {
+                /*Remember our pid so we can check if we're in a new process*/
+                recorded_pid = curr_pid;
+
+                /*Call Finalize to make sure we have not inherited some data
+                  from a parent process*/
+                p_AEP_Finalize();
+     
+                /*Initialise the AEP API*/
+                rv = p_AEP_Initialize(NULL);
+
+                if (rv != AEP_R_OK)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_INIT_FAILURE);
+                        recorded_pid = 0;
+                        goto end;
+                        }
+
+                /*Set the AEP big num call back functions*/
+                rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum,
+                        &ConvertAEPBigNum);
+
+                if (rv != AEP_R_OK)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_SETBNCALLBACK_FAILURE);
+                        recorded_pid = 0;
+                        goto end;
+                        }
+
+#ifdef AEPRAND
+                /*Reset the rand byte count*/
+                rand_block_bytes = 0;
+#endif
+
+                /*Init the structures*/
+                for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
+                        {
+                        aep_app_conn_table[count].conn_state = NotConnected;
+                        aep_app_conn_table[count].conn_hndl  = 0;
+                        }
+
+                /*Open a connection*/
+                rv = p_AEP_OpenConnection(phConnection);
+
+                if (rv != AEP_R_OK)
+                        {
+                        AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE);
+                        recorded_pid = 0;
+                        goto end;
+                        }
+
+                aep_app_conn_table[0].conn_state = InUse;
+                aep_app_conn_table[0].conn_hndl = *phConnection;
+                goto end;
+                }
+        /*Check the existing connections to see if we can find a free one*/
+        for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
+                {
+                if (aep_app_conn_table[count].conn_state == Connected)
+                        {
+                        aep_app_conn_table[count].conn_state = InUse;
+                        *phConnection = aep_app_conn_table[count].conn_hndl;
+                        goto end;
+                        }
+                }
+        /*If no connections available, we're going to have to try
+          to open a new one*/
+        for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
+                {
+                if (aep_app_conn_table[count].conn_state == NotConnected)
+                        {
+                        /*Open a connection*/
+                        rv = p_AEP_OpenConnection(phConnection);
+
+                        if (rv != AEP_R_OK)
+                                {             
+                                AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE);
+                                goto end;
+                                }
+
+                        aep_app_conn_table[count].conn_state = InUse;
+                        aep_app_conn_table[count].conn_hndl = *phConnection;
+                        goto end;
+                        }
+                }
+        rv = AEP_R_GENERAL_ERROR;
+ end:
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        return rv;
+        }
+
+
+static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection)
+        {
+        int count;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+
+        /*Find the connection item that matches this connection handle*/
+        for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
+                {
+                if (aep_app_conn_table[count].conn_hndl == hConnection)
+                        {
+                        aep_app_conn_table[count].conn_state = Connected;
+                        break;
+                        }
+                }
+
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+
+        return AEP_R_OK;
+        }
+
+static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection)
+        {
+        int count;
+        AEP_RV rv = AEP_R_OK;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+
+        /*Find the connection item that matches this connection handle*/
+        for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
+                {
+                if (aep_app_conn_table[count].conn_hndl == hConnection)
+                        {
+                        rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
+                        if (rv != AEP_R_OK)
+                                goto end;
+                        aep_app_conn_table[count].conn_state = NotConnected;
+                        aep_app_conn_table[count].conn_hndl  = 0;
+                        break;
+                        }
+                }
+
+ end:
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        return rv;
+        }
+
+static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use)
+        {
+        int count;
+        AEP_RV rv = AEP_R_OK;
+
+        *in_use = 0;
+        if (use_engine_lock) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
+                {
+                switch (aep_app_conn_table[count].conn_state)
+                        {
+                case Connected:
+                        rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
+                        if (rv != AEP_R_OK)
+                                goto end;
+                        aep_app_conn_table[count].conn_state = NotConnected;
+                        aep_app_conn_table[count].conn_hndl  = 0;
+                        break;
+                case InUse:
+                        (*in_use)++;
+                        break;
+                case NotConnected:
+                        break;
+                        }
+                }
+ end:
+        if (use_engine_lock) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        return rv;
+        }
+
+/*BigNum call back functions, used to convert OpenSSL bignums into AEP bignums.
+  Note only 32bit Openssl build support*/
+
+static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize)
+        {
+        BIGNUM* bn;
+
+        /*Cast the ArbBigNum pointer to our BIGNUM struct*/
+        bn = (BIGNUM*) ArbBigNum;
+
+#ifdef SIXTY_FOUR_BIT_LONG
+        *BigNumSize = bn->top << 3;
+#else
+        /*Size of the bignum in bytes is equal to the bn->top (no of 32 bit
+          words) multiplies by 4*/
+        *BigNumSize = bn->top << 2;
+#endif
+
+        return AEP_R_OK;
+        }
+
+static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
+        unsigned char* AEP_BigNum)
+        {
+        BIGNUM* bn;
+
+#ifndef SIXTY_FOUR_BIT_LONG
+        unsigned char* buf;
+        int i;
+#endif
+
+        /*Cast the ArbBigNum pointer to our BIGNUM struct*/
+        bn = (BIGNUM*) ArbBigNum;
+
+#ifdef SIXTY_FOUR_BIT_LONG
+        memcpy(AEP_BigNum, bn->d, BigNumSize);
+#else
+        /*Must copy data into a (monotone) least significant byte first format
+          performing endian conversion if necessary*/
+        for(i=0;i<bn->top;i++)
+                {
+                buf = (unsigned char*)&bn->d[i];
+
+                *((AEP_U32*)AEP_BigNum) = (AEP_U32)
+                        ((unsigned) buf[1] << 8 | buf[0]) |
+                        ((unsigned) buf[3] << 8 | buf[2])  << 16;
+
+                AEP_BigNum += 4;
+                }
+#endif
+
+        return AEP_R_OK;
+        }
+
+/*Turn an AEP Big Num back to a user big num*/
+static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize,
+        unsigned char* AEP_BigNum)
+        {
+        BIGNUM* bn;
+#ifndef SIXTY_FOUR_BIT_LONG
+        int i;
+#endif
+
+        bn = (BIGNUM*)ArbBigNum;
+
+        /*Expand the result bn so that it can hold our big num.
+          Size is in bits*/
+        bn_expand(bn, (int)(BigNumSize << 3));
+
+#ifdef SIXTY_FOUR_BIT_LONG
+        bn->top = BigNumSize >> 3;
+        
+        if((BigNumSize & 7) != 0)
+                bn->top++;
+
+        memset(bn->d, 0, bn->top << 3); 
+
+        memcpy(bn->d, AEP_BigNum, BigNumSize);
+#else
+        bn->top = BigNumSize >> 2;
+ 
+        for(i=0;i<bn->top;i++)
+                {
+                bn->d[i] = (AEP_U32)
+                        ((unsigned) AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 |
+                        ((unsigned) AEP_BigNum[1] << 8 | AEP_BigNum[0]);
+                AEP_BigNum += 4;
+                }
+#endif
+
+        return AEP_R_OK;
+}       
+        
+#endif /* !OPENSSL_NO_HW_AEP */
+#endif /* !OPENSSL_NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_aep_err.c b/src/lib/libcrypto/engine/hw_aep_err.c
new file mode 100644
index 0000000000..092f532946
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_aep_err.c
@@ -0,0 +1,157 @@
+/* hw_aep_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_aep_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA AEPHK_str_functs[]=
+        {
+{ERR_PACK(0,AEPHK_F_AEP_CTRL,0),        "AEP_CTRL"},
+{ERR_PACK(0,AEPHK_F_AEP_FINISH,0),      "AEP_FINISH"},
+{ERR_PACK(0,AEPHK_F_AEP_GET_CONNECTION,0),      "AEP_GET_CONNECTION"},
+{ERR_PACK(0,AEPHK_F_AEP_INIT,0),        "AEP_INIT"},
+{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP,0),     "AEP_MOD_EXP"},
+{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP_CRT,0), "AEP_MOD_EXP_CRT"},
+{ERR_PACK(0,AEPHK_F_AEP_RAND,0),        "AEP_RAND"},
+{ERR_PACK(0,AEPHK_F_AEP_RSA_MOD_EXP,0), "AEP_RSA_MOD_EXP"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA AEPHK_str_reasons[]=
+        {
+{AEPHK_R_ALREADY_LOADED                  ,"already loaded"},
+{AEPHK_R_CLOSE_HANDLES_FAILED            ,"close handles failed"},
+{AEPHK_R_CONNECTIONS_IN_USE              ,"connections in use"},
+{AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
+{AEPHK_R_FINALIZE_FAILED                 ,"finalize failed"},
+{AEPHK_R_GET_HANDLE_FAILED               ,"get handle failed"},
+{AEPHK_R_GET_RANDOM_FAILED               ,"get random failed"},
+{AEPHK_R_INIT_FAILURE                    ,"init failure"},
+{AEPHK_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
+{AEPHK_R_MOD_EXP_CRT_FAILED              ,"mod exp crt failed"},
+{AEPHK_R_MOD_EXP_FAILED                  ,"mod exp failed"},
+{AEPHK_R_NOT_LOADED                      ,"not loaded"},
+{AEPHK_R_OK                              ,"ok"},
+{AEPHK_R_RETURN_CONNECTION_FAILED        ,"return connection failed"},
+{AEPHK_R_SETBNCALLBACK_FAILURE           ,"setbncallback failure"},
+{AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL     ,"size too large or too small"},
+{AEPHK_R_UNIT_FAILURE                    ,"unit failure"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef AEPHK_LIB_NAME
+static ERR_STRING_DATA AEPHK_lib_name[]=
+        {
+{0      ,AEPHK_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int AEPHK_lib_error_code=0;
+static int AEPHK_error_init=1;
+
+static void ERR_load_AEPHK_strings(void)
+        {
+        if (AEPHK_lib_error_code == 0)
+                AEPHK_lib_error_code=ERR_get_next_error_library();
+
+        if (AEPHK_error_init)
+                {
+                AEPHK_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_functs);
+                ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_reasons);
+#endif
+
+#ifdef AEPHK_LIB_NAME
+                AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code,0,0);
+                ERR_load_strings(0,AEPHK_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_AEPHK_strings(void)
+        {
+        if (AEPHK_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_functs);
+                ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_reasons);
+#endif
+
+#ifdef AEPHK_LIB_NAME
+                ERR_unload_strings(0,AEPHK_lib_name);
+#endif
+                AEPHK_error_init=1;
+                }
+        }
+
+static void ERR_AEPHK_error(int function, int reason, char *file, int line)
+        {
+        if (AEPHK_lib_error_code == 0)
+                AEPHK_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(AEPHK_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_aep_err.h b/src/lib/libcrypto/engine/hw_aep_err.h
new file mode 100644
index 0000000000..8fe4cf921f
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_aep_err.h
@@ -0,0 +1,101 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_AEPHK_ERR_H
+#define HEADER_AEPHK_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_AEPHK_strings(void);
+static void ERR_unload_AEPHK_strings(void);
+static void ERR_AEPHK_error(int function, int reason, char *file, int line);
+#define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the AEPHK functions. */
+
+/* Function codes. */
+#define AEPHK_F_AEP_CTRL                                 100
+#define AEPHK_F_AEP_FINISH                               101
+#define AEPHK_F_AEP_GET_CONNECTION                       102
+#define AEPHK_F_AEP_INIT                                 103
+#define AEPHK_F_AEP_MOD_EXP                              104
+#define AEPHK_F_AEP_MOD_EXP_CRT                          105
+#define AEPHK_F_AEP_RAND                                 106
+#define AEPHK_F_AEP_RSA_MOD_EXP                          107
+
+/* Reason codes. */
+#define AEPHK_R_ALREADY_LOADED                           100
+#define AEPHK_R_CLOSE_HANDLES_FAILED                     101
+#define AEPHK_R_CONNECTIONS_IN_USE                       102
+#define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED             103
+#define AEPHK_R_FINALIZE_FAILED                          104
+#define AEPHK_R_GET_HANDLE_FAILED                        105
+#define AEPHK_R_GET_RANDOM_FAILED                        106
+#define AEPHK_R_INIT_FAILURE                             107
+#define AEPHK_R_MISSING_KEY_COMPONENTS                   108
+#define AEPHK_R_MOD_EXP_CRT_FAILED                       109
+#define AEPHK_R_MOD_EXP_FAILED                           110
+#define AEPHK_R_NOT_LOADED                               111
+#define AEPHK_R_OK                                       112
+#define AEPHK_R_RETURN_CONNECTION_FAILED                 113
+#define AEPHK_R_SETBNCALLBACK_FAILURE                    114
+#define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL              116
+#define AEPHK_R_UNIT_FAILURE                             115
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c
new file mode 100644
index 0000000000..3bb992a193
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_atalla.c
@@ -0,0 +1,444 @@
+/* crypto/engine/hw_atalla.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include "engine_int.h"
+#include <openssl/engine.h>
+
+#ifndef NO_HW
+#ifndef NO_HW_ATALLA
+
+#ifdef FLAT_INC
+#include "atalla.h"
+#else
+#include "vendor_defns/atalla.h"
+#endif
+
+static int atalla_init(void);
+static int atalla_finish(void);
+
+/* BIGNUM stuff */
+static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+/* RSA stuff */
+static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+/* DSA stuff */
+static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                BN_CTX *ctx, BN_MONT_CTX *in_mont);
+static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                BN_MONT_CTX *m_ctx);
+
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD atalla_rsa =
+        {
+        "Atalla RSA method",
+        NULL,
+        NULL,
+        NULL,
+        NULL,
+        atalla_rsa_mod_exp,
+        atalla_mod_exp_mont,
+        NULL,
+        NULL,
+        0,
+        NULL,
+        NULL,
+        NULL
+        };
+
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD atalla_dsa =
+        {
+        "Atalla DSA method",
+        NULL, /* dsa_do_sign */
+        NULL, /* dsa_sign_setup */
+        NULL, /* dsa_do_verify */
+        atalla_dsa_mod_exp, /* dsa_mod_exp */
+        atalla_mod_exp_dsa, /* bn_mod_exp */
+        NULL, /* init */
+        NULL, /* finish */
+        0, /* flags */
+        NULL /* app_data */
+        };
+
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD atalla_dh =
+        {
+        "Atalla DH method",
+        NULL,
+        NULL,
+        atalla_mod_exp_dh,
+        NULL,
+        NULL,
+        0,
+        NULL
+        };
+
+/* Our ENGINE structure. */
+static ENGINE engine_atalla =
+        {
+        "atalla",
+        "Atalla hardware engine support",
+        &atalla_rsa,
+        &atalla_dsa,
+        &atalla_dh,
+        NULL,
+        atalla_mod_exp,
+        NULL,
+        atalla_init,
+        atalla_finish,
+        NULL, /* no ctrl() */
+        NULL, /* no load_privkey() */
+        NULL, /* no load_pubkey() */
+        0, /* no flags */
+        0, 0, /* no references */
+        NULL, NULL /* unlinked */
+        };
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_atalla()
+        {
+        RSA_METHOD *meth1;
+        DSA_METHOD *meth2;
+        DH_METHOD *meth3;
+
+        /* We know that the "PKCS1_SSLeay()" functions hook properly
+         * to the atalla-specific mod_exp and mod_exp_crt so we use
+         * those functions. NB: We don't use ENGINE_openssl() or
+         * anything "more generic" because something like the RSAref
+         * code may not hook properly, and if you own one of these
+         * cards then you have the right to do RSA operations on it
+         * anyway! */ 
+        meth1 = RSA_PKCS1_SSLeay();
+        atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+        atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+        atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+        atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+
+        /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
+         * bits. */
+        meth2 = DSA_OpenSSL();
+        atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
+        atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
+        atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
+
+        /* Much the same for Diffie-Hellman */
+        meth3 = DH_OpenSSL();
+        atalla_dh.generate_key = meth3->generate_key;
+        atalla_dh.compute_key = meth3->compute_key;
+        return &engine_atalla;
+        }
+
+/* This is a process-global DSO handle used for loading and unloading
+ * the Atalla library. NB: This is only set (or unset) during an
+ * init() or finish() call (reference counts permitting) and they're
+ * operating with global locks, so this should be thread-safe
+ * implicitly. */
+static DSO *atalla_dso = NULL;
+
+/* These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded. */
+static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
+static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
+static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL;
+
+/* (de)initialisation functions. */
+static int atalla_init()
+        {
+        tfnASI_GetHardwareConfig *p1;
+        tfnASI_RSAPrivateKeyOpFn *p2;
+        tfnASI_GetPerformanceStatistics *p3;
+        /* Not sure of the origin of this magic value, but Ben's code had it
+         * and it seemed to have been working for a few people. :-) */
+        unsigned int config_buf[1024];
+
+        if(atalla_dso != NULL)
+                {
+                ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_ALREADY_LOADED);
+                goto err;
+                }
+        /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be
+         * changed unfortunately because the Atalla drivers don't have
+         * standard library names that can be platform-translated well. */
+        /* TODO: Work out how to actually map to the names the Atalla
+         * drivers really use - for now a symbollic link needs to be
+         * created on the host system from libatasi.so to atasi.so on
+         * unix variants. */
+        atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL,
+                DSO_FLAG_NAME_TRANSLATION);
+        if(atalla_dso == NULL)
+                {
+                ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE);
+                goto err;
+                }
+        if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func(
+                                atalla_dso, ATALLA_F1)) ||
+                        !(p2 = (tfnASI_RSAPrivateKeyOpFn *)DSO_bind_func(
+                                atalla_dso, ATALLA_F2)) ||
+                        !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func(
+                                atalla_dso, ATALLA_F3)))
+                {
+                ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE);
+                goto err;
+                }
+        /* Copy the pointers */
+        p_Atalla_GetHardwareConfig = p1;
+        p_Atalla_RSAPrivateKeyOpFn = p2;
+        p_Atalla_GetPerformanceStatistics = p3;
+        /* Perform a basic test to see if there's actually any unit
+         * running. */
+        if(p1(0L, config_buf) != 0)
+                {
+                ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_UNIT_FAILURE);
+                goto err;
+                }
+        /* Everything's fine. */
+        return 1;
+err:
+        if(atalla_dso)
+                DSO_free(atalla_dso);
+        p_Atalla_GetHardwareConfig = NULL;
+        p_Atalla_RSAPrivateKeyOpFn = NULL;
+        p_Atalla_GetPerformanceStatistics = NULL;
+        return 0;
+        }
+
+static int atalla_finish()
+        {
+        if(atalla_dso == NULL)
+                {
+                ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_NOT_LOADED);
+                return 0;
+                }
+        if(!DSO_free(atalla_dso))
+                {
+                ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_DSO_FAILURE);
+                return 0;
+                }
+        atalla_dso = NULL;
+        p_Atalla_GetHardwareConfig = NULL;
+        p_Atalla_RSAPrivateKeyOpFn = NULL;
+        p_Atalla_GetPerformanceStatistics = NULL;
+        return 1;
+        }
+
+static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                        const BIGNUM *m, BN_CTX *ctx)
+        {
+        /* I need somewhere to store temporary serialised values for
+         * use with the Atalla API calls. A neat cheat - I'll use
+         * BIGNUMs from the BN_CTX but access their arrays directly as
+         * byte arrays <grin>. This way I don't have to clean anything
+         * up. */
+        BIGNUM *modulus;
+        BIGNUM *exponent;
+        BIGNUM *argument;
+        BIGNUM *result;
+        RSAPrivateKey keydata;
+        int to_return, numbytes;
+
+        modulus = exponent = argument = result = NULL;
+        to_return = 0; /* expect failure */
+
+        if(!atalla_dso)
+        {
+                ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_NOT_LOADED);
+                goto err;
+        }
+        /* Prepare the params */
+        modulus = BN_CTX_get(ctx);
+        exponent = BN_CTX_get(ctx);
+        argument = BN_CTX_get(ctx);
+        result = BN_CTX_get(ctx);
+        if(!modulus || !exponent || !argument || !result)
+        {
+                ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_CTX_FULL);
+                goto err;
+        }
+        if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
+           !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top))
+        {
+                ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL);
+                goto err;
+        }
+        /* Prepare the key-data */
+        memset(&keydata, 0,sizeof keydata);
+        numbytes = BN_num_bytes(m);
+        memset(exponent->d, 0, numbytes);
+        memset(modulus->d, 0, numbytes);
+        BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
+        BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
+        keydata.privateExponent.data = (unsigned char *)exponent->d;
+        keydata.privateExponent.len = numbytes;
+        keydata.modulus.data = (unsigned char *)modulus->d;
+        keydata.modulus.len = numbytes;
+        /* Prepare the argument */
+        memset(argument->d, 0, numbytes);
+        memset(result->d, 0, numbytes);
+        BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
+        /* Perform the operation */
+        if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
+                        (unsigned char *)argument->d,
+                        keydata.modulus.len) != 0)
+        {
+                ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                goto err;
+        }
+        /* Convert the response */
+        BN_bin2bn((unsigned char *)result->d, numbytes, r);
+        to_return = 1;
+err:
+        if(modulus) ctx->tos--;
+        if(exponent) ctx->tos--;
+        if(argument) ctx->tos--;
+        if(result) ctx->tos--;
+        return to_return;
+        }
+
+static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+        {
+        BN_CTX *ctx = NULL;
+        int to_return = 0;
+
+        if(!atalla_dso)
+        {
+                ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_NOT_LOADED);
+                goto err;
+        }
+        if((ctx = BN_CTX_new()) == NULL)
+                goto err;
+        if(!rsa->d || !rsa->n)
+                {
+                ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS);
+                goto err;
+                }
+        to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
+err:
+        if(ctx)
+                BN_CTX_free(ctx);
+        return to_return;
+        }
+
+/* This code was liberated and adapted from the commented-out code in
+ * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
+ * (it doesn't have a CRT form for RSA), this function means that an
+ * Atalla system running with a DSA server certificate can handshake
+ * around 5 or 6 times faster/more than an equivalent system running with
+ * RSA. Just check out the "signs" statistics from the RSA and DSA parts
+ * of "openssl speed -engine atalla dsa1024 rsa1024". */
+static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                BN_CTX *ctx, BN_MONT_CTX *in_mont)
+        {
+        BIGNUM t;
+        int to_return = 0;
+ 
+        BN_init(&t);
+        /* let rr = a1 ^ p1 mod m */
+        if (!atalla_mod_exp(rr,a1,p1,m,ctx)) goto end;
+        /* let t = a2 ^ p2 mod m */
+        if (!atalla_mod_exp(&t,a2,p2,m,ctx)) goto end;
+        /* let rr = rr * t mod m */
+        if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
+        to_return = 1;
+end:
+        BN_free(&t);
+        return to_return;
+        }
+
+
+static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                BN_MONT_CTX *m_ctx)
+        {
+        return atalla_mod_exp(r, a, p, m, ctx);
+        }
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return atalla_mod_exp(r, a, p, m, ctx);
+        }
+
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return atalla_mod_exp(r, a, p, m, ctx);
+        }
+
+#endif /* !NO_HW_ATALLA */
+#endif /* !NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_atalla_err.c b/src/lib/libcrypto/engine/hw_atalla_err.c
new file mode 100644
index 0000000000..1df9c4570c
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_atalla_err.c
@@ -0,0 +1,145 @@
+/* hw_atalla_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_atalla_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ATALLA_str_functs[]=
+        {
+{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0),    "ATALLA_CTRL"},
+{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0),  "ATALLA_FINISH"},
+{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0),    "ATALLA_INIT"},
+{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0), "ATALLA_MOD_EXP"},
+{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0),     "ATALLA_RSA_MOD_EXP"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA ATALLA_str_reasons[]=
+        {
+{ATALLA_R_ALREADY_LOADED                 ,"already loaded"},
+{ATALLA_R_BN_CTX_FULL                    ,"bn ctx full"},
+{ATALLA_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
+{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
+{ATALLA_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
+{ATALLA_R_NOT_LOADED                     ,"not loaded"},
+{ATALLA_R_REQUEST_FAILED                 ,"request failed"},
+{ATALLA_R_UNIT_FAILURE                   ,"unit failure"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef ATALLA_LIB_NAME
+static ERR_STRING_DATA ATALLA_lib_name[]=
+        {
+{0      ,ATALLA_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int ATALLA_lib_error_code=0;
+static int ATALLA_error_init=1;
+
+static void ERR_load_ATALLA_strings(void)
+        {
+        if (ATALLA_lib_error_code == 0)
+                ATALLA_lib_error_code=ERR_get_next_error_library();
+
+        if (ATALLA_error_init)
+                {
+                ATALLA_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_functs);
+                ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_reasons);
+#endif
+
+#ifdef ATALLA_LIB_NAME
+                ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code,0,0);
+                ERR_load_strings(0,ATALLA_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_ATALLA_strings(void)
+        {
+        if (ATALLA_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_functs);
+                ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_reasons);
+#endif
+
+#ifdef ATALLA_LIB_NAME
+                ERR_unload_strings(0,ATALLA_lib_name);
+#endif
+                ATALLA_error_init=1;
+                }
+        }
+
+static void ERR_ATALLA_error(int function, int reason, char *file, int line)
+        {
+        if (ATALLA_lib_error_code == 0)
+                ATALLA_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(ATALLA_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_atalla_err.h b/src/lib/libcrypto/engine/hw_atalla_err.h
new file mode 100644
index 0000000000..cdac052d8c
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_atalla_err.h
@@ -0,0 +1,89 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ATALLA_ERR_H
+#define HEADER_ATALLA_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_ATALLA_strings(void);
+static void ERR_unload_ATALLA_strings(void);
+static void ERR_ATALLA_error(int function, int reason, char *file, int line);
+#define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the ATALLA functions. */
+
+/* Function codes. */
+#define ATALLA_F_ATALLA_CTRL                             100
+#define ATALLA_F_ATALLA_FINISH                           101
+#define ATALLA_F_ATALLA_INIT                             102
+#define ATALLA_F_ATALLA_MOD_EXP                          103
+#define ATALLA_F_ATALLA_RSA_MOD_EXP                      104
+
+/* Reason codes. */
+#define ATALLA_R_ALREADY_LOADED                          100
+#define ATALLA_R_BN_CTX_FULL                             101
+#define ATALLA_R_BN_EXPAND_FAIL                          102
+#define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
+#define ATALLA_R_MISSING_KEY_COMPONENTS                  104
+#define ATALLA_R_NOT_LOADED                              105
+#define ATALLA_R_REQUEST_FAILED                          106
+#define ATALLA_R_UNIT_FAILURE                            107
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c
new file mode 100644
index 0000000000..7c3728f395
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_cryptodev.c
@@ -0,0 +1,926 @@
+/*
+ * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
+ * Copyright (c) 2002 Theo de Raadt
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the names of contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <crypto/cryptodev.h>
+#include <sys/ioctl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <syslog.h>
+#include <stdarg.h>
+#include <ssl/objects.h>
+#include <ssl/engine.h>
+#include <ssl/evp.h>
+
+static int cryptodev_fd = -1;
+static int cryptodev_sessions = 0;
+static u_int32_t cryptodev_symfeat = 0;
+
+static int bn2crparam(const BIGNUM *a, struct crparam *crp);
+static int crparam2bn(struct crparam *crp, BIGNUM *a);
+static void zapparams(struct crypt_kop *kop);
+
+static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
+    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
+    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst,
+    int dlen, DSA *dsa);
+static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
+    DSA_SIG *sig, DSA *dsa);
+static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+    BN_MONT_CTX *m_ctx);
+static int cryptodev_dh_compute_key(unsigned char *key,
+    const BIGNUM *pub_key, DH *dh);
+
+static const ENGINE_CMD_DEFN cryptodev_defns[] = {
+        { 0, NULL, NULL, 0 }
+};
+
+static struct {
+        int     id;
+        int     nid;
+        int     ivmax;
+        int     keylen;
+} ciphers[] = {
+        { CRYPTO_DES_CBC,               NID_des_cbc,            8,       8, },
+        { CRYPTO_3DES_CBC,              NID_des_ede3_cbc,       8,      24, },
+        { CRYPTO_AES_CBC,               NID_undef,              8,      24, },
+        { CRYPTO_BLF_CBC,               NID_bf_cbc,             8,      16, },
+        { CRYPTO_CAST_CBC,              NID_cast5_cbc,          8,       8, },
+        { CRYPTO_SKIPJACK_CBC,          NID_undef,              0,       0, },
+        { CRYPTO_ARC4,                  NID_rc4,                8,      16, },
+        { 0,                            NID_undef,              0,       0, },
+};
+
+static struct {
+        int     id;
+        int     nid;
+} digests[] = {
+        { CRYPTO_SHA1_HMAC,             NID_hmacWithSHA1,       },
+        { CRYPTO_RIPEMD160_HMAC,        NID_ripemd160,          },
+        { CRYPTO_MD5_KPDK,              NID_undef,              },
+        { CRYPTO_SHA1_KPDK,             NID_undef,              },
+        { CRYPTO_MD5,                   NID_md5,                },
+        { CRYPTO_SHA1,                  NID_undef,              },
+        { 0,                            NID_undef,              },
+};
+
+/*
+ * Return 1 if /dev/crypto seems usable, 0 otherwise , also
+ * does most of the work of initting the device, if not already
+ * done.. This should leave is with global fd initialized with CRIOGET.
+ */
+static int
+check_dev_crypto()
+{
+        int fd;
+
+        if (cryptodev_fd == -1) {
+                if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
+                        return (0);
+                if (ioctl(fd, CRIOGET, &cryptodev_fd) == -1) {
+                        close(fd);
+                        return (0);
+                }
+                close(fd);
+                /* close on exec */
+                if (fcntl(cryptodev_fd, F_SETFD, 1) == -1) {
+                        close(cryptodev_fd);
+                        cryptodev_fd = -1;
+                        return (0);
+                }
+        }
+        ioctl(cryptodev_fd, CIOCSYMFEAT, &cryptodev_symfeat);
+
+        return (1);
+}
+
+/*
+ * XXXX this needs to be set for each alg - and determined from
+ * a running card.
+ */
+static int
+cryptodev_max_iv(int cipher)
+{
+        int i;
+
+        for (i = 0; ciphers[i].id; i++)
+                if (ciphers[i].id == cipher)
+                        return (ciphers[i].ivmax);
+        return (0);
+}
+
+/*
+ * XXXX this needs to be set for each alg - and determined from
+ * a running card. For now, fake it out - but most of these
+ * for real devices should return 1 for the supported key
+ * sizes the device can handle.
+ */
+static int
+cryptodev_key_length_valid(int cipher, int len)
+{
+        int i;
+
+        for (i = 0; ciphers[i].id; i++)
+                if (ciphers[i].id == cipher)
+                        return (ciphers[i].keylen == len);
+        return (0);
+}
+
+/* convert libcrypto nids to cryptodev */
+static int
+cipher_nid_to_cryptodev(int nid)
+{
+        int i;
+
+        for (i = 0; ciphers[i].id; i++)
+                if (ciphers[i].nid == nid)
+                        return (ciphers[i].id);
+        return (0);
+}
+
+/*
+ * Find out what ciphers /dev/crypto will let us have a session for.
+ * XXX note, that some of these openssl doesn't deal with yet!
+ * returning them here is harmless, as long as we return NULL
+ * when asked for a handler in the cryptodev_engine_ciphers routine
+ */
+static int
+get_cryptodev_ciphers(const int **cnids)
+{
+        static int nids[CRYPTO_ALGORITHM_MAX];
+        struct session_op sess;
+        int i, count = 0;
+
+        memset(&sess, 0, sizeof(sess));
+        sess.key = (caddr_t)"123456781234567812345678";
+
+        for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
+                if (ciphers[i].nid == NID_undef)
+                        continue;
+                sess.cipher = ciphers[i].id;
+                sess.keylen = ciphers[i].keylen;
+                sess.mac = 0;
+                if (ioctl(cryptodev_fd, CIOCGSESSION, &sess) != -1 &&
+                    ioctl(cryptodev_fd, CIOCFSESSION, &sess.ses) != -1)
+                        nids[count++] = ciphers[i].nid;
+        }
+        if (count > 0)
+                *cnids = nids;
+        else
+                *cnids = NULL;
+        return (count);
+}
+
+/*
+ * Find out what digests /dev/crypto will let us have a session for.
+ * XXX note, that some of these openssl doesn't deal with yet!
+ * returning them here is harmless, as long as we return NULL
+ * when asked for a handler in the cryptodev_engine_digests routine
+ */
+static int
+get_cryptodev_digests(const int **cnids)
+{
+        static int nids[CRYPTO_ALGORITHM_MAX];
+        struct session_op sess;
+        int i, count = 0;
+
+        memset(&sess, 0, sizeof(sess));
+        for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
+                if (digests[i].nid == NID_undef)
+                        continue;
+                sess.mac = digests[i].id;
+                sess.cipher = 0;
+                if (ioctl(cryptodev_fd, CIOCGSESSION, &sess) != -1 &&
+                    ioctl(cryptodev_fd, CIOCFSESSION, &sess.ses) != -1)
+                        nids[count++] = digests[i].nid;
+        }
+        if (count > 0)
+                *cnids = nids;
+        else
+                *cnids = NULL;
+        return (count);
+}
+
+/*
+ * Find the useable ciphers|digests from dev/crypto - this is the first
+ * thing called by the engine init crud which determines what it
+ * can use for ciphers from this engine. We want to return
+ * only what we can do, anythine else is handled by software.
+ *
+ * If we can't initialize the device to do anything useful for
+ * any reason, we want to return a NULL array, and 0 length,
+ * which forces everything to be done is software. By putting
+ * the initalization of the device in here, we ensure we can
+ * use this engine as the default, and if for whatever reason
+ * /dev/crypto won't do what we want it will just be done in
+ * software
+ *
+ * This can (should) be greatly expanded to perhaps take into
+ * account speed of the device, and what we want to do.
+ * (although the disabling of particular alg's could be controlled
+ * by the device driver with sysctl's.) - this is where we
+ * want most of the decisions made about what we actually want
+ * to use from /dev/crypto.
+ */
+int
+cryptodev_usable_ciphers(const int **nids)
+{
+        if (!check_dev_crypto()) {
+                *nids = NULL;
+                return (0);
+        }
+
+        /* find what the device can do. Unfortunately, we don't
+         * necessarily want all of these yet, because we aren't
+         * yet set up to do them
+         */
+        return (get_cryptodev_ciphers(nids));
+}
+
+int
+cryptodev_usable_digests(const int **nids)
+{
+#if 1
+        /*
+         * XXXX just disable all digests for now, because it sucks.
+         * we need a better way to decide this - i.e. I may not
+         * want digests on slow cards like hifn on fast machines,
+         * but might want them on slow or loaded machines, etc.
+         * will also want them when using crypto cards that don't
+         * suck moose gonads - would be nice to be able to decide something
+         * as reasonable default without having hackery that's card dependent.
+         * of course, the default should probably be just do everything,
+         * with perhaps a sysctl to turn algoritms off (or have them off
+         * by default) on cards that generally suck like the hifn.
+         */
+        *nids = NULL;
+        return (0);
+#endif
+
+        if (!check_dev_crypto()) {
+                *nids = NULL;
+                return (0);
+        }
+        return (get_cryptodev_digests(nids));
+}
+
+
+int
+cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+    const unsigned char *in, unsigned int inl)
+{
+        struct crypt_op cryp;
+        struct session_op *sess = ctx->cipher_data;
+        void *iiv;
+        unsigned char save_iv[EVP_MAX_IV_LENGTH];
+        struct syslog_data sd = SYSLOG_DATA_INIT;
+
+        if (cryptodev_fd == -1)
+                return (0);
+        if (sess == NULL)
+                return (0);
+        if (!inl)
+                return (1);
+        if ((inl % ctx->cipher->block_size) != 0)
+                return (0);
+
+        memset(&cryp, 0, sizeof(cryp));
+
+        cryp.ses = sess->ses;
+        cryp.flags = 0;
+        cryp.len = inl;
+        cryp.src = (caddr_t) in;
+        cryp.dst = (caddr_t) out;
+        cryp.mac = 0;
+
+        cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
+
+        if (ctx->cipher->iv_len) {
+                cryp.iv = (caddr_t) ctx->iv;
+                if (!ctx->encrypt) {
+                        iiv = (void *) in + inl - ctx->cipher->iv_len;
+                        memcpy(save_iv, iiv, ctx->cipher->iv_len);
+                }
+        } else
+                cryp.iv = NULL;
+
+        if (ioctl(cryptodev_fd, CIOCCRYPT, &cryp) == -1) {
+                /* XXX need better errror handling
+                 * this can fail for a number of different reasons.
+                 */
+                syslog_r(LOG_ERR, &sd, "CIOCCRYPT failed (%m)");
+                return (0);
+        }
+
+        if (ctx->cipher->iv_len) {
+                if (ctx->encrypt)
+                        iiv = (void *) out + inl - ctx->cipher->iv_len;
+                else
+                        iiv = save_iv;
+                memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
+        }
+        return (1);
+}
+
+int
+cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+    const unsigned char *iv, int enc)
+{
+        struct session_op *sess = ctx->cipher_data;
+        struct syslog_data sd = SYSLOG_DATA_INIT;
+        int cipher;
+
+        if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
+                return (0);
+
+        if (!check_dev_crypto())
+                return (0);
+
+        if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
+                return (0);
+
+        if (!cryptodev_key_length_valid(cipher, ctx->key_len))
+                return (0);
+
+        memset(sess, 0, sizeof(struct session_op));
+
+        sess->key = (unsigned char *)key;
+        sess->keylen = ctx->key_len;
+        sess->cipher = cipher;
+
+        if (ioctl(cryptodev_fd, CIOCGSESSION, sess) == -1) {
+                syslog_r(LOG_ERR, &sd, "CIOCGSESSION failed (%m)");
+                return (0);
+        }
+        cryptodev_sessions++;
+        return (1);
+}
+
+/*
+ * free anything we allocated earlier when initting a
+ * session, and close the session.
+ */
+int
+cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
+{
+        int ret = 0;
+        struct session_op *sess = ctx->cipher_data;
+        struct syslog_data sd = SYSLOG_DATA_INIT;
+
+        if (sess == NULL)
+                return (0);
+
+        /* XXX if this ioctl fails, someting's wrong. the invoker
+         * may have called us with a bogus ctx, or we could
+         * have a device that for whatever reason just doesn't
+         * want to play ball - it's not clear what's right
+         * here - should this be an error? should it just
+         * increase a counter, hmm. For right now, we return
+         * 0 - I don't believe that to be "right". we could
+         * call the gorpy openssl lib error handlers that
+         * print messages to users of the library. hmm..
+         */
+
+        if (ioctl(cryptodev_fd, CIOCFSESSION, &sess->ses) == -1) {
+                syslog_r(LOG_ERR, &sd, "CIOCFSESSION failed (%m)");
+                ret = 0;
+        } else {
+                cryptodev_sessions--;
+                ret = 1;
+        }
+        if (cryptodev_sessions == 0 && cryptodev_fd != -1 ) {
+                close(cryptodev_fd); /* XXX should this be closed? */
+                cryptodev_fd = -1;
+        }
+        return (ret);
+}
+
+/*
+ * libcrypto EVP stuff - this is how we get wired to EVP so the engine
+ * gets called when libcrypto requests a cipher NID.
+ */
+
+/* ARC4 (16 byte key) */
+const EVP_CIPHER cryptodev_arc4_cipher = {
+        NID_rc4,
+        1, 16, 0,
+        EVP_CIPH_VARIABLE_LENGTH,
+        cryptodev_init_key,
+        cryptodev_cipher,
+        cryptodev_cleanup,
+        sizeof(struct session_op),
+        NULL,
+        NULL,
+        NULL
+};
+
+/* DES CBC EVP */
+const EVP_CIPHER cryptodev_des_cbc = {
+        NID_des_cbc,
+        8, 8, 8,
+        EVP_CIPH_CBC_MODE,
+        cryptodev_init_key,
+        cryptodev_cipher,
+        cryptodev_cleanup,
+        sizeof(struct session_op),
+        EVP_CIPHER_set_asn1_iv,
+        EVP_CIPHER_get_asn1_iv,
+        NULL
+};
+
+/* 3DES CBC EVP */
+const EVP_CIPHER cryptodev_3des_cbc = {
+        NID_des_ede3_cbc,
+        8, 24, 8,
+        EVP_CIPH_CBC_MODE,
+        cryptodev_init_key,
+        cryptodev_cipher,
+        cryptodev_cleanup,
+        sizeof(struct session_op),
+        EVP_CIPHER_set_asn1_iv,
+        EVP_CIPHER_get_asn1_iv,
+        NULL
+};
+
+
+/*
+ * Registered by the ENGINE when used to find out how to deal with
+ * a particular NID in the ENGINE. this says what we'll do at the
+ * top level - note, that list is restricted by what we answer with
+ */
+int
+cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+    const int **nids, int nid)
+{
+        if (!cipher)
+                return (cryptodev_usable_ciphers(nids));
+
+        switch (nid) {
+        case NID_rc4:
+                *cipher = &cryptodev_arc4_cipher;
+                break;
+        case NID_des_ede3_cbc:
+                *cipher = &cryptodev_3des_cbc;
+                break;
+        case NID_des_cbc:
+                *cipher = &cryptodev_des_cbc;
+                break;
+        default:
+                *cipher = NULL;
+                break;
+        }
+        return (*cipher != NULL);
+}
+
+int
+cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
+    const int **nids, int nid)
+{
+        if (!digest)
+                return (cryptodev_usable_digests(nids));
+
+        switch (nid) {
+        case NID_md5:
+                *digest = NULL; /* need to make a clean md5 critter */
+                break;
+        default:
+                *digest = NULL;
+                break;
+        }
+        return (*digest != NULL);
+}
+
+
+/*
+ * Convert a BIGNUM to the representation that /dev/crypto needs.
+ * Upon completion of use, the caller is responsible for freeing
+ * crp->crp_p.
+ */
+static int
+bn2crparam(const BIGNUM *a, struct crparam *crp)
+{
+        int i, j, n;
+        ssize_t words, bytes, bits;
+        u_char *b;
+
+        crp->crp_p = NULL;
+        crp->crp_nbits = 0;
+
+        bits = BN_num_bits(a);
+        bytes = (bits + 7) / 8;
+
+        b = malloc(bytes);
+        if (b == NULL)
+                return (1);
+
+        crp->crp_p = b;
+        crp->crp_nbits = bits;
+
+        words = (bits + BN_BITS2 - 1) / BN_BITS2;
+
+        n = 0;
+        for (i = 0; i < words && n < bytes; i++) {
+                BN_ULONG word;
+
+                word = a->d[i];
+                for (j = 0 ; j < BN_BYTES && n < bytes; j++, n++) {
+                        *b++ = (word & 0xff);
+                        word >>= 8;
+                }
+        }
+        return (0);
+}
+
+/* Convert a /dev/crypto parameter to a BIGNUM */
+static int
+crparam2bn(struct crparam *crp, BIGNUM *a)
+{
+        int i, bytes;
+
+        bytes = (crp->crp_nbits + 7)/8;
+
+        BN_zero(a);
+        for (i = bytes - 1; i >= 0; i--) {
+                BN_lshift(a, a, 8);
+                BN_add_word(a, (u_char)crp->crp_p[i]);
+        }
+
+        return (0);
+}
+
+static void
+zapparams(struct crypt_kop *kop)
+{
+        int i;
+
+        for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) {
+                if (kop->crk_param[i].crp_p)
+                        free(kop->crk_param[i].crp_p);
+                kop->crk_param[i].crp_p = NULL;
+                kop->crk_param[i].crp_nbits = 0;
+        }
+}
+
+static int
+cryptodev_sym(struct crypt_kop *kop, BIGNUM *r, BIGNUM *s)
+{
+        int ret = -1;
+
+        if (r) {
+                kop->crk_param[kop->crk_iparams].crp_p = malloc(256);
+                kop->crk_param[kop->crk_iparams].crp_nbits = 256 * 8;
+                kop->crk_oparams++;
+        }
+        if (s) {
+                kop->crk_param[kop->crk_iparams+1].crp_p = malloc(256);
+                kop->crk_param[kop->crk_iparams+1].crp_nbits = 256 * 8;
+                kop->crk_oparams++;
+        }
+
+        if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) {
+                crparam2bn(&kop->crk_param[3], r);
+                ret = 0;
+        }
+        return (ret);
+}
+
+static int
+cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+        struct crypt_kop kop;
+        int ret = 0;
+
+        memset(&kop, 0, sizeof kop);
+        kop.crk_op = CRK_MOD_EXP;
+
+        /* inputs: a m p */
+        if (bn2crparam(a, &kop.crk_param[0]))
+                goto err;
+        if (bn2crparam(m, &kop.crk_param[1]))
+                goto err;
+        if (bn2crparam(p, &kop.crk_param[2]))
+                goto err;
+        kop.crk_iparams = 3;
+
+        if (cryptodev_sym(&kop, r, NULL) == -1) {
+                ret = BN_mod_exp(r, a, p, m, ctx);
+        }
+err:
+        zapparams(&kop);
+        return (ret);
+}
+
+
+static int
+cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+{
+        struct crypt_kop kop;
+        int ret = 0;
+
+        if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+                /* XXX 0 means failure?? */
+                goto err;
+        }
+
+        memset(&kop, 0, sizeof kop);
+        kop.crk_op = CRK_MOD_EXP_CRT;
+        /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
+        if (bn2crparam(rsa->p, &kop.crk_param[0]))
+                goto err;
+        if (bn2crparam(rsa->q, &kop.crk_param[1]))
+                goto err;
+        if (bn2crparam(I, &kop.crk_param[2]))
+                goto err;
+        if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
+                goto err;
+        if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
+                goto err;
+        if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
+                goto err;
+        kop.crk_iparams = 6;
+
+        if (cryptodev_sym(&kop, r0, NULL) == -1) {
+                const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+
+                ret = (*meth->rsa_mod_exp)(r0, I, rsa);
+        }
+err:
+        zapparams(&kop);
+        return (ret);
+}
+
+static RSA_METHOD cryptodev_rsa = {
+        "cryptodev RSA method",
+        NULL,                           /* rsa_pub_enc */
+        NULL,                           /* rsa_pub_dec */
+        NULL,                           /* rsa_priv_enc */
+        NULL,                           /* rsa_priv_dec */
+        cryptodev_rsa_mod_exp,          /* rsa_mod_exp */
+        cryptodev_bn_mod_exp,           /* bn_mod_exp */
+        NULL,                           /* init */
+        NULL,                           /* finish */
+        0,                              /* flags */
+        NULL,                           /* app_data */
+        NULL,                           /* rsa_sign */
+        NULL                            /* rsa_verify */
+};
+
+static int
+cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+        return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
+}
+
+static DSA_SIG *
+cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+        struct crypt_kop kop;
+        BIGNUM *r = NULL, *s = NULL;
+        DSA_SIG *dsaret = NULL;
+
+        if ((r = BN_new()) == NULL)
+                goto err;
+        if ((s = BN_new()) == NULL) {
+                BN_free(r);
+                goto err;
+        }
+
+        memset(&kop, 0, sizeof kop);
+        kop.crk_op = CRK_DSA_SIGN;
+
+        /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
+        kop.crk_param[0].crp_p = (caddr_t)dgst;
+        kop.crk_param[0].crp_nbits = dlen * 8;
+        if (bn2crparam(dsa->p, &kop.crk_param[1]))
+                goto err;
+        if (bn2crparam(dsa->q, &kop.crk_param[2]))
+                goto err;
+        if (bn2crparam(dsa->g, &kop.crk_param[3]))
+                goto err;
+        if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
+                goto err;
+        kop.crk_iparams = 5;
+
+        if (cryptodev_sym(&kop, r, s) == 0) {
+                dsaret = DSA_SIG_new();
+                dsaret->r = r;
+                dsaret->s = s;
+        } else {
+                const DSA_METHOD *meth = DSA_OpenSSL();
+
+                BN_free(r);
+                BN_free(s);
+                dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
+        }
+err:
+        kop.crk_param[0].crp_p = NULL;
+        zapparams(&kop);
+        return (dsaret);
+}
+
+static int
+cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
+    DSA_SIG *sig, DSA *dsa)
+{
+        struct crypt_kop kop;
+        int dsaret = 0;
+
+        memset(&kop, 0, sizeof kop);
+        kop.crk_op = CRK_DSA_VERIFY;
+
+        /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
+        kop.crk_param[0].crp_p = (caddr_t)dgst;
+        kop.crk_param[0].crp_nbits = dlen * 8;
+        if (bn2crparam(dsa->p, &kop.crk_param[1]))
+                goto err;
+        if (bn2crparam(dsa->q, &kop.crk_param[2]))
+                goto err;
+        if (bn2crparam(dsa->g, &kop.crk_param[3]))
+                goto err;
+        if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
+                goto err;
+        if (bn2crparam(sig->r, &kop.crk_param[5]))
+                goto err;
+        if (bn2crparam(sig->s, &kop.crk_param[6]))
+                goto err;
+        kop.crk_iparams = 7;
+
+        if (cryptodev_sym(&kop, NULL, NULL) == 0) {
+                dsaret = kop.crk_status;
+        } else {
+                const DSA_METHOD *meth = DSA_OpenSSL();
+
+                dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
+        }
+err:
+        kop.crk_param[0].crp_p = NULL;
+        zapparams(&kop);
+        return (dsaret);
+}
+
+static DSA_METHOD cryptodev_dsa = {
+        "cryptodev DSA method",
+        cryptodev_dsa_do_sign,
+        NULL,                           /* dsa_sign_setup */
+        cryptodev_dsa_verify,
+        NULL,                           /* dsa_mod_exp */
+        cryptodev_dsa_bn_mod_exp,       /* bn_mod_exp */
+        NULL,                           /* init */
+        NULL,                           /* finish */
+        0,      /* flags */
+        NULL    /* app_data */
+};
+
+static int
+cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+    BN_MONT_CTX *m_ctx)
+{
+        return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
+}
+
+static int
+cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+{
+        struct crypt_kop kop;
+        int dhret = 0;
+        int keylen;
+
+        keylen = BN_num_bits(dh->p);
+
+        memset(&kop, 0, sizeof kop);
+        kop.crk_op = CRK_DH_COMPUTE_KEY;
+
+        /* inputs: dh->priv_key pub_key dh->p key */
+        if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
+                goto err;
+        if (bn2crparam(pub_key, &kop.crk_param[1]))
+                goto err;
+        if (bn2crparam(dh->p, &kop.crk_param[2]))
+                goto err;
+        kop.crk_iparams = 3;
+
+        kop.crk_param[3].crp_p = key;
+        kop.crk_param[3].crp_nbits = keylen * 8;
+        kop.crk_oparams = 1;
+
+        if (ioctl(cryptodev_fd, CIOCKEY, &kop) == -1) {
+                const DH_METHOD *meth = DH_OpenSSL();
+
+                dhret = (meth->compute_key)(key, pub_key, dh);
+        }
+err:
+        kop.crk_param[3].crp_p = NULL;
+        zapparams(&kop);
+        return (dhret);
+}
+
+static DH_METHOD cryptodev_dh = {
+        "cryptodev DH method",
+        NULL,                           /* cryptodev_dh_generate_key */
+        cryptodev_dh_compute_key,
+        cryptodev_mod_exp_dh,
+        NULL,
+        NULL,
+        0,      /* flags */
+        NULL    /* app_data */
+};
+
+/*
+ * ctrl right now is just a wrapper that doesn't do much
+ * but I expect we'll want some options soon.
+ */
+static int
+cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+{
+        struct syslog_data sd = SYSLOG_DATA_INIT;
+
+        switch (cmd) {
+        default:
+                syslog_r(LOG_ERR, &sd,
+                    "cryptodev_ctrl: unknown command %d", cmd);
+                break;
+        }
+        return (1);
+}
+
+void
+ENGINE_load_cryptodev(void)
+{
+        ENGINE *engine = ENGINE_new();
+        const RSA_METHOD *rsa_meth;
+        const DH_METHOD *dh_meth;
+
+        if (engine == NULL)
+                return;
+
+        if (!ENGINE_set_id(engine, "cryptodev") ||
+            !ENGINE_set_name(engine, "OpenBSD cryptodev engine") ||
+            !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
+            !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
+            !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
+            !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
+                ENGINE_free(engine);
+                return;
+        }
+
+        if ((cryptodev_symfeat & CRSFEAT_RSA) &&
+            ENGINE_set_RSA(engine, &cryptodev_rsa)) {
+                rsa_meth = RSA_PKCS1_SSLeay();
+                cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
+                cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
+                cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_dec;
+                cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
+        }
+
+        if ((cryptodev_symfeat & CRSFEAT_DSA) &&
+            ENGINE_set_DSA(engine, &cryptodev_dsa)) {
+        }
+
+        if ((cryptodev_symfeat & CRSFEAT_DH) &&
+            ENGINE_set_DH(engine, &cryptodev_dh)) {
+                dh_meth = DH_OpenSSL();
+                cryptodev_dh.generate_key = dh_meth->generate_key;
+                cryptodev_dh.compute_key = dh_meth->compute_key;
+        }
+
+        ENGINE_add(engine);
+        ENGINE_free(engine);
+        ERR_clear_error();
+}
diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c
new file mode 100644
index 0000000000..77608b8983
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_cswift.c
@@ -0,0 +1,807 @@
+/* crypto/engine/hw_cswift.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include "engine_int.h"
+#include <openssl/engine.h>
+
+#ifndef NO_HW
+#ifndef NO_HW_CSWIFT
+
+/* Attribution notice: Rainbow have generously allowed me to reproduce
+ * the necessary definitions here from their API. This means the support
+ * can build independently of whether application builders have the
+ * API or hardware. This will allow developers to easily produce software
+ * that has latent hardware support for any users that have accelerators
+ * installed, without the developers themselves needing anything extra.
+ *
+ * I have only clipped the parts from the CryptoSwift header files that
+ * are (or seem) relevant to the CryptoSwift support code. This is
+ * simply to keep the file sizes reasonable.
+ * [Geoff]
+ */
+#ifdef FLAT_INC
+#include "cswift.h"
+#else
+#include "vendor_defns/cswift.h"
+#endif
+
+static int cswift_init(void);
+static int cswift_finish(void);
+
+/* BIGNUM stuff */
+static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
+                const BIGNUM *iqmp, BN_CTX *ctx);
+
+/* RSA stuff */
+static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+/* DSA stuff */
+static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                DSA_SIG *sig, DSA *dsa);
+
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD cswift_rsa =
+        {
+        "CryptoSwift RSA method",
+        NULL,
+        NULL,
+        NULL,
+        NULL,
+        cswift_rsa_mod_exp,
+        cswift_mod_exp_mont,
+        NULL,
+        NULL,
+        0,
+        NULL,
+        NULL,
+        NULL
+        };
+
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD cswift_dsa =
+        {
+        "CryptoSwift DSA method",
+        cswift_dsa_sign,
+        NULL, /* dsa_sign_setup */
+        cswift_dsa_verify,
+        NULL, /* dsa_mod_exp */
+        NULL, /* bn_mod_exp */
+        NULL, /* init */
+        NULL, /* finish */
+        0, /* flags */
+        NULL /* app_data */
+        };
+
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD cswift_dh =
+        {
+        "CryptoSwift DH method",
+        NULL,
+        NULL,
+        cswift_mod_exp_dh,
+        NULL,
+        NULL,
+        0,
+        NULL
+        };
+
+/* Our ENGINE structure. */
+static ENGINE engine_cswift =
+        {
+        "cswift",
+        "CryptoSwift hardware engine support",
+        &cswift_rsa,
+        &cswift_dsa,
+        &cswift_dh,
+        NULL,
+        cswift_mod_exp,
+        cswift_mod_exp_crt,
+        cswift_init,
+        cswift_finish,
+        NULL, /* no ctrl() */
+        NULL, /* no load_privkey() */
+        NULL, /* no load_pubkey() */
+        0, /* no flags */
+        0, 0, /* no references */
+        NULL, NULL /* unlinked */
+        };
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_cswift()
+        {
+        RSA_METHOD *meth1;
+        DH_METHOD *meth2;
+
+        /* We know that the "PKCS1_SSLeay()" functions hook properly
+         * to the cswift-specific mod_exp and mod_exp_crt so we use
+         * those functions. NB: We don't use ENGINE_openssl() or
+         * anything "more generic" because something like the RSAref
+         * code may not hook properly, and if you own one of these
+         * cards then you have the right to do RSA operations on it
+         * anyway! */ 
+        meth1 = RSA_PKCS1_SSLeay();
+        cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+        cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+        cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+        cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+
+        /* Much the same for Diffie-Hellman */
+        meth2 = DH_OpenSSL();
+        cswift_dh.generate_key = meth2->generate_key;
+        cswift_dh.compute_key = meth2->compute_key;
+        return &engine_cswift;
+        }
+
+/* This is a process-global DSO handle used for loading and unloading
+ * the CryptoSwift library. NB: This is only set (or unset) during an
+ * init() or finish() call (reference counts permitting) and they're
+ * operating with global locks, so this should be thread-safe
+ * implicitly. */
+static DSO *cswift_dso = NULL;
+
+/* These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded. */
+t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL;
+t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL;
+t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
+t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
+
+/* Used in the DSO operations. */
+static const char *CSWIFT_LIBNAME = "swift";
+static const char *CSWIFT_F1 = "swAcquireAccContext";
+static const char *CSWIFT_F2 = "swAttachKeyParam";
+static const char *CSWIFT_F3 = "swSimpleRequest";
+static const char *CSWIFT_F4 = "swReleaseAccContext";
+
+
+/* CryptoSwift library functions and mechanics - these are used by the
+ * higher-level functions further down. NB: As and where there's no
+ * error checking, take a look lower down where these functions are
+ * called, the checking and error handling is probably down there. */
+
+/* utility function to obtain a context */
+static int get_context(SW_CONTEXT_HANDLE *hac)
+        {
+        SW_STATUS status;
+ 
+        status = p_CSwift_AcquireAccContext(hac);
+        if(status != SW_OK)
+                return 0;
+        return 1;
+        }
+ 
+/* similarly to release one. */
+static void release_context(SW_CONTEXT_HANDLE hac)
+        {
+        p_CSwift_ReleaseAccContext(hac);
+        }
+
+/* (de)initialisation functions. */
+static int cswift_init()
+        {
+        SW_CONTEXT_HANDLE hac;
+        t_swAcquireAccContext *p1;
+        t_swAttachKeyParam *p2;
+        t_swSimpleRequest *p3;
+        t_swReleaseAccContext *p4;
+
+        if(cswift_dso != NULL)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_ALREADY_LOADED);
+                goto err;
+                }
+        /* Attempt to load libswift.so/swift.dll/whatever. */
+        cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL,
+                DSO_FLAG_NAME_TRANSLATION);
+        if(cswift_dso == NULL)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE);
+                goto err;
+                }
+        if(!(p1 = (t_swAcquireAccContext *)
+                                DSO_bind_func(cswift_dso, CSWIFT_F1)) ||
+                        !(p2 = (t_swAttachKeyParam *)
+                                DSO_bind_func(cswift_dso, CSWIFT_F2)) ||
+                        !(p3 = (t_swSimpleRequest *)
+                                DSO_bind_func(cswift_dso, CSWIFT_F3)) ||
+                        !(p4 = (t_swReleaseAccContext *)
+                                DSO_bind_func(cswift_dso, CSWIFT_F4)))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE);
+                goto err;
+                }
+        /* Copy the pointers */
+        p_CSwift_AcquireAccContext = p1;
+        p_CSwift_AttachKeyParam = p2;
+        p_CSwift_SimpleRequest = p3;
+        p_CSwift_ReleaseAccContext = p4;
+        /* Try and get a context - if not, we may have a DSO but no
+         * accelerator! */
+        if(!get_context(&hac))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_UNIT_FAILURE);
+                goto err;
+                }
+        release_context(hac);
+        /* Everything's fine. */
+        return 1;
+err:
+        if(cswift_dso)
+                DSO_free(cswift_dso);
+        p_CSwift_AcquireAccContext = NULL;
+        p_CSwift_AttachKeyParam = NULL;
+        p_CSwift_SimpleRequest = NULL;
+        p_CSwift_ReleaseAccContext = NULL;
+        return 0;
+        }
+
+static int cswift_finish()
+        {
+        if(cswift_dso == NULL)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_NOT_LOADED);
+                return 0;
+                }
+        if(!DSO_free(cswift_dso))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_DSO_FAILURE);
+                return 0;
+                }
+        cswift_dso = NULL;
+        p_CSwift_AcquireAccContext = NULL;
+        p_CSwift_AttachKeyParam = NULL;
+        p_CSwift_SimpleRequest = NULL;
+        p_CSwift_ReleaseAccContext = NULL;
+        return 1;
+        }
+
+/* Un petit mod_exp */
+static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                        const BIGNUM *m, BN_CTX *ctx)
+        {
+        /* I need somewhere to store temporary serialised values for
+         * use with the CryptoSwift API calls. A neat cheat - I'll use
+         * BIGNUMs from the BN_CTX but access their arrays directly as
+         * byte arrays <grin>. This way I don't have to clean anything
+         * up. */
+        BIGNUM *modulus;
+        BIGNUM *exponent;
+        BIGNUM *argument;
+        BIGNUM *result;
+        SW_STATUS sw_status;
+        SW_LARGENUMBER arg, res;
+        SW_PARAM sw_param;
+        SW_CONTEXT_HANDLE hac;
+        int to_return, acquired;
+ 
+        modulus = exponent = argument = result = NULL;
+        to_return = 0; /* expect failure */
+        acquired = 0;
+ 
+        if(!get_context(&hac))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_GET_HANDLE_FAILED);
+                goto err;
+                }
+        acquired = 1;
+        /* Prepare the params */
+        modulus = BN_CTX_get(ctx);
+        exponent = BN_CTX_get(ctx);
+        argument = BN_CTX_get(ctx);
+        result = BN_CTX_get(ctx);
+        if(!modulus || !exponent || !argument || !result)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_CTX_FULL);
+                goto err;
+                }
+        if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
+                !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL);
+                goto err;
+                }
+        sw_param.type = SW_ALG_EXP;
+        sw_param.up.exp.modulus.nbytes = BN_bn2bin(m,
+                (unsigned char *)modulus->d);
+        sw_param.up.exp.modulus.value = (unsigned char *)modulus->d;
+        sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
+                (unsigned char *)exponent->d);
+        sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
+        /* Attach the key params */
+        sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+        switch(sw_status)
+                {
+        case SW_OK:
+                break;
+        case SW_ERR_INPUT_SIZE:
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,
+                        ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                goto err;
+        default:
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                }
+                goto err;
+                }
+        /* Prepare the argument and response */
+        arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
+        arg.value = (unsigned char *)argument->d;
+        res.nbytes = BN_num_bytes(m);
+        memset(result->d, 0, res.nbytes);
+        res.value = (unsigned char *)result->d;
+        /* Perform the operation */
+        if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
+                &res, 1)) != SW_OK)
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                goto err;
+                }
+        /* Convert the response */
+        BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
+        to_return = 1;
+err:
+        if(acquired)
+                release_context(hac);
+        if(modulus) ctx->tos--;
+        if(exponent) ctx->tos--;
+        if(argument) ctx->tos--;
+        if(result) ctx->tos--;
+        return to_return;
+        }
+
+/* Un petit mod_exp chinois */
+static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                        const BIGNUM *q, const BIGNUM *dmp1,
+                        const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
+        {
+        SW_STATUS sw_status;
+        SW_LARGENUMBER arg, res;
+        SW_PARAM sw_param;
+        SW_CONTEXT_HANDLE hac;
+        BIGNUM *rsa_p = NULL;
+        BIGNUM *rsa_q = NULL;
+        BIGNUM *rsa_dmp1 = NULL;
+        BIGNUM *rsa_dmq1 = NULL;
+        BIGNUM *rsa_iqmp = NULL;
+        BIGNUM *argument = NULL;
+        BIGNUM *result = NULL;
+        int to_return = 0; /* expect failure */
+        int acquired = 0;
+ 
+        if(!get_context(&hac))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_GET_HANDLE_FAILED);
+                goto err;
+                }
+        acquired = 1;
+        /* Prepare the params */
+        rsa_p = BN_CTX_get(ctx);
+        rsa_q = BN_CTX_get(ctx);
+        rsa_dmp1 = BN_CTX_get(ctx);
+        rsa_dmq1 = BN_CTX_get(ctx);
+        rsa_iqmp = BN_CTX_get(ctx);
+        argument = BN_CTX_get(ctx);
+        result = BN_CTX_get(ctx);
+        if(!rsa_p || !rsa_q || !rsa_dmp1 || !rsa_dmq1 || !rsa_iqmp ||
+                        !argument || !result)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_CTX_FULL);
+                goto err;
+                }
+        if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
+                        !bn_wexpand(rsa_dmp1, dmp1->top) ||
+                        !bn_wexpand(rsa_dmq1, dmq1->top) ||
+                        !bn_wexpand(rsa_iqmp, iqmp->top) ||
+                        !bn_wexpand(argument, a->top) ||
+                        !bn_wexpand(result, p->top + q->top))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_EXPAND_FAIL);
+                goto err;
+                }
+        sw_param.type = SW_ALG_CRT;
+        sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
+        sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
+        sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
+        sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
+        sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
+                (unsigned char *)rsa_dmp1->d);
+        sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
+        sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
+                (unsigned char *)rsa_dmq1->d);
+        sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
+        sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
+                (unsigned char *)rsa_iqmp->d);
+        sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
+        /* Attach the key params */
+        sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+        switch(sw_status)
+                {
+        case SW_OK:
+                break;
+        case SW_ERR_INPUT_SIZE:
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,
+                        ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                goto err;
+        default:
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                }
+                goto err;
+                }
+        /* Prepare the argument and response */
+        arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
+        arg.value = (unsigned char *)argument->d;
+        res.nbytes = 2 * BN_num_bytes(p);
+        memset(result->d, 0, res.nbytes);
+        res.value = (unsigned char *)result->d;
+        /* Perform the operation */
+        if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
+                &res, 1)) != SW_OK)
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                goto err;
+                }
+        /* Convert the response */
+        BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
+        to_return = 1;
+err:
+        if(acquired)
+                release_context(hac);
+        if(rsa_p) ctx->tos--;
+        if(rsa_q) ctx->tos--;
+        if(rsa_dmp1) ctx->tos--;
+        if(rsa_dmq1) ctx->tos--;
+        if(rsa_iqmp) ctx->tos--;
+        if(argument) ctx->tos--;
+        if(result) ctx->tos--;
+        return to_return;
+        }
+ 
+static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+        {
+        BN_CTX *ctx;
+        int to_return = 0;
+
+        if((ctx = BN_CTX_new()) == NULL)
+                goto err;
+        if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS);
+                goto err;
+                }
+        to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
+                rsa->dmq1, rsa->iqmp, ctx);
+err:
+        if(ctx)
+                BN_CTX_free(ctx);
+        return to_return;
+        }
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return cswift_mod_exp(r, a, p, m, ctx);
+        }
+
+static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+        {
+        SW_CONTEXT_HANDLE hac;
+        SW_PARAM sw_param;
+        SW_STATUS sw_status;
+        SW_LARGENUMBER arg, res;
+        unsigned char *ptr;
+        BN_CTX *ctx;
+        BIGNUM *dsa_p = NULL;
+        BIGNUM *dsa_q = NULL;
+        BIGNUM *dsa_g = NULL;
+        BIGNUM *dsa_key = NULL;
+        BIGNUM *result = NULL;
+        DSA_SIG *to_return = NULL;
+        int acquired = 0;
+
+        if((ctx = BN_CTX_new()) == NULL)
+                goto err;
+        if(!get_context(&hac))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_GET_HANDLE_FAILED);
+                goto err;
+                }
+        acquired = 1;
+        /* Prepare the params */
+        dsa_p = BN_CTX_get(ctx);
+        dsa_q = BN_CTX_get(ctx);
+        dsa_g = BN_CTX_get(ctx);
+        dsa_key = BN_CTX_get(ctx);
+        result = BN_CTX_get(ctx);
+        if(!dsa_p || !dsa_q || !dsa_g || !dsa_key || !result)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_CTX_FULL);
+                goto err;
+                }
+        if(!bn_wexpand(dsa_p, dsa->p->top) ||
+                        !bn_wexpand(dsa_q, dsa->q->top) ||
+                        !bn_wexpand(dsa_g, dsa->g->top) ||
+                        !bn_wexpand(dsa_key, dsa->priv_key->top) ||
+                        !bn_wexpand(result, dsa->p->top))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_EXPAND_FAIL);
+                goto err;
+                }
+        sw_param.type = SW_ALG_DSA;
+        sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p,
+                                (unsigned char *)dsa_p->d);
+        sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
+        sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q,
+                                (unsigned char *)dsa_q->d);
+        sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
+        sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g,
+                                (unsigned char *)dsa_g->d);
+        sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
+        sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
+                                (unsigned char *)dsa_key->d);
+        sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
+        /* Attach the key params */
+        sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+        switch(sw_status)
+                {
+        case SW_OK:
+                break;
+        case SW_ERR_INPUT_SIZE:
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,
+                        ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                goto err;
+        default:
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                }
+                goto err;
+                }
+        /* Prepare the argument and response */
+        arg.nbytes = dlen;
+        arg.value = (unsigned char *)dgst;
+        res.nbytes = BN_num_bytes(dsa->p);
+        memset(result->d, 0, res.nbytes);
+        res.value = (unsigned char *)result->d;
+        /* Perform the operation */
+        sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
+                &res, 1);
+        if(sw_status != SW_OK)
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                goto err;
+                }
+        /* Convert the response */
+        ptr = (unsigned char *)result->d;
+        if((to_return = DSA_SIG_new()) == NULL)
+                goto err;
+        to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
+        to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL);
+
+err:
+        if(acquired)
+                release_context(hac);
+        if(dsa_p) ctx->tos--;
+        if(dsa_q) ctx->tos--;
+        if(dsa_g) ctx->tos--;
+        if(dsa_key) ctx->tos--;
+        if(result) ctx->tos--;
+        if(ctx)
+                BN_CTX_free(ctx);
+        return to_return;
+        }
+
+static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                DSA_SIG *sig, DSA *dsa)
+        {
+        SW_CONTEXT_HANDLE hac;
+        SW_PARAM sw_param;
+        SW_STATUS sw_status;
+        SW_LARGENUMBER arg[2], res;
+        unsigned long sig_result;
+        BN_CTX *ctx;
+        BIGNUM *dsa_p = NULL;
+        BIGNUM *dsa_q = NULL;
+        BIGNUM *dsa_g = NULL;
+        BIGNUM *dsa_key = NULL;
+        BIGNUM *argument = NULL;
+        int to_return = -1;
+        int acquired = 0;
+
+        if((ctx = BN_CTX_new()) == NULL)
+                goto err;
+        if(!get_context(&hac))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_GET_HANDLE_FAILED);
+                goto err;
+                }
+        acquired = 1;
+        /* Prepare the params */
+        dsa_p = BN_CTX_get(ctx);
+        dsa_q = BN_CTX_get(ctx);
+        dsa_g = BN_CTX_get(ctx);
+        dsa_key = BN_CTX_get(ctx);
+        argument = BN_CTX_get(ctx);
+        if(!dsa_p || !dsa_q || !dsa_g || !dsa_key || !argument)
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_CTX_FULL);
+                goto err;
+                }
+        if(!bn_wexpand(dsa_p, dsa->p->top) ||
+                        !bn_wexpand(dsa_q, dsa->q->top) ||
+                        !bn_wexpand(dsa_g, dsa->g->top) ||
+                        !bn_wexpand(dsa_key, dsa->pub_key->top) ||
+                        !bn_wexpand(argument, 40))
+                {
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_EXPAND_FAIL);
+                goto err;
+                }
+        sw_param.type = SW_ALG_DSA;
+        sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p,
+                                (unsigned char *)dsa_p->d);
+        sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
+        sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q,
+                                (unsigned char *)dsa_q->d);
+        sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
+        sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g,
+                                (unsigned char *)dsa_g->d);
+        sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
+        sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
+                                (unsigned char *)dsa_key->d);
+        sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
+        /* Attach the key params */
+        sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+        switch(sw_status)
+                {
+        case SW_OK:
+                break;
+        case SW_ERR_INPUT_SIZE:
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,
+                        ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                goto err;
+        default:
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                }
+                goto err;
+                }
+        /* Prepare the argument and response */
+        arg[0].nbytes = dgst_len;
+        arg[0].value = (unsigned char *)dgst;
+        arg[1].nbytes = 40;
+        arg[1].value = (unsigned char *)argument->d;
+        memset(arg[1].value, 0, 40);
+        BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r));
+        BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
+        res.nbytes = 4; /* unsigned long */
+        res.value = (unsigned char *)(&sig_result);
+        /* Perform the operation */
+        sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
+                &res, 1);
+        if(sw_status != SW_OK)
+                {
+                char tmpbuf[20];
+                ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED);
+                sprintf(tmpbuf, "%ld", sw_status);
+                ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
+                goto err;
+                }
+        /* Convert the response */
+        to_return = ((sig_result == 0) ? 0 : 1);
+
+err:
+        if(acquired)
+                release_context(hac);
+        if(dsa_p) ctx->tos--;
+        if(dsa_q) ctx->tos--;
+        if(dsa_g) ctx->tos--;
+        if(dsa_key) ctx->tos--;
+        if(argument) ctx->tos--;
+        if(ctx)
+                BN_CTX_free(ctx);
+        return to_return;
+        }
+
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return cswift_mod_exp(r, a, p, m, ctx);
+        }
+
+#endif /* !NO_HW_CSWIFT */
+#endif /* !NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_cswift_err.c b/src/lib/libcrypto/engine/hw_cswift_err.c
new file mode 100644
index 0000000000..684f53bf27
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_cswift_err.c
@@ -0,0 +1,149 @@
+/* hw_cswift_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_cswift_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA CSWIFT_str_functs[]=
+        {
+{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0),    "CSWIFT_CTRL"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0),        "CSWIFT_DSA_SIGN"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0),      "CSWIFT_DSA_VERIFY"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0),  "CSWIFT_FINISH"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0),    "CSWIFT_INIT"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0), "CSWIFT_MOD_EXP"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0),     "CSWIFT_MOD_EXP_CRT"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0),     "CSWIFT_RSA_MOD_EXP"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA CSWIFT_str_reasons[]=
+        {
+{CSWIFT_R_ALREADY_LOADED                 ,"already loaded"},
+{CSWIFT_R_BAD_KEY_SIZE                   ,"bad key size"},
+{CSWIFT_R_BN_CTX_FULL                    ,"bn ctx full"},
+{CSWIFT_R_BN_EXPAND_FAIL                 ,"bn expand fail"},
+{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
+{CSWIFT_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
+{CSWIFT_R_NOT_LOADED                     ,"not loaded"},
+{CSWIFT_R_REQUEST_FAILED                 ,"request failed"},
+{CSWIFT_R_UNIT_FAILURE                   ,"unit failure"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef CSWIFT_LIB_NAME
+static ERR_STRING_DATA CSWIFT_lib_name[]=
+        {
+{0      ,CSWIFT_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int CSWIFT_lib_error_code=0;
+static int CSWIFT_error_init=1;
+
+static void ERR_load_CSWIFT_strings(void)
+        {
+        if (CSWIFT_lib_error_code == 0)
+                CSWIFT_lib_error_code=ERR_get_next_error_library();
+
+        if (CSWIFT_error_init)
+                {
+                CSWIFT_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_functs);
+                ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons);
+#endif
+
+#ifdef CSWIFT_LIB_NAME
+                CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code,0,0);
+                ERR_load_strings(0,CSWIFT_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_CSWIFT_strings(void)
+        {
+        if (CSWIFT_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_functs);
+                ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons);
+#endif
+
+#ifdef CSWIFT_LIB_NAME
+                ERR_unload_strings(0,CSWIFT_lib_name);
+#endif
+                CSWIFT_error_init=1;
+                }
+        }
+
+static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
+        {
+        if (CSWIFT_lib_error_code == 0)
+                CSWIFT_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(CSWIFT_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_cswift_err.h b/src/lib/libcrypto/engine/hw_cswift_err.h
new file mode 100644
index 0000000000..7120c3216f
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_cswift_err.h
@@ -0,0 +1,93 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CSWIFT_ERR_H
+#define HEADER_CSWIFT_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CSWIFT_strings(void);
+static void ERR_unload_CSWIFT_strings(void);
+static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
+#define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CSWIFT functions. */
+
+/* Function codes. */
+#define CSWIFT_F_CSWIFT_CTRL                             100
+#define CSWIFT_F_CSWIFT_DSA_SIGN                         101
+#define CSWIFT_F_CSWIFT_DSA_VERIFY                       102
+#define CSWIFT_F_CSWIFT_FINISH                           103
+#define CSWIFT_F_CSWIFT_INIT                             104
+#define CSWIFT_F_CSWIFT_MOD_EXP                          105
+#define CSWIFT_F_CSWIFT_MOD_EXP_CRT                      106
+#define CSWIFT_F_CSWIFT_RSA_MOD_EXP                      107
+
+/* Reason codes. */
+#define CSWIFT_R_ALREADY_LOADED                          100
+#define CSWIFT_R_BAD_KEY_SIZE                            101
+#define CSWIFT_R_BN_CTX_FULL                             102
+#define CSWIFT_R_BN_EXPAND_FAIL                          103
+#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED            104
+#define CSWIFT_R_MISSING_KEY_COMPONENTS                  105
+#define CSWIFT_R_NOT_LOADED                              106
+#define CSWIFT_R_REQUEST_FAILED                          107
+#define CSWIFT_R_UNIT_FAILURE                            108
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c
new file mode 100644
index 0000000000..41f5900676
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_ncipher.c
@@ -0,0 +1,1019 @@
+/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
+ * (geoff@geoffthorpe.net) and Dr Stephen N Henson (shenson@bigfoot.com)
+ * for the OpenSSL project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include "engine_int.h"
+#include <openssl/engine.h>
+
+#ifndef NO_HW
+#ifndef NO_HW_NCIPHER
+
+/* Attribution notice: nCipher have said several times that it's OK for
+ * us to implement a general interface to their boxes, and recently declared
+ * their HWCryptoHook to be public, and therefore available for us to use.
+ * Thanks, nCipher.
+ *
+ * The hwcryptohook.h included here is from May 2000.
+ * [Richard Levitte]
+ */
+#ifdef FLAT_INC
+#include "hwcryptohook.h"
+#else
+#include "vendor_defns/hwcryptohook.h"
+#endif
+
+static int hwcrhk_init(void);
+static int hwcrhk_finish(void);
+static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()); 
+
+/* Functions to handle mutexes */
+static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*);
+static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*);
+static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*);
+static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*);
+
+/* BIGNUM stuff */
+static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+
+/* RSA stuff */
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+/* RAND stuff */
+static int hwcrhk_rand_bytes(unsigned char *buf, int num);
+static int hwcrhk_rand_status(void);
+
+/* KM stuff */
+static EVP_PKEY *hwcrhk_load_privkey(const char *key_id,
+        const char *passphrase);
+static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id,
+        const char *passphrase);
+static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+        int index,long argl, void *argp);
+
+/* Interaction stuff */
+static int hwcrhk_get_pass(const char *prompt_info,
+        int *len_io, char *buf,
+        HWCryptoHook_PassphraseContext *ppctx,
+        HWCryptoHook_CallerContext *cactx);
+static void hwcrhk_log_message(void *logstream, const char *message);
+
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD hwcrhk_rsa =
+        {
+        "nCipher RSA method",
+        NULL,
+        NULL,
+        NULL,
+        NULL,
+        hwcrhk_rsa_mod_exp,
+        hwcrhk_mod_exp_mont,
+        NULL,
+        NULL,
+        0,
+        NULL,
+        NULL,
+        NULL
+        };
+
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD hwcrhk_dh =
+        {
+        "nCipher DH method",
+        NULL,
+        NULL,
+        hwcrhk_mod_exp_dh,
+        NULL,
+        NULL,
+        0,
+        NULL
+        };
+
+static RAND_METHOD hwcrhk_rand =
+        {
+        /* "nCipher RAND method", */
+        NULL,
+        hwcrhk_rand_bytes,
+        NULL,
+        NULL,
+        hwcrhk_rand_bytes,
+        hwcrhk_rand_status,
+        };
+
+/* Our ENGINE structure. */
+static ENGINE engine_hwcrhk =
+        {
+        "chil",
+        "nCipher hardware engine support",
+        &hwcrhk_rsa,
+        NULL,
+        &hwcrhk_dh,
+        &hwcrhk_rand,
+        hwcrhk_mod_exp,
+        NULL,
+        hwcrhk_init,
+        hwcrhk_finish,
+        hwcrhk_ctrl,
+        hwcrhk_load_privkey,
+        hwcrhk_load_pubkey,
+        0, /* no flags */
+        0, 0, /* no references */
+        NULL, NULL /* unlinked */
+        };
+
+/* Internal stuff for HWCryptoHook */
+
+/* Some structures needed for proper use of thread locks */
+/* hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
+   into HWCryptoHook_Mutex */
+struct HWCryptoHook_MutexValue
+        {
+        int lockid;
+        };
+
+/* hwcryptohook.h has some typedefs that turn
+   struct HWCryptoHook_PassphraseContextValue
+   into HWCryptoHook_PassphraseContext */
+struct HWCryptoHook_PassphraseContextValue
+        {
+        void *any;
+        };
+
+/* hwcryptohook.h has some typedefs that turn
+   struct HWCryptoHook_CallerContextValue
+   into HWCryptoHook_CallerContext */
+struct HWCryptoHook_CallerContextValue
+        {
+        void *any;
+        };
+
+/* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
+   BIGNUM's, so lets define a couple of conversion macros */
+#define BN2MPI(mp, bn) \
+    {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
+#define MPI2BN(bn, mp) \
+    {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
+
+#if 0 /* Card and password management is not yet supported */
+/* HWCryptoHook callbacks.  insert_card() and get_pass() are not yet
+   defined, because we haven't quite decided on the proper form yet.
+   log_message() just adds an entry in the error stack.  I don't know
+   if that's good or bad...  */
+static int insert_card(const char *prompt_info,
+        const char *wrong_info,
+        HWCryptoHook_PassphraseContext *ppctx,
+        HWCryptoHook_CallerContext *cactx);
+static int get_pass(const char *prompt_info,
+        int *len_io, char *buf,
+        HWCryptoHook_PassphraseContext *ppctx,
+        HWCryptoHook_CallerContext *cactx);
+#endif
+
+static BIO *logstream = NULL;
+static pem_password_cb *password_callback = NULL;
+#if 0
+static void *password_callback_userdata = NULL;
+#endif
+static int disable_mutex_callbacks = 0;
+
+/* Stuff to pass to the HWCryptoHook library */
+static HWCryptoHook_InitInfo hwcrhk_globals = {
+        0,                      /* Flags */
+        &logstream,             /* logstream */
+        sizeof(BN_ULONG),       /* limbsize */
+        0,                      /* mslimb first: false for BNs */
+        -1,                     /* msbyte first: use native */
+        0,                      /* Max mutexes, 0 = no small limit */
+        0,                      /* Max simultaneous, 0 = default */
+
+        /* The next few are mutex stuff: we write wrapper functions
+           around the OS mutex functions.  We initialise them to 0
+           here, and change that to actual function pointers in hwcrhk_init()
+           if dynamic locks are supported (that is, if the application
+           programmer has made sure of setting up callbacks bafore starting
+           this engine) *and* if disable_mutex_callbacks hasn't been set by
+           a call to ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). */
+        sizeof(HWCryptoHook_Mutex),
+        0,
+        0,
+        0,
+        0,
+
+        /* The next few are condvar stuff: we write wrapper functions
+           round the OS functions.  Currently not implemented and not
+           and absolute necessity even in threaded programs, therefore
+           0'ed.  Will hopefully be implemented some day, since it
+           enhances the efficiency of HWCryptoHook.  */
+        0, /* sizeof(HWCryptoHook_CondVar), */
+        0, /* hwcrhk_cv_init, */
+        0, /* hwcrhk_cv_wait, */
+        0, /* hwcrhk_cv_signal, */
+        0, /* hwcrhk_cv_broadcast, */
+        0, /* hwcrhk_cv_destroy, */
+
+        hwcrhk_get_pass,        /* pass phrase */
+        0, /* insert_card, */   /* insert a card */
+        hwcrhk_log_message      /* Log message */
+};
+
+
+/* Now, to our own code */
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_ncipher()
+        {
+        RSA_METHOD *meth1;
+        DH_METHOD *meth2;
+
+        /* We know that the "PKCS1_SSLeay()" functions hook properly
+         * to the cswift-specific mod_exp and mod_exp_crt so we use
+         * those functions. NB: We don't use ENGINE_openssl() or
+         * anything "more generic" because something like the RSAref
+         * code may not hook properly, and if you own one of these
+         * cards then you have the right to do RSA operations on it
+         * anyway! */ 
+        meth1 = RSA_PKCS1_SSLeay();
+        hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+        hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+        hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+        hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+
+        /* Much the same for Diffie-Hellman */
+        meth2 = DH_OpenSSL();
+        hwcrhk_dh.generate_key = meth2->generate_key;
+        hwcrhk_dh.compute_key = meth2->compute_key;
+        return &engine_hwcrhk;
+        }
+
+/* This is a process-global DSO handle used for loading and unloading
+ * the HWCryptoHook library. NB: This is only set (or unset) during an
+ * init() or finish() call (reference counts permitting) and they're
+ * operating with global locks, so this should be thread-safe
+ * implicitly. */
+static DSO *hwcrhk_dso = NULL;
+static HWCryptoHook_ContextHandle hwcrhk_context = 0;
+static int hndidx = -1; /* Index for KM handle.  Not really used yet. */
+
+/* These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded. */
+static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
+static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
+static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
+static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
+static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
+static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
+static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
+static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
+static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
+
+/* Used in the DSO operations. */
+static const char *HWCRHK_LIBNAME = "nfhwcrhk";
+static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
+static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
+static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
+static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
+static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
+static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
+static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
+static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
+static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
+
+/* HWCryptoHook library functions and mechanics - these are used by the
+ * higher-level functions further down. NB: As and where there's no
+ * error checking, take a look lower down where these functions are
+ * called, the checking and error handling is probably down there. */
+
+/* utility function to obtain a context */
+static int get_context(HWCryptoHook_ContextHandle *hac)
+        {
+        char tempbuf[1024];
+        HWCryptoHook_ErrMsgBuf rmsg;
+
+        rmsg.buf = tempbuf;
+        rmsg.size = 1024;
+
+        *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg,
+                NULL);
+        if (!*hac)
+                return 0;
+        return 1;
+        }
+ 
+/* similarly to release one. */
+static void release_context(HWCryptoHook_ContextHandle hac)
+        {
+        p_hwcrhk_Finish(hac);
+        }
+
+/* (de)initialisation functions. */
+static int hwcrhk_init()
+        {
+        HWCryptoHook_Init_t *p1;
+        HWCryptoHook_Finish_t *p2;
+        HWCryptoHook_ModExp_t *p3;
+        HWCryptoHook_RSA_t *p4;
+        HWCryptoHook_RSALoadKey_t *p5;
+        HWCryptoHook_RSAGetPublicKey_t *p6;
+        HWCryptoHook_RSAUnloadKey_t *p7;
+        HWCryptoHook_RandomBytes_t *p8;
+        HWCryptoHook_ModExpCRT_t *p9;
+
+        if(hwcrhk_dso != NULL)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_ALREADY_LOADED);
+                goto err;
+                }
+        /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
+        hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL,
+                DSO_FLAG_NAME_TRANSLATION);
+        if(hwcrhk_dso == NULL)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_DSO_FAILURE);
+                goto err;
+                }
+        if(!(p1 = (HWCryptoHook_Init_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
+                !(p2 = (HWCryptoHook_Finish_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
+                !(p3 = (HWCryptoHook_ModExp_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
+                !(p4 = (HWCryptoHook_RSA_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
+                !(p5 = (HWCryptoHook_RSALoadKey_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
+                !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
+                !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
+                !(p8 = (HWCryptoHook_RandomBytes_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
+                !(p9 = (HWCryptoHook_ModExpCRT_t *)
+                        DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT)))
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_DSO_FAILURE);
+                goto err;
+                }
+        /* Copy the pointers */
+        p_hwcrhk_Init = p1;
+        p_hwcrhk_Finish = p2;
+        p_hwcrhk_ModExp = p3;
+        p_hwcrhk_RSA = p4;
+        p_hwcrhk_RSALoadKey = p5;
+        p_hwcrhk_RSAGetPublicKey = p6;
+        p_hwcrhk_RSAUnloadKey = p7;
+        p_hwcrhk_RandomBytes = p8;
+        p_hwcrhk_ModExpCRT = p9;
+
+        /* Check if the application decided to support dynamic locks,
+           and if it does, use them. */
+        if (disable_mutex_callbacks == 0 &&
+                CRYPTO_get_dynlock_create_callback() != NULL &&
+                CRYPTO_get_dynlock_lock_callback() != NULL &&
+                CRYPTO_get_dynlock_destroy_callback() != NULL)
+                {
+                hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+                hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+                hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+                hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
+                }
+
+        /* Try and get a context - if not, we may have a DSO but no
+         * accelerator! */
+        if(!get_context(&hwcrhk_context))
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_UNIT_FAILURE);
+                goto err;
+                }
+        /* Everything's fine. */
+        if (hndidx == -1)
+                hndidx = RSA_get_ex_new_index(0,
+                        "nFast HWCryptoHook RSA key handle",
+                        NULL, NULL, hwcrhk_ex_free);
+        return 1;
+err:
+        if(hwcrhk_dso)
+                DSO_free(hwcrhk_dso);
+        hwcrhk_dso = NULL;
+        p_hwcrhk_Init = NULL;
+        p_hwcrhk_Finish = NULL;
+        p_hwcrhk_ModExp = NULL;
+        p_hwcrhk_RSA = NULL;
+        p_hwcrhk_RSALoadKey = NULL;
+        p_hwcrhk_RSAGetPublicKey = NULL;
+        p_hwcrhk_RSAUnloadKey = NULL;
+        p_hwcrhk_ModExpCRT = NULL;
+        p_hwcrhk_RandomBytes = NULL;
+        return 0;
+        }
+
+static int hwcrhk_finish()
+        {
+        int to_return = 1;
+        if(hwcrhk_dso == NULL)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_FINISH,ENGINE_R_NOT_LOADED);
+                to_return = 0;
+                goto err;
+                }
+        release_context(hwcrhk_context);
+        if(!DSO_free(hwcrhk_dso))
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_FINISH,ENGINE_R_DSO_FAILURE);
+                to_return = 0;
+                goto err;
+                }
+ err:
+        if (logstream)
+                BIO_free(logstream);
+        hwcrhk_dso = NULL;
+        p_hwcrhk_Init = NULL;
+        p_hwcrhk_Finish = NULL;
+        p_hwcrhk_ModExp = NULL;
+        p_hwcrhk_RSA = NULL;
+        p_hwcrhk_RSALoadKey = NULL;
+        p_hwcrhk_RSAGetPublicKey = NULL;
+        p_hwcrhk_RSAUnloadKey = NULL;
+        p_hwcrhk_ModExpCRT = NULL;
+        p_hwcrhk_RandomBytes = NULL;
+        return to_return;
+        }
+
+static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)())
+        {
+        int to_return = 1;
+
+        switch(cmd)
+                {
+        case ENGINE_CTRL_SET_LOGSTREAM:
+                {
+                BIO *bio = (BIO *)p;
+
+                CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+                if (logstream)
+                        {
+                        BIO_free(logstream);
+                        logstream = NULL;
+                        }
+                if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
+                        logstream = bio;
+                else
+                        ENGINEerr(ENGINE_F_HWCRHK_CTRL,ENGINE_R_BIO_WAS_FREED);
+                }
+                CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+                break;
+        case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
+                CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+                password_callback = (pem_password_cb *)f;
+                CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+                break;
+        /* this enables or disables the "SimpleForkCheck" flag used in the
+         * initialisation structure. */
+        case ENGINE_CTRL_CHIL_SET_FORKCHECK:
+                CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+                if(i)
+                        hwcrhk_globals.flags |=
+                                HWCryptoHook_InitFlags_SimpleForkCheck;
+                else
+                        hwcrhk_globals.flags &=
+                                ~HWCryptoHook_InitFlags_SimpleForkCheck;
+                CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+                break;
+        /* This will prevent the initialisation function from "installing"
+         * the mutex-handling callbacks, even if they are available from
+         * within the library (or were provided to the library from the
+         * calling application). This is to remove any baggage for
+         * applications not using multithreading. */
+        case ENGINE_CTRL_CHIL_NO_LOCKING:
+                CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+                disable_mutex_callbacks = 1;
+                CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+                break;
+
+        /* The command isn't understood by this engine */
+        default:
+                ENGINEerr(ENGINE_F_HWCRHK_CTRL,
+                        ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+                to_return = 0;
+                break;
+                }
+
+        return to_return;
+        }
+
+static EVP_PKEY *hwcrhk_load_privkey(const char *key_id,
+        const char *passphrase)
+        {
+        RSA *rtmp = NULL;
+        EVP_PKEY *res = NULL;
+        HWCryptoHook_MPI e, n;
+        HWCryptoHook_RSAKeyHandle *hptr;
+        HWCryptoHook_ErrMsgBuf rmsg;
+
+        if(!hwcrhk_context)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
+                        ENGINE_R_NOT_INITIALISED);
+                goto err;
+                }
+        hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
+        if (!hptr)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
+                        ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+        if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr,
+                &rmsg, NULL))
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
+                        ENGINE_R_CHIL_ERROR);
+                ERR_add_error_data(1,rmsg.buf);
+                goto err;
+                }
+        if (!*hptr)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
+                        ENGINE_R_NO_KEY);
+                goto err;
+                }
+        rtmp = RSA_new_method(&engine_hwcrhk);
+        RSA_set_ex_data(rtmp, hndidx, (char *)hptr);
+        rtmp->e = BN_new();
+        rtmp->n = BN_new();
+        rtmp->flags |= RSA_FLAG_EXT_PKEY;
+        MPI2BN(rtmp->e, e);
+        MPI2BN(rtmp->n, n);
+        if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
+                != HWCRYPTOHOOK_ERROR_MPISIZE)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,ENGINE_R_CHIL_ERROR);
+                ERR_add_error_data(1,rmsg.buf);
+                goto err;
+                }
+                        
+        bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG));
+        bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG));
+        MPI2BN(rtmp->e, e);
+        MPI2BN(rtmp->n, n);
+
+        if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
+                        ENGINE_R_CHIL_ERROR);
+                ERR_add_error_data(1,rmsg.buf);
+                goto err;
+                }
+        rtmp->e->top = e.size / sizeof(BN_ULONG);
+        bn_fix_top(rtmp->e);
+        rtmp->n->top = n.size / sizeof(BN_ULONG);
+        bn_fix_top(rtmp->n);
+
+        res = EVP_PKEY_new();
+        EVP_PKEY_assign_RSA(res, rtmp);
+
+        return res;
+ err:
+        if (res)
+                EVP_PKEY_free(res);
+        if (rtmp)
+                RSA_free(rtmp);
+        return NULL;
+        }
+
+static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase)
+        {
+        EVP_PKEY *res = hwcrhk_load_privkey(key_id, passphrase);
+
+        if (res)
+                switch(res->type)
+                        {
+                case EVP_PKEY_RSA:
+                        {
+                        RSA *rsa = NULL;
+
+                        CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+                        rsa = res->pkey.rsa;
+                        res->pkey.rsa = RSA_new();
+                        res->pkey.rsa->n = rsa->n;
+                        res->pkey.rsa->e = rsa->e;
+                        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+                        RSA_free(rsa);
+                        }
+                default:
+                        ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
+                                ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+                        goto err;
+                        }
+
+        return res;
+ err:
+        if (res)
+                EVP_PKEY_free(res);
+        return NULL;
+        }
+
+/* A little mod_exp */
+static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                        const BIGNUM *m, BN_CTX *ctx)
+        {
+        char tempbuf[1024];
+        HWCryptoHook_ErrMsgBuf rmsg;
+        /* Since HWCryptoHook_MPI is pretty compatible with BIGNUM's,
+           we use them directly, plus a little macro magic.  We only
+           thing we need to make sure of is that enough space is allocated. */
+        HWCryptoHook_MPI m_a, m_p, m_n, m_r;
+        int to_return, ret;
+ 
+        to_return = 0; /* expect failure */
+        rmsg.buf = tempbuf;
+        rmsg.size = 1024;
+
+        if(!hwcrhk_context)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+                goto err;
+                }
+        /* Prepare the params */
+        bn_expand2(r, m->top);  /* Check for error !! */
+        BN2MPI(m_a, a);
+        BN2MPI(m_p, p);
+        BN2MPI(m_n, m);
+        MPI2BN(r, m_r);
+
+        /* Perform the operation */
+        ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
+
+        /* Convert the response */
+        r->top = m_r.size / sizeof(BN_ULONG);
+        bn_fix_top(r);
+
+        if (ret < 0)
+                {
+                /* FIXME: When this error is returned, HWCryptoHook is
+                   telling us that falling back to software computation
+                   might be a good thing. */
+                if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
+                        {
+                        ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_REQUEST_FALLBACK);
+                        }
+                else
+                        {
+                        ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                        }
+                ERR_add_error_data(1,rmsg.buf);
+                goto err;
+                }
+
+        to_return = 1;
+err:
+        return to_return;
+        }
+ 
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa)
+        {
+        char tempbuf[1024];
+        HWCryptoHook_ErrMsgBuf rmsg;
+        HWCryptoHook_RSAKeyHandle *hptr;
+        int to_return = 0, ret;
+
+        if(!hwcrhk_context)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+                goto err;
+                }
+
+        /* This provides support for nForce keys.  Since that's opaque data
+           all we do is provide a handle to the proper key and let HWCryptoHook
+           take care of the rest. */
+        if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx))
+                != NULL)
+                {
+                HWCryptoHook_MPI m_a, m_r;
+
+                if(!rsa->n)
+                        {
+                        ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,
+                                ENGINE_R_MISSING_KEY_COMPONENTS);
+                        goto err;
+                        }
+
+                rmsg.buf = tempbuf;
+                rmsg.size = 1024;
+
+                /* Prepare the params */
+                bn_expand2(r, rsa->n->top); /* Check for error !! */
+                BN2MPI(m_a, I);
+                MPI2BN(r, m_r);
+
+                /* Perform the operation */
+                ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
+
+                /* Convert the response */
+                r->top = m_r.size / sizeof(BN_ULONG);
+                bn_fix_top(r);
+
+                if (ret < 0)
+                        {
+                        /* FIXME: When this error is returned, HWCryptoHook is
+                           telling us that falling back to software computation
+                           might be a good thing. */
+                        if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
+                                {
+                                ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FALLBACK);
+                                }
+                        else
+                                {
+                                ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                                }
+                        ERR_add_error_data(1,rmsg.buf);
+                        goto err;
+                        }
+                }
+        else
+                {
+                HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
+
+                if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
+                        {
+                        ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,
+                                ENGINE_R_MISSING_KEY_COMPONENTS);
+                        goto err;
+                        }
+
+                rmsg.buf = tempbuf;
+                rmsg.size = 1024;
+
+                /* Prepare the params */
+                bn_expand2(r, rsa->n->top); /* Check for error !! */
+                BN2MPI(m_a, I);
+                BN2MPI(m_p, rsa->p);
+                BN2MPI(m_q, rsa->q);
+                BN2MPI(m_dmp1, rsa->dmp1);
+                BN2MPI(m_dmq1, rsa->dmq1);
+                BN2MPI(m_iqmp, rsa->iqmp);
+                MPI2BN(r, m_r);
+
+                /* Perform the operation */
+                ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
+                        m_dmp1, m_dmq1, m_iqmp, &m_r, NULL);
+
+                /* Convert the response */
+                r->top = m_r.size / sizeof(BN_ULONG);
+                bn_fix_top(r);
+
+                if (ret < 0)
+                        {
+                        /* FIXME: When this error is returned, HWCryptoHook is
+                           telling us that falling back to software computation
+                           might be a good thing. */
+                        if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
+                                {
+                                ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FALLBACK);
+                                }
+                        else
+                                {
+                                ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                                }
+                        ERR_add_error_data(1,rmsg.buf);
+                        goto err;
+                        }
+                }
+        /* If we're here, we must be here with some semblance of success :-) */
+        to_return = 1;
+err:
+        return to_return;
+        }
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return hwcrhk_mod_exp(r, a, p, m, ctx);
+        }
+
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return hwcrhk_mod_exp(r, a, p, m, ctx);
+        }
+
+/* Random bytes are good */
+static int hwcrhk_rand_bytes(unsigned char *buf, int num)
+        {
+        char tempbuf[1024];
+        HWCryptoHook_ErrMsgBuf rmsg;
+        int to_return = 0; /* assume failure */
+        int ret;
+
+        rmsg.buf = tempbuf;
+        rmsg.size = 1024;
+
+        if(!hwcrhk_context)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED);
+                goto err;
+                }
+
+        ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
+        if (ret < 0)
+                {
+                /* FIXME: When this error is returned, HWCryptoHook is
+                   telling us that falling back to software computation
+                   might be a good thing. */
+                if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
+                        {
+                        ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_REQUEST_FALLBACK);
+                        }
+                else
+                        {
+                        ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_REQUEST_FAILED);
+                        }
+                ERR_add_error_data(1,rmsg.buf);
+                goto err;
+                }
+        to_return = 1;
+ err:
+        return to_return;
+        }
+
+static int hwcrhk_rand_status(void)
+        {
+        return 1;
+        }
+
+/* This cleans up an RSA KM key, called when ex_data is freed */
+
+static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+        int index,long argl, void *argp)
+{
+        char tempbuf[1024];
+        HWCryptoHook_ErrMsgBuf rmsg;
+        HWCryptoHook_RSAKeyHandle *hptr;
+        int ret;
+
+        rmsg.buf = tempbuf;
+        rmsg.size = 1024;
+
+        hptr = (HWCryptoHook_RSAKeyHandle *) item;
+        if(!hptr) return;
+        ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+        OPENSSL_free(hptr);
+}
+
+/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
+ * these just wrap the POSIX functions and add some logging.
+ */
+
+static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt,
+        HWCryptoHook_CallerContext *cactx)
+        {
+        mt->lockid = CRYPTO_get_new_dynlockid();
+        if (mt->lockid == 0)
+                return 0;
+        return 1;
+        }
+
+static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt)
+        {
+        CRYPTO_w_lock(mt->lockid);
+        return 1;
+        }
+
+void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
+        {
+        CRYPTO_w_unlock(mt->lockid);
+        }
+
+static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt)
+        {
+        CRYPTO_destroy_dynlockid(mt->lockid);
+        }
+
+static int hwcrhk_get_pass(const char *prompt_info,
+        int *len_io, char *buf,
+        HWCryptoHook_PassphraseContext *ppctx,
+        HWCryptoHook_CallerContext *cactx)
+        {
+        int l = 0;
+        char prompt[1024];
+
+        if (password_callback == NULL)
+                {
+                ENGINEerr(ENGINE_F_HWCRHK_GET_PASS,ENGINE_R_NO_CALLBACK);
+                return -1;
+                }
+        if (prompt_info)
+                {
+                strncpy(prompt, "Card: \"", sizeof(prompt));
+                l += 5;
+                strncpy(prompt + l, prompt_info, sizeof(prompt) - l);
+                l += strlen(prompt_info);
+                if (l + 2 < sizeof(prompt))
+                        {
+                        strncpy(prompt + l, "\"\n", sizeof(prompt) - l);
+                        l += 2;
+                        }
+                }
+        if (l < sizeof(prompt) - 1)
+                {
+                strncpy(prompt, "Enter Passphrase <enter to cancel>:",
+                        sizeof(prompt) - l);
+                l += 35;
+                }
+        prompt[l] = '\0';
+
+        /* I know, passing on the prompt instead of the user data *is*
+           a bad thing.  However, that's all we have right now.
+           --  Richard Levitte */
+        *len_io = password_callback(buf, *len_io, 0, prompt);
+        if(!*len_io)
+                return -1;
+        return 0;
+        }
+
+static void hwcrhk_log_message(void *logstream, const char *message)
+        {
+        BIO *lstream = NULL;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_BIO);
+        if (logstream)
+                lstream=*(BIO **)logstream;
+        if (lstream)
+                {
+                BIO_write(lstream, message, strlen(message));
+                }
+        CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
+        }
+
+#endif /* !NO_HW_NCIPHER */
+#endif /* !NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.c b/src/lib/libcrypto/engine/hw_ncipher_err.c
new file mode 100644
index 0000000000..24024cfc6f
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_ncipher_err.c
@@ -0,0 +1,156 @@
+/* hw_ncipher_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_ncipher_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA HWCRHK_str_functs[]=
+        {
+{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0),    "HWCRHK_CTRL"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0),  "HWCRHK_FINISH"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0),        "HWCRHK_GET_PASS"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0),    "HWCRHK_INIT"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0),     "HWCRHK_INSERT_CARD"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0),    "HWCRHK_LOAD_PRIVKEY"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0),     "HWCRHK_LOAD_PUBKEY"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0), "HWCRHK_MOD_EXP"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0),      "HWCRHK_RAND_BYTES"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0),     "HWCRHK_RSA_MOD_EXP"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA HWCRHK_str_reasons[]=
+        {
+{HWCRHK_R_ALREADY_LOADED                 ,"already loaded"},
+{HWCRHK_R_BIO_WAS_FREED                  ,"bio was freed"},
+{HWCRHK_R_CHIL_ERROR                     ,"chil error"},
+{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
+{HWCRHK_R_DSO_FAILURE                    ,"dso failure"},
+{HWCRHK_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
+{HWCRHK_R_NOT_INITIALISED                ,"not initialised"},
+{HWCRHK_R_NOT_LOADED                     ,"not loaded"},
+{HWCRHK_R_NO_CALLBACK                    ,"no callback"},
+{HWCRHK_R_NO_KEY                         ,"no key"},
+{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
+{HWCRHK_R_REQUEST_FAILED                 ,"request failed"},
+{HWCRHK_R_REQUEST_FALLBACK               ,"request fallback"},
+{HWCRHK_R_UNIT_FAILURE                   ,"unit failure"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef HWCRHK_LIB_NAME
+static ERR_STRING_DATA HWCRHK_lib_name[]=
+        {
+{0      ,HWCRHK_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int HWCRHK_lib_error_code=0;
+static int HWCRHK_error_init=1;
+
+static void ERR_load_HWCRHK_strings(void)
+        {
+        if (HWCRHK_lib_error_code == 0)
+                HWCRHK_lib_error_code=ERR_get_next_error_library();
+
+        if (HWCRHK_error_init)
+                {
+                HWCRHK_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
+                ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
+#endif
+
+#ifdef HWCRHK_LIB_NAME
+                HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code,0,0);
+                ERR_load_strings(0,HWCRHK_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_HWCRHK_strings(void)
+        {
+        if (HWCRHK_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
+                ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
+#endif
+
+#ifdef HWCRHK_LIB_NAME
+                ERR_unload_strings(0,HWCRHK_lib_name);
+#endif
+                HWCRHK_error_init=1;
+                }
+        }
+
+static void ERR_HWCRHK_error(int function, int reason, char *file, int line)
+        {
+        if (HWCRHK_lib_error_code == 0)
+                HWCRHK_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(HWCRHK_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.h b/src/lib/libcrypto/engine/hw_ncipher_err.h
new file mode 100644
index 0000000000..4d65b1d470
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_ncipher_err.h
@@ -0,0 +1,100 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_HWCRHK_ERR_H
+#define HEADER_HWCRHK_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_HWCRHK_strings(void);
+static void ERR_unload_HWCRHK_strings(void);
+static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
+#define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the HWCRHK functions. */
+
+/* Function codes. */
+#define HWCRHK_F_HWCRHK_CTRL                             100
+#define HWCRHK_F_HWCRHK_FINISH                           101
+#define HWCRHK_F_HWCRHK_GET_PASS                         102
+#define HWCRHK_F_HWCRHK_INIT                             103
+#define HWCRHK_F_HWCRHK_INSERT_CARD                      104
+#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY                     105
+#define HWCRHK_F_HWCRHK_LOAD_PUBKEY                      106
+#define HWCRHK_F_HWCRHK_MOD_EXP                          107
+#define HWCRHK_F_HWCRHK_RAND_BYTES                       108
+#define HWCRHK_F_HWCRHK_RSA_MOD_EXP                      109
+
+/* Reason codes. */
+#define HWCRHK_R_ALREADY_LOADED                          100
+#define HWCRHK_R_BIO_WAS_FREED                           101
+#define HWCRHK_R_CHIL_ERROR                              102
+#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
+#define HWCRHK_R_DSO_FAILURE                             104
+#define HWCRHK_R_MISSING_KEY_COMPONENTS                  105
+#define HWCRHK_R_NOT_INITIALISED                         106
+#define HWCRHK_R_NOT_LOADED                              107
+#define HWCRHK_R_NO_CALLBACK                             108
+#define HWCRHK_R_NO_KEY                                  109
+#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED         110
+#define HWCRHK_R_REQUEST_FAILED                          111
+#define HWCRHK_R_REQUEST_FALLBACK                        112
+#define HWCRHK_R_UNIT_FAILURE                            113
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_nuron.c b/src/lib/libcrypto/engine/hw_nuron.c
new file mode 100644
index 0000000000..2672012154
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_nuron.c
@@ -0,0 +1,399 @@
+/* crypto/engine/hw_nuron.c */
+/* Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
+ * Thorpe's Atalla implementation.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+
+
+#ifndef OPENSSL_NO_HW
+#ifndef OPENSSL_NO_HW_NURON
+
+#define NURON_LIB_NAME "nuron engine"
+#include "hw_nuron_err.c"
+
+static const char def_NURON_LIBNAME[] = "nuronssl";
+static const char *NURON_LIBNAME = def_NURON_LIBNAME;
+static const char *NURON_F1 = "nuron_mod_exp";
+
+/* The definitions for control commands specific to this engine */
+#define NURON_CMD_SO_PATH               ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
+        {NURON_CMD_SO_PATH,
+                "SO_PATH",
+                "Specifies the path to the 'nuronssl' shared library",
+                ENGINE_CMD_FLAG_STRING},
+        {0, NULL, NULL, 0}
+        };
+
+typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
+static tfnModExp *pfnModExp = NULL;
+
+static DSO *pvDSOHandle = NULL;
+
+static int nuron_destroy(ENGINE *e)
+        {
+        ERR_unload_NURON_strings();
+        return 1;
+        }
+
+static int nuron_init(ENGINE *e)
+        {
+        if(pvDSOHandle != NULL)
+                {
+                NURONerr(NURON_F_NURON_INIT,NURON_R_ALREADY_LOADED);
+                return 0;
+                }
+
+        pvDSOHandle = DSO_load(NULL, NURON_LIBNAME, NULL,
+                DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
+        if(!pvDSOHandle)
+                {
+                NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_NOT_FOUND);
+                return 0;
+                }
+
+        pfnModExp = (tfnModExp *)DSO_bind_func(pvDSOHandle, NURON_F1);
+        if(!pfnModExp)
+                {
+                NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_FUNCTION_NOT_FOUND);
+                return 0;
+                }
+
+        return 1;
+        }
+
+static int nuron_finish(ENGINE *e)
+        {
+        if(pvDSOHandle == NULL)
+                {
+                NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
+                return 0;
+                }
+        if(!DSO_free(pvDSOHandle))
+                {
+                NURONerr(NURON_F_NURON_FINISH,NURON_R_DSO_FAILURE);
+                return 0;
+                }
+        pvDSOHandle=NULL;
+        pfnModExp=NULL;
+        return 1;
+        }
+
+static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+        {
+        int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
+        switch(cmd)
+                {
+        case NURON_CMD_SO_PATH:
+                if(p == NULL)
+                        {
+                        NURONerr(NURON_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                        return 0;
+                        }
+                if(initialised)
+                        {
+                        NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
+                        return 0;
+                        }
+                NURON_LIBNAME = (const char *)p;
+                return 1;
+        default:
+                break;
+                }
+        NURONerr(NURON_F_NURON_CTRL,NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+        return 0;
+}
+
+static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,
+                         const BIGNUM *m,BN_CTX *ctx)
+        {
+        if(!pvDSOHandle)
+                {
+                NURONerr(NURON_F_NURON_MOD_EXP,NURON_R_NOT_LOADED);
+                return 0;
+                }
+        return pfnModExp(r,a,p,m);
+        }
+
+#ifndef OPENSSL_NO_RSA
+static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+        {
+        return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL);
+        }
+#endif
+
+#ifndef OPENSSL_NO_DSA
+/* This code was liberated and adapted from the commented-out code in
+ * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
+ * (it doesn't have a CRT form for RSA), this function means that an
+ * Atalla system running with a DSA server certificate can handshake
+ * around 5 or 6 times faster/more than an equivalent system running with
+ * RSA. Just check out the "signs" statistics from the RSA and DSA parts
+ * of "openssl speed -engine atalla dsa1024 rsa1024". */
+static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                             BN_CTX *ctx, BN_MONT_CTX *in_mont)
+        {
+        BIGNUM t;
+        int to_return = 0;
+ 
+        BN_init(&t);
+        /* let rr = a1 ^ p1 mod m */
+        if (!nuron_mod_exp(rr,a1,p1,m,ctx))
+                goto end;
+        /* let t = a2 ^ p2 mod m */
+        if (!nuron_mod_exp(&t,a2,p2,m,ctx))
+                goto end;
+        /* let rr = rr * t mod m */
+        if (!BN_mod_mul(rr,rr,&t,m,ctx))
+                goto end;
+        to_return = 1;
+end:
+        BN_free(&t);
+        return to_return;
+        }
+
+
+static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx)
+        {
+        return nuron_mod_exp(r, a, p, m, ctx);
+        }
+#endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return nuron_mod_exp(r, a, p, m, ctx);
+        }
+
+#ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
+                const BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        return nuron_mod_exp(r, a, p, m, ctx);
+        }
+#endif
+
+#ifndef OPENSSL_NO_RSA
+static RSA_METHOD nuron_rsa =
+        {
+        "Nuron RSA method",
+        NULL,
+        NULL,
+        NULL,
+        NULL,
+        nuron_rsa_mod_exp,
+        nuron_mod_exp_mont,
+        NULL,
+        NULL,
+        0,
+        NULL,
+        NULL,
+        NULL
+        };
+#endif
+
+#ifndef OPENSSL_NO_DSA
+static DSA_METHOD nuron_dsa =
+        {
+        "Nuron DSA method",
+        NULL, /* dsa_do_sign */
+        NULL, /* dsa_sign_setup */
+        NULL, /* dsa_do_verify */
+        nuron_dsa_mod_exp, /* dsa_mod_exp */
+        nuron_mod_exp_dsa, /* bn_mod_exp */
+        NULL, /* init */
+        NULL, /* finish */
+        0, /* flags */
+        NULL /* app_data */
+        };
+#endif
+
+#ifndef OPENSSL_NO_DH
+static DH_METHOD nuron_dh =
+        {
+        "Nuron DH method",
+        NULL,
+        NULL,
+        nuron_mod_exp_dh,
+        NULL,
+        NULL,
+        0,
+        NULL
+        };
+#endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_nuron_id = "nuron";
+static const char *engine_nuron_name = "Nuron hardware engine support";
+
+/* This internal function is used by ENGINE_nuron() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
+        {
+#ifndef OPENSSL_NO_RSA
+        const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DSA
+        const DSA_METHOD *meth2;
+#endif
+#ifndef OPENSSL_NO_DH
+        const DH_METHOD *meth3;
+#endif
+        if(!ENGINE_set_id(e, engine_nuron_id) ||
+                        !ENGINE_set_name(e, engine_nuron_name) ||
+#ifndef OPENSSL_NO_RSA
+                        !ENGINE_set_RSA(e, &nuron_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
+                        !ENGINE_set_DSA(e, &nuron_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
+                        !ENGINE_set_DH(e, &nuron_dh) ||
+#endif
+                        !ENGINE_set_destroy_function(e, nuron_destroy) ||
+                        !ENGINE_set_init_function(e, nuron_init) ||
+                        !ENGINE_set_finish_function(e, nuron_finish) ||
+                        !ENGINE_set_ctrl_function(e, nuron_ctrl) ||
+                        !ENGINE_set_cmd_defns(e, nuron_cmd_defns))
+                return 0;
+
+#ifndef OPENSSL_NO_RSA
+        /* We know that the "PKCS1_SSLeay()" functions hook properly
+         * to the nuron-specific mod_exp and mod_exp_crt so we use
+         * those functions. NB: We don't use ENGINE_openssl() or
+         * anything "more generic" because something like the RSAref
+         * code may not hook properly, and if you own one of these
+         * cards then you have the right to do RSA operations on it
+         * anyway! */ 
+        meth1=RSA_PKCS1_SSLeay();
+        nuron_rsa.rsa_pub_enc=meth1->rsa_pub_enc;
+        nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec;
+        nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc;
+        nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec;
+#endif
+
+#ifndef OPENSSL_NO_DSA
+        /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
+         * bits. */
+        meth2=DSA_OpenSSL();
+        nuron_dsa.dsa_do_sign=meth2->dsa_do_sign;
+        nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup;
+        nuron_dsa.dsa_do_verify=meth2->dsa_do_verify;
+#endif
+
+#ifndef OPENSSL_NO_DH
+        /* Much the same for Diffie-Hellman */
+        meth3=DH_OpenSSL();
+        nuron_dh.generate_key=meth3->generate_key;
+        nuron_dh.compute_key=meth3->compute_key;
+#endif
+
+        /* Ensure the nuron error handling is set up */
+        ERR_load_NURON_strings();
+        return 1;
+        }
+
+static ENGINE *engine_nuron(void)
+        {
+        ENGINE *ret = ENGINE_new();
+        if(!ret)
+                return NULL;
+        if(!bind_helper(ret))
+                {
+                ENGINE_free(ret);
+                return NULL;
+                }
+        return ret;
+        }
+
+void ENGINE_load_nuron(void)
+        {
+        /* Copied from eng_[openssl|dyn].c */
+        ENGINE *toadd = engine_nuron();
+        if(!toadd) return;
+        ENGINE_add(toadd);
+        ENGINE_free(toadd);
+        ERR_clear_error();
+        }
+
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */      
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+        {
+        if(id && (strcmp(id, engine_nuron_id) != 0))
+                return 0;
+        if(!bind_helper(e))
+                return 0;
+        return 1;
+        }       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
+#endif /* !OPENSSL_NO_HW_NURON */
+#endif /* !OPENSSL_NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_nuron_err.c b/src/lib/libcrypto/engine/hw_nuron_err.c
new file mode 100644
index 0000000000..df9d7bde76
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_nuron_err.c
@@ -0,0 +1,142 @@
+/* hw_nuron_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_nuron_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA NURON_str_functs[]=
+        {
+{ERR_PACK(0,NURON_F_NURON_CTRL,0),      "NURON_CTRL"},
+{ERR_PACK(0,NURON_F_NURON_FINISH,0),    "NURON_FINISH"},
+{ERR_PACK(0,NURON_F_NURON_INIT,0),      "NURON_INIT"},
+{ERR_PACK(0,NURON_F_NURON_MOD_EXP,0),   "NURON_MOD_EXP"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA NURON_str_reasons[]=
+        {
+{NURON_R_ALREADY_LOADED                  ,"already loaded"},
+{NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
+{NURON_R_DSO_FAILURE                     ,"dso failure"},
+{NURON_R_DSO_FUNCTION_NOT_FOUND          ,"dso function not found"},
+{NURON_R_DSO_NOT_FOUND                   ,"dso not found"},
+{NURON_R_NOT_LOADED                      ,"not loaded"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef NURON_LIB_NAME
+static ERR_STRING_DATA NURON_lib_name[]=
+        {
+{0      ,NURON_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int NURON_lib_error_code=0;
+static int NURON_error_init=1;
+
+static void ERR_load_NURON_strings(void)
+        {
+        if (NURON_lib_error_code == 0)
+                NURON_lib_error_code=ERR_get_next_error_library();
+
+        if (NURON_error_init)
+                {
+                NURON_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(NURON_lib_error_code,NURON_str_functs);
+                ERR_load_strings(NURON_lib_error_code,NURON_str_reasons);
+#endif
+
+#ifdef NURON_LIB_NAME
+                NURON_lib_name->error = ERR_PACK(NURON_lib_error_code,0,0);
+                ERR_load_strings(0,NURON_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_NURON_strings(void)
+        {
+        if (NURON_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(NURON_lib_error_code,NURON_str_functs);
+                ERR_unload_strings(NURON_lib_error_code,NURON_str_reasons);
+#endif
+
+#ifdef NURON_LIB_NAME
+                ERR_unload_strings(0,NURON_lib_name);
+#endif
+                NURON_error_init=1;
+                }
+        }
+
+static void ERR_NURON_error(int function, int reason, char *file, int line)
+        {
+        if (NURON_lib_error_code == 0)
+                NURON_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(NURON_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_nuron_err.h b/src/lib/libcrypto/engine/hw_nuron_err.h
new file mode 100644
index 0000000000..a56bfdf303
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_nuron_err.h
@@ -0,0 +1,86 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_NURON_ERR_H
+#define HEADER_NURON_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_NURON_strings(void);
+static void ERR_unload_NURON_strings(void);
+static void ERR_NURON_error(int function, int reason, char *file, int line);
+#define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the NURON functions. */
+
+/* Function codes. */
+#define NURON_F_NURON_CTRL                               100
+#define NURON_F_NURON_FINISH                             101
+#define NURON_F_NURON_INIT                               102
+#define NURON_F_NURON_MOD_EXP                            103
+
+/* Reason codes. */
+#define NURON_R_ALREADY_LOADED                           100
+#define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED             101
+#define NURON_R_DSO_FAILURE                              102
+#define NURON_R_DSO_FUNCTION_NOT_FOUND                   103
+#define NURON_R_DSO_NOT_FOUND                            104
+#define NURON_R_NOT_LOADED                               105
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_sureware_err.c b/src/lib/libcrypto/engine/hw_sureware_err.c
new file mode 100644
index 0000000000..69955dadbb
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_sureware_err.c
@@ -0,0 +1,150 @@
+/* hw_sureware_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_sureware_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA SUREWARE_str_functs[]=
+        {
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_CTRL,0),      "SUREWAREHK_CTRL"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,0),       "SUREWAREHK_DSA_DO_SIGN"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_EX_FREE,0),   "SUREWAREHK_EX_FREE"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_FINISH,0),    "SUREWAREHK_FINISH"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_INIT,0),      "SUREWAREHK_INIT"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,0),  "SUREWAREHK_LOAD_PRIVATE_KEY"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,0),   "SUREWAREHK_LOAD_PUBLIC_KEY"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_MOD_EXP,0),   "SUREWAREHK_MOD_EXP"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_BYTES,0),        "SUREWAREHK_RAND_BYTES"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_SEED,0), "SUREWAREHK_RAND_SEED"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,0),      "SUREWAREHK_RSA_PRIV_DEC"},
+{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,0),      "SUREWAREHK_RSA_PRIV_ENC"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA SUREWARE_str_reasons[]=
+        {
+{SUREWARE_R_BIO_WAS_FREED                ,"bio was freed"},
+{SUREWARE_R_MISSING_KEY_COMPONENTS       ,"missing key components"},
+{SUREWARE_R_REQUEST_FAILED               ,"request failed"},
+{SUREWARE_R_REQUEST_FALLBACK             ,"request fallback"},
+{SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL  ,"size too large or too small"},
+{SUREWARE_R_UNIT_FAILURE                 ,"unit failure"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef SUREWARE_LIB_NAME
+static ERR_STRING_DATA SUREWARE_lib_name[]=
+        {
+{0      ,SUREWARE_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int SUREWARE_lib_error_code=0;
+static int SUREWARE_error_init=1;
+
+static void ERR_load_SUREWARE_strings(void)
+        {
+        if (SUREWARE_lib_error_code == 0)
+                SUREWARE_lib_error_code=ERR_get_next_error_library();
+
+        if (SUREWARE_error_init)
+                {
+                SUREWARE_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_functs);
+                ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons);
+#endif
+
+#ifdef SUREWARE_LIB_NAME
+                SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code,0,0);
+                ERR_load_strings(0,SUREWARE_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_SUREWARE_strings(void)
+        {
+        if (SUREWARE_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_functs);
+                ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons);
+#endif
+
+#ifdef SUREWARE_LIB_NAME
+                ERR_unload_strings(0,SUREWARE_lib_name);
+#endif
+                SUREWARE_error_init=1;
+                }
+        }
+
+static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
+        {
+        if (SUREWARE_lib_error_code == 0)
+                SUREWARE_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(SUREWARE_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_sureware_err.h b/src/lib/libcrypto/engine/hw_sureware_err.h
new file mode 100644
index 0000000000..bc52af5e05
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_sureware_err.h
@@ -0,0 +1,94 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SUREWARE_ERR_H
+#define HEADER_SUREWARE_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_SUREWARE_strings(void);
+static void ERR_unload_SUREWARE_strings(void);
+static void ERR_SUREWARE_error(int function, int reason, char *file, int line);
+#define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the SUREWARE functions. */
+
+/* Function codes. */
+#define SUREWARE_F_SUREWAREHK_CTRL                       100
+#define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN                101
+#define SUREWARE_F_SUREWAREHK_EX_FREE                    102
+#define SUREWARE_F_SUREWAREHK_FINISH                     103
+#define SUREWARE_F_SUREWAREHK_INIT                       104
+#define SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY           105
+#define SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY            106
+#define SUREWARE_F_SUREWAREHK_MOD_EXP                    107
+#define SUREWARE_F_SUREWAREHK_RAND_BYTES                 108
+#define SUREWARE_F_SUREWAREHK_RAND_SEED                  109
+#define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC               110
+#define SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC               111
+
+/* Reason codes. */
+#define SUREWARE_R_BIO_WAS_FREED                         100
+#define SUREWARE_R_MISSING_KEY_COMPONENTS                105
+#define SUREWARE_R_REQUEST_FAILED                        101
+#define SUREWARE_R_REQUEST_FALLBACK                      102
+#define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL           103
+#define SUREWARE_R_UNIT_FAILURE                          104
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c
new file mode 100644
index 0000000000..743c06043c
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_ubsec.c
@@ -0,0 +1,1041 @@
+/* crypto/engine/hw_ubsec.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ *
+ * Cloned shamelessly by Joe Tardo. 
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+
+#ifndef OPENSSL_NO_HW
+#ifndef OPENSSL_NO_HW_UBSEC
+
+#ifdef FLAT_INC
+#include "hw_ubsec.h"
+#else
+#include "vendor_defns/hw_ubsec.h"
+#endif
+
+#define UBSEC_LIB_NAME "ubsec engine"
+#include "hw_ubsec_err.c"
+
+#define FAIL_TO_SOFTWARE -15
+
+static int ubsec_destroy(ENGINE *e);
+static int ubsec_init(ENGINE *e);
+static int ubsec_finish(ENGINE *e);
+static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
+static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx);
+static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                        const BIGNUM *q, const BIGNUM *dp,
+                        const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
+static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#endif
+static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#ifndef OPENSSL_NO_DSA
+#if NOT_USED
+static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                BN_CTX *ctx, BN_MONT_CTX *in_mont);
+static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                BN_MONT_CTX *m_ctx);
+#endif
+static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                DSA_SIG *sig, DSA *dsa);
+#endif
+#ifndef OPENSSL_NO_DH
+static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                BN_MONT_CTX *m_ctx);
+static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
+static int ubsec_dh_generate_key(DH *dh);
+#endif
+
+#if NOT_USED
+static int ubsec_rand_bytes(unsigned char *buf, int num);
+static int ubsec_rand_status(void);
+#endif
+
+#define UBSEC_CMD_SO_PATH               ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = {
+        {UBSEC_CMD_SO_PATH,
+                "SO_PATH",
+                "Specifies the path to the 'ubsec' shared library",
+                ENGINE_CMD_FLAG_STRING},
+        {0, NULL, NULL, 0}
+        };
+
+#ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD ubsec_rsa =
+        {
+        "UBSEC RSA method",
+        NULL,
+        NULL,
+        NULL,
+        NULL,
+        ubsec_rsa_mod_exp,
+        ubsec_mod_exp_mont,
+        NULL,
+        NULL,
+        0,
+        NULL,
+        NULL,
+        NULL
+        };
+#endif
+
+#ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD ubsec_dsa =
+        {
+        "UBSEC DSA method",
+        ubsec_dsa_do_sign, /* dsa_do_sign */
+        NULL, /* dsa_sign_setup */
+        ubsec_dsa_verify, /* dsa_do_verify */
+        NULL, /* ubsec_dsa_mod_exp */ /* dsa_mod_exp */
+        NULL, /* ubsec_mod_exp_dsa */ /* bn_mod_exp */
+        NULL, /* init */
+        NULL, /* finish */
+        0, /* flags */
+        NULL /* app_data */
+        };
+#endif
+
+#ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD ubsec_dh =
+        {
+        "UBSEC DH method",
+        ubsec_dh_generate_key,
+        ubsec_dh_compute_key,
+        ubsec_mod_exp_dh,
+        NULL,
+        NULL,
+        0,
+        NULL
+        };
+#endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_ubsec_id = "ubsec";
+static const char *engine_ubsec_name = "UBSEC hardware engine support";
+
+/* This internal function is used by ENGINE_ubsec() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
+        {
+#ifndef OPENSSL_NO_RSA
+        const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DH
+#ifndef HAVE_UBSEC_DH
+        const DH_METHOD *meth3;
+#endif /* HAVE_UBSEC_DH */
+#endif
+        if(!ENGINE_set_id(e, engine_ubsec_id) ||
+                        !ENGINE_set_name(e, engine_ubsec_name) ||
+#ifndef OPENSSL_NO_RSA
+                        !ENGINE_set_RSA(e, &ubsec_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
+                        !ENGINE_set_DSA(e, &ubsec_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
+                        !ENGINE_set_DH(e, &ubsec_dh) ||
+#endif
+                        !ENGINE_set_destroy_function(e, ubsec_destroy) ||
+                        !ENGINE_set_init_function(e, ubsec_init) ||
+                        !ENGINE_set_finish_function(e, ubsec_finish) ||
+                        !ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
+                        !ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
+                return 0;
+
+#ifndef OPENSSL_NO_RSA
+        /* We know that the "PKCS1_SSLeay()" functions hook properly
+         * to the Broadcom-specific mod_exp and mod_exp_crt so we use
+         * those functions. NB: We don't use ENGINE_openssl() or
+         * anything "more generic" because something like the RSAref
+         * code may not hook properly, and if you own one of these
+         * cards then you have the right to do RSA operations on it
+         * anyway! */ 
+        meth1 = RSA_PKCS1_SSLeay();
+        ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+        ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+        ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+        ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#endif
+
+#ifndef OPENSSL_NO_DH
+#ifndef HAVE_UBSEC_DH
+        /* Much the same for Diffie-Hellman */
+        meth3 = DH_OpenSSL();
+        ubsec_dh.generate_key = meth3->generate_key;
+        ubsec_dh.compute_key = meth3->compute_key;
+#endif /* HAVE_UBSEC_DH */
+#endif
+
+        /* Ensure the ubsec error handling is set up */
+        ERR_load_UBSEC_strings();
+        return 1;
+        }
+
+static ENGINE *engine_ubsec(void)
+        {
+        ENGINE *ret = ENGINE_new();
+        if(!ret)
+                return NULL;
+        if(!bind_helper(ret))
+                {
+                ENGINE_free(ret);
+                return NULL;
+                }
+        return ret;
+        }
+
+void ENGINE_load_ubsec(void)
+        {
+        /* Copied from eng_[openssl|dyn].c */
+        ENGINE *toadd = engine_ubsec();
+        if(!toadd) return;
+        ENGINE_add(toadd);
+        ENGINE_free(toadd);
+        ERR_clear_error();
+        }
+
+/* This is a process-global DSO handle used for loading and unloading
+ * the UBSEC library. NB: This is only set (or unset) during an
+ * init() or finish() call (reference counts permitting) and they're
+ * operating with global locks, so this should be thread-safe
+ * implicitly. */
+
+static DSO *ubsec_dso = NULL;
+
+/* These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded. */
+
+static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL;
+static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL;
+static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL;
+static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL;
+#ifndef OPENSSL_NO_DH
+static t_UBSEC_diffie_hellman_generate_ioctl 
+        *p_UBSEC_diffie_hellman_generate_ioctl = NULL;
+static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#endif
+/* #ifndef OPENSSL_NO_RSA */
+static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
+static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+/* #endif */
+#ifndef OPENSSL_NO_DSA
+static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
+static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
+#endif
+static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL;
+static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL;
+static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL;
+
+static int max_key_len = 1024;  /* ??? */
+
+/* 
+ * These are the static string constants for the DSO file name and the function
+ * symbol names to bind to. 
+ */
+
+static const char *UBSEC_LIBNAME = "ubsec";
+static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
+static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
+static const char *UBSEC_F3 = "ubsec_open";
+static const char *UBSEC_F4 = "ubsec_close";
+#ifndef OPENSSL_NO_DH
+static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl";
+static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl";
+#endif
+/* #ifndef OPENSSL_NO_RSA */
+static const char *UBSEC_F7 = "rsa_mod_exp_ioctl";
+static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl";
+/* #endif */
+#ifndef OPENSSL_NO_DSA
+static const char *UBSEC_F9 = "dsa_sign_ioctl";
+static const char *UBSEC_F10 = "dsa_verify_ioctl";
+#endif
+static const char *UBSEC_F11 = "math_accelerate_ioctl";
+static const char *UBSEC_F12 = "rng_ioctl";
+static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
+
+/* Destructor (complements the "ENGINE_ubsec()" constructor) */
+static int ubsec_destroy(ENGINE *e)
+        {
+        ERR_unload_UBSEC_strings();
+        return 1;
+        }
+
+/* (de)initialisation functions. */
+static int ubsec_init(ENGINE *e)
+        {
+        t_UBSEC_ubsec_bytes_to_bits *p1;
+        t_UBSEC_ubsec_bits_to_bytes *p2;
+        t_UBSEC_ubsec_open *p3;
+        t_UBSEC_ubsec_close *p4;
+#ifndef OPENSSL_NO_DH
+        t_UBSEC_diffie_hellman_generate_ioctl *p5;
+        t_UBSEC_diffie_hellman_agree_ioctl *p6;
+#endif
+/* #ifndef OPENSSL_NO_RSA */
+        t_UBSEC_rsa_mod_exp_ioctl *p7;
+        t_UBSEC_rsa_mod_exp_crt_ioctl *p8;
+/* #endif */
+#ifndef OPENSSL_NO_DSA
+        t_UBSEC_dsa_sign_ioctl *p9;
+        t_UBSEC_dsa_verify_ioctl *p10;
+#endif
+        t_UBSEC_math_accelerate_ioctl *p11;
+        t_UBSEC_rng_ioctl *p12;
+        t_UBSEC_max_key_len_ioctl *p13;
+        int fd = 0;
+
+        if(ubsec_dso != NULL)
+                {
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED);
+                goto err;
+                }
+        /* 
+         * Attempt to load libubsec.so/ubsec.dll/whatever. 
+         */
+        ubsec_dso = DSO_load(NULL, UBSEC_LIBNAME, NULL, 0);
+        if(ubsec_dso == NULL)
+                {
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
+                goto err;
+                }
+
+        if (
+        !(p1 = (t_UBSEC_ubsec_bytes_to_bits *) DSO_bind_func(ubsec_dso, UBSEC_F1)) ||
+        !(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) ||
+        !(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) ||
+        !(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) ||
+#ifndef OPENSSL_NO_DH
+        !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *) 
+                                DSO_bind_func(ubsec_dso, UBSEC_F5)) ||
+        !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *) 
+                                DSO_bind_func(ubsec_dso, UBSEC_F6)) ||
+#endif
+/* #ifndef OPENSSL_NO_RSA */
+        !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) ||
+        !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) ||
+/* #endif */
+#ifndef OPENSSL_NO_DSA
+        !(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) ||
+        !(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) ||
+#endif
+        !(p11 = (t_UBSEC_math_accelerate_ioctl *) 
+                                DSO_bind_func(ubsec_dso, UBSEC_F11)) ||
+        !(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)) ||
+        !(p13 = (t_UBSEC_max_key_len_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F13)))
+                {
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
+                goto err;
+                }
+
+        /* Copy the pointers */
+        p_UBSEC_ubsec_bytes_to_bits = p1;
+        p_UBSEC_ubsec_bits_to_bytes = p2;
+        p_UBSEC_ubsec_open = p3;
+        p_UBSEC_ubsec_close = p4;
+#ifndef OPENSSL_NO_DH
+        p_UBSEC_diffie_hellman_generate_ioctl = p5;
+        p_UBSEC_diffie_hellman_agree_ioctl = p6;
+#endif
+#ifndef OPENSSL_NO_RSA
+        p_UBSEC_rsa_mod_exp_ioctl = p7;
+        p_UBSEC_rsa_mod_exp_crt_ioctl = p8;
+#endif
+#ifndef OPENSSL_NO_DSA
+        p_UBSEC_dsa_sign_ioctl = p9;
+        p_UBSEC_dsa_verify_ioctl = p10;
+#endif
+        p_UBSEC_math_accelerate_ioctl = p11;
+        p_UBSEC_rng_ioctl = p12;
+        p_UBSEC_max_key_len_ioctl = p13;
+
+        /* Perform an open to see if there's actually any unit running. */
+        if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0) && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0))
+        {
+           p_UBSEC_ubsec_close(fd);
+           return 1;
+        }
+        else
+        {
+          UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+        }
+
+err:
+        if(ubsec_dso)
+                DSO_free(ubsec_dso);
+        p_UBSEC_ubsec_bytes_to_bits = NULL;
+        p_UBSEC_ubsec_bits_to_bytes = NULL;
+        p_UBSEC_ubsec_open = NULL;
+        p_UBSEC_ubsec_close = NULL;
+#ifndef OPENSSL_NO_DH
+        p_UBSEC_diffie_hellman_generate_ioctl = NULL;
+        p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_RSA
+        p_UBSEC_rsa_mod_exp_ioctl = NULL;
+        p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_DSA
+        p_UBSEC_dsa_sign_ioctl = NULL;
+        p_UBSEC_dsa_verify_ioctl = NULL;
+#endif
+        p_UBSEC_math_accelerate_ioctl = NULL;
+        p_UBSEC_rng_ioctl = NULL;
+        p_UBSEC_max_key_len_ioctl = NULL;
+
+        return 0;
+        }
+
+static int ubsec_finish(ENGINE *e)
+        {
+        if(ubsec_dso == NULL)
+                {
+                UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
+                return 0;
+                }
+        if(!DSO_free(ubsec_dso))
+                {
+                UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE);
+                return 0;
+                }
+        ubsec_dso = NULL;
+        p_UBSEC_ubsec_bytes_to_bits = NULL;
+        p_UBSEC_ubsec_bits_to_bytes = NULL;
+        p_UBSEC_ubsec_open = NULL;
+        p_UBSEC_ubsec_close = NULL;
+#ifndef OPENSSL_NO_DH
+        p_UBSEC_diffie_hellman_generate_ioctl = NULL;
+        p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_RSA
+        p_UBSEC_rsa_mod_exp_ioctl = NULL;
+        p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_DSA
+        p_UBSEC_dsa_sign_ioctl = NULL;
+        p_UBSEC_dsa_verify_ioctl = NULL;
+#endif
+        p_UBSEC_math_accelerate_ioctl = NULL;
+        p_UBSEC_rng_ioctl = NULL;
+        p_UBSEC_max_key_len_ioctl = NULL;
+        return 1;
+        }
+
+static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+        {
+        int initialised = ((ubsec_dso == NULL) ? 0 : 1);
+        switch(cmd)
+                {
+        case UBSEC_CMD_SO_PATH:
+                if(p == NULL)
+                        {
+                        UBSECerr(UBSEC_F_UBSEC_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                        return 0;
+                        }
+                if(initialised)
+                        {
+                        UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
+                        return 0;
+                        }
+                UBSEC_LIBNAME = (const char *)p;
+                return 1;
+        default:
+                break;
+                }
+        UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+        return 0;
+        }
+
+static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx)
+        {
+        int     y_len = 0;
+        int     fd;
+
+        if(ubsec_dso == NULL)
+        {
+                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED);
+                return 0;
+        }
+
+        /* Check if hardware can't handle this argument. */
+        y_len = BN_num_bits(m);
+        if (y_len > max_key_len) {
+                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return BN_mod_exp(r, a, p, m, ctx);
+        } 
+
+        if(!bn_wexpand(r, m->top))
+        {
+                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
+                return 0;
+        }
+        memset(r->d, 0, BN_num_bytes(m));
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+                fd = 0;
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                return BN_mod_exp(r, a, p, m, ctx);
+        }
+
+        if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a),
+                (unsigned char *)m->d, BN_num_bits(m), (unsigned char *)p->d, 
+                BN_num_bits(p), (unsigned char *)r->d, &y_len) != 0)
+        {
+                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+
+                return BN_mod_exp(r, a, p, m, ctx);
+        }
+
+        p_UBSEC_ubsec_close(fd);
+
+        r->top = (BN_num_bits(m)+BN_BITS2-1)/BN_BITS2;
+        return 1;
+        }
+
+#ifndef OPENSSL_NO_RSA
+static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+        {
+        BN_CTX *ctx;
+        int to_return = 0;
+
+        if((ctx = BN_CTX_new()) == NULL)
+                goto err;
+
+        if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
+                {
+                UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS);
+                goto err;
+                }
+
+        to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
+                    rsa->dmq1, rsa->iqmp, ctx);
+        if (to_return == FAIL_TO_SOFTWARE)
+        {
+          /*
+           * Do in software as hardware failed.
+           */
+           const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+           to_return = (*meth->rsa_mod_exp)(r0, I, rsa);
+        }
+err:
+        if(ctx)
+                BN_CTX_free(ctx);
+        return to_return;
+        }
+#endif
+
+static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                        const BIGNUM *q, const BIGNUM *dp,
+                        const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
+        {
+        int     y_len,
+                m_len,
+                fd;
+
+        m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
+        y_len = BN_num_bits(p) + BN_num_bits(q);
+
+        /* Check if hardware can't handle this argument. */
+        if (y_len > max_key_len) {
+                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+                return FAIL_TO_SOFTWARE;
+        } 
+
+        if (!bn_wexpand(r, p->top + q->top + 1)) {
+                UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
+                return 0;
+        }
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+                fd = 0;
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                return FAIL_TO_SOFTWARE;
+        }
+
+        if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd,
+                (unsigned char *)a->d, BN_num_bits(a), 
+                (unsigned char *)qinv->d, BN_num_bits(qinv),
+                (unsigned char *)dp->d, BN_num_bits(dp),
+                (unsigned char *)p->d, BN_num_bits(p),
+                (unsigned char *)dq->d, BN_num_bits(dq),
+                (unsigned char *)q->d, BN_num_bits(q),
+                (unsigned char *)r->d,  &y_len) != 0) {
+                UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+                return FAIL_TO_SOFTWARE;
+        }
+
+        p_UBSEC_ubsec_close(fd);
+
+        r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2;
+        return 1;
+}
+
+#ifndef OPENSSL_NO_DSA
+#if NOT_USED
+static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                BN_CTX *ctx, BN_MONT_CTX *in_mont)
+        {
+        BIGNUM t;
+        int to_return = 0;
+ 
+        BN_init(&t);
+        /* let rr = a1 ^ p1 mod m */
+        if (!ubsec_mod_exp(rr,a1,p1,m,ctx)) goto end;
+        /* let t = a2 ^ p2 mod m */
+        if (!ubsec_mod_exp(&t,a2,p2,m,ctx)) goto end;
+        /* let rr = rr * t mod m */
+        if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
+        to_return = 1;
+end:
+        BN_free(&t);
+        return to_return;
+        }
+
+static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                BN_MONT_CTX *m_ctx)
+        {
+        return ubsec_mod_exp(r, a, p, m, ctx);
+        }
+#endif
+#endif
+
+/*
+ * This function is aliased to mod_exp (with the mont stuff dropped).
+ */
+static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+        {
+        int ret = 0;
+
+#ifndef OPENSSL_NO_RSA
+        /* Do in software if the key is too large for the hardware. */
+        if (BN_num_bits(m) > max_key_len)
+                {
+                const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+                ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
+                }
+        else
+#endif
+                {
+                ret = ubsec_mod_exp(r, a, p, m, ctx);
+                }
+        
+        return ret;
+        }
+
+#ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                BN_MONT_CTX *m_ctx)
+        {
+        return ubsec_mod_exp(r, a, p, m, ctx);
+        }
+#endif
+
+#ifndef OPENSSL_NO_DSA
+static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+        {
+        DSA_SIG *to_return = NULL;
+        int s_len = 160, r_len = 160, d_len, fd;
+        BIGNUM m, *r=NULL, *s=NULL;
+
+        BN_init(&m);
+
+        s = BN_new();
+        r = BN_new();
+        if ((s == NULL) || (r==NULL))
+                goto err;
+
+        d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen);
+
+        if(!bn_wexpand(r, (160+BN_BITS2-1)/BN_BITS2) ||
+           (!bn_wexpand(s, (160+BN_BITS2-1)/BN_BITS2))) {
+                UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+                goto err;
+        }
+
+        if (BN_bin2bn(dgst,dlen,&m) == NULL) {
+                UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+                goto err;
+        } 
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+                const DSA_METHOD *meth;
+                fd = 0;
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                meth = DSA_OpenSSL();
+                to_return =  meth->dsa_do_sign(dgst, dlen, dsa);
+                goto err;
+        }
+
+        if (p_UBSEC_dsa_sign_ioctl(fd, 0, /* compute hash before signing */
+                (unsigned char *)dgst, d_len,
+                NULL, 0,  /* compute random value */
+                (unsigned char *)dsa->p->d, BN_num_bits(dsa->p), 
+                (unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
+                (unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
+                (unsigned char *)dsa->priv_key->d, BN_num_bits(dsa->priv_key),
+                (unsigned char *)r->d, &r_len,
+                (unsigned char *)s->d, &s_len ) != 0) {
+                const DSA_METHOD *meth;
+
+                UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+                meth = DSA_OpenSSL();
+                to_return = meth->dsa_do_sign(dgst, dlen, dsa);
+
+                goto err;
+        }
+
+        p_UBSEC_ubsec_close(fd);
+
+        r->top = (160+BN_BITS2-1)/BN_BITS2;
+        s->top = (160+BN_BITS2-1)/BN_BITS2;
+
+        to_return = DSA_SIG_new();
+        if(to_return == NULL) {
+                UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+                goto err;
+        }
+
+        to_return->r = r;
+        to_return->s = s;
+
+err:
+        if (!to_return) {
+                if (r) BN_free(r);
+                if (s) BN_free(s);
+        }                                 
+        BN_clear_free(&m);
+        return to_return;
+}
+
+static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                DSA_SIG *sig, DSA *dsa)
+        {
+        int v_len, d_len;
+        int to_return = 0;
+        int fd;
+        BIGNUM v;
+
+        BN_init(&v);
+
+        if(!bn_wexpand(&v, dsa->p->top)) {
+                UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY ,UBSEC_R_BN_EXPAND_FAIL);
+                goto err;
+        }
+
+        v_len = BN_num_bits(dsa->p);
+
+        d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len);
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+                const DSA_METHOD *meth;
+                fd = 0;
+                UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                meth = DSA_OpenSSL();
+                to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
+                goto err;
+        }
+
+        if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */
+                (unsigned char *)dgst, d_len,
+                (unsigned char *)dsa->p->d, BN_num_bits(dsa->p), 
+                (unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
+                (unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
+                (unsigned char *)dsa->pub_key->d, BN_num_bits(dsa->pub_key),
+                (unsigned char *)sig->r->d, BN_num_bits(sig->r),
+                (unsigned char *)sig->s->d, BN_num_bits(sig->s),
+                (unsigned char *)v.d, &v_len) != 0) {
+                const DSA_METHOD *meth;
+                UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY , UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+
+                meth = DSA_OpenSSL();
+                to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
+
+                goto err;
+        }
+
+        p_UBSEC_ubsec_close(fd);
+
+        to_return = 1;
+err:
+        BN_clear_free(&v);
+        return to_return;
+        }
+#endif
+
+#ifndef OPENSSL_NO_DH
+static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh)
+        {
+        int      ret      = -1,
+                 k_len,
+                 fd;
+
+        k_len = BN_num_bits(dh->p);
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
+                {
+                const DH_METHOD *meth;
+                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                meth = DH_OpenSSL();
+                ret = meth->compute_key(key, pub_key, dh);
+                goto err;
+                }
+
+        if (p_UBSEC_diffie_hellman_agree_ioctl(fd,
+                                               (unsigned char *)dh->priv_key->d, BN_num_bits(dh->priv_key),
+                                               (unsigned char *)pub_key->d, BN_num_bits(pub_key),
+                                               (unsigned char *)dh->p->d, BN_num_bits(dh->p),
+                                               key, &k_len) != 0)
+                {
+                /* Hardware's a no go, failover to software */
+                const DH_METHOD *meth;
+                ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+
+                meth = DH_OpenSSL();
+                ret = meth->compute_key(key, pub_key, dh);
+
+                goto err;
+                }
+
+        p_UBSEC_ubsec_close(fd);
+
+        ret = p_UBSEC_ubsec_bits_to_bytes(k_len);
+err:
+        return ret;
+        }
+
+static int ubsec_dh_generate_key (DH *dh)
+        {
+        int      ret               = 0,
+                 random_bits       = 0,
+                 pub_key_len       = 0,
+                 priv_key_len      = 0,
+                 fd;
+        BIGNUM   *pub_key          = NULL;
+        BIGNUM   *priv_key         = NULL;
+
+        /* 
+         *  How many bits should Random x be? dh_key.c
+         *  sets the range from 0 to num_bits(modulus) ???
+         */
+
+        if (dh->priv_key == NULL)
+                {
+                priv_key = BN_new();
+                if (priv_key == NULL) goto err;
+                priv_key_len = BN_num_bits(dh->p);
+                bn_wexpand(priv_key, dh->p->top);
+                do
+                        if (!BN_rand_range(priv_key, dh->p)) goto err;
+                while (BN_is_zero(priv_key));
+                random_bits = BN_num_bits(priv_key);
+                }
+        else
+                {
+                priv_key = dh->priv_key;
+                }
+
+        if (dh->pub_key == NULL)
+                {
+                pub_key = BN_new();
+                pub_key_len = BN_num_bits(dh->p);
+                bn_wexpand(pub_key, dh->p->top);
+                if(pub_key == NULL) goto err;
+                }
+        else
+                {
+                pub_key = dh->pub_key;
+                }
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
+                {
+                const DH_METHOD *meth;
+                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                meth = DH_OpenSSL();
+                ret = meth->generate_key(dh);
+                goto err;
+                }
+
+        if (p_UBSEC_diffie_hellman_generate_ioctl(fd,
+                                                  (unsigned char *)priv_key->d, &priv_key_len,
+                                                  (unsigned char *)pub_key->d,  &pub_key_len,
+                                                  (unsigned char *)dh->g->d, BN_num_bits(dh->g),
+                                                  (unsigned char *)dh->p->d, BN_num_bits(dh->p),
+                                                  0, 0, random_bits) != 0)
+                {
+                /* Hardware's a no go, failover to software */
+                const DH_METHOD *meth;
+
+                ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+
+                meth = DH_OpenSSL();
+                ret = meth->generate_key(dh);
+
+                goto err;
+                }
+
+        p_UBSEC_ubsec_close(fd);
+
+        dh->pub_key = pub_key;
+        dh->pub_key->top = (pub_key_len + BN_BITS2-1) / BN_BITS2;
+        dh->priv_key = priv_key;
+        dh->priv_key->top = (priv_key_len + BN_BITS2-1) / BN_BITS2;
+
+        ret = 1;
+err:
+        return ret;
+        }
+#endif
+
+#if NOT_USED
+static int ubsec_rand_bytes(unsigned char * buf,
+                            int num)
+        {
+        int      ret      = 0,
+                 fd;
+
+        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
+                {
+                const RAND_METHOD *meth;
+                ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+                num = p_UBSEC_ubsec_bits_to_bytes(num);
+                meth = RAND_SSLeay();
+                meth->seed(buf, num);
+                ret = meth->bytes(buf, num);
+                goto err;
+                }
+
+        num *= 8; /* bytes to bits */
+
+        if (p_UBSEC_rng_ioctl(fd,
+                              UBSEC_RNG_DIRECT,
+                              buf,
+                              &num) != 0)
+                {
+                /* Hardware's a no go, failover to software */
+                const RAND_METHOD *meth;
+
+                ENGINEerr(UBSEC_F_UBSEC_RNG_BYTES, UBSEC_R_REQUEST_FAILED);
+                p_UBSEC_ubsec_close(fd);
+
+                num = p_UBSEC_ubsec_bits_to_bytes(num);
+                meth = RAND_SSLeay();
+                meth->seed(buf, num);
+                ret = meth->bytes(buf, num);
+
+                goto err;
+                }
+
+        p_UBSEC_ubsec_close(fd);
+
+        ret = 1;
+err:
+        return(ret);
+        }
+
+
+static int ubsec_rand_status(void)
+        {
+        return 0;
+        }
+#endif
+
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+        {
+        if(id && (strcmp(id, engine_ubsec_id) != 0))
+                return 0;
+        if(!bind_helper(e))
+                return 0;
+        return 1;
+        }
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
+#endif /* !OPENSSL_NO_HW_UBSEC */
+#endif /* !OPENSSL_NO_HW */
diff --git a/src/lib/libcrypto/engine/hw_ubsec_err.c b/src/lib/libcrypto/engine/hw_ubsec_err.c
new file mode 100644
index 0000000000..d707331fc2
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_ubsec_err.c
@@ -0,0 +1,151 @@
+/* hw_ubsec_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_ubsec_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA UBSEC_str_functs[]=
+        {
+{ERR_PACK(0,UBSEC_F_UBSEC_CTRL,0),      "UBSEC_CTRL"},
+{ERR_PACK(0,UBSEC_F_UBSEC_DH_COMPUTE_KEY,0),    "UBSEC_DH_COMPUTE_KEY"},
+{ERR_PACK(0,UBSEC_F_UBSEC_DSA_SIGN,0),  "UBSEC_DSA_SIGN"},
+{ERR_PACK(0,UBSEC_F_UBSEC_DSA_VERIFY,0),        "UBSEC_DSA_VERIFY"},
+{ERR_PACK(0,UBSEC_F_UBSEC_FINISH,0),    "UBSEC_FINISH"},
+{ERR_PACK(0,UBSEC_F_UBSEC_INIT,0),      "UBSEC_INIT"},
+{ERR_PACK(0,UBSEC_F_UBSEC_MOD_EXP,0),   "UBSEC_MOD_EXP"},
+{ERR_PACK(0,UBSEC_F_UBSEC_RNG_BYTES,0), "UBSEC_RNG_BYTES"},
+{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP,0),       "UBSEC_RSA_MOD_EXP"},
+{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP_CRT,0),   "UBSEC_RSA_MOD_EXP_CRT"},
+{0,NULL}
+        };
+
+static ERR_STRING_DATA UBSEC_str_reasons[]=
+        {
+{UBSEC_R_ALREADY_LOADED                  ,"already loaded"},
+{UBSEC_R_BN_EXPAND_FAIL                  ,"bn expand fail"},
+{UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED    ,"ctrl command not implemented"},
+{UBSEC_R_DSO_FAILURE                     ,"dso failure"},
+{UBSEC_R_MISSING_KEY_COMPONENTS          ,"missing key components"},
+{UBSEC_R_NOT_LOADED                      ,"not loaded"},
+{UBSEC_R_REQUEST_FAILED                  ,"request failed"},
+{UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL     ,"size too large or too small"},
+{UBSEC_R_UNIT_FAILURE                    ,"unit failure"},
+{0,NULL}
+        };
+
+#endif
+
+#ifdef UBSEC_LIB_NAME
+static ERR_STRING_DATA UBSEC_lib_name[]=
+        {
+{0      ,UBSEC_LIB_NAME},
+{0,NULL}
+        };
+#endif
+
+
+static int UBSEC_lib_error_code=0;
+static int UBSEC_error_init=1;
+
+static void ERR_load_UBSEC_strings(void)
+        {
+        if (UBSEC_lib_error_code == 0)
+                UBSEC_lib_error_code=ERR_get_next_error_library();
+
+        if (UBSEC_error_init)
+                {
+                UBSEC_error_init=0;
+#ifndef OPENSSL_NO_ERR
+                ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_functs);
+                ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_reasons);
+#endif
+
+#ifdef UBSEC_LIB_NAME
+                UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code,0,0);
+                ERR_load_strings(0,UBSEC_lib_name);
+#endif
+                }
+        }
+
+static void ERR_unload_UBSEC_strings(void)
+        {
+        if (UBSEC_error_init == 0)
+                {
+#ifndef OPENSSL_NO_ERR
+                ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_functs);
+                ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_reasons);
+#endif
+
+#ifdef UBSEC_LIB_NAME
+                ERR_unload_strings(0,UBSEC_lib_name);
+#endif
+                UBSEC_error_init=1;
+                }
+        }
+
+static void ERR_UBSEC_error(int function, int reason, char *file, int line)
+        {
+        if (UBSEC_lib_error_code == 0)
+                UBSEC_lib_error_code=ERR_get_next_error_library();
+        ERR_PUT_error(UBSEC_lib_error_code,function,reason,file,line);
+        }
diff --git a/src/lib/libcrypto/engine/hw_ubsec_err.h b/src/lib/libcrypto/engine/hw_ubsec_err.h
new file mode 100644
index 0000000000..023d3be771
--- /dev/null
+++ b/src/lib/libcrypto/engine/hw_ubsec_err.h
@@ -0,0 +1,95 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UBSEC_ERR_H
+#define HEADER_UBSEC_ERR_H
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_UBSEC_strings(void);
+static void ERR_unload_UBSEC_strings(void);
+static void ERR_UBSEC_error(int function, int reason, char *file, int line);
+#define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the UBSEC functions. */
+
+/* Function codes. */
+#define UBSEC_F_UBSEC_CTRL                               100
+#define UBSEC_F_UBSEC_DH_COMPUTE_KEY                     101
+#define UBSEC_F_UBSEC_DSA_SIGN                           102
+#define UBSEC_F_UBSEC_DSA_VERIFY                         103
+#define UBSEC_F_UBSEC_FINISH                             104
+#define UBSEC_F_UBSEC_INIT                               105
+#define UBSEC_F_UBSEC_MOD_EXP                            106
+#define UBSEC_F_UBSEC_RNG_BYTES                          107
+#define UBSEC_F_UBSEC_RSA_MOD_EXP                        108
+#define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT                    109
+
+/* Reason codes. */
+#define UBSEC_R_ALREADY_LOADED                           100
+#define UBSEC_R_BN_EXPAND_FAIL                           101
+#define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED             102
+#define UBSEC_R_DSO_FAILURE                              103
+#define UBSEC_R_MISSING_KEY_COMPONENTS                   104
+#define UBSEC_R_NOT_LOADED                               105
+#define UBSEC_R_REQUEST_FAILED                           106
+#define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL              107
+#define UBSEC_R_UNIT_FAILURE                             108
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/src/lib/libcrypto/engine/vendor_defns/aep.h b/src/lib/libcrypto/engine/vendor_defns/aep.h
new file mode 100644
index 0000000000..2b2792d2d6
--- /dev/null
+++ b/src/lib/libcrypto/engine/vendor_defns/aep.h
@@ -0,0 +1,178 @@
+/* This header declares the necessary definitions for using the exponentiation
+ * acceleration capabilities, and rnd number generation of the AEP card. 
+ *
+ */
+
+/*
+ *
+ * Some AEP defines
+ *
+ */
+
+/*Successful return value*/
+#define AEP_R_OK                                0x00000000
+
+/*Miscelleanous unsuccessful return value*/
+#define AEP_R_GENERAL_ERROR                     0x10000001
+
+/*Insufficient host memory*/
+#define AEP_R_HOST_MEMORY                       0x10000002
+
+#define AEP_R_FUNCTION_FAILED                   0x10000006
+
+/*Invalid arguments in function call*/
+#define AEP_R_ARGUMENTS_BAD                     0x10020000
+
+#define AEP_R_NO_TARGET_RESOURCES                               0x10030000
+
+/*Error occuring on socket operation*/
+#define AEP_R_SOCKERROR                                                 0x10000010
+
+/*Socket has been closed from the other end*/
+#define AEP_R_SOCKEOF                                                   0x10000011
+
+/*Invalid handles*/
+#define AEP_R_CONNECTION_HANDLE_INVALID         0x100000B3
+
+#define AEP_R_TRANSACTION_HANDLE_INVALID                0x10040000
+
+/*Transaction has not yet returned from accelerator*/
+#define AEP_R_TRANSACTION_NOT_READY                             0x00010000
+
+/*There is already a thread waiting on this transaction*/
+#define AEP_R_TRANSACTION_CLAIMED                               0x10050000
+
+/*The transaction timed out*/
+#define AEP_R_TIMED_OUT                                                 0x10060000
+
+#define AEP_R_FXN_NOT_IMPLEMENTED                               0x10070000
+
+#define AEP_R_TARGET_ERROR                                              0x10080000
+
+/*Error in the AEP daemon process*/
+#define AEP_R_DAEMON_ERROR                                              0x10090000
+
+/*Invalid ctx id*/
+#define AEP_R_INVALID_CTX_ID                                    0x10009000
+
+#define AEP_R_NO_KEY_MANAGER                                    0x1000a000
+
+/*Error obtaining a mutex*/
+#define AEP_R_MUTEX_BAD                         0x000001A0
+
+/*Fxn call before AEP_Initialise ot after AEP_Finialise*/
+#define AEP_R_AEPAPI_NOT_INITIALIZED                    0x10000190
+
+/*AEP_Initialise has already been called*/
+#define AEP_R_AEPAPI_ALREADY_INITIALIZED                0x10000191
+
+/*Maximum number of connections to daemon reached*/
+#define AEP_R_NO_MORE_CONNECTION_HNDLS                  0x10000200
+
+/*
+ *
+ * Some AEP Type definitions
+ *
+ */
+
+/* an unsigned 8-bit value */
+typedef unsigned char                           AEP_U8;
+
+/* an unsigned 8-bit character */
+typedef char                                    AEP_CHAR;
+
+/* a BYTE-sized Boolean flag */
+typedef AEP_U8                                  AEP_BBOOL;
+
+/*Unsigned value, at least 16 bits long*/
+typedef unsigned short                          AEP_U16;
+
+/* an unsigned value, at least 32 bits long */
+#ifdef SIXTY_FOUR_BIT_LONG
+typedef unsigned int                            AEP_U32;
+#else
+typedef unsigned long                           AEP_U32;
+#endif
+
+#ifdef SIXTY_FOUR_BIT_LONG
+typedef unsigned long                           AEP_U64;
+#else
+typedef struct { unsigned long l1, l2; }        AEP_U64;
+#endif
+
+/* at least 32 bits; each bit is a Boolean flag */
+typedef AEP_U32                 AEP_FLAGS;
+
+typedef AEP_U8          *AEP_U8_PTR;
+typedef AEP_CHAR        *AEP_CHAR_PTR;
+typedef AEP_U32                 *AEP_U32_PTR;
+typedef AEP_U64                 *AEP_U64_PTR;
+typedef void            *AEP_VOID_PTR;
+
+/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
+typedef AEP_VOID_PTR    *AEP_VOID_PTR_PTR;
+
+/*Used to identify an AEP connection handle*/
+typedef AEP_U32                                 AEP_CONNECTION_HNDL;
+
+/*Pointer to an AEP connection handle*/
+typedef AEP_CONNECTION_HNDL     *AEP_CONNECTION_HNDL_PTR;
+
+/*Used by an application (in conjunction with the apps process id) to 
+identify an individual transaction*/
+typedef AEP_U32                                 AEP_TRANSACTION_ID;
+
+/*Pointer to an applications transaction identifier*/
+typedef AEP_TRANSACTION_ID              *AEP_TRANSACTION_ID_PTR;
+
+/*Return value type*/
+typedef AEP_U32                                 AEP_RV;
+
+#define MAX_PROCESS_CONNECTIONS 256
+
+#define RAND_BLK_SIZE 1024
+
+typedef enum{
+        NotConnected=   0,
+        Connected=              1,
+        InUse=                  2
+} AEP_CONNECTION_STATE;
+
+
+typedef struct AEP_CONNECTION_ENTRY{
+        AEP_CONNECTION_STATE    conn_state;
+        AEP_CONNECTION_HNDL     conn_hndl;
+} AEP_CONNECTION_ENTRY;
+
+
+typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
+typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
+
+typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
+                            AEP_VOID_PTR pA, AEP_VOID_PTR pP,
+                            AEP_VOID_PTR pN,
+                            AEP_VOID_PTR pResult,
+                            AEP_TRANSACTION_ID* pidTransID);
+
+typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
+                               AEP_VOID_PTR pA, AEP_VOID_PTR pP,
+                               AEP_VOID_PTR pQ,
+                               AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
+                               AEP_VOID_PTR pIqmp,
+                               AEP_VOID_PTR pResult,
+                               AEP_TRANSACTION_ID* pidTransID);
+
+#ifdef AEPRAND
+typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
+                               AEP_U32 Len,
+                               AEP_U32 Type,
+                               AEP_VOID_PTR pResult,
+                               AEP_TRANSACTION_ID* pidTransID);
+#endif
+
+typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
+typedef AEP_RV t_AEP_Finalize();
+typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(),
+                                    AEP_RV (*MakeAEPBigNumFunc)(),
+                                    AEP_RV (*ConverAEPBigNumFunc)());
+
diff --git a/src/lib/libcrypto/engine/vendor_defns/atalla.h b/src/lib/libcrypto/engine/vendor_defns/atalla.h
new file mode 100644
index 0000000000..8111649c54
--- /dev/null
+++ b/src/lib/libcrypto/engine/vendor_defns/atalla.h
@@ -0,0 +1,61 @@
+/* This header declares the necessary definitions for using the exponentiation
+ * acceleration capabilities of Atalla cards. The only cryptographic operation
+ * is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that
+ * defines an "RSA private key". However, it is really only performing a
+ * regular mod_exp using the supplied modulus and exponent - no CRT form is
+ * being used. Hence, it is a generic mod_exp function in disguise, and we use
+ * it as such.
+ *
+ * Thanks to the people at Atalla for letting me know these definitions are
+ * fine and that they can be reproduced here.
+ *
+ * Geoff.
+ */
+
+typedef struct ItemStr
+        {
+        unsigned char *data;
+        int len;
+        } Item;
+
+typedef struct RSAPrivateKeyStr
+        {
+        void *reserved;
+        Item version;
+        Item modulus;
+        Item publicExponent;
+        Item privateExponent;
+        Item prime[2];
+        Item exponent[2];
+        Item coefficient;
+        } RSAPrivateKey;
+
+/* Predeclare the function pointer types that we dynamically load from the DSO.
+ * These use the same names and form that Ben's original support code had (in
+ * crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style
+ * somewhere along the way!
+ */
+
+typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
+                                        unsigned int *ret_buf);
+
+typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
+
+typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
+                                        unsigned char *output,
+                                        unsigned char *input,
+                                        unsigned int modulus_len);
+
+/* These are the static string constants for the DSO file name and the function
+ * symbol names to bind to. Regrettably, the DSO name on *nix appears to be
+ * "atasi.so" rather than something more consistent like "libatasi.so". At the
+ * time of writing, I'm not sure what the file name on win32 is but clearly
+ * native name translation is not possible (eg libatasi.so on *nix, and
+ * atasi.dll on win32). For the purposes of testing, I have created a symbollic
+ * link called "libatasi.so" so that we can use native name-translation - a
+ * better solution will be needed. */
+static const char *ATALLA_LIBNAME = "atasi";
+static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
+static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
+static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
+
diff --git a/src/lib/libcrypto/engine/vendor_defns/cswift.h b/src/lib/libcrypto/engine/vendor_defns/cswift.h
new file mode 100644
index 0000000000..0af14a1a92
--- /dev/null
+++ b/src/lib/libcrypto/engine/vendor_defns/cswift.h
@@ -0,0 +1,213 @@
+/* Attribution notice: Rainbow have generously allowed me to reproduce
+ * the necessary definitions here from their API. This means the support
+ * can build independently of whether application builders have the
+ * API or hardware. This will allow developers to easily produce software
+ * that has latent hardware support for any users that have accelertors
+ * installed, without the developers themselves needing anything extra.
+ *
+ * I have only clipped the parts from the CryptoSwift header files that
+ * are (or seem) relevant to the CryptoSwift support code. This is
+ * simply to keep the file sizes reasonable.
+ * [Geoff]
+ */
+
+
+/* NB: These type widths do *not* seem right in general, in particular
+ * they're not terribly friendly to 64-bit architectures (unsigned long)
+ * will be 64-bit on IA-64 for a start. I'm leaving these alone as they
+ * agree with Rainbow's API and this will only be called into question
+ * on platforms with Rainbow support anyway! ;-) */
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+typedef long              SW_STATUS;              /* status           */
+typedef unsigned char     SW_BYTE;                /* 8 bit byte       */
+typedef unsigned short    SW_U16;                 /* 16 bit number    */
+#if defined(_IRIX)
+#include <sgidefs.h>
+typedef __uint32_t        SW_U32;
+#else
+typedef unsigned long     SW_U32;                 /* 32 bit integer   */
+#endif
+ 
+#if defined(WIN32)
+  typedef struct _SW_U64 {
+      SW_U32 low32;
+      SW_U32 high32;
+  } SW_U64;                                         /* 64 bit integer   */
+#elif defined(MAC)
+  typedef longlong SW_U64
+#else /* Unix variants */
+  typedef struct _SW_U64 {
+      SW_U32 low32;
+      SW_U32 high32;
+  } SW_U64;                                         /* 64 bit integer   */
+#endif
+
+/* status codes */
+#define SW_OK                 (0L)
+#define SW_ERR_BASE           (-10000L)
+#define SW_ERR_NO_CARD        (SW_ERR_BASE-1) /* The Card is not present   */
+#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered  */
+                                              /*    up yet                 */
+#define SW_ERR_TIME_OUT       (SW_ERR_BASE-3) /* Execution of a command    */
+                                              /*    time out               */
+#define SW_ERR_NO_EXECUTE     (SW_ERR_BASE-4) /* The Card failed to        */
+                                              /*    execute the command    */
+#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is     */
+                                              /*    NULL                   */
+#define SW_ERR_INPUT_SIZE     (SW_ERR_BASE-6) /* size is invalid, too      */
+                                              /*    small, too large.      */
+#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT    */
+                                              /*    handle                 */
+#define SW_ERR_PENDING        (SW_ERR_BASE-8) /* A request is already out- */
+                                              /*    standing at this       */
+                                              /*    context handle         */
+#define SW_ERR_AVAILABLE      (SW_ERR_BASE-9) /* A result is available.    */
+#define SW_ERR_NO_PENDING     (SW_ERR_BASE-10)/* No request is pending.    */
+#define SW_ERR_NO_MEMORY      (SW_ERR_BASE-11)/* Not enough memory         */
+#define SW_ERR_BAD_ALGORITHM  (SW_ERR_BASE-12)/* Invalid algorithm type    */
+                                              /*    in SW_PARAM structure  */
+#define SW_ERR_MISSING_KEY    (SW_ERR_BASE-13)/* No key is associated with */
+                                              /*    context.               */
+                                              /*    swAttachKeyParam() is  */
+                                              /*    not called.            */
+#define SW_ERR_KEY_CMD_MISMATCH \
+                              (SW_ERR_BASE-14)/* Cannot perform requested  */
+                                              /*    SW_COMMAND_CODE since  */
+                                              /*    key attached via       */
+                                              /*    swAttachKeyParam()     */
+                                              /*    cannot be used for this*/
+                                              /*    SW_COMMAND_CODE.       */
+#define SW_ERR_NOT_IMPLEMENTED \
+                              (SW_ERR_BASE-15)/* Not implemented           */
+#define SW_ERR_BAD_COMMAND    (SW_ERR_BASE-16)/* Bad command code          */
+#define SW_ERR_BAD_ITEM_SIZE  (SW_ERR_BASE-17)/* too small or too large in */
+                                              /*    the "initems" or       */
+                                              /*    "outitems".            */
+#define SW_ERR_BAD_ACCNUM     (SW_ERR_BASE-18)/* Bad accelerator number    */
+#define SW_ERR_SELFTEST_FAIL  (SW_ERR_BASE-19)/* At least one of the self  */
+                                              /*    test fail, look at the */
+                                              /*    selfTestBitmap in      */
+                                              /*    SW_ACCELERATOR_INFO for*/
+                                              /*    details.               */
+#define SW_ERR_MISALIGN       (SW_ERR_BASE-20)/* Certain alogrithms require*/
+                                              /*    key materials aligned  */
+                                              /*    in certain order, e.g. */
+                                              /*    128 bit for CRT        */
+#define SW_ERR_OUTPUT_NULL_PTR \
+                              (SW_ERR_BASE-21)/* a required pointer is     */
+                                              /*    NULL                   */
+#define SW_ERR_OUTPUT_SIZE \
+                              (SW_ERR_BASE-22)/* size is invalid, too      */
+                                              /*    small, too large.      */
+#define SW_ERR_FIRMWARE_CHECKSUM \
+                              (SW_ERR_BASE-23)/* firmware checksum mismatch*/
+                                              /*    download failed.       */
+#define SW_ERR_UNKNOWN_FIRMWARE \
+                              (SW_ERR_BASE-24)/* unknown firmware error    */
+#define SW_ERR_INTERRUPT      (SW_ERR_BASE-25)/* request is abort when     */
+                                              /*    it's waiting to be     */
+                                              /*    completed.             */
+#define SW_ERR_NVWRITE_FAIL   (SW_ERR_BASE-26)/* error in writing to Non-  */
+                                              /*    volatile memory        */
+#define SW_ERR_NVWRITE_RANGE  (SW_ERR_BASE-27)/* out of range error in     */
+                                              /*    writing to NV memory   */
+#define SW_ERR_RNG_ERROR      (SW_ERR_BASE-28)/* Random Number Generation  */
+                                              /*    failure                */
+#define SW_ERR_DSS_FAILURE    (SW_ERR_BASE-29)/* DSS Sign or Verify failure*/
+#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30)/* Failure in various math   */
+                                              /*    calculations           */
+#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31)/* Error in accessing on -   */
+                                              /*    board memory           */
+#define SW_ERR_FIRMWARE_VERSION \
+                              (SW_ERR_BASE-32)/* Wrong version in firmware */
+                                              /*    update                 */
+#define SW_ERR_ZERO_WORKING_ACCELERATOR \
+                              (SW_ERR_BASE-44)/* All accelerators are bad  */
+
+
+  /* algorithm type */
+#define SW_ALG_CRT          1
+#define SW_ALG_EXP          2
+#define SW_ALG_DSA          3
+#define SW_ALG_NVDATA       4
+
+  /* command code */
+#define SW_CMD_MODEXP_CRT   1 /* perform Modular Exponentiation using  */
+                              /*  Chinese Remainder Theorem (CRT)      */
+#define SW_CMD_MODEXP       2 /* perform Modular Exponentiation        */
+#define SW_CMD_DSS_SIGN     3 /* perform DSS sign                      */
+#define SW_CMD_DSS_VERIFY   4 /* perform DSS verify                    */
+#define SW_CMD_RAND         5 /* perform random number generation      */
+#define SW_CMD_NVREAD       6 /* perform read to nonvolatile RAM       */
+#define SW_CMD_NVWRITE      7 /* perform write to nonvolatile RAM      */
+
+typedef SW_U32            SW_ALGTYPE;             /* alogrithm type   */
+typedef SW_U32            SW_STATE;               /* state            */
+typedef SW_U32            SW_COMMAND_CODE;        /* command code     */
+typedef SW_U32            SW_COMMAND_BITMAP[4];   /* bitmap           */
+
+typedef struct _SW_LARGENUMBER {
+    SW_U32    nbytes;       /* number of bytes in the buffer "value"  */
+    SW_BYTE*  value;        /* the large integer as a string of       */
+                            /*   bytes in network (big endian) order  */
+} SW_LARGENUMBER;               
+
+typedef struct _SW_CRT {
+    SW_LARGENUMBER  p;      /* prime number p                         */
+    SW_LARGENUMBER  q;      /* prime number q                         */
+    SW_LARGENUMBER  dmp1;   /* exponent1                              */
+    SW_LARGENUMBER  dmq1;   /* exponent2                              */
+    SW_LARGENUMBER  iqmp;   /* CRT coefficient                        */
+} SW_CRT;
+
+typedef struct _SW_EXP {
+    SW_LARGENUMBER  modulus; /* modulus                                */
+    SW_LARGENUMBER  exponent;/* exponent                               */
+} SW_EXP;
+
+typedef struct _SW_DSA {
+    SW_LARGENUMBER  p;      /*                                        */
+    SW_LARGENUMBER  q;      /*                                        */
+    SW_LARGENUMBER  g;      /*                                        */
+    SW_LARGENUMBER  key;    /* private/public key                     */
+} SW_DSA;
+
+typedef struct _SW_NVDATA {
+    SW_U32 accnum;          /* accelerator board number               */
+    SW_U32 offset;          /* offset in byte                         */
+} SW_NVDATA;
+
+typedef struct _SW_PARAM {
+    SW_ALGTYPE    type;     /* type of the alogrithm                  */
+    union {
+        SW_CRT    crt;
+        SW_EXP    exp;
+        SW_DSA    dsa;
+        SW_NVDATA nvdata;
+    } up;
+} SW_PARAM;
+
+typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
+
+
+/* Now the OpenSSL bits, these function types are the for the function
+ * pointers that will bound into the Rainbow shared libraries. */
+typedef SW_STATUS t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac);
+typedef SW_STATUS t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
+                                SW_PARAM *key_params);
+typedef SW_STATUS t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
+                                SW_COMMAND_CODE cmd,
+                                SW_LARGENUMBER pin[],
+                                SW_U32 pin_count,
+                                SW_LARGENUMBER pout[],
+                                SW_U32 pout_count);
+typedef SW_STATUS t_swReleaseAccContext(SW_CONTEXT_HANDLE hac);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
diff --git a/src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h b/src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h
new file mode 100644
index 0000000000..296636e81a
--- /dev/null
+++ b/src/lib/libcrypto/engine/vendor_defns/hw_4758_cca.h
@@ -0,0 +1,149 @@
+/**********************************************************************/
+/*                                                                    */
+/*  Prototypes of the CCA verbs used by the 4758 CCA openssl driver   */
+/*                                                                    */
+/*  Maurice Gittens <maurice@gittens.nl>                              */
+/*                                                                    */
+/**********************************************************************/
+
+#ifndef __HW_4758_CCA__
+#define __HW_4758_CCA__
+
+/*
+ *  Only WIN32 support for now
+ */
+#if defined(WIN32)
+
+  #define CCA_LIB_NAME "CSUNSAPI"
+
+  #define CSNDPKX   "CSNDPKX_32"
+  #define CSNDKRR   "CSNDKRR_32"
+  #define CSNDPKE   "CSNDPKE_32"
+  #define CSNDPKD   "CSNDPKD_32"
+  #define CSNDDSV   "CSNDDSV_32"
+  #define CSNDDSG   "CSNDDSG_32"
+  #define CSNBRNG   "CSNBRNG_32"
+
+  #define SECURITYAPI __stdcall
+#else
+    /* Fixme!!         
+      Find out the values of these constants for other platforms.
+    */
+  #define CCA_LIB_NAME "CSUNSAPI"
+
+  #define CSNDPKX   "CSNDPKX"
+  #define CSNDKRR   "CSNDKRR"
+  #define CSNDPKE   "CSNDPKE"
+  #define CSNDPKD   "CSNDPKD"
+  #define CSNDDSV   "CSNDDSV"
+  #define CSNDDSG   "CSNDDSG"
+  #define CSNBRNG   "CSNBRNG"
+
+  #define SECURITYAPI
+#endif
+
+/*
+ * security API prototypes
+ */
+
+/* PKA Key Record Read */
+typedef void (SECURITYAPI *F_KEYRECORDREAD)
+             (long          * return_code,
+              long          * reason_code,
+              long          * exit_data_length,
+              unsigned char * exit_data,
+              long          * rule_array_count,
+              unsigned char * rule_array,
+              unsigned char * key_label,
+              long          * key_token_length,
+              unsigned char * key_token);
+
+/* Random Number Generate */
+typedef void (SECURITYAPI *F_RANDOMNUMBERGENERATE)
+             (long          * return_code,
+              long          * reason_code,
+              long          * exit_data_length,
+              unsigned char * exit_data,
+              unsigned char * form,
+              unsigned char * random_number);
+
+/* Digital Signature Generate */
+typedef void (SECURITYAPI *F_DIGITALSIGNATUREGENERATE)
+             (long          * return_code,
+              long          * reason_code,
+              long          * exit_data_length,
+              unsigned char * exit_data,
+              long          * rule_array_count,
+              unsigned char * rule_array,
+              long          * PKA_private_key_id_length,
+              unsigned char * PKA_private_key_id,
+              long          * hash_length,
+              unsigned char * hash,
+              long          * signature_field_length,
+              long          * signature_bit_length,
+              unsigned char * signature_field);
+
+/* Digital Signature Verify */
+typedef void (SECURITYAPI *F_DIGITALSIGNATUREVERIFY)(
+              long          * return_code,
+              long          * reason_code,
+              long          * exit_data_length,
+              unsigned char * exit_data,
+              long          * rule_array_count,
+              unsigned char * rule_array,
+              long          * PKA_public_key_id_length,
+              unsigned char * PKA_public_key_id,
+              long          * hash_length,
+              unsigned char * hash,
+              long          * signature_field_length,
+              unsigned char * signature_field);
+
+/* PKA Public Key Extract */
+typedef void (SECURITYAPI *F_PUBLICKEYEXTRACT)(
+              long          * return_code,
+              long          * reason_code,
+              long          * exit_data_length,
+              unsigned char * exit_data,
+              long          * rule_array_count,
+              unsigned char * rule_array,
+              long          * source_key_identifier_length,
+              unsigned char * source_key_identifier,
+              long          * target_key_token_length,
+              unsigned char * target_key_token);
+
+/* PKA Encrypt */
+typedef void   (SECURITYAPI *F_PKAENCRYPT)
+               (long          *  return_code,
+                 long          *  reason_code,
+                 long          *  exit_data_length,
+                 unsigned char *  exit_data,
+                 long          *  rule_array_count,
+                 unsigned char *  rule_array,
+                 long          *  key_value_length,
+                 unsigned char *  key_value,
+                 long          *  data_struct_length,
+                 unsigned char *  data_struct,
+                 long          *  RSA_public_key_length,
+                 unsigned char *  RSA_public_key,
+                 long          *  RSA_encipher_length,
+                 unsigned char *  RSA_encipher );
+
+/* PKA Decrypt */
+typedef void    (SECURITYAPI *F_PKADECRYPT)
+                (long          *  return_code,
+                 long          *  reason_code,
+                 long          *  exit_data_length,
+                 unsigned char *  exit_data,
+                 long          *  rule_array_count,
+                 unsigned char *  rule_array,
+                 long          *  enciphered_key_length,
+                 unsigned char *  enciphered_key,
+                 long          *  data_struct_length,
+                 unsigned char *  data_struct,
+                 long          *  RSA_private_key_length,
+                 unsigned char *  RSA_private_key,
+                 long          *  key_value_length,
+                 unsigned char *  key_value    );
+
+
+#endif
diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c
new file mode 100644
index 0000000000..101275d648
--- /dev/null
+++ b/src/lib/libcrypto/evp/bio_ok.c
@@ -0,0 +1,552 @@
+/* crypto/evp/bio_ok.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+        From: Arne Ansper <arne@cyber.ee>
+
+        Why BIO_f_reliable?
+
+        I wrote function which took BIO* as argument, read data from it
+        and processed it. Then I wanted to store the input file in 
+        encrypted form. OK I pushed BIO_f_cipher to the BIO stack
+        and everything was OK. BUT if user types wrong password 
+        BIO_f_cipher outputs only garbage and my function crashes. Yes
+        I can and I should fix my function, but BIO_f_cipher is 
+        easy way to add encryption support to many exisiting applications
+        and it's hard to debug and fix them all. 
+
+        So I wanted another BIO which would catch the incorrect passwords and
+        file damages which cause garbage on BIO_f_cipher's output. 
+
+        The easy way is to push the BIO_f_md and save the checksum at 
+        the end of the file. However there are several problems with this
+        approach:
+
+        1) you must somehow separate checksum from actual data. 
+        2) you need lot's of memory when reading the file, because you 
+        must read to the end of the file and verify the checksum before
+        leting the application to read the data. 
+        
+        BIO_f_reliable tries to solve both problems, so that you can 
+        read and write arbitraly long streams using only fixed amount
+        of memory.
+
+        BIO_f_reliable splits data stream into blocks. Each block is prefixed
+        with it's length and suffixed with it's digest. So you need only 
+        several Kbytes of memory to buffer single block before verifying 
+        it's digest. 
+
+        BIO_f_reliable goes futher and adds several important capabilities:
+
+        1) the digest of the block is computed over the whole stream 
+        -- so nobody can rearrange the blocks or remove or replace them.
+
+        2) to detect invalid passwords right at the start BIO_f_reliable 
+        adds special prefix to the stream. In order to avoid known plain-text
+        attacks this prefix is generated as follows:
+
+                *) digest is initialized with random seed instead of 
+                standardized one.
+                *) same seed is written to ouput
+                *) well-known text is then hashed and the output 
+                of the digest is also written to output.
+
+        reader can now read the seed from stream, hash the same string
+        and then compare the digest output.
+
+        Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I 
+        initialy wrote and tested this code on x86 machine and wrote the
+        digests out in machine-dependent order :( There are people using
+        this code and I cannot change this easily without making existing
+        data files unreadable.
+
+*/
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
+static int ok_write(BIO *h,char *buf,int num);
+static int ok_read(BIO *h,char *buf,int size);
+static long ok_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int ok_new(BIO *h);
+static int ok_free(BIO *data);
+static void sig_out(BIO* b);
+static void sig_in(BIO* b);
+static void block_out(BIO* b);
+static void block_in(BIO* b);
+#define OK_BLOCK_SIZE   (1024*4)
+#define OK_BLOCK_BLOCK  4
+#define IOBS            (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
+#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
+
+#ifndef L_ENDIAN
+#define swapem(x) \
+        ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \
+                             (((unsigned long int)(x) & 0x0000ff00U) <<  8) | \
+                             (((unsigned long int)(x) & 0x00ff0000U) >>  8) | \
+                             (((unsigned long int)(x) & 0xff000000U) >> 24)))
+#else
+#define swapem(x) (x)
+#endif
+
+typedef struct ok_struct
+        {
+        int buf_len;
+        int buf_off;
+        int buf_len_save;
+        int buf_off_save;
+        int cont;               /* <= 0 when finished */
+        int finished;
+        EVP_MD_CTX md;
+        int blockout;           /* output block is ready */ 
+        int sigio;              /* must process signature */
+        char buf[IOBS];
+        } BIO_OK_CTX;
+
+static BIO_METHOD methods_ok=
+        {
+        BIO_TYPE_CIPHER,"reliable",
+        ok_write,
+        ok_read,
+        NULL, /* ok_puts, */
+        NULL, /* ok_gets, */
+        ok_ctrl,
+        ok_new,
+        ok_free,
+        };
+
+BIO_METHOD *BIO_f_reliable(void)
+        {
+        return(&methods_ok);
+        }
+
+static int ok_new(BIO *bi)
+        {
+        BIO_OK_CTX *ctx;
+
+        ctx=(BIO_OK_CTX *)Malloc(sizeof(BIO_OK_CTX));
+        if (ctx == NULL) return(0);
+
+        ctx->buf_len=0;
+        ctx->buf_off=0;
+        ctx->buf_len_save=0;
+        ctx->buf_off_save=0;
+        ctx->cont=1;
+        ctx->finished=0;
+        ctx->blockout= 0;
+        ctx->sigio=1;
+
+        bi->init=0;
+        bi->ptr=(char *)ctx;
+        bi->flags=0;
+        return(1);
+        }
+
+static int ok_free(BIO *a)
+        {
+        if (a == NULL) return(0);
+        memset(a->ptr,0,sizeof(BIO_OK_CTX));
+        Free(a->ptr);
+        a->ptr=NULL;
+        a->init=0;
+        a->flags=0;
+        return(1);
+        }
+        
+static int ok_read(BIO *b, char *out, int outl)
+        {
+        int ret=0,i,n;
+        BIO_OK_CTX *ctx;
+
+        if (out == NULL) return(0);
+        ctx=(BIO_OK_CTX *)b->ptr;
+
+        if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
+
+        while(outl > 0)
+                {
+
+                /* copy clean bytes to output buffer */
+                if (ctx->blockout)
+                        {
+                        i=ctx->buf_len-ctx->buf_off;
+                        if (i > outl) i=outl;
+                        memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+                        ret+=i;
+                        out+=i;
+                        outl-=i;
+                        ctx->buf_off+=i;
+
+                        /* all clean bytes are out */
+                        if (ctx->buf_len == ctx->buf_off)
+                                {
+                                ctx->buf_off=0;
+
+                                /* copy start of the next block into proper place */
+                                if(ctx->buf_len_save- ctx->buf_off_save > 0)
+                                        {
+                                        ctx->buf_len= ctx->buf_len_save- ctx->buf_off_save;
+                                        memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
+                                                        ctx->buf_len);
+                                        }
+                                else
+                                        {
+                                        ctx->buf_len=0;
+                                        }
+                                ctx->blockout= 0;
+                                }
+                        }
+        
+                /* output buffer full -- cancel */
+                if (outl == 0) break;
+
+                /* no clean bytes in buffer -- fill it */
+                n=IOBS- ctx->buf_len;
+                i=BIO_read(b->next_bio,&(ctx->buf[ctx->buf_len]),n);
+
+                if (i <= 0) break;      /* nothing new */
+
+                ctx->buf_len+= i;
+
+                /* no signature yet -- check if we got one */
+                if (ctx->sigio == 1) sig_in(b);
+
+                /* signature ok -- check if we got block */
+                if (ctx->sigio == 0) block_in(b);
+
+                /* invalid block -- cancel */
+                if (ctx->cont <= 0) break;
+
+                }
+
+        BIO_clear_retry_flags(b);
+        BIO_copy_next_retry(b);
+        return(ret);
+        }
+
+static int ok_write(BIO *b, char *in, int inl)
+        {
+        int ret=0,n,i;
+        BIO_OK_CTX *ctx;
+
+        ctx=(BIO_OK_CTX *)b->ptr;
+        ret=inl;
+
+        if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
+
+        if(ctx->sigio) sig_out(b);
+
+        do{
+                BIO_clear_retry_flags(b);
+                n=ctx->buf_len-ctx->buf_off;
+                while (ctx->blockout && n > 0)
+                        {
+                        i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+                        if (i <= 0)
+                                {
+                                BIO_copy_next_retry(b);
+                                if(!BIO_should_retry(b))
+                                        ctx->cont= 0;
+                                return(i);
+                                }
+                        ctx->buf_off+=i;
+                        n-=i;
+                        }
+
+                /* at this point all pending data has been written */
+                ctx->blockout= 0;
+                if (ctx->buf_len == ctx->buf_off)
+                        {
+                        ctx->buf_len=OK_BLOCK_BLOCK;
+                        ctx->buf_off=0;
+                        }
+        
+                if ((in == NULL) || (inl <= 0)) return(0);
+
+                n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? 
+                                OK_BLOCK_SIZE+ OK_BLOCK_BLOCK- ctx->buf_len : inl;
+
+                memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n);
+                ctx->buf_len+= n;
+                inl-=n;
+                in+=n;
+
+                if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK)
+                        {
+                        block_out(b);
+                        }
+        }while(inl > 0);
+
+        BIO_clear_retry_flags(b);
+        BIO_copy_next_retry(b);
+        return(ret);
+        }
+
+static long ok_ctrl(BIO *b, int cmd, long num, char *ptr)
+        {
+        BIO_OK_CTX *ctx;
+        EVP_MD *md;
+        const EVP_MD **ppmd;
+        long ret=1;
+        int i;
+
+        ctx=(BIO_OK_CTX *)b->ptr;
+
+        switch (cmd)
+                {
+        case BIO_CTRL_RESET:
+                ctx->buf_len=0;
+                ctx->buf_off=0;
+                ctx->buf_len_save=0;
+                ctx->buf_off_save=0;
+                ctx->cont=1;
+                ctx->finished=0;
+                ctx->blockout= 0;
+                ctx->sigio=1;
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_EOF:      /* More to read */
+                if (ctx->cont <= 0)
+                        ret=1;
+                else
+                        ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_PENDING: /* More to read in buffer */
+        case BIO_CTRL_WPENDING: /* More to read in buffer */
+                ret=ctx->blockout ? ctx->buf_len-ctx->buf_off : 0;
+                if (ret <= 0)
+                        ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_FLUSH:
+                /* do a final write */
+                if(ctx->blockout == 0)
+                        block_out(b);
+
+                while (ctx->blockout)
+                        {
+                        i=ok_write(b,NULL,0);
+                        if (i < 0)
+                                {
+                                ret=i;
+                                break;
+                                }
+                        }
+
+                ctx->finished=1;
+                ctx->buf_off=ctx->buf_len=0;
+                ctx->cont=(int)ret;
+                
+                /* Finally flush the underlying BIO */
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_C_DO_STATE_MACHINE:
+                BIO_clear_retry_flags(b);
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                BIO_copy_next_retry(b);
+                break;
+        case BIO_CTRL_INFO:
+                ret=(long)ctx->cont;
+                break;
+        case BIO_C_SET_MD:
+                md=(EVP_MD *)ptr;
+                EVP_DigestInit(&(ctx->md),md);
+                b->init=1;
+                break;
+        case BIO_C_GET_MD:
+                if (b->init)
+                        {
+                        ppmd=(const EVP_MD **)ptr;
+                        *ppmd=ctx->md.digest;
+                        }
+                else
+                        ret=0;
+                break;
+        default:
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+                }
+        return(ret);
+        }
+
+static void longswap(void *_ptr, int len)
+{
+#ifndef L_ENDIAN
+        int i;
+        char *ptr=_ptr;
+
+        for(i= 0;i < len;i+= 4){
+                *((unsigned long *)&(ptr[i]))= swapem(*((unsigned long *)&(ptr[i])));
+        }
+#endif
+}
+
+static void sig_out(BIO* b)
+        {
+        BIO_OK_CTX *ctx;
+        EVP_MD_CTX *md;
+
+        ctx=(BIO_OK_CTX *)b->ptr;
+        md= &(ctx->md);
+
+        if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
+
+        EVP_DigestInit(md, md->digest);
+        RAND_bytes(&(md->md.base[0]), md->digest->md_size);
+        memcpy(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]), md->digest->md_size);
+        longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
+        ctx->buf_len+= md->digest->md_size;
+
+        EVP_DigestUpdate(md, (unsigned char*)WELLKNOWN, strlen(WELLKNOWN));
+        md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
+        ctx->buf_len+= md->digest->md_size;
+        ctx->blockout= 1;
+        ctx->sigio= 0;
+        }
+
+static void sig_in(BIO* b)
+        {
+        BIO_OK_CTX *ctx;
+        EVP_MD_CTX *md;
+        unsigned char tmp[EVP_MAX_MD_SIZE];
+        int ret= 0;
+
+        ctx=(BIO_OK_CTX *)b->ptr;
+        md= &(ctx->md);
+
+        if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return;
+
+        EVP_DigestInit(md, md->digest);
+        memcpy(&(md->md.base[0]), &(ctx->buf[ctx->buf_off]), md->digest->md_size);
+        longswap(&(md->md.base[0]), md->digest->md_size);
+        ctx->buf_off+= md->digest->md_size;
+
+        EVP_DigestUpdate(md, (unsigned char*)WELLKNOWN, strlen(WELLKNOWN));
+        md->digest->final(tmp, &(md->md.base[0]));
+        ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
+        ctx->buf_off+= md->digest->md_size;
+        if(ret == 1)
+                {
+                ctx->sigio= 0;
+                if(ctx->buf_len != ctx->buf_off)
+                        {
+                        memmove(ctx->buf, &(ctx->buf[ctx->buf_off]), ctx->buf_len- ctx->buf_off);
+                        }
+                ctx->buf_len-= ctx->buf_off;
+                ctx->buf_off= 0;
+                }
+        else
+                {
+                ctx->cont= 0;
+                }
+        }
+
+static void block_out(BIO* b)
+        {
+        BIO_OK_CTX *ctx;
+        EVP_MD_CTX *md;
+        unsigned long tl;
+
+        ctx=(BIO_OK_CTX *)b->ptr;
+        md= &(ctx->md);
+
+        tl= ctx->buf_len- OK_BLOCK_BLOCK;
+        tl= swapem(tl);
+        memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK);
+        tl= swapem(tl);
+        EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
+        md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
+        ctx->buf_len+= md->digest->md_size;
+        ctx->blockout= 1;
+        }
+
+static void block_in(BIO* b)
+        {
+        BIO_OK_CTX *ctx;
+        EVP_MD_CTX *md;
+        long tl= 0;
+        unsigned char tmp[EVP_MAX_MD_SIZE];
+
+        ctx=(BIO_OK_CTX *)b->ptr;
+        md= &(ctx->md);
+
+        memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK);
+        tl= swapem(tl);
+        if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
+ 
+        EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
+        md->digest->final(tmp, &(md->md.base[0]));
+        if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
+                {
+                /* there might be parts from next block lurking around ! */
+                ctx->buf_off_save= tl+ OK_BLOCK_BLOCK+ md->digest->md_size;
+                ctx->buf_len_save= ctx->buf_len;
+                ctx->buf_off= OK_BLOCK_BLOCK;
+                ctx->buf_len= tl+ OK_BLOCK_BLOCK;
+                ctx->blockout= 1;
+                }
+        else
+                {
+                ctx->cont= 0;
+                }
+        }
+
diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c
new file mode 100644
index 0000000000..f24d3756c9
--- /dev/null
+++ b/src/lib/libcrypto/evp/c_allc.c
@@ -0,0 +1,149 @@
+/* crypto/evp/c_allc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
+#include <openssl/objects.h>
+
+void OpenSSL_add_all_ciphers(void)
+        {
+#ifndef NO_DES
+        EVP_add_cipher(EVP_des_cfb());
+        EVP_add_cipher(EVP_des_ede_cfb());
+        EVP_add_cipher(EVP_des_ede3_cfb());
+
+        EVP_add_cipher(EVP_des_ofb());
+        EVP_add_cipher(EVP_des_ede_ofb());
+        EVP_add_cipher(EVP_des_ede3_ofb());
+
+        EVP_add_cipher(EVP_desx_cbc());
+        EVP_add_cipher_alias(SN_desx_cbc,"DESX");
+        EVP_add_cipher_alias(SN_desx_cbc,"desx");
+
+        EVP_add_cipher(EVP_des_cbc());
+        EVP_add_cipher_alias(SN_des_cbc,"DES");
+        EVP_add_cipher_alias(SN_des_cbc,"des");
+        EVP_add_cipher(EVP_des_ede_cbc());
+        EVP_add_cipher(EVP_des_ede3_cbc());
+        EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
+        EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
+
+        EVP_add_cipher(EVP_des_ecb());
+        EVP_add_cipher(EVP_des_ede());
+        EVP_add_cipher(EVP_des_ede3());
+#endif
+
+#ifndef NO_RC4
+        EVP_add_cipher(EVP_rc4());
+        EVP_add_cipher(EVP_rc4_40());
+#endif
+
+#ifndef NO_IDEA
+        EVP_add_cipher(EVP_idea_ecb());
+        EVP_add_cipher(EVP_idea_cfb());
+        EVP_add_cipher(EVP_idea_ofb());
+        EVP_add_cipher(EVP_idea_cbc());
+        EVP_add_cipher_alias(SN_idea_cbc,"IDEA");
+        EVP_add_cipher_alias(SN_idea_cbc,"idea");
+#endif
+
+#ifndef NO_RC2
+        EVP_add_cipher(EVP_rc2_ecb());
+        EVP_add_cipher(EVP_rc2_cfb());
+        EVP_add_cipher(EVP_rc2_ofb());
+        EVP_add_cipher(EVP_rc2_cbc());
+        EVP_add_cipher(EVP_rc2_40_cbc());
+        EVP_add_cipher(EVP_rc2_64_cbc());
+        EVP_add_cipher_alias(SN_rc2_cbc,"RC2");
+        EVP_add_cipher_alias(SN_rc2_cbc,"rc2");
+#endif
+
+#ifndef NO_BF
+        EVP_add_cipher(EVP_bf_ecb());
+        EVP_add_cipher(EVP_bf_cfb());
+        EVP_add_cipher(EVP_bf_ofb());
+        EVP_add_cipher(EVP_bf_cbc());
+        EVP_add_cipher_alias(SN_bf_cbc,"BF");
+        EVP_add_cipher_alias(SN_bf_cbc,"bf");
+        EVP_add_cipher_alias(SN_bf_cbc,"blowfish");
+#endif
+
+#ifndef NO_CAST
+        EVP_add_cipher(EVP_cast5_ecb());
+        EVP_add_cipher(EVP_cast5_cfb());
+        EVP_add_cipher(EVP_cast5_ofb());
+        EVP_add_cipher(EVP_cast5_cbc());
+        EVP_add_cipher_alias(SN_cast5_cbc,"CAST");
+        EVP_add_cipher_alias(SN_cast5_cbc,"cast");
+        EVP_add_cipher_alias(SN_cast5_cbc,"CAST-cbc");
+        EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");
+#endif
+
+#ifndef NO_RC5
+        EVP_add_cipher(EVP_rc5_32_12_16_ecb());
+        EVP_add_cipher(EVP_rc5_32_12_16_cfb());
+        EVP_add_cipher(EVP_rc5_32_12_16_ofb());
+        EVP_add_cipher(EVP_rc5_32_12_16_cbc());
+        EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
+        EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
+#endif
+        PKCS12_PBE_add();
+        PKCS5_PBE_add();
+        }
diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c
new file mode 100644
index 0000000000..febe51a3ee
--- /dev/null
+++ b/src/lib/libcrypto/evp/c_alld.c
@@ -0,0 +1,100 @@
+/* crypto/evp/c_alld.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
+#include <openssl/objects.h>
+
+void OpenSSL_add_all_digests(void)
+        {
+#ifndef NO_MD2
+        EVP_add_digest(EVP_md2());
+#endif
+#ifndef NO_MD5
+        EVP_add_digest(EVP_md5());
+        EVP_add_digest_alias(SN_md5,"ssl2-md5");
+        EVP_add_digest_alias(SN_md5,"ssl3-md5");
+#endif
+#ifndef NO_SHA
+        EVP_add_digest(EVP_sha());
+#ifndef NO_DSA
+        EVP_add_digest(EVP_dss());
+#endif
+#endif
+#ifndef NO_SHA
+        EVP_add_digest(EVP_sha1());
+        EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
+        EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
+#ifndef NO_DSA
+        EVP_add_digest(EVP_dss1());
+        EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
+        EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
+        EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
+#endif
+#endif
+#if !defined(NO_MDC2) && !defined(NO_DES)
+        EVP_add_digest(EVP_mdc2());
+#endif
+#ifndef NO_RIPEMD
+        EVP_add_digest(EVP_ripemd160());
+        EVP_add_digest_alias(SN_ripemd160,"ripemd");
+        EVP_add_digest_alias(SN_ripemd160,"rmd160");
+#endif
+        }
diff --git a/src/lib/libcrypto/evp/e_rc5.c b/src/lib/libcrypto/evp/e_rc5.c
new file mode 100644
index 0000000000..5885f1826b
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_rc5.c
@@ -0,0 +1,118 @@
+/* crypto/evp/e_rc5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC5
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include "evp_locl.h"
+
+static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv,int enc);
+static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
+
+IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, rc5.ks, RC5_32, rc5, NID_rc5,
+                        8, EVP_RC5_32_12_16_KEY_SIZE, 8, 
+                        EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
+                        r_32_12_16_init_key, NULL,
+                        NULL, NULL, rc5_ctrl)
+
+
+
+static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+        {
+                switch(type) {
+
+                        case EVP_CTRL_INIT:
+                        c->c.rc5.rounds = RC5_12_ROUNDS;
+                        return 1;
+
+                        case EVP_CTRL_GET_RC5_ROUNDS:
+                        *(int *)ptr = c->c.rc5.rounds;
+                        return 1;
+                        
+                        
+                        case EVP_CTRL_SET_RC5_ROUNDS:
+                        switch(arg) {
+                                case RC5_8_ROUNDS:
+                                case RC5_12_ROUNDS:
+                                case RC5_16_ROUNDS:
+                                c->c.rc5.rounds = arg;
+                                return 1;
+
+                                default:
+                                EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
+                                return 0;
+                        }
+
+                        default:
+                        return -1;
+                }
+        }
+
+static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+        {
+        RC5_32_set_key(&(ctx->c.rc5.ks),EVP_CIPHER_CTX_key_length(ctx),
+                        key,ctx->c.rc5.rounds);
+        return 1;
+        }
+
+#endif
diff --git a/src/lib/libcrypto/evp/evp_acnf.c b/src/lib/libcrypto/evp/evp_acnf.c
new file mode 100644
index 0000000000..a68b979bdb
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_acnf.c
@@ -0,0 +1,74 @@
+/* evp_acnf.c */
+/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/conf.h>
+#include <openssl/engine.h>
+
+
+/* Load all algorithms and configure OpenSSL.
+ * This function is called automatically when
+ * OPENSSL_LOAD_CONF is set.
+ */
+
+void OPENSSL_add_all_algorithms_conf(void)
+        {
+        OPENSSL_add_all_algorithms_noconf();
+        OPENSSL_config(NULL);
+        }
diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c
new file mode 100644
index 0000000000..3607fe7776
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_test.c
@@ -0,0 +1,365 @@
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/engine.h>
+#include <openssl/conf.h>
+
+static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
+    {
+    int n=0;
+
+    fprintf(f,"%s",title);
+    for( ; n < l ; ++n)
+        {
+        if((n%16) == 0)
+            fprintf(f,"\n%04x",n);
+        fprintf(f," %02x",s[n]);
+        }
+    fprintf(f,"\n");
+    }
+
+static int convert(unsigned char *s)
+    {
+    unsigned char *d;
+
+    for(d=s ; *s ; s+=2,++d)
+        {
+        unsigned int n;
+
+        if(!s[1])
+            {
+            fprintf(stderr,"Odd number of hex digits!");
+            exit(4);
+            }
+        sscanf((char *)s,"%2x",&n);
+        *d=(unsigned char)n;
+        }
+    return s-d;
+    }
+
+static char *sstrsep(char **string, const char *delim)
+    {
+    char isdelim[256];
+    char *token = *string;
+
+    if (**string == 0)
+        return NULL;
+
+    memset(isdelim, 0, 256);
+    isdelim[0] = 1;
+
+    while (*delim)
+        {
+        isdelim[(unsigned char)(*delim)] = 1;
+        delim++;
+        }
+
+    while (!isdelim[(unsigned char)(**string)])
+        {
+        (*string)++;
+        }
+
+    if (**string)
+        {
+        **string = 0;
+        (*string)++;
+        }
+
+    return token;
+    }
+
+static unsigned char *ustrsep(char **p,const char *sep)
+    { return (unsigned char *)sstrsep((char **)p,sep); }
+
+static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
+                  const unsigned char *iv,int in,
+                  const unsigned char *plaintext,int pn,
+                  const unsigned char *ciphertext,int cn)
+    {
+    EVP_CIPHER_CTX ctx;
+    unsigned char out[4096];
+    int outl,outl2;
+
+    printf("Testing cipher %s\n",EVP_CIPHER_name(c));
+    hexdump(stdout,"Key",key,kn);
+    if(in)
+        hexdump(stdout,"IV",iv,in);
+    hexdump(stdout,"Plaintext",plaintext,pn);
+    hexdump(stdout,"Ciphertext",ciphertext,cn);
+    
+    if(kn != c->key_len)
+        {
+        fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn,
+                c->key_len);
+        exit(5);
+        }
+    EVP_CIPHER_CTX_init(&ctx);
+    if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
+        {
+        fprintf(stderr,"EncryptInit failed\n");
+        exit(10);
+        }
+    EVP_CIPHER_CTX_set_padding(&ctx,0);
+
+    if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
+        {
+        fprintf(stderr,"Encrypt failed\n");
+        exit(6);
+        }
+    if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
+        {
+        fprintf(stderr,"EncryptFinal failed\n");
+        exit(7);
+        }
+
+    if(outl+outl2 != cn)
+        {
+        fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
+                outl+outl2,cn);
+        exit(8);
+        }
+
+    if(memcmp(out,ciphertext,cn))
+        {
+        fprintf(stderr,"Ciphertext mismatch\n");
+        hexdump(stderr,"Got",out,cn);
+        hexdump(stderr,"Expected",ciphertext,cn);
+        exit(9);
+        }
+
+    if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
+        {
+        fprintf(stderr,"DecryptInit failed\n");
+        exit(11);
+        }
+    EVP_CIPHER_CTX_set_padding(&ctx,0);
+
+    if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,pn))
+        {
+        fprintf(stderr,"Decrypt failed\n");
+        exit(6);
+        }
+    if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
+        {
+        fprintf(stderr,"DecryptFinal failed\n");
+        exit(7);
+        }
+
+    if(outl+outl2 != cn)
+        {
+        fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
+                outl+outl2,cn);
+        exit(8);
+        }
+
+    if(memcmp(out,plaintext,cn))
+        {
+        fprintf(stderr,"Plaintext mismatch\n");
+        hexdump(stderr,"Got",out,cn);
+        hexdump(stderr,"Expected",plaintext,cn);
+        exit(9);
+        }
+
+    printf("\n");
+    }
+
+static int test_cipher(const char *cipher,const unsigned char *key,int kn,
+                       const unsigned char *iv,int in,
+                       const unsigned char *plaintext,int pn,
+                       const unsigned char *ciphertext,int cn)
+    {
+    const EVP_CIPHER *c;
+
+    c=EVP_get_cipherbyname(cipher);
+    if(!c)
+        return 0;
+
+    test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn);
+
+    return 1;
+    }
+
+static int test_digest(const char *digest,
+                       const unsigned char *plaintext,int pn,
+                       const unsigned char *ciphertext, unsigned int cn)
+    {
+    const EVP_MD *d;
+    EVP_MD_CTX ctx;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    unsigned int mdn;
+
+    d=EVP_get_digestbyname(digest);
+    if(!d)
+        return 0;
+
+    printf("Testing digest %s\n",EVP_MD_name(d));
+    hexdump(stdout,"Plaintext",plaintext,pn);
+    hexdump(stdout,"Digest",ciphertext,cn);
+
+    EVP_MD_CTX_init(&ctx);
+    if(!EVP_DigestInit_ex(&ctx,d, NULL))
+        {
+        fprintf(stderr,"DigestInit failed\n");
+        exit(100);
+        }
+    if(!EVP_DigestUpdate(&ctx,plaintext,pn))
+        {
+        fprintf(stderr,"DigestUpdate failed\n");
+        exit(101);
+        }
+    if(!EVP_DigestFinal_ex(&ctx,md,&mdn))
+        {
+        fprintf(stderr,"DigestFinal failed\n");
+        exit(101);
+        }
+    EVP_MD_CTX_cleanup(&ctx);
+
+    if(mdn != cn)
+        {
+        fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn);
+        exit(102);
+        }
+
+    if(memcmp(md,ciphertext,cn))
+        {
+        fprintf(stderr,"Digest mismatch\n");
+        hexdump(stderr,"Got",md,cn);
+        hexdump(stderr,"Expected",ciphertext,cn);
+        exit(103);
+        }
+
+    printf("\n");
+
+    return 1;
+    }
+
+int main(int argc,char **argv)
+    {
+    const char *szTestFile;
+    FILE *f;
+
+    if(argc != 2)
+        {
+        fprintf(stderr,"%s <test file>\n",argv[0]);
+        exit(1);
+        }
+    CRYPTO_malloc_debug_init();
+    CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    szTestFile=argv[1];
+
+    f=fopen(szTestFile,"r");
+    if(!f)
+        {
+        perror(szTestFile);
+        exit(2);
+        }
+
+    /* Load up the software EVP_CIPHER and EVP_MD definitions */
+    OpenSSL_add_all_ciphers();
+    OpenSSL_add_all_digests();
+    /* Load all compiled-in ENGINEs */
+    ENGINE_load_builtin_engines();
+#if 0
+    OPENSSL_config();
+#endif
+    /* Register all available ENGINE implementations of ciphers and digests.
+     * This could perhaps be changed to "ENGINE_register_all_complete()"? */
+    ENGINE_register_all_ciphers();
+    ENGINE_register_all_digests();
+    /* If we add command-line options, this statement should be switchable.
+     * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
+     * they weren't already initialised. */
+    /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
+
+    for( ; ; )
+        {
+        char line[4096];
+        char *p;
+        char *cipher;
+        unsigned char *iv,*key,*plaintext,*ciphertext;
+        int kn,in,pn,cn;
+
+        if(!fgets((char *)line,sizeof line,f))
+            break;
+        if(line[0] == '#' || line[0] == '\n')
+            continue;
+        p=line;
+        cipher=sstrsep(&p,":"); 
+        key=ustrsep(&p,":");
+        iv=ustrsep(&p,":");
+        plaintext=ustrsep(&p,":");
+        ciphertext=ustrsep(&p,"\n");
+
+        kn=convert(key);
+        in=convert(iv);
+        pn=convert(plaintext);
+        cn=convert(ciphertext);
+
+        if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn)
+           && !test_digest(cipher,plaintext,pn,ciphertext,cn))
+            {
+            fprintf(stderr,"Can't find %s\n",cipher);
+            exit(3);
+            }
+        }
+
+    ENGINE_cleanup();
+    EVP_cleanup();
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_state(0);
+    ERR_free_strings();
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return 0;
+    }
diff --git a/src/lib/libcrypto/evp/evptests.txt b/src/lib/libcrypto/evp/evptests.txt
new file mode 100644
index 0000000000..6c1529db37
--- /dev/null
+++ b/src/lib/libcrypto/evp/evptests.txt
@@ -0,0 +1,82 @@
+#cipher:key:iv:input:output
+#digest:::input:output
+
+# SHA(1) tests (from shatest.c)
+SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
+
+# MD5 tests (from md5test.c)
+MD5::::d41d8cd98f00b204e9800998ecf8427e
+MD5:::61:0cc175b9c0f1b6a831c399e269772661
+MD5:::616263:900150983cd24fb0d6963f7d28e17f72
+MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
+MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
+MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
+MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
+
+# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A
+
+# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191
+
+# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089
+
+# AES 128 ECB tests (from NIST test vectors, encrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F
+
+# AES 128 ECB tests (from NIST test vectors, decrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000
+
+# AES 192 ECB tests (from NIST test vectors, decrypt)
+
+#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000
+
+# AES 256 ECB tests (from NIST test vectors, decrypt)
+
+#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000
+
+# AES 128 CBC tests (from NIST test vectors, encrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D
+
+# AES 192 CBC tests (from NIST test vectors, encrypt)
+
+#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104
+
+# AES 256 CBC tests (from NIST test vectors, encrypt)
+
+#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0
+
+# AES 128 CBC tests (from NIST test vectors, decrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000
+
+# DES ECB tests (from destest)
+
+DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
+DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
+DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
+DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
+DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
+DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
+DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
+
+# DESX-CBC tests (from destest)
+DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
+
+# DES EDE3 CBC tests (from destest)
+DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
+
+# RC4 tests (from rc4test)
+RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
+RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
+RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
+RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
diff --git a/src/lib/libcrypto/evp/openbsd_hw.c b/src/lib/libcrypto/evp/openbsd_hw.c
new file mode 100644
index 0000000000..3831a5731e
--- /dev/null
+++ b/src/lib/libcrypto/evp/openbsd_hw.c
@@ -0,0 +1,446 @@
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/rsa.h>
+#include "evp_locl.h"
+
+/* This stuff should now all be supported through
+ * crypto/engine/hw_openbsd_dev_crypto.c unless I botched it up */
+static void *dummy=&dummy;
+
+#if 0
+
+/* check flag after OpenSSL headers to ensure make depend works */
+#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+
+#include <fcntl.h>
+#include <stdio.h>
+#include <errno.h>
+#include <sys/ioctl.h>
+#include <crypto/cryptodev.h>
+#include <unistd.h>
+#include <assert.h>
+
+/* longest key supported in hardware */
+#define MAX_HW_KEY      24
+#define MAX_HW_IV       8
+
+#define MD5_DIGEST_LENGTH       16
+#define MD5_CBLOCK              64
+
+static int fd;
+static int dev_failed;
+
+typedef struct session_op session_op;
+
+#define CDATA(ctx) EVP_C_DATA(session_op,ctx)
+
+static void err(const char *str)
+    {
+    fprintf(stderr,"%s: errno %d\n",str,errno);
+    }
+
+static int dev_crypto_init(session_op *ses)
+    {
+    if(dev_failed)
+        return 0;
+    if(!fd)
+        {
+        int cryptodev_fd;
+
+        if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
+            {
+            err("/dev/crypto");
+            dev_failed=1;
+            return 0;
+            }
+        if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
+            {
+            err("CRIOGET failed");
+            close(cryptodev_fd);
+            dev_failed=1;
+            return 0;
+            }
+        close(cryptodev_fd);
+        }
+    assert(ses);
+    memset(ses,'\0',sizeof *ses);
+
+    return 1;
+    }
+
+static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
+    {
+    if(ioctl(fd,CIOCFSESSION,&CDATA(ctx)->ses) == -1)
+        err("CIOCFSESSION failed");
+
+    OPENSSL_free(CDATA(ctx)->key);
+
+    return 1;
+    }
+
+static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx,int cipher,
+                               const unsigned char *key,int klen)
+    {
+    if(!dev_crypto_init(CDATA(ctx)))
+        return 0;
+
+    CDATA(ctx)->key=OPENSSL_malloc(MAX_HW_KEY);
+
+    assert(ctx->cipher->iv_len <= MAX_HW_IV);
+
+    memcpy(CDATA(ctx)->key,key,klen);
+    
+    CDATA(ctx)->cipher=cipher;
+    CDATA(ctx)->keylen=klen;
+
+    if (ioctl(fd,CIOCGSESSION,CDATA(ctx)) == -1)
+        {
+        err("CIOCGSESSION failed");
+        return 0;
+        }
+    return 1;
+    }
+
+static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+                             const unsigned char *in,unsigned int inl)
+    {
+    struct crypt_op cryp;
+    unsigned char lb[MAX_HW_IV];
+
+    if(!inl)
+        return 1;
+
+    assert(CDATA(ctx));
+    assert(!dev_failed);
+
+    memset(&cryp,'\0',sizeof cryp);
+    cryp.ses=CDATA(ctx)->ses;
+    cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
+    cryp.flags=0;
+    cryp.len=inl;
+    assert((inl&(ctx->cipher->block_size-1)) == 0);
+    cryp.src=(caddr_t)in;
+    cryp.dst=(caddr_t)out;
+    cryp.mac=0;
+    if(ctx->cipher->iv_len)
+        cryp.iv=(caddr_t)ctx->iv;
+
+    if(!ctx->encrypt)
+        memcpy(lb,&in[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
+
+    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+        {
+        if(errno == EINVAL) /* buffers are misaligned */
+            {
+            unsigned int cinl=0;
+            char *cin=NULL;
+            char *cout=NULL;
+
+            /* NB: this can only make cinl != inl with stream ciphers */
+            cinl=(inl+3)/4*4;
+
+            if(((unsigned long)in&3) || cinl != inl)
+                {
+                cin=OPENSSL_malloc(cinl);
+                memcpy(cin,in,inl);
+                cryp.src=cin;
+                }
+
+            if(((unsigned long)out&3) || cinl != inl)
+                {
+                cout=OPENSSL_malloc(cinl);
+                cryp.dst=cout;
+                }
+
+            cryp.len=cinl;
+
+            if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+                {
+                err("CIOCCRYPT(2) failed");
+                printf("src=%p dst=%p\n",cryp.src,cryp.dst);
+                abort();
+                return 0;
+                }
+                
+            if(cout)
+                {
+                memcpy(out,cout,inl);
+                OPENSSL_free(cout);
+                }
+            if(cin)
+                OPENSSL_free(cin);
+            }
+        else 
+            {       
+            err("CIOCCRYPT failed");
+            abort();
+            return 0;
+            }
+        }
+
+    if(ctx->encrypt)
+        memcpy(ctx->iv,&out[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
+    else
+        memcpy(ctx->iv,lb,ctx->cipher->iv_len);
+
+    return 1;
+    }
+
+static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
+                                        const unsigned char *key,
+                                        const unsigned char *iv, int enc)
+    { return dev_crypto_init_key(ctx,CRYPTO_3DES_CBC,key,24); }
+
+#define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
+
+BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
+                     0, dev_crypto_des_ede3_init_key,
+                     dev_crypto_cleanup, 
+                     EVP_CIPHER_set_asn1_iv,
+                     EVP_CIPHER_get_asn1_iv,
+                     NULL)
+
+static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
+                                        const unsigned char *key,
+                                        const unsigned char *iv, int enc)
+    { return dev_crypto_init_key(ctx,CRYPTO_ARC4,key,16); }
+
+static const EVP_CIPHER r4_cipher=
+    {
+    NID_rc4,
+    1,16,0,     /* FIXME: key should be up to 256 bytes */
+    EVP_CIPH_VARIABLE_LENGTH,
+    dev_crypto_rc4_init_key,
+    dev_crypto_cipher,
+    dev_crypto_cleanup,
+    sizeof(session_op),
+    NULL,
+    NULL,
+    NULL
+    };
+
+const EVP_CIPHER *EVP_dev_crypto_rc4(void)
+    { return &r4_cipher; }
+
+typedef struct
+    {
+    session_op sess;
+    char *data;
+    int len;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    } MD_DATA;
+
+static int dev_crypto_init_digest(MD_DATA *md_data,int mac)
+    {
+    if(!dev_crypto_init(&md_data->sess))
+        return 0;
+
+    md_data->len=0;
+    md_data->data=NULL;
+
+    md_data->sess.mac=mac;
+
+    if (ioctl(fd,CIOCGSESSION,&md_data->sess) == -1)
+        {
+        err("CIOCGSESSION failed");
+        return 0;
+        }
+    return 1;
+    }
+
+static int dev_crypto_cleanup_digest(MD_DATA *md_data)
+    {
+    if (ioctl(fd,CIOCFSESSION,&md_data->sess.ses) == -1)
+        {
+        err("CIOCFSESSION failed");
+        return 0;
+        }
+
+    return 1;
+    }
+
+/* FIXME: if device can do chained MACs, then don't accumulate */
+/* FIXME: move accumulation to the framework */
+static int dev_crypto_md5_init(EVP_MD_CTX *ctx)
+    { return dev_crypto_init_digest(ctx->md_data,CRYPTO_MD5); }
+
+static int do_digest(int ses,unsigned char *md,const void *data,int len)
+    {
+    struct crypt_op cryp;
+    static unsigned char md5zero[16]=
+        {
+        0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,
+        0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e
+        };
+
+    /* some cards can't do zero length */
+    if(!len)
+        {
+        memcpy(md,md5zero,16);
+        return 1;
+        }
+
+    memset(&cryp,'\0',sizeof cryp);
+    cryp.ses=ses;
+    cryp.op=COP_ENCRYPT;/* required to do the MAC rather than check it */
+    cryp.len=len;
+    cryp.src=(caddr_t)data;
+    cryp.dst=(caddr_t)data; // FIXME!!!
+    cryp.mac=(caddr_t)md;
+
+    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+        {
+        if(errno == EINVAL) /* buffer is misaligned */
+            {
+            char *dcopy;
+
+            dcopy=OPENSSL_malloc(len);
+            memcpy(dcopy,data,len);
+            cryp.src=dcopy;
+            cryp.dst=cryp.src; // FIXME!!!
+
+            if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+                {
+                err("CIOCCRYPT(MAC2) failed");
+                abort();
+                return 0;
+                }
+            OPENSSL_free(dcopy);
+            }
+        else
+            {
+            err("CIOCCRYPT(MAC) failed");
+            abort();
+            return 0;
+            }
+        }
+    //    printf("done\n");
+
+    return 1;
+    }
+
+static int dev_crypto_md5_update(EVP_MD_CTX *ctx,const void *data,
+                                 unsigned long len)
+    {
+    MD_DATA *md_data=ctx->md_data;
+
+    if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
+        return do_digest(md_data->sess.ses,md_data->md,data,len);
+
+    md_data->data=OPENSSL_realloc(md_data->data,md_data->len+len);
+    memcpy(md_data->data+md_data->len,data,len);
+    md_data->len+=len;
+
+    return 1;
+    }   
+
+static int dev_crypto_md5_final(EVP_MD_CTX *ctx,unsigned char *md)
+    {
+    int ret;
+    MD_DATA *md_data=ctx->md_data;
+
+    if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
+        {
+        memcpy(md,md_data->md,MD5_DIGEST_LENGTH);
+        ret=1;
+        }
+    else
+        {
+        ret=do_digest(md_data->sess.ses,md,md_data->data,md_data->len);
+        OPENSSL_free(md_data->data);
+        md_data->data=NULL;
+        md_data->len=0;
+        }
+
+    return ret;
+    }
+
+static int dev_crypto_md5_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
+    {
+    const MD_DATA *from_md=from->md_data;
+    MD_DATA *to_md=to->md_data;
+
+    // How do we copy sessions?
+    assert(from->digest->flags&EVP_MD_FLAG_ONESHOT);
+
+    to_md->data=OPENSSL_malloc(from_md->len);
+    memcpy(to_md->data,from_md->data,from_md->len);
+
+    return 1;
+    }
+
+static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx)
+    {
+    return dev_crypto_cleanup_digest(ctx->md_data);
+    }
+
+static const EVP_MD md5_md=
+    {
+    NID_md5,
+    NID_md5WithRSAEncryption,
+    MD5_DIGEST_LENGTH,
+    EVP_MD_FLAG_ONESHOT,        // XXX: set according to device info...
+    dev_crypto_md5_init,
+    dev_crypto_md5_update,
+    dev_crypto_md5_final,
+    dev_crypto_md5_copy,
+    dev_crypto_md5_cleanup,
+    EVP_PKEY_RSA_method,
+    MD5_CBLOCK,
+    sizeof(MD_DATA),
+    };
+
+const EVP_MD *EVP_dev_crypto_md5(void)
+    { return &md5_md; }
+
+#endif
+#endif
diff --git a/src/lib/libcrypto/install.com b/src/lib/libcrypto/install.com
new file mode 100644
index 0000000000..b75d1b44b2
--- /dev/null
+++ b/src/lib/libcrypto/install.com
@@ -0,0 +1,128 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1   root of the directory tree
+$!
+$       IF P1 .EQS. ""
+$       THEN
+$           WRITE SYS$OUTPUT "First argument missing."
+$           WRITE SYS$OUTPUT "Should be the directory where you want things installed."
+$           EXIT
+$       ENDIF
+$
+$       ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
+$       ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
+$       ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
+                   - "[000000." - "][" - "[" - "]"
+$       ROOT = ROOT_DEV + "[" + ROOT_DIR
+$
+$       DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC
+$       DEFINE/NOLOG WRK_SSLVLIB WRK_SSLROOT:[VAX_LIB]
+$       DEFINE/NOLOG WRK_SSLALIB WRK_SSLROOT:[ALPHA_LIB]
+$       DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE]
+$
+$       IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN -
+           CREATE/DIR/LOG WRK_SSLROOT:[000000]
+$       IF F$PARSE("WRK_SSLVLIB:") .EQS. "" THEN -
+           CREATE/DIR/LOG WRK_SSLVLIB:
+$       IF F$PARSE("WRK_SSLALIB:") .EQS. "" THEN -
+           CREATE/DIR/LOG WRK_SSLALIB:
+$       IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN -
+           CREATE/DIR/LOG WRK_SSLINCLUDE:
+$
+$       SDIRS := ,MD2,MD5,SHA,MDC2,HMAC,RIPEMD,-
+                 DES,RC2,RC4,RC5,IDEA,BF,CAST,-
+                 BN,RSA,DSA,DH,-
+                 BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
+                 EVP,ASN1,PEM,X509,X509V3,-
+                 CONF,TXT_DB,PKCS7,PKCS12,COMP
+$       EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h
+$       EXHEADER_MD2 := md2.h
+$       EXHEADER_MD5 := md5.h
+$       EXHEADER_SHA := sha.h
+$       EXHEADER_MDC2 := mdc2.h
+$       EXHEADER_HMAC := hmac.h
+$       EXHEADER_RIPEMD := ripemd.h
+$       EXHEADER_DES := des.h
+$       EXHEADER_RC2 := rc2.h
+$       EXHEADER_RC4 := rc4.h
+$       EXHEADER_RC5 := rc5.h
+$       EXHEADER_IDEA := idea.h
+$       EXHEADER_BF := blowfish.h
+$       EXHEADER_CAST := cast.h
+$       EXHEADER_BN := bn.h
+$       EXHEADER_RSA := rsa.h
+$       EXHEADER_DSA := dsa.h
+$       EXHEADER_DH := dh.h
+$       EXHEADER_BUFFER := buffer.h
+$       EXHEADER_BIO := bio.h
+$       EXHEADER_STACK := stack.h,safestack.h
+$       EXHEADER_LHASH := lhash.h
+$       EXHEADER_RAND := rand.h
+$       EXHEADER_ERR := err.h
+$       EXHEADER_OBJECTS := objects.h
+$       EXHEADER_EVP := evp.h
+$       EXHEADER_ASN1 := asn1.h,asn1_mac.h
+$       EXHEADER_PEM := pem.h,pem2.h
+$       EXHEADER_X509 := x509.h,x509_vfy.h
+$       EXHEADER_X509V3 := x509v3.h
+$       EXHEADER_CONF := conf.h
+$       EXHEADER_TXT_DB := txt_db.h
+$       EXHEADER_PKCS7 := pkcs7.h
+$       EXHEADER_PKCS12 := pkcs12.h
+$       EXHEADER_COMP := comp.h
+$       LIBS := LIBCRYPTO
+$
+$       VEXE_DIR := [-.VAX.EXE.CRYPTO]
+$       AEXE_DIR := [-.AXP.EXE.CRYPTO]
+$
+$       I = 0
+$ LOOP_SDIRS: 
+$       D = F$EDIT(F$ELEMENT(I, ",", SDIRS),"TRIM")
+$       I = I + 1
+$       IF D .EQS. "," THEN GOTO LOOP_SDIRS_END
+$       tmp = EXHEADER_'D'
+$       IF D .EQS. ""
+$       THEN
+$         COPY 'tmp' WRK_SSLINCLUDE: /LOG
+$       ELSE
+$         COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG
+$       ENDIF
+$       GOTO LOOP_SDIRS
+$ LOOP_SDIRS_END:
+$
+$       I = 0
+$ LOOP_LIB: 
+$       E = F$EDIT(F$ELEMENT(I, ",", LIBS),"TRIM")
+$       I = I + 1
+$       IF E .EQS. "," THEN GOTO LOOP_LIB_END
+$       SET NOON
+$       IF F$SEARCH(VEXE_DIR+E+".OLB") .NES. ""
+$       THEN
+$         COPY 'VEXE_DIR''E'.OLB WRK_SSLVLIB:'E'.OLB/log
+$         SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.OLB
+$       ENDIF
+$       ! Preparing for the time when we have shareable images
+$       IF F$SEARCH(VEXE_DIR+E+".EXE") .NES. ""
+$       THEN
+$         COPY 'VEXE_DIR''E'.EXE WRK_SSLVLIB:'E'.EXE/log
+$         SET FILE/PROT=W:RE WRK_SSLVLIB:'E'.EXE
+$       ENDIF
+$       IF F$SEARCH(AEXE_DIR+E+".OLB") .NES. ""
+$       THEN
+$         COPY 'AEXE_DIR''E'.OLB WRK_SSLALIB:'E'.OLB/log
+$         SET FILE/PROT=W:RE WRK_SSLALIB:'E'.OLB
+$       ENDIF
+$       ! Preparing for the time when we have shareable images
+$       IF F$SEARCH(AEXE_DIR+E+".EXE") .NES. ""
+$       THEN
+$         COPY 'AEXE_DIR''E'.EXE WRK_SSLALIB:'E'.EXE/log
+$         SET FILE/PROT=W:RE WRK_SSLALIB:'E'.EXE
+$       ENDIF
+$       SET ON
+$       GOTO LOOP_LIB
+$ LOOP_LIB_END:
+$
+$       EXIT
diff --git a/src/lib/libcrypto/md2/md2.h b/src/lib/libcrypto/md2/md2.h
new file mode 100644
index 0000000000..0d3592506c
--- /dev/null
+++ b/src/lib/libcrypto/md2/md2.h
@@ -0,0 +1,91 @@
+/* crypto/md/md2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifdef NO_MD2
+#error MD2 is disabled.
+#endif
+
+#define MD2_DIGEST_LENGTH       16
+#define MD2_BLOCK               16
+#include <openssl/opensslconf.h> /* MD2_INT */
+
+typedef struct MD2state_st
+        {
+        int num;
+        unsigned char data[MD2_BLOCK];
+        MD2_INT cksm[MD2_BLOCK];
+        MD2_INT state[MD2_BLOCK];
+        } MD2_CTX;
+
+const char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libcrypto/md4/md4.c b/src/lib/libcrypto/md4/md4.c
new file mode 100644
index 0000000000..e4b0aac011
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4.c
@@ -0,0 +1,127 @@
+/* crypto/md4/md4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md4.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+#ifndef _OSD_POSIX
+int read(int, void *, unsigned int);
+#endif
+
+int main(int argc, char **argv)
+        {
+        int i,err=0;
+        FILE *IN;
+
+        if (argc == 1)
+                {
+                do_fp(stdin);
+                }
+        else
+                {
+                for (i=1; i<argc; i++)
+                        {
+                        IN=fopen(argv[i],"r");
+                        if (IN == NULL)
+                                {
+                                perror(argv[i]);
+                                err++;
+                                continue;
+                                }
+                        printf("MD4(%s)= ",argv[i]);
+                        do_fp(IN);
+                        fclose(IN);
+                        }
+                }
+        exit(err);
+        }
+
+void do_fp(FILE *f)
+        {
+        MD4_CTX c;
+        unsigned char md[MD4_DIGEST_LENGTH];
+        int fd;
+        int i;
+        static unsigned char buf[BUFSIZE];
+
+        fd=fileno(f);
+        MD4_Init(&c);
+        for (;;)
+                {
+                i=read(fd,buf,BUFSIZE);
+                if (i <= 0) break;
+                MD4_Update(&c,buf,(unsigned long)i);
+                }
+        MD4_Final(&(md[0]),&c);
+        pt(md);
+        }
+
+void pt(unsigned char *md)
+        {
+        int i;
+
+        for (i=0; i<MD4_DIGEST_LENGTH; i++)
+                printf("%02x",md[i]);
+        printf("\n");
+        }
+
diff --git a/src/lib/libcrypto/md4/md4s.cpp b/src/lib/libcrypto/md4/md4s.cpp
new file mode 100644
index 0000000000..c0ec97fc9f
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+               : "=eax" (tsc)
+               :
+               : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md4.h>
+
+extern "C" {
+void md4_block_x86(MD4_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+        {
+        unsigned char buffer[64*256];
+        MD4_CTX ctx;
+        unsigned long s1,s2,e1,e2;
+        unsigned char k[16];
+        unsigned long data[2];
+        unsigned char iv[8];
+        int i,num=0,numm;
+        int j=0;
+
+        if (argc >= 2)
+                num=atoi(argv[1]);
+
+        if (num == 0) num=16;
+        if (num > 250) num=16;
+        numm=num+2;
+        num*=64;
+        numm*=64;
+
+        for (j=0; j<6; j++)
+                {
+                for (i=0; i<10; i++) /**/
+                        {
+                        md4_block_x86(&ctx,buffer,numm);
+                        GetTSC(s1);
+                        md4_block_x86(&ctx,buffer,numm);
+                        GetTSC(e1);
+                        GetTSC(s2);
+                        md4_block_x86(&ctx,buffer,num);
+                        GetTSC(e2);
+                        md4_block_x86(&ctx,buffer,num);
+                        }
+                printf("md4 (%d bytes) %d %d (%.2f)\n",num,
+                        e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+                }
+        }
+
diff --git a/src/lib/libcrypto/md4/md4test.c b/src/lib/libcrypto/md4/md4test.c
new file mode 100644
index 0000000000..97e6e21efd
--- /dev/null
+++ b/src/lib/libcrypto/md4/md4test.c
@@ -0,0 +1,131 @@
+/* crypto/md4/md4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#ifdef NO_MD4
+int main(int argc, char *argv[])
+{
+    printf("No MD4 support\n");
+    return(0);
+}
+#else
+#include <openssl/md4.h>
+
+static char *test[]={
+        "",
+        "a",
+        "abc",
+        "message digest",
+        "abcdefghijklmnopqrstuvwxyz",
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+        "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+        NULL,
+        };
+
+static char *ret[]={
+"31d6cfe0d16ae931b73c59d7e0c089c0",
+"bde52cb31de33e46245e05fbdbd6fb24",
+"a448017aaf21d8525fc10ae87aa6729d",
+"d9130a8164549fe818874806e1c7014b",
+"d79e1c308aa5bbcdeea8ed63df412da9",
+"043f8582f241db351ce627e153e7f0e4",
+"e33b4ddc9c38f2199c3e7b164fcc0536",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+        {
+        int i,err=0;
+        unsigned char **P,**R;
+        char *p;
+
+        P=(unsigned char **)test;
+        R=(unsigned char **)ret;
+        i=1;
+        while (*P != NULL)
+                {
+                p=pt(MD4(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+                if (strcmp(p,(char *)*R) != 0)
+                        {
+                        printf("error calculating MD4 on '%s'\n",*P);
+                        printf("got %s instead of %s\n",p,*R);
+                        err++;
+                        }
+                else
+                        printf("test %d ok\n",i);
+                i++;
+                R++;
+                P++;
+                }
+        exit(err);
+        return(0);
+        }
+
+static char *pt(unsigned char *md)
+        {
+        int i;
+        static char buf[80];
+
+        for (i=0; i<MD4_DIGEST_LENGTH; i++)
+                sprintf(&(buf[i*2]),"%02x",md[i]);
+        return(buf);
+        }
+#endif
diff --git a/src/lib/libcrypto/md5/asm/md5-sparcv9.S b/src/lib/libcrypto/md5/asm/md5-sparcv9.S
new file mode 100644
index 0000000000..ca4257f134
--- /dev/null
+++ b/src/lib/libcrypto/md5/asm/md5-sparcv9.S
@@ -0,0 +1,1029 @@
+.ident  "md5-sparcv9.S, Version 1.0"
+.ident  "SPARC V9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+.file   "md5-sparcv9.S"
+
+/*
+ * ====================================================================
+ * Copyright (c) 1999 Andy Polyakov <appro@fy.chalmers.se>.
+ *
+ * Rights for redistribution and usage in source and binary forms are
+ * granted as long as above copyright notices are retained. Warranty
+ * of any kind is (of course:-) disclaimed.
+ * ====================================================================
+ */
+
+/*
+ * This is my modest contribution to OpenSSL project (see
+ * http://www.openssl.org/ for more information about it) and is an
+ * assembler implementation of MD5 block hash function. I've hand-coded
+ * this for the sole reason to reach UltraSPARC-specific "load in
+ * little-endian byte order" instruction. This gives up to 15%
+ * performance improvement for cases when input message is aligned at
+ * 32 bits boundary. The module was tested under both 32 *and* 64 bit
+ * kernels. For updates see http://fy.chalmers.se/~appro/hpe/.
+ *
+ * To compile with SC4.x/SC5.x:
+ *
+ *      cc -xarch=v[9|8plus] -DULTRASPARC -DMD5_BLOCK_DATA_ORDER \
+ *              -c md5-sparcv9.S
+ *
+ * and with gcc:
+ *
+ *      gcc -mcpu=ultrasparc -DULTRASPARC -DMD5_BLOCK_DATA_ORDER \
+ *              -c md5-sparcv9.S
+ *
+ * or if above fails (it does if you have gas):
+ *
+ *      gcc -E -DULTRASPARC -DMD5_BLOCK_DATA_ORDER md5_block.sparc.S | \
+ *              as -xarch=v8plus /dev/fd/0 -o md5-sparcv9.o
+ */
+
+#define A       %o0
+#define B       %o1
+#define C       %o2
+#define D       %o3
+#define T1      %o4
+#define T2      %o5
+
+#define R0      %l0
+#define R1      %l1
+#define R2      %l2
+#define R3      %l3
+#define R4      %l4
+#define R5      %l5
+#define R6      %l6
+#define R7      %l7
+#define R8      %i3
+#define R9      %i4
+#define R10     %i5
+#define R11     %g1
+#define R12     %g2
+#define R13     %g3
+#define RX      %g4
+
+#define Aptr    %i0+0
+#define Bptr    %i0+4
+#define Cptr    %i0+8
+#define Dptr    %i0+12
+
+#define Aval    R5      /* those not used at the end of the last round */
+#define Bval    R6
+#define Cval    R7
+#define Dval    R8
+
+#if defined(MD5_BLOCK_DATA_ORDER)
+# if defined(ULTRASPARC)
+#  define       LOAD                    lda
+#  define       X(i)                    [%i1+i*4]%asi
+#  define       md5_block               md5_block_asm_data_order_aligned
+#  define       ASI_PRIMARY_LITTLE      0x88
+# else
+#  error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!"
+# endif
+#else
+# define        LOAD                    ld
+# define        X(i)                    [%i1+i*4]
+# define        md5_block               md5_block_asm_host_order
+#endif
+
+.section        ".text",#alloc,#execinstr
+
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+  /* They've said -xarch=v9 at command line */
+  .register     %g2,#scratch
+  .register     %g3,#scratch
+# define        FRAME   -192
+#elif defined(__GNUC__) && defined(__arch64__)
+  /* They've said -m64 at command line */
+  .register     %g2,#scratch
+  .register     %g3,#scratch
+# define        FRAME   -192
+#else
+# define        FRAME   -96
+#endif
+
+.align  32
+
+.global md5_block
+md5_block:
+        save    %sp,FRAME,%sp
+
+        ld      [Dptr],D
+        ld      [Cptr],C
+        ld      [Bptr],B
+        ld      [Aptr],A
+#ifdef ASI_PRIMARY_LITTLE
+        rd      %asi,%o7        ! How dare I? Well, I just do:-)
+        wr      %g0,ASI_PRIMARY_LITTLE,%asi
+#endif
+        LOAD    X(0),R0
+
+.Lmd5_block_loop:
+
+!!!!!!!!Round 0
+
+        xor     C,D,T1
+        sethi   %hi(0xd76aa478),T2
+        and     T1,B,T1
+        or      T2,%lo(0xd76aa478),T2   !=
+        xor     T1,D,T1
+        add     T1,R0,T1
+        LOAD    X(1),R1
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,7,T2
+        srl     A,32-7,A
+        or      A,T2,A                  !=
+         xor     B,C,T1
+        add     A,B,A
+
+        sethi   %hi(0xe8c7b756),T2
+        and     T1,A,T1                 !=
+        or      T2,%lo(0xe8c7b756),T2
+        xor     T1,C,T1
+        LOAD    X(2),R2
+        add     T1,R1,T1                !=
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,12,T2
+        srl     D,32-12,D               !=
+        or      D,T2,D
+         xor     A,B,T1
+        add     D,A,D
+
+        sethi   %hi(0x242070db),T2      !=
+        and     T1,D,T1
+        or      T2,%lo(0x242070db),T2
+        xor     T1,B,T1
+        add     T1,R2,T1                !=
+        LOAD    X(3),R3
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,17,T2                 !=
+        srl     C,32-17,C
+        or      C,T2,C
+         xor     D,A,T1
+        add     C,D,C                   !=
+
+        sethi   %hi(0xc1bdceee),T2
+        and     T1,C,T1
+        or      T2,%lo(0xc1bdceee),T2
+        xor     T1,A,T1                 !=
+        add     T1,R3,T1
+        LOAD    X(4),R4
+        add     T1,T2,T1
+        add     B,T1,B                  !=
+        sll     B,22,T2
+        srl     B,32-22,B
+        or      B,T2,B
+         xor     C,D,T1                 !=
+        add     B,C,B
+
+        sethi   %hi(0xf57c0faf),T2
+        and     T1,B,T1
+        or      T2,%lo(0xf57c0faf),T2   !=
+        xor     T1,D,T1
+        add     T1,R4,T1
+        LOAD    X(5),R5
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,7,T2
+        srl     A,32-7,A
+        or      A,T2,A                  !=
+         xor     B,C,T1
+        add     A,B,A
+
+        sethi   %hi(0x4787c62a),T2
+        and     T1,A,T1                 !=
+        or      T2,%lo(0x4787c62a),T2
+        xor     T1,C,T1
+        LOAD    X(6),R6
+        add     T1,R5,T1                !=
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,12,T2
+        srl     D,32-12,D               !=
+        or      D,T2,D
+         xor     A,B,T1
+        add     D,A,D
+
+        sethi   %hi(0xa8304613),T2      !=
+        and     T1,D,T1
+        or      T2,%lo(0xa8304613),T2
+        xor     T1,B,T1
+        add     T1,R6,T1                !=
+        LOAD    X(7),R7
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,17,T2                 !=
+        srl     C,32-17,C
+        or      C,T2,C
+         xor     D,A,T1
+        add     C,D,C                   !=
+
+        sethi   %hi(0xfd469501),T2
+        and     T1,C,T1
+        or      T2,%lo(0xfd469501),T2
+        xor     T1,A,T1                 !=
+        add     T1,R7,T1
+        LOAD    X(8),R8
+        add     T1,T2,T1
+        add     B,T1,B                  !=
+        sll     B,22,T2
+        srl     B,32-22,B
+        or      B,T2,B
+         xor     C,D,T1                 !=
+        add     B,C,B
+
+        sethi   %hi(0x698098d8),T2
+        and     T1,B,T1
+        or      T2,%lo(0x698098d8),T2   !=
+        xor     T1,D,T1
+        add     T1,R8,T1
+        LOAD    X(9),R9
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,7,T2
+        srl     A,32-7,A
+        or      A,T2,A                  !=
+         xor     B,C,T1
+        add     A,B,A
+
+        sethi   %hi(0x8b44f7af),T2
+        and     T1,A,T1                 !=
+        or      T2,%lo(0x8b44f7af),T2
+        xor     T1,C,T1
+        LOAD    X(10),R10
+        add     T1,R9,T1                !=
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,12,T2
+        srl     D,32-12,D               !=
+        or      D,T2,D
+         xor     A,B,T1
+        add     D,A,D
+
+        sethi   %hi(0xffff5bb1),T2      !=
+        and     T1,D,T1
+        or      T2,%lo(0xffff5bb1),T2
+        xor     T1,B,T1
+        add     T1,R10,T1               !=
+        LOAD    X(11),R11
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,17,T2                 !=
+        srl     C,32-17,C
+        or      C,T2,C
+         xor     D,A,T1
+        add     C,D,C                   !=
+
+        sethi   %hi(0x895cd7be),T2
+        and     T1,C,T1
+        or      T2,%lo(0x895cd7be),T2
+        xor     T1,A,T1                 !=
+        add     T1,R11,T1
+        LOAD    X(12),R12
+        add     T1,T2,T1
+        add     B,T1,B                  !=
+        sll     B,22,T2
+        srl     B,32-22,B
+        or      B,T2,B
+         xor     C,D,T1                 !=
+        add     B,C,B
+
+        sethi   %hi(0x6b901122),T2
+        and     T1,B,T1
+        or      T2,%lo(0x6b901122),T2   !=
+        xor     T1,D,T1
+        add     T1,R12,T1
+        LOAD    X(13),R13
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,7,T2
+        srl     A,32-7,A
+        or      A,T2,A                  !=
+         xor     B,C,T1
+        add     A,B,A
+
+        sethi   %hi(0xfd987193),T2
+        and     T1,A,T1                 !=
+        or      T2,%lo(0xfd987193),T2
+        xor     T1,C,T1
+        LOAD    X(14),RX
+        add     T1,R13,T1               !=
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,12,T2
+        srl     D,32-12,D               !=
+        or      D,T2,D
+         xor     A,B,T1
+        add     D,A,D
+
+        sethi   %hi(0xa679438e),T2      !=
+        and     T1,D,T1
+        or      T2,%lo(0xa679438e),T2
+        xor     T1,B,T1
+        add     T1,RX,T1                !=
+        LOAD    X(15),RX
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,17,T2                 !=
+        srl     C,32-17,C
+        or      C,T2,C
+         xor     D,A,T1
+        add     C,D,C                   !=
+
+        sethi   %hi(0x49b40821),T2
+        and     T1,C,T1
+        or      T2,%lo(0x49b40821),T2
+        xor     T1,A,T1                 !=
+        add     T1,RX,T1
+        !pre-LOADed     X(1),R1
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,22,T2                 !=
+        srl     B,32-22,B
+        or      B,T2,B
+        add     B,C,B
+
+!!!!!!!!Round 1
+
+        xor     B,C,T1                  !=
+        sethi   %hi(0xf61e2562),T2
+        and     T1,D,T1
+        or      T2,%lo(0xf61e2562),T2
+        xor     T1,C,T1                 !=
+        add     T1,R1,T1
+        !pre-LOADed     X(6),R6
+        add     T1,T2,T1
+        add     A,T1,A
+        sll     A,5,T2                  !=
+        srl     A,32-5,A
+        or      A,T2,A
+        add     A,B,A
+
+        xor     A,B,T1                  !=
+        sethi   %hi(0xc040b340),T2
+        and     T1,C,T1
+        or      T2,%lo(0xc040b340),T2
+        xor     T1,B,T1                 !=
+        add     T1,R6,T1
+        !pre-LOADed     X(11),R11
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,9,T2                  !=
+        srl     D,32-9,D
+        or      D,T2,D
+        add     D,A,D
+
+        xor     D,A,T1                  !=
+        sethi   %hi(0x265e5a51),T2
+        and     T1,B,T1
+        or      T2,%lo(0x265e5a51),T2
+        xor     T1,A,T1                 !=
+        add     T1,R11,T1
+        !pre-LOADed     X(0),R0
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,14,T2                 !=
+        srl     C,32-14,C
+        or      C,T2,C
+        add     C,D,C
+
+        xor     C,D,T1                  !=
+        sethi   %hi(0xe9b6c7aa),T2
+        and     T1,A,T1
+        or      T2,%lo(0xe9b6c7aa),T2
+        xor     T1,D,T1                 !=
+        add     T1,R0,T1
+        !pre-LOADed     X(5),R5
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,20,T2                 !=
+        srl     B,32-20,B
+        or      B,T2,B
+        add     B,C,B
+
+        xor     B,C,T1                  !=
+        sethi   %hi(0xd62f105d),T2
+        and     T1,D,T1
+        or      T2,%lo(0xd62f105d),T2
+        xor     T1,C,T1                 !=
+        add     T1,R5,T1
+        !pre-LOADed     X(10),R10
+        add     T1,T2,T1
+        add     A,T1,A
+        sll     A,5,T2                  !=
+        srl     A,32-5,A
+        or      A,T2,A
+        add     A,B,A
+
+        xor     A,B,T1                  !=
+        sethi   %hi(0x02441453),T2
+        and     T1,C,T1
+        or      T2,%lo(0x02441453),T2
+        xor     T1,B,T1                 !=
+        add     T1,R10,T1
+        LOAD    X(15),RX
+        add     T1,T2,T1
+        add     D,T1,D                  !=
+        sll     D,9,T2
+        srl     D,32-9,D
+        or      D,T2,D
+        add     D,A,D                   !=
+
+        xor     D,A,T1
+        sethi   %hi(0xd8a1e681),T2
+        and     T1,B,T1
+        or      T2,%lo(0xd8a1e681),T2   !=
+        xor     T1,A,T1
+        add     T1,RX,T1
+        !pre-LOADed     X(4),R4
+        add     T1,T2,T1
+        add     C,T1,C                  !=
+        sll     C,14,T2
+        srl     C,32-14,C
+        or      C,T2,C
+        add     C,D,C                   !=
+
+        xor     C,D,T1
+        sethi   %hi(0xe7d3fbc8),T2
+        and     T1,A,T1
+        or      T2,%lo(0xe7d3fbc8),T2   !=
+        xor     T1,D,T1
+        add     T1,R4,T1
+        !pre-LOADed     X(9),R9
+        add     T1,T2,T1
+        add     B,T1,B                  !=
+        sll     B,20,T2
+        srl     B,32-20,B
+        or      B,T2,B
+        add     B,C,B                   !=
+
+        xor     B,C,T1
+        sethi   %hi(0x21e1cde6),T2
+        and     T1,D,T1
+        or      T2,%lo(0x21e1cde6),T2   !=
+        xor     T1,C,T1
+        add     T1,R9,T1
+        LOAD    X(14),RX
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,5,T2
+        srl     A,32-5,A
+        or      A,T2,A                  !=
+        add     A,B,A
+
+        xor     A,B,T1
+        sethi   %hi(0xc33707d6),T2
+        and     T1,C,T1                 !=
+        or      T2,%lo(0xc33707d6),T2
+        xor     T1,B,T1
+        add     T1,RX,T1
+        !pre-LOADed     X(3),R3
+        add     T1,T2,T1                !=
+        add     D,T1,D
+        sll     D,9,T2
+        srl     D,32-9,D
+        or      D,T2,D                  !=
+        add     D,A,D
+
+        xor     D,A,T1
+        sethi   %hi(0xf4d50d87),T2
+        and     T1,B,T1                 !=
+        or      T2,%lo(0xf4d50d87),T2
+        xor     T1,A,T1
+        add     T1,R3,T1
+        !pre-LOADed     X(8),R8
+        add     T1,T2,T1                !=
+        add     C,T1,C
+        sll     C,14,T2
+        srl     C,32-14,C
+        or      C,T2,C                  !=
+        add     C,D,C
+
+        xor     C,D,T1
+        sethi   %hi(0x455a14ed),T2
+        and     T1,A,T1                 !=
+        or      T2,%lo(0x455a14ed),T2
+        xor     T1,D,T1
+        add     T1,R8,T1
+        !pre-LOADed     X(13),R13
+        add     T1,T2,T1                !=
+        add     B,T1,B
+        sll     B,20,T2
+        srl     B,32-20,B
+        or      B,T2,B                  !=
+        add     B,C,B
+
+        xor     B,C,T1
+        sethi   %hi(0xa9e3e905),T2
+        and     T1,D,T1                 !=
+        or      T2,%lo(0xa9e3e905),T2
+        xor     T1,C,T1
+        add     T1,R13,T1
+        !pre-LOADed     X(2),R2
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,5,T2
+        srl     A,32-5,A
+        or      A,T2,A                  !=
+        add     A,B,A
+
+        xor     A,B,T1
+        sethi   %hi(0xfcefa3f8),T2
+        and     T1,C,T1                 !=
+        or      T2,%lo(0xfcefa3f8),T2
+        xor     T1,B,T1
+        add     T1,R2,T1
+        !pre-LOADed     X(7),R7
+        add     T1,T2,T1                !=
+        add     D,T1,D
+        sll     D,9,T2
+        srl     D,32-9,D
+        or      D,T2,D                  !=
+        add     D,A,D
+
+        xor     D,A,T1
+        sethi   %hi(0x676f02d9),T2
+        and     T1,B,T1                 !=
+        or      T2,%lo(0x676f02d9),T2
+        xor     T1,A,T1
+        add     T1,R7,T1
+        !pre-LOADed     X(12),R12
+        add     T1,T2,T1                !=
+        add     C,T1,C
+        sll     C,14,T2
+        srl     C,32-14,C
+        or      C,T2,C                  !=
+        add     C,D,C
+
+        xor     C,D,T1
+        sethi   %hi(0x8d2a4c8a),T2
+        and     T1,A,T1                 !=
+        or      T2,%lo(0x8d2a4c8a),T2
+        xor     T1,D,T1
+        add     T1,R12,T1
+        !pre-LOADed     X(5),R5
+        add     T1,T2,T1                !=
+        add     B,T1,B
+        sll     B,20,T2
+        srl     B,32-20,B
+        or      B,T2,B                  !=
+        add     B,C,B
+
+!!!!!!!!Round 2
+
+        xor     B,C,T1
+        sethi   %hi(0xfffa3942),T2
+        xor     T1,D,T1                 !=
+        or      T2,%lo(0xfffa3942),T2
+        add     T1,R5,T1
+        !pre-LOADed     X(8),R8
+        add     T1,T2,T1
+        add     A,T1,A                  !=
+        sll     A,4,T2
+        srl     A,32-4,A
+        or      A,T2,A
+        add     A,B,A                   !=
+
+        xor     A,B,T1
+        sethi   %hi(0x8771f681),T2
+        xor     T1,C,T1
+        or      T2,%lo(0x8771f681),T2   !=
+        add     T1,R8,T1
+        !pre-LOADed     X(11),R11
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,11,T2                 !=
+        srl     D,32-11,D
+        or      D,T2,D
+        add     D,A,D
+
+        xor     D,A,T1                  !=
+        sethi   %hi(0x6d9d6122),T2
+        xor     T1,B,T1
+        or      T2,%lo(0x6d9d6122),T2
+        add     T1,R11,T1               !=
+        LOAD    X(14),RX
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,16,T2                 !=
+        srl     C,32-16,C
+        or      C,T2,C
+        add     C,D,C
+
+        xor     C,D,T1                  !=
+        sethi   %hi(0xfde5380c),T2
+        xor     T1,A,T1
+        or      T2,%lo(0xfde5380c),T2
+        add     T1,RX,T1                !=
+        !pre-LOADed     X(1),R1
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,23,T2
+        srl     B,32-23,B               !=
+        or      B,T2,B
+        add     B,C,B
+
+        xor     B,C,T1
+        sethi   %hi(0xa4beea44),T2      !=
+        xor     T1,D,T1
+        or      T2,%lo(0xa4beea44),T2
+        add     T1,R1,T1
+        !pre-LOADed     X(4),R4
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,4,T2
+        srl     A,32-4,A
+        or      A,T2,A                  !=
+        add     A,B,A
+
+        xor     A,B,T1
+        sethi   %hi(0x4bdecfa9),T2
+        xor     T1,C,T1                 !=
+        or      T2,%lo(0x4bdecfa9),T2
+        add     T1,R4,T1
+        !pre-LOADed     X(7),R7
+        add     T1,T2,T1
+        add     D,T1,D                  !=
+        sll     D,11,T2
+        srl     D,32-11,D
+        or      D,T2,D
+        add     D,A,D                   !=
+
+        xor     D,A,T1
+        sethi   %hi(0xf6bb4b60),T2
+        xor     T1,B,T1
+        or      T2,%lo(0xf6bb4b60),T2   !=
+        add     T1,R7,T1
+        !pre-LOADed     X(10),R10
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,16,T2                 !=
+        srl     C,32-16,C
+        or      C,T2,C
+        add     C,D,C
+
+        xor     C,D,T1                  !=
+        sethi   %hi(0xbebfbc70),T2
+        xor     T1,A,T1
+        or      T2,%lo(0xbebfbc70),T2
+        add     T1,R10,T1               !=
+        !pre-LOADed     X(13),R13
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,23,T2
+        srl     B,32-23,B               !=
+        or      B,T2,B
+        add     B,C,B
+
+        xor     B,C,T1
+        sethi   %hi(0x289b7ec6),T2      !=
+        xor     T1,D,T1
+        or      T2,%lo(0x289b7ec6),T2
+        add     T1,R13,T1
+        !pre-LOADed     X(0),R0
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,4,T2
+        srl     A,32-4,A
+        or      A,T2,A                  !=
+        add     A,B,A
+
+        xor     A,B,T1
+        sethi   %hi(0xeaa127fa),T2
+        xor     T1,C,T1                 !=
+        or      T2,%lo(0xeaa127fa),T2
+        add     T1,R0,T1
+        !pre-LOADed     X(3),R3
+        add     T1,T2,T1
+        add     D,T1,D                  !=
+        sll     D,11,T2
+        srl     D,32-11,D
+        or      D,T2,D
+        add     D,A,D                   !=
+
+        xor     D,A,T1
+        sethi   %hi(0xd4ef3085),T2
+        xor     T1,B,T1
+        or      T2,%lo(0xd4ef3085),T2   !=
+        add     T1,R3,T1
+        !pre-LOADed     X(6),R6
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,16,T2                 !=
+        srl     C,32-16,C
+        or      C,T2,C
+        add     C,D,C
+
+        xor     C,D,T1                  !=
+        sethi   %hi(0x04881d05),T2
+        xor     T1,A,T1
+        or      T2,%lo(0x04881d05),T2
+        add     T1,R6,T1                !=
+        !pre-LOADed     X(9),R9
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,23,T2
+        srl     B,32-23,B               !=
+        or      B,T2,B
+        add     B,C,B
+
+        xor     B,C,T1
+        sethi   %hi(0xd9d4d039),T2      !=
+        xor     T1,D,T1
+        or      T2,%lo(0xd9d4d039),T2
+        add     T1,R9,T1
+        !pre-LOADed     X(12),R12
+        add     T1,T2,T1                !=
+        add     A,T1,A
+        sll     A,4,T2
+        srl     A,32-4,A
+        or      A,T2,A                  !=
+        add     A,B,A
+
+        xor     A,B,T1
+        sethi   %hi(0xe6db99e5),T2
+        xor     T1,C,T1                 !=
+        or      T2,%lo(0xe6db99e5),T2
+        add     T1,R12,T1
+        LOAD    X(15),RX
+        add     T1,T2,T1                !=
+        add     D,T1,D
+        sll     D,11,T2
+        srl     D,32-11,D
+        or      D,T2,D                  !=
+        add     D,A,D
+
+        xor     D,A,T1
+        sethi   %hi(0x1fa27cf8),T2
+        xor     T1,B,T1                 !=
+        or      T2,%lo(0x1fa27cf8),T2
+        add     T1,RX,T1
+        !pre-LOADed     X(2),R2
+        add     T1,T2,T1
+        add     C,T1,C                  !=
+        sll     C,16,T2
+        srl     C,32-16,C
+        or      C,T2,C
+        add     C,D,C                   !=
+
+        xor     C,D,T1
+        sethi   %hi(0xc4ac5665),T2
+        xor     T1,A,T1
+        or      T2,%lo(0xc4ac5665),T2   !=
+        add     T1,R2,T1
+        !pre-LOADed     X(0),R0
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,23,T2                 !=
+        srl     B,32-23,B
+        or      B,T2,B
+        add     B,C,B
+
+!!!!!!!!Round 3
+
+        orn     B,D,T1                  !=
+        sethi   %hi(0xf4292244),T2
+        xor     T1,C,T1
+        or      T2,%lo(0xf4292244),T2
+        add     T1,R0,T1                !=
+        !pre-LOADed     X(7),R7
+        add     T1,T2,T1
+        add     A,T1,A
+        sll     A,6,T2
+        srl     A,32-6,A                !=
+        or      A,T2,A
+        add     A,B,A
+
+        orn     A,C,T1
+        sethi   %hi(0x432aff97),T2      !=
+        xor     T1,B,T1
+        or      T2,%lo(0x432aff97),T2
+        LOAD    X(14),RX
+        add     T1,R7,T1                !=
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,10,T2
+        srl     D,32-10,D               !=
+        or      D,T2,D
+        add     D,A,D
+
+        orn     D,B,T1
+        sethi   %hi(0xab9423a7),T2      !=
+        xor     T1,A,T1
+        or      T2,%lo(0xab9423a7),T2
+        add     T1,RX,T1
+        !pre-LOADed     X(5),R5
+        add     T1,T2,T1                !=
+        add     C,T1,C
+        sll     C,15,T2
+        srl     C,32-15,C
+        or      C,T2,C                  !=
+        add     C,D,C
+
+        orn     C,A,T1
+        sethi   %hi(0xfc93a039),T2
+        xor     T1,D,T1                 !=
+        or      T2,%lo(0xfc93a039),T2
+        add     T1,R5,T1
+        !pre-LOADed     X(12),R12
+        add     T1,T2,T1
+        add     B,T1,B                  !=
+        sll     B,21,T2
+        srl     B,32-21,B
+        or      B,T2,B
+        add     B,C,B                   !=
+
+        orn     B,D,T1
+        sethi   %hi(0x655b59c3),T2
+        xor     T1,C,T1
+        or      T2,%lo(0x655b59c3),T2   !=
+        add     T1,R12,T1
+        !pre-LOADed     X(3),R3
+        add     T1,T2,T1
+        add     A,T1,A
+        sll     A,6,T2                  !=
+        srl     A,32-6,A
+        or      A,T2,A
+        add     A,B,A
+
+        orn     A,C,T1                  !=
+        sethi   %hi(0x8f0ccc92),T2
+        xor     T1,B,T1
+        or      T2,%lo(0x8f0ccc92),T2
+        add     T1,R3,T1                !=
+        !pre-LOADed     X(10),R10
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,10,T2
+        srl     D,32-10,D               !=
+        or      D,T2,D
+        add     D,A,D
+
+        orn     D,B,T1
+        sethi   %hi(0xffeff47d),T2      !=
+        xor     T1,A,T1
+        or      T2,%lo(0xffeff47d),T2
+        add     T1,R10,T1
+        !pre-LOADed     X(1),R1
+        add     T1,T2,T1                !=
+        add     C,T1,C
+        sll     C,15,T2
+        srl     C,32-15,C
+        or      C,T2,C                  !=
+        add     C,D,C
+
+        orn     C,A,T1
+        sethi   %hi(0x85845dd1),T2
+        xor     T1,D,T1                 !=
+        or      T2,%lo(0x85845dd1),T2
+        add     T1,R1,T1
+        !pre-LOADed     X(8),R8
+        add     T1,T2,T1
+        add     B,T1,B                  !=
+        sll     B,21,T2
+        srl     B,32-21,B
+        or      B,T2,B
+        add     B,C,B                   !=
+
+        orn     B,D,T1
+        sethi   %hi(0x6fa87e4f),T2
+        xor     T1,C,T1
+        or      T2,%lo(0x6fa87e4f),T2   !=
+        add     T1,R8,T1
+        LOAD    X(15),RX
+        add     T1,T2,T1
+        add     A,T1,A                  !=
+        sll     A,6,T2
+        srl     A,32-6,A
+        or      A,T2,A
+        add     A,B,A                   !=
+
+        orn     A,C,T1
+        sethi   %hi(0xfe2ce6e0),T2
+        xor     T1,B,T1
+        or      T2,%lo(0xfe2ce6e0),T2   !=
+        add     T1,RX,T1
+        !pre-LOADed     X(6),R6
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,10,T2                 !=
+        srl     D,32-10,D
+        or      D,T2,D
+        add     D,A,D
+
+        orn     D,B,T1                  !=
+        sethi   %hi(0xa3014314),T2
+        xor     T1,A,T1
+        or      T2,%lo(0xa3014314),T2
+        add     T1,R6,T1                !=
+        !pre-LOADed     X(13),R13
+        add     T1,T2,T1
+        add     C,T1,C
+        sll     C,15,T2
+        srl     C,32-15,C               !=
+        or      C,T2,C
+        add     C,D,C
+
+        orn     C,A,T1
+        sethi   %hi(0x4e0811a1),T2      !=
+        xor     T1,D,T1
+        or      T2,%lo(0x4e0811a1),T2
+        !pre-LOADed     X(4),R4
+         ld      [Aptr],Aval
+        add     T1,R13,T1               !=
+        add     T1,T2,T1
+        add     B,T1,B
+        sll     B,21,T2
+        srl     B,32-21,B               !=
+        or      B,T2,B
+        add     B,C,B
+
+        orn     B,D,T1
+        sethi   %hi(0xf7537e82),T2      !=
+        xor     T1,C,T1
+        or      T2,%lo(0xf7537e82),T2
+        !pre-LOADed     X(11),R11
+         ld      [Dptr],Dval
+        add     T1,R4,T1                !=
+        add     T1,T2,T1
+        add     A,T1,A
+        sll     A,6,T2
+        srl     A,32-6,A                !=
+        or      A,T2,A
+        add     A,B,A
+
+        orn     A,C,T1
+        sethi   %hi(0xbd3af235),T2      !=
+        xor     T1,B,T1
+        or      T2,%lo(0xbd3af235),T2
+        !pre-LOADed     X(2),R2
+         ld      [Cptr],Cval
+        add     T1,R11,T1               !=
+        add     T1,T2,T1
+        add     D,T1,D
+        sll     D,10,T2
+        srl     D,32-10,D               !=
+        or      D,T2,D
+        add     D,A,D
+
+        orn     D,B,T1
+        sethi   %hi(0x2ad7d2bb),T2      !=
+        xor     T1,A,T1
+        or      T2,%lo(0x2ad7d2bb),T2
+        !pre-LOADed     X(9),R9
+         ld      [Bptr],Bval
+        add     T1,R2,T1                !=
+         add     Aval,A,Aval
+        add     T1,T2,T1
+         st      Aval,[Aptr]
+        add     C,T1,C                  !=
+        sll     C,15,T2
+         add     Dval,D,Dval
+        srl     C,32-15,C
+        or      C,T2,C                  !=
+         st      Dval,[Dptr]
+        add     C,D,C
+
+        orn     C,A,T1
+        sethi   %hi(0xeb86d391),T2      !=
+        xor     T1,D,T1
+        or      T2,%lo(0xeb86d391),T2
+        add     T1,R9,T1
+        !pre-LOADed     X(0),R0
+         mov     Aval,A                 !=
+        add     T1,T2,T1
+         mov     Dval,D
+        add     B,T1,B
+        sll     B,21,T2                 !=
+         add     Cval,C,Cval
+        srl     B,32-21,B
+         st      Cval,[Cptr]
+        or      B,T2,B                  !=
+        add     B,C,B
+
+        deccc   %i2
+        mov     Cval,C
+        add     B,Bval,B                !=
+        inc     64,%i1
+        nop
+        st      B,[Bptr]
+        nop                             !=
+
+#ifdef  ULTRASPARC
+        bg,a,pt %icc,.Lmd5_block_loop
+#else
+        bg,a    .Lmd5_block_loop
+#endif
+        LOAD    X(0),R0
+
+#ifdef ASI_PRIMARY_LITTLE
+        wr      %g0,%o7,%asi
+#endif
+        ret
+        restore %g0,0,%o0
+
+.type   md5_block,#function
+.size   md5_block,(.-md5_block)
diff --git a/src/lib/libcrypto/objects/obj_mac.h b/src/lib/libcrypto/objects/obj_mac.h
new file mode 100644
index 0000000000..401b1e5a1b
--- /dev/null
+++ b/src/lib/libcrypto/objects/obj_mac.h
@@ -0,0 +1,1798 @@
+/* lib/obj/obj_mac.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
+ * following command:
+ * perl objects.pl objects.txt obj_mac.num obj_mac.h
+ */
+
+#define SN_undef                        "UNDEF"
+#define LN_undef                        "undefined"
+#define NID_undef                       0
+#define OBJ_undef                       0L
+
+#define SN_iso          "ISO"
+#define LN_iso          "iso"
+#define NID_iso         181
+#define OBJ_iso         1L
+
+#define SN_member_body          "member-body"
+#define LN_member_body          "ISO Member Body"
+#define NID_member_body         182
+#define OBJ_member_body         OBJ_iso,2L
+
+#define SN_ISO_US               "ISO-US"
+#define LN_ISO_US               "ISO US Member Body"
+#define NID_ISO_US              183
+#define OBJ_ISO_US              OBJ_member_body,840L
+
+#define SN_X9_57                "X9-57"
+#define LN_X9_57                "X9.57"
+#define NID_X9_57               184
+#define OBJ_X9_57               OBJ_ISO_US,10040L
+
+#define SN_X9cm         "X9cm"
+#define LN_X9cm         "X9.57 CM ?"
+#define NID_X9cm                185
+#define OBJ_X9cm                OBJ_X9_57,4L
+
+#define SN_dsa          "DSA"
+#define LN_dsa          "dsaEncryption"
+#define NID_dsa         116
+#define OBJ_dsa         OBJ_X9cm,1L
+
+#define SN_dsaWithSHA1          "DSA-SHA1"
+#define LN_dsaWithSHA1          "dsaWithSHA1"
+#define NID_dsaWithSHA1         113
+#define OBJ_dsaWithSHA1         OBJ_X9cm,3L
+
+#define SN_cast5_cbc            "CAST5-CBC"
+#define LN_cast5_cbc            "cast5-cbc"
+#define NID_cast5_cbc           108
+#define OBJ_cast5_cbc           OBJ_ISO_US,113533L,7L,66L,10L
+
+#define SN_cast5_ecb            "CAST5-ECB"
+#define LN_cast5_ecb            "cast5-ecb"
+#define NID_cast5_ecb           109
+
+#define SN_cast5_cfb64          "CAST5-CFB"
+#define LN_cast5_cfb64          "cast5-cfb"
+#define NID_cast5_cfb64         110
+
+#define SN_cast5_ofb64          "CAST5-OFB"
+#define LN_cast5_ofb64          "cast5-ofb"
+#define NID_cast5_ofb64         111
+
+#define LN_pbeWithMD5AndCast5_CBC               "pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC              112
+#define OBJ_pbeWithMD5AndCast5_CBC              OBJ_ISO_US,113533L,7L,66L,12L
+
+#define SN_rsadsi               "rsadsi"
+#define LN_rsadsi               "RSA Data Security, Inc."
+#define NID_rsadsi              1
+#define OBJ_rsadsi              OBJ_ISO_US,113549L
+
+#define SN_pkcs         "pkcs"
+#define LN_pkcs         "RSA Data Security, Inc. PKCS"
+#define NID_pkcs                2
+#define OBJ_pkcs                OBJ_rsadsi,1L
+
+#define SN_pkcs1                "pkcs1"
+#define NID_pkcs1               186
+#define OBJ_pkcs1               OBJ_pkcs,1L
+
+#define LN_rsaEncryption                "rsaEncryption"
+#define NID_rsaEncryption               6
+#define OBJ_rsaEncryption               OBJ_pkcs1,1L
+
+#define SN_md2WithRSAEncryption         "RSA-MD2"
+#define LN_md2WithRSAEncryption         "md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption                7
+#define OBJ_md2WithRSAEncryption                OBJ_pkcs1,2L
+
+#define SN_md5WithRSAEncryption         "RSA-MD5"
+#define LN_md5WithRSAEncryption         "md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption                8
+#define OBJ_md5WithRSAEncryption                OBJ_pkcs1,4L
+
+#define SN_sha1WithRSAEncryption                "RSA-SHA1"
+#define LN_sha1WithRSAEncryption                "sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption               65
+#define OBJ_sha1WithRSAEncryption               OBJ_pkcs1,5L
+
+#define SN_pkcs3                "pkcs3"
+#define NID_pkcs3               27
+#define OBJ_pkcs3               OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement               "dhKeyAgreement"
+#define NID_dhKeyAgreement              28
+#define OBJ_dhKeyAgreement              OBJ_pkcs3,1L
+
+#define SN_pkcs5                "pkcs5"
+#define NID_pkcs5               187
+#define OBJ_pkcs5               OBJ_pkcs,5L
+
+#define SN_pbeWithMD2AndDES_CBC         "PBE-MD2-DES"
+#define LN_pbeWithMD2AndDES_CBC         "pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC                9
+#define OBJ_pbeWithMD2AndDES_CBC                OBJ_pkcs5,1L
+
+#define SN_pbeWithMD5AndDES_CBC         "PBE-MD5-DES"
+#define LN_pbeWithMD5AndDES_CBC         "pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC                10
+#define OBJ_pbeWithMD5AndDES_CBC                OBJ_pkcs5,3L
+
+#define SN_pbeWithMD2AndRC2_CBC         "PBE-MD2-RC2-64"
+#define LN_pbeWithMD2AndRC2_CBC         "pbeWithMD2AndRC2-CBC"
+#define NID_pbeWithMD2AndRC2_CBC                168
+#define OBJ_pbeWithMD2AndRC2_CBC                OBJ_pkcs5,4L
+
+#define SN_pbeWithMD5AndRC2_CBC         "PBE-MD5-RC2-64"
+#define LN_pbeWithMD5AndRC2_CBC         "pbeWithMD5AndRC2-CBC"
+#define NID_pbeWithMD5AndRC2_CBC                169
+#define OBJ_pbeWithMD5AndRC2_CBC                OBJ_pkcs5,6L
+
+#define SN_pbeWithSHA1AndDES_CBC                "PBE-SHA1-DES"
+#define LN_pbeWithSHA1AndDES_CBC                "pbeWithSHA1AndDES-CBC"
+#define NID_pbeWithSHA1AndDES_CBC               170
+#define OBJ_pbeWithSHA1AndDES_CBC               OBJ_pkcs5,10L
+
+#define SN_pbeWithSHA1AndRC2_CBC                "PBE-SHA1-RC2-64"
+#define LN_pbeWithSHA1AndRC2_CBC                "pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC               68
+#define OBJ_pbeWithSHA1AndRC2_CBC               OBJ_pkcs5,11L
+
+#define LN_id_pbkdf2            "PBKDF2"
+#define NID_id_pbkdf2           69
+#define OBJ_id_pbkdf2           OBJ_pkcs5,12L
+
+#define LN_pbes2                "PBES2"
+#define NID_pbes2               161
+#define OBJ_pbes2               OBJ_pkcs5,13L
+
+#define LN_pbmac1               "PBMAC1"
+#define NID_pbmac1              162
+#define OBJ_pbmac1              OBJ_pkcs5,14L
+
+#define SN_pkcs7                "pkcs7"
+#define NID_pkcs7               20
+#define OBJ_pkcs7               OBJ_pkcs,7L
+
+#define LN_pkcs7_data           "pkcs7-data"
+#define NID_pkcs7_data          21
+#define OBJ_pkcs7_data          OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed         "pkcs7-signedData"
+#define NID_pkcs7_signed                22
+#define OBJ_pkcs7_signed                OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped              "pkcs7-envelopedData"
+#define NID_pkcs7_enveloped             23
+#define OBJ_pkcs7_enveloped             OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped             "pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped            24
+#define OBJ_pkcs7_signedAndEnveloped            OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest         "pkcs7-digestData"
+#define NID_pkcs7_digest                25
+#define OBJ_pkcs7_digest                OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted              "pkcs7-encryptedData"
+#define NID_pkcs7_encrypted             26
+#define OBJ_pkcs7_encrypted             OBJ_pkcs7,6L
+
+#define SN_pkcs9                "pkcs9"
+#define NID_pkcs9               47
+#define OBJ_pkcs9               OBJ_pkcs,9L
+
+#define SN_pkcs9_emailAddress           "Email"
+#define LN_pkcs9_emailAddress           "emailAddress"
+#define NID_pkcs9_emailAddress          48
+#define OBJ_pkcs9_emailAddress          OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName               "unstructuredName"
+#define NID_pkcs9_unstructuredName              49
+#define OBJ_pkcs9_unstructuredName              OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType            "contentType"
+#define NID_pkcs9_contentType           50
+#define OBJ_pkcs9_contentType           OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest          "messageDigest"
+#define NID_pkcs9_messageDigest         51
+#define OBJ_pkcs9_messageDigest         OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime            "signingTime"
+#define NID_pkcs9_signingTime           52
+#define OBJ_pkcs9_signingTime           OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature               "countersignature"
+#define NID_pkcs9_countersignature              53
+#define OBJ_pkcs9_countersignature              OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword              "challengePassword"
+#define NID_pkcs9_challengePassword             54
+#define OBJ_pkcs9_challengePassword             OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress            "unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress           55
+#define OBJ_pkcs9_unstructuredAddress           OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes              "extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes             56
+#define OBJ_pkcs9_extCertAttributes             OBJ_pkcs9,9L
+
+#define SN_ext_req              "extReq"
+#define LN_ext_req              "Extension Request"
+#define NID_ext_req             172
+#define OBJ_ext_req             OBJ_pkcs9,14L
+
+#define SN_SMIMECapabilities            "SMIME-CAPS"
+#define LN_SMIMECapabilities            "S/MIME Capabilities"
+#define NID_SMIMECapabilities           167
+#define OBJ_SMIMECapabilities           OBJ_pkcs9,15L
+
+#define SN_SMIME                "SMIME"
+#define LN_SMIME                "S/MIME"
+#define NID_SMIME               188
+#define OBJ_SMIME               OBJ_pkcs9,16L
+
+#define SN_id_smime_mod         "id-smime-mod"
+#define NID_id_smime_mod                189
+#define OBJ_id_smime_mod                OBJ_SMIME,0L
+
+#define SN_id_smime_ct          "id-smime-ct"
+#define NID_id_smime_ct         190
+#define OBJ_id_smime_ct         OBJ_SMIME,1L
+
+#define SN_id_smime_aa          "id-smime-aa"
+#define NID_id_smime_aa         191
+#define OBJ_id_smime_aa         OBJ_SMIME,2L
+
+#define SN_id_smime_alg         "id-smime-alg"
+#define NID_id_smime_alg                192
+#define OBJ_id_smime_alg                OBJ_SMIME,3L
+
+#define SN_id_smime_cd          "id-smime-cd"
+#define NID_id_smime_cd         193
+#define OBJ_id_smime_cd         OBJ_SMIME,4L
+
+#define SN_id_smime_spq         "id-smime-spq"
+#define NID_id_smime_spq                194
+#define OBJ_id_smime_spq                OBJ_SMIME,5L
+
+#define SN_id_smime_cti         "id-smime-cti"
+#define NID_id_smime_cti                195
+#define OBJ_id_smime_cti                OBJ_SMIME,6L
+
+#define SN_id_smime_mod_cms             "id-smime-mod-cms"
+#define NID_id_smime_mod_cms            196
+#define OBJ_id_smime_mod_cms            OBJ_id_smime_mod,1L
+
+#define SN_id_smime_mod_ess             "id-smime-mod-ess"
+#define NID_id_smime_mod_ess            197
+#define OBJ_id_smime_mod_ess            OBJ_id_smime_mod,2L
+
+#define SN_id_smime_mod_oid             "id-smime-mod-oid"
+#define NID_id_smime_mod_oid            198
+#define OBJ_id_smime_mod_oid            OBJ_id_smime_mod,3L
+
+#define SN_id_smime_mod_msg_v3          "id-smime-mod-msg-v3"
+#define NID_id_smime_mod_msg_v3         199
+#define OBJ_id_smime_mod_msg_v3         OBJ_id_smime_mod,4L
+
+#define SN_id_smime_mod_ets_eSignature_88               "id-smime-mod-ets-eSignature-88"
+#define NID_id_smime_mod_ets_eSignature_88              200
+#define OBJ_id_smime_mod_ets_eSignature_88              OBJ_id_smime_mod,5L
+
+#define SN_id_smime_mod_ets_eSignature_97               "id-smime-mod-ets-eSignature-97"
+#define NID_id_smime_mod_ets_eSignature_97              201
+#define OBJ_id_smime_mod_ets_eSignature_97              OBJ_id_smime_mod,6L
+
+#define SN_id_smime_mod_ets_eSigPolicy_88               "id-smime-mod-ets-eSigPolicy-88"
+#define NID_id_smime_mod_ets_eSigPolicy_88              202
+#define OBJ_id_smime_mod_ets_eSigPolicy_88              OBJ_id_smime_mod,7L
+
+#define SN_id_smime_mod_ets_eSigPolicy_97               "id-smime-mod-ets-eSigPolicy-97"
+#define NID_id_smime_mod_ets_eSigPolicy_97              203
+#define OBJ_id_smime_mod_ets_eSigPolicy_97              OBJ_id_smime_mod,8L
+
+#define SN_id_smime_ct_receipt          "id-smime-ct-receipt"
+#define NID_id_smime_ct_receipt         204
+#define OBJ_id_smime_ct_receipt         OBJ_id_smime_ct,1L
+
+#define SN_id_smime_ct_authData         "id-smime-ct-authData"
+#define NID_id_smime_ct_authData                205
+#define OBJ_id_smime_ct_authData                OBJ_id_smime_ct,2L
+
+#define SN_id_smime_ct_publishCert              "id-smime-ct-publishCert"
+#define NID_id_smime_ct_publishCert             206
+#define OBJ_id_smime_ct_publishCert             OBJ_id_smime_ct,3L
+
+#define SN_id_smime_ct_TSTInfo          "id-smime-ct-TSTInfo"
+#define NID_id_smime_ct_TSTInfo         207
+#define OBJ_id_smime_ct_TSTInfo         OBJ_id_smime_ct,4L
+
+#define SN_id_smime_ct_TDTInfo          "id-smime-ct-TDTInfo"
+#define NID_id_smime_ct_TDTInfo         208
+#define OBJ_id_smime_ct_TDTInfo         OBJ_id_smime_ct,5L
+
+#define SN_id_smime_ct_contentInfo              "id-smime-ct-contentInfo"
+#define NID_id_smime_ct_contentInfo             209
+#define OBJ_id_smime_ct_contentInfo             OBJ_id_smime_ct,6L
+
+#define SN_id_smime_ct_DVCSRequestData          "id-smime-ct-DVCSRequestData"
+#define NID_id_smime_ct_DVCSRequestData         210
+#define OBJ_id_smime_ct_DVCSRequestData         OBJ_id_smime_ct,7L
+
+#define SN_id_smime_ct_DVCSResponseData         "id-smime-ct-DVCSResponseData"
+#define NID_id_smime_ct_DVCSResponseData                211
+#define OBJ_id_smime_ct_DVCSResponseData                OBJ_id_smime_ct,8L
+
+#define SN_id_smime_aa_receiptRequest           "id-smime-aa-receiptRequest"
+#define NID_id_smime_aa_receiptRequest          212
+#define OBJ_id_smime_aa_receiptRequest          OBJ_id_smime_aa,1L
+
+#define SN_id_smime_aa_securityLabel            "id-smime-aa-securityLabel"
+#define NID_id_smime_aa_securityLabel           213
+#define OBJ_id_smime_aa_securityLabel           OBJ_id_smime_aa,2L
+
+#define SN_id_smime_aa_mlExpandHistory          "id-smime-aa-mlExpandHistory"
+#define NID_id_smime_aa_mlExpandHistory         214
+#define OBJ_id_smime_aa_mlExpandHistory         OBJ_id_smime_aa,3L
+
+#define SN_id_smime_aa_contentHint              "id-smime-aa-contentHint"
+#define NID_id_smime_aa_contentHint             215
+#define OBJ_id_smime_aa_contentHint             OBJ_id_smime_aa,4L
+
+#define SN_id_smime_aa_msgSigDigest             "id-smime-aa-msgSigDigest"
+#define NID_id_smime_aa_msgSigDigest            216
+#define OBJ_id_smime_aa_msgSigDigest            OBJ_id_smime_aa,5L
+
+#define SN_id_smime_aa_encapContentType         "id-smime-aa-encapContentType"
+#define NID_id_smime_aa_encapContentType                217
+#define OBJ_id_smime_aa_encapContentType                OBJ_id_smime_aa,6L
+
+#define SN_id_smime_aa_contentIdentifier                "id-smime-aa-contentIdentifier"
+#define NID_id_smime_aa_contentIdentifier               218
+#define OBJ_id_smime_aa_contentIdentifier               OBJ_id_smime_aa,7L
+
+#define SN_id_smime_aa_macValue         "id-smime-aa-macValue"
+#define NID_id_smime_aa_macValue                219
+#define OBJ_id_smime_aa_macValue                OBJ_id_smime_aa,8L
+
+#define SN_id_smime_aa_equivalentLabels         "id-smime-aa-equivalentLabels"
+#define NID_id_smime_aa_equivalentLabels                220
+#define OBJ_id_smime_aa_equivalentLabels                OBJ_id_smime_aa,9L
+
+#define SN_id_smime_aa_contentReference         "id-smime-aa-contentReference"
+#define NID_id_smime_aa_contentReference                221
+#define OBJ_id_smime_aa_contentReference                OBJ_id_smime_aa,10L
+
+#define SN_id_smime_aa_encrypKeyPref            "id-smime-aa-encrypKeyPref"
+#define NID_id_smime_aa_encrypKeyPref           222
+#define OBJ_id_smime_aa_encrypKeyPref           OBJ_id_smime_aa,11L
+
+#define SN_id_smime_aa_signingCertificate               "id-smime-aa-signingCertificate"
+#define NID_id_smime_aa_signingCertificate              223
+#define OBJ_id_smime_aa_signingCertificate              OBJ_id_smime_aa,12L
+
+#define SN_id_smime_aa_smimeEncryptCerts                "id-smime-aa-smimeEncryptCerts"
+#define NID_id_smime_aa_smimeEncryptCerts               224
+#define OBJ_id_smime_aa_smimeEncryptCerts               OBJ_id_smime_aa,13L
+
+#define SN_id_smime_aa_timeStampToken           "id-smime-aa-timeStampToken"
+#define NID_id_smime_aa_timeStampToken          225
+#define OBJ_id_smime_aa_timeStampToken          OBJ_id_smime_aa,14L
+
+#define SN_id_smime_aa_ets_sigPolicyId          "id-smime-aa-ets-sigPolicyId"
+#define NID_id_smime_aa_ets_sigPolicyId         226
+#define OBJ_id_smime_aa_ets_sigPolicyId         OBJ_id_smime_aa,15L
+
+#define SN_id_smime_aa_ets_commitmentType               "id-smime-aa-ets-commitmentType"
+#define NID_id_smime_aa_ets_commitmentType              227
+#define OBJ_id_smime_aa_ets_commitmentType              OBJ_id_smime_aa,16L
+
+#define SN_id_smime_aa_ets_signerLocation               "id-smime-aa-ets-signerLocation"
+#define NID_id_smime_aa_ets_signerLocation              228
+#define OBJ_id_smime_aa_ets_signerLocation              OBJ_id_smime_aa,17L
+
+#define SN_id_smime_aa_ets_signerAttr           "id-smime-aa-ets-signerAttr"
+#define NID_id_smime_aa_ets_signerAttr          229
+#define OBJ_id_smime_aa_ets_signerAttr          OBJ_id_smime_aa,18L
+
+#define SN_id_smime_aa_ets_otherSigCert         "id-smime-aa-ets-otherSigCert"
+#define NID_id_smime_aa_ets_otherSigCert                230
+#define OBJ_id_smime_aa_ets_otherSigCert                OBJ_id_smime_aa,19L
+
+#define SN_id_smime_aa_ets_contentTimestamp             "id-smime-aa-ets-contentTimestamp"
+#define NID_id_smime_aa_ets_contentTimestamp            231
+#define OBJ_id_smime_aa_ets_contentTimestamp            OBJ_id_smime_aa,20L
+
+#define SN_id_smime_aa_ets_CertificateRefs              "id-smime-aa-ets-CertificateRefs"
+#define NID_id_smime_aa_ets_CertificateRefs             232
+#define OBJ_id_smime_aa_ets_CertificateRefs             OBJ_id_smime_aa,21L
+
+#define SN_id_smime_aa_ets_RevocationRefs               "id-smime-aa-ets-RevocationRefs"
+#define NID_id_smime_aa_ets_RevocationRefs              233
+#define OBJ_id_smime_aa_ets_RevocationRefs              OBJ_id_smime_aa,22L
+
+#define SN_id_smime_aa_ets_certValues           "id-smime-aa-ets-certValues"
+#define NID_id_smime_aa_ets_certValues          234
+#define OBJ_id_smime_aa_ets_certValues          OBJ_id_smime_aa,23L
+
+#define SN_id_smime_aa_ets_revocationValues             "id-smime-aa-ets-revocationValues"
+#define NID_id_smime_aa_ets_revocationValues            235
+#define OBJ_id_smime_aa_ets_revocationValues            OBJ_id_smime_aa,24L
+
+#define SN_id_smime_aa_ets_escTimeStamp         "id-smime-aa-ets-escTimeStamp"
+#define NID_id_smime_aa_ets_escTimeStamp                236
+#define OBJ_id_smime_aa_ets_escTimeStamp                OBJ_id_smime_aa,25L
+
+#define SN_id_smime_aa_ets_certCRLTimestamp             "id-smime-aa-ets-certCRLTimestamp"
+#define NID_id_smime_aa_ets_certCRLTimestamp            237
+#define OBJ_id_smime_aa_ets_certCRLTimestamp            OBJ_id_smime_aa,26L
+
+#define SN_id_smime_aa_ets_archiveTimeStamp             "id-smime-aa-ets-archiveTimeStamp"
+#define NID_id_smime_aa_ets_archiveTimeStamp            238
+#define OBJ_id_smime_aa_ets_archiveTimeStamp            OBJ_id_smime_aa,27L
+
+#define SN_id_smime_aa_signatureType            "id-smime-aa-signatureType"
+#define NID_id_smime_aa_signatureType           239
+#define OBJ_id_smime_aa_signatureType           OBJ_id_smime_aa,28L
+
+#define SN_id_smime_aa_dvcs_dvc         "id-smime-aa-dvcs-dvc"
+#define NID_id_smime_aa_dvcs_dvc                240
+#define OBJ_id_smime_aa_dvcs_dvc                OBJ_id_smime_aa,29L
+
+#define SN_id_smime_alg_ESDHwith3DES            "id-smime-alg-ESDHwith3DES"
+#define NID_id_smime_alg_ESDHwith3DES           241
+#define OBJ_id_smime_alg_ESDHwith3DES           OBJ_id_smime_alg,1L
+
+#define SN_id_smime_alg_ESDHwithRC2             "id-smime-alg-ESDHwithRC2"
+#define NID_id_smime_alg_ESDHwithRC2            242
+#define OBJ_id_smime_alg_ESDHwithRC2            OBJ_id_smime_alg,2L
+
+#define SN_id_smime_alg_3DESwrap                "id-smime-alg-3DESwrap"
+#define NID_id_smime_alg_3DESwrap               243
+#define OBJ_id_smime_alg_3DESwrap               OBJ_id_smime_alg,3L
+
+#define SN_id_smime_alg_RC2wrap         "id-smime-alg-RC2wrap"
+#define NID_id_smime_alg_RC2wrap                244
+#define OBJ_id_smime_alg_RC2wrap                OBJ_id_smime_alg,4L
+
+#define SN_id_smime_alg_ESDH            "id-smime-alg-ESDH"
+#define NID_id_smime_alg_ESDH           245
+#define OBJ_id_smime_alg_ESDH           OBJ_id_smime_alg,5L
+
+#define SN_id_smime_alg_CMS3DESwrap             "id-smime-alg-CMS3DESwrap"
+#define NID_id_smime_alg_CMS3DESwrap            246
+#define OBJ_id_smime_alg_CMS3DESwrap            OBJ_id_smime_alg,6L
+
+#define SN_id_smime_alg_CMSRC2wrap              "id-smime-alg-CMSRC2wrap"
+#define NID_id_smime_alg_CMSRC2wrap             247
+#define OBJ_id_smime_alg_CMSRC2wrap             OBJ_id_smime_alg,7L
+
+#define SN_id_smime_cd_ldap             "id-smime-cd-ldap"
+#define NID_id_smime_cd_ldap            248
+#define OBJ_id_smime_cd_ldap            OBJ_id_smime_cd,1L
+
+#define SN_id_smime_spq_ets_sqt_uri             "id-smime-spq-ets-sqt-uri"
+#define NID_id_smime_spq_ets_sqt_uri            249
+#define OBJ_id_smime_spq_ets_sqt_uri            OBJ_id_smime_spq,1L
+
+#define SN_id_smime_spq_ets_sqt_unotice         "id-smime-spq-ets-sqt-unotice"
+#define NID_id_smime_spq_ets_sqt_unotice                250
+#define OBJ_id_smime_spq_ets_sqt_unotice                OBJ_id_smime_spq,2L
+
+#define SN_id_smime_cti_ets_proofOfOrigin               "id-smime-cti-ets-proofOfOrigin"
+#define NID_id_smime_cti_ets_proofOfOrigin              251
+#define OBJ_id_smime_cti_ets_proofOfOrigin              OBJ_id_smime_cti,1L
+
+#define SN_id_smime_cti_ets_proofOfReceipt              "id-smime-cti-ets-proofOfReceipt"
+#define NID_id_smime_cti_ets_proofOfReceipt             252
+#define OBJ_id_smime_cti_ets_proofOfReceipt             OBJ_id_smime_cti,2L
+
+#define SN_id_smime_cti_ets_proofOfDelivery             "id-smime-cti-ets-proofOfDelivery"
+#define NID_id_smime_cti_ets_proofOfDelivery            253
+#define OBJ_id_smime_cti_ets_proofOfDelivery            OBJ_id_smime_cti,3L
+
+#define SN_id_smime_cti_ets_proofOfSender               "id-smime-cti-ets-proofOfSender"
+#define NID_id_smime_cti_ets_proofOfSender              254
+#define OBJ_id_smime_cti_ets_proofOfSender              OBJ_id_smime_cti,4L
+
+#define SN_id_smime_cti_ets_proofOfApproval             "id-smime-cti-ets-proofOfApproval"
+#define NID_id_smime_cti_ets_proofOfApproval            255
+#define OBJ_id_smime_cti_ets_proofOfApproval            OBJ_id_smime_cti,5L
+
+#define SN_id_smime_cti_ets_proofOfCreation             "id-smime-cti-ets-proofOfCreation"
+#define NID_id_smime_cti_ets_proofOfCreation            256
+#define OBJ_id_smime_cti_ets_proofOfCreation            OBJ_id_smime_cti,6L
+
+#define LN_friendlyName         "friendlyName"
+#define NID_friendlyName                156
+#define OBJ_friendlyName                OBJ_pkcs9,20L
+
+#define LN_localKeyID           "localKeyID"
+#define NID_localKeyID          157
+#define OBJ_localKeyID          OBJ_pkcs9,21L
+
+#define OBJ_certTypes           OBJ_pkcs9,22L
+
+#define LN_x509Certificate              "x509Certificate"
+#define NID_x509Certificate             158
+#define OBJ_x509Certificate             OBJ_certTypes,1L
+
+#define LN_sdsiCertificate              "sdsiCertificate"
+#define NID_sdsiCertificate             159
+#define OBJ_sdsiCertificate             OBJ_certTypes,2L
+
+#define OBJ_crlTypes            OBJ_pkcs9,23L
+
+#define LN_x509Crl              "x509Crl"
+#define NID_x509Crl             160
+#define OBJ_x509Crl             OBJ_crlTypes,1L
+
+#define OBJ_pkcs12              OBJ_pkcs,12L
+
+#define OBJ_pkcs12_pbeids               OBJ_pkcs12,1L
+
+#define SN_pbe_WithSHA1And128BitRC4             "PBE-SHA1-RC4-128"
+#define LN_pbe_WithSHA1And128BitRC4             "pbeWithSHA1And128BitRC4"
+#define NID_pbe_WithSHA1And128BitRC4            144
+#define OBJ_pbe_WithSHA1And128BitRC4            OBJ_pkcs12_pbeids,1L
+
+#define SN_pbe_WithSHA1And40BitRC4              "PBE-SHA1-RC4-40"
+#define LN_pbe_WithSHA1And40BitRC4              "pbeWithSHA1And40BitRC4"
+#define NID_pbe_WithSHA1And40BitRC4             145
+#define OBJ_pbe_WithSHA1And40BitRC4             OBJ_pkcs12_pbeids,2L
+
+#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC           "PBE-SHA1-3DES"
+#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC           "pbeWithSHA1And3-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC          146
+#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC          OBJ_pkcs12_pbeids,3L
+
+#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC           "PBE-SHA1-2DES"
+#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC           "pbeWithSHA1And2-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC          147
+#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC          OBJ_pkcs12_pbeids,4L
+
+#define SN_pbe_WithSHA1And128BitRC2_CBC         "PBE-SHA1-RC2-128"
+#define LN_pbe_WithSHA1And128BitRC2_CBC         "pbeWithSHA1And128BitRC2-CBC"
+#define NID_pbe_WithSHA1And128BitRC2_CBC                148
+#define OBJ_pbe_WithSHA1And128BitRC2_CBC                OBJ_pkcs12_pbeids,5L
+
+#define SN_pbe_WithSHA1And40BitRC2_CBC          "PBE-SHA1-RC2-40"
+#define LN_pbe_WithSHA1And40BitRC2_CBC          "pbeWithSHA1And40BitRC2-CBC"
+#define NID_pbe_WithSHA1And40BitRC2_CBC         149
+#define OBJ_pbe_WithSHA1And40BitRC2_CBC         OBJ_pkcs12_pbeids,6L
+
+#define OBJ_pkcs12_Version1             OBJ_pkcs12,10L
+
+#define OBJ_pkcs12_BagIds               OBJ_pkcs12_Version1,1L
+
+#define LN_keyBag               "keyBag"
+#define NID_keyBag              150
+#define OBJ_keyBag              OBJ_pkcs12_BagIds,1L
+
+#define LN_pkcs8ShroudedKeyBag          "pkcs8ShroudedKeyBag"
+#define NID_pkcs8ShroudedKeyBag         151
+#define OBJ_pkcs8ShroudedKeyBag         OBJ_pkcs12_BagIds,2L
+
+#define LN_certBag              "certBag"
+#define NID_certBag             152
+#define OBJ_certBag             OBJ_pkcs12_BagIds,3L
+
+#define LN_crlBag               "crlBag"
+#define NID_crlBag              153
+#define OBJ_crlBag              OBJ_pkcs12_BagIds,4L
+
+#define LN_secretBag            "secretBag"
+#define NID_secretBag           154
+#define OBJ_secretBag           OBJ_pkcs12_BagIds,5L
+
+#define LN_safeContentsBag              "safeContentsBag"
+#define NID_safeContentsBag             155
+#define OBJ_safeContentsBag             OBJ_pkcs12_BagIds,6L
+
+#define SN_md2          "MD2"
+#define LN_md2          "md2"
+#define NID_md2         3
+#define OBJ_md2         OBJ_rsadsi,2L,2L
+
+#define SN_md4          "MD4"
+#define LN_md4          "md4"
+#define NID_md4         257
+#define OBJ_md4         OBJ_rsadsi,2L,4L
+
+#define SN_md5          "MD5"
+#define LN_md5          "md5"
+#define NID_md5         4
+#define OBJ_md5         OBJ_rsadsi,2L,5L
+
+#define SN_md5_sha1             "MD5-SHA1"
+#define LN_md5_sha1             "md5-sha1"
+#define NID_md5_sha1            114
+
+#define LN_hmacWithSHA1         "hmacWithSHA1"
+#define NID_hmacWithSHA1                163
+#define OBJ_hmacWithSHA1                OBJ_rsadsi,2L,7L
+
+#define SN_rc2_cbc              "RC2-CBC"
+#define LN_rc2_cbc              "rc2-cbc"
+#define NID_rc2_cbc             37
+#define OBJ_rc2_cbc             OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb              "RC2-ECB"
+#define LN_rc2_ecb              "rc2-ecb"
+#define NID_rc2_ecb             38
+
+#define SN_rc2_cfb64            "RC2-CFB"
+#define LN_rc2_cfb64            "rc2-cfb"
+#define NID_rc2_cfb64           39
+
+#define SN_rc2_ofb64            "RC2-OFB"
+#define LN_rc2_ofb64            "rc2-ofb"
+#define NID_rc2_ofb64           40
+
+#define SN_rc2_40_cbc           "RC2-40-CBC"
+#define LN_rc2_40_cbc           "rc2-40-cbc"
+#define NID_rc2_40_cbc          98
+
+#define SN_rc2_64_cbc           "RC2-64-CBC"
+#define LN_rc2_64_cbc           "rc2-64-cbc"
+#define NID_rc2_64_cbc          166
+
+#define SN_rc4          "RC4"
+#define LN_rc4          "rc4"
+#define NID_rc4         5
+#define OBJ_rc4         OBJ_rsadsi,3L,4L
+
+#define SN_rc4_40               "RC4-40"
+#define LN_rc4_40               "rc4-40"
+#define NID_rc4_40              97
+
+#define SN_des_ede3_cbc         "DES-EDE3-CBC"
+#define LN_des_ede3_cbc         "des-ede3-cbc"
+#define NID_des_ede3_cbc                44
+#define OBJ_des_ede3_cbc                OBJ_rsadsi,3L,7L
+
+#define SN_rc5_cbc              "RC5-CBC"
+#define LN_rc5_cbc              "rc5-cbc"
+#define NID_rc5_cbc             120
+#define OBJ_rc5_cbc             OBJ_rsadsi,3L,8L
+
+#define SN_rc5_ecb              "RC5-ECB"
+#define LN_rc5_ecb              "rc5-ecb"
+#define NID_rc5_ecb             121
+
+#define SN_rc5_cfb64            "RC5-CFB"
+#define LN_rc5_cfb64            "rc5-cfb"
+#define NID_rc5_cfb64           122
+
+#define SN_rc5_ofb64            "RC5-OFB"
+#define LN_rc5_ofb64            "rc5-ofb"
+#define NID_rc5_ofb64           123
+
+#define SN_ms_ext_req           "msExtReq"
+#define LN_ms_ext_req           "Microsoft Extension Request"
+#define NID_ms_ext_req          171
+#define OBJ_ms_ext_req          1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
+
+#define SN_ms_code_ind          "msCodeInd"
+#define LN_ms_code_ind          "Microsoft Individual Code Signing"
+#define NID_ms_code_ind         134
+#define OBJ_ms_code_ind         1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
+
+#define SN_ms_code_com          "msCodeCom"
+#define LN_ms_code_com          "Microsoft Commercial Code Signing"
+#define NID_ms_code_com         135
+#define OBJ_ms_code_com         1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
+
+#define SN_ms_ctl_sign          "msCTLSign"
+#define LN_ms_ctl_sign          "Microsoft Trust List Signing"
+#define NID_ms_ctl_sign         136
+#define OBJ_ms_ctl_sign         1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
+
+#define SN_ms_sgc               "msSGC"
+#define LN_ms_sgc               "Microsoft Server Gated Crypto"
+#define NID_ms_sgc              137
+#define OBJ_ms_sgc              1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
+
+#define SN_ms_efs               "msEFS"
+#define LN_ms_efs               "Microsoft Encrypted File System"
+#define NID_ms_efs              138
+#define OBJ_ms_efs              1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
+
+#define SN_idea_cbc             "IDEA-CBC"
+#define LN_idea_cbc             "idea-cbc"
+#define NID_idea_cbc            34
+#define OBJ_idea_cbc            1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
+
+#define SN_idea_ecb             "IDEA-ECB"
+#define LN_idea_ecb             "idea-ecb"
+#define NID_idea_ecb            36
+
+#define SN_idea_cfb64           "IDEA-CFB"
+#define LN_idea_cfb64           "idea-cfb"
+#define NID_idea_cfb64          35
+
+#define SN_idea_ofb64           "IDEA-OFB"
+#define LN_idea_ofb64           "idea-ofb"
+#define NID_idea_ofb64          46
+
+#define SN_bf_cbc               "BF-CBC"
+#define LN_bf_cbc               "bf-cbc"
+#define NID_bf_cbc              91
+#define OBJ_bf_cbc              1L,3L,6L,1L,4L,1L,3029L,1L,2L
+
+#define SN_bf_ecb               "BF-ECB"
+#define LN_bf_ecb               "bf-ecb"
+#define NID_bf_ecb              92
+
+#define SN_bf_cfb64             "BF-CFB"
+#define LN_bf_cfb64             "bf-cfb"
+#define NID_bf_cfb64            93
+
+#define SN_bf_ofb64             "BF-OFB"
+#define LN_bf_ofb64             "bf-ofb"
+#define NID_bf_ofb64            94
+
+#define SN_id_pkix              "PKIX"
+#define NID_id_pkix             127
+#define OBJ_id_pkix             1L,3L,6L,1L,5L,5L,7L
+
+#define SN_id_pkix_mod          "id-pkix-mod"
+#define NID_id_pkix_mod         258
+#define OBJ_id_pkix_mod         OBJ_id_pkix,0L
+
+#define SN_id_pe                "id-pe"
+#define NID_id_pe               175
+#define OBJ_id_pe               OBJ_id_pkix,1L
+
+#define SN_id_qt                "id-qt"
+#define NID_id_qt               259
+#define OBJ_id_qt               OBJ_id_pkix,2L
+
+#define SN_id_kp                "id-kp"
+#define NID_id_kp               128
+#define OBJ_id_kp               OBJ_id_pkix,3L
+
+#define SN_id_it                "id-it"
+#define NID_id_it               260
+#define OBJ_id_it               OBJ_id_pkix,4L
+
+#define SN_id_pkip              "id-pkip"
+#define NID_id_pkip             261
+#define OBJ_id_pkip             OBJ_id_pkix,5L
+
+#define SN_id_alg               "id-alg"
+#define NID_id_alg              262
+#define OBJ_id_alg              OBJ_id_pkix,6L
+
+#define SN_id_cmc               "id-cmc"
+#define NID_id_cmc              263
+#define OBJ_id_cmc              OBJ_id_pkix,7L
+
+#define SN_id_on                "id-on"
+#define NID_id_on               264
+#define OBJ_id_on               OBJ_id_pkix,8L
+
+#define SN_id_pda               "id-pda"
+#define NID_id_pda              265
+#define OBJ_id_pda              OBJ_id_pkix,9L
+
+#define SN_id_aca               "id-aca"
+#define NID_id_aca              266
+#define OBJ_id_aca              OBJ_id_pkix,10L
+
+#define SN_id_qcs               "id-qcs"
+#define NID_id_qcs              267
+#define OBJ_id_qcs              OBJ_id_pkix,11L
+
+#define SN_id_cct               "id-cct"
+#define NID_id_cct              268
+#define OBJ_id_cct              OBJ_id_pkix,12L
+
+#define SN_id_ad                "id-ad"
+#define NID_id_ad               176
+#define OBJ_id_ad               OBJ_id_pkix,48L
+
+#define SN_id_pkix1_explicit_88         "id-pkix1-explicit-88"
+#define NID_id_pkix1_explicit_88                269
+#define OBJ_id_pkix1_explicit_88                OBJ_id_pkix_mod,1L
+
+#define SN_id_pkix1_implicit_88         "id-pkix1-implicit-88"
+#define NID_id_pkix1_implicit_88                270
+#define OBJ_id_pkix1_implicit_88                OBJ_id_pkix_mod,2L
+
+#define SN_id_pkix1_explicit_93         "id-pkix1-explicit-93"
+#define NID_id_pkix1_explicit_93                271
+#define OBJ_id_pkix1_explicit_93                OBJ_id_pkix_mod,3L
+
+#define SN_id_pkix1_implicit_93         "id-pkix1-implicit-93"
+#define NID_id_pkix1_implicit_93                272
+#define OBJ_id_pkix1_implicit_93                OBJ_id_pkix_mod,4L
+
+#define SN_id_mod_crmf          "id-mod-crmf"
+#define NID_id_mod_crmf         273
+#define OBJ_id_mod_crmf         OBJ_id_pkix_mod,5L
+
+#define SN_id_mod_cmc           "id-mod-cmc"
+#define NID_id_mod_cmc          274
+#define OBJ_id_mod_cmc          OBJ_id_pkix_mod,6L
+
+#define SN_id_mod_kea_profile_88                "id-mod-kea-profile-88"
+#define NID_id_mod_kea_profile_88               275
+#define OBJ_id_mod_kea_profile_88               OBJ_id_pkix_mod,7L
+
+#define SN_id_mod_kea_profile_93                "id-mod-kea-profile-93"
+#define NID_id_mod_kea_profile_93               276
+#define OBJ_id_mod_kea_profile_93               OBJ_id_pkix_mod,8L
+
+#define SN_id_mod_cmp           "id-mod-cmp"
+#define NID_id_mod_cmp          277
+#define OBJ_id_mod_cmp          OBJ_id_pkix_mod,9L
+
+#define SN_id_mod_qualified_cert_88             "id-mod-qualified-cert-88"
+#define NID_id_mod_qualified_cert_88            278
+#define OBJ_id_mod_qualified_cert_88            OBJ_id_pkix_mod,10L
+
+#define SN_id_mod_qualified_cert_93             "id-mod-qualified-cert-93"
+#define NID_id_mod_qualified_cert_93            279
+#define OBJ_id_mod_qualified_cert_93            OBJ_id_pkix_mod,11L
+
+#define SN_id_mod_attribute_cert                "id-mod-attribute-cert"
+#define NID_id_mod_attribute_cert               280
+#define OBJ_id_mod_attribute_cert               OBJ_id_pkix_mod,12L
+
+#define SN_id_mod_timestamp_protocol            "id-mod-timestamp-protocol"
+#define NID_id_mod_timestamp_protocol           281
+#define OBJ_id_mod_timestamp_protocol           OBJ_id_pkix_mod,13L
+
+#define SN_id_mod_ocsp          "id-mod-ocsp"
+#define NID_id_mod_ocsp         282
+#define OBJ_id_mod_ocsp         OBJ_id_pkix_mod,14L
+
+#define SN_id_mod_dvcs          "id-mod-dvcs"
+#define NID_id_mod_dvcs         283
+#define OBJ_id_mod_dvcs         OBJ_id_pkix_mod,15L
+
+#define SN_id_mod_cmp2000               "id-mod-cmp2000"
+#define NID_id_mod_cmp2000              284
+#define OBJ_id_mod_cmp2000              OBJ_id_pkix_mod,16L
+
+#define SN_info_access          "authorityInfoAccess"
+#define LN_info_access          "Authority Information Access"
+#define NID_info_access         177
+#define OBJ_info_access         OBJ_id_pe,1L
+
+#define SN_biometricInfo                "biometricInfo"
+#define LN_biometricInfo                "Biometric Info"
+#define NID_biometricInfo               285
+#define OBJ_biometricInfo               OBJ_id_pe,2L
+
+#define SN_qcStatements         "qcStatements"
+#define NID_qcStatements                286
+#define OBJ_qcStatements                OBJ_id_pe,3L
+
+#define SN_ac_auditEntity               "ac-auditEntity"
+#define NID_ac_auditEntity              287
+#define OBJ_ac_auditEntity              OBJ_id_pe,4L
+
+#define SN_ac_targeting         "ac-targeting"
+#define NID_ac_targeting                288
+#define OBJ_ac_targeting                OBJ_id_pe,5L
+
+#define SN_aaControls           "aaControls"
+#define NID_aaControls          289
+#define OBJ_aaControls          OBJ_id_pe,6L
+
+#define SN_sbqp_ipAddrBlock             "sbqp-ipAddrBlock"
+#define NID_sbqp_ipAddrBlock            290
+#define OBJ_sbqp_ipAddrBlock            OBJ_id_pe,7L
+
+#define SN_sbqp_autonomousSysNum                "sbqp-autonomousSysNum"
+#define NID_sbqp_autonomousSysNum               291
+#define OBJ_sbqp_autonomousSysNum               OBJ_id_pe,8L
+
+#define SN_sbqp_routerIdentifier                "sbqp-routerIdentifier"
+#define NID_sbqp_routerIdentifier               292
+#define OBJ_sbqp_routerIdentifier               OBJ_id_pe,9L
+
+#define SN_id_qt_cps            "id-qt-cps"
+#define LN_id_qt_cps            "Policy Qualifier CPS"
+#define NID_id_qt_cps           164
+#define OBJ_id_qt_cps           OBJ_id_qt,1L
+
+#define SN_id_qt_unotice                "id-qt-unotice"
+#define LN_id_qt_unotice                "Policy Qualifier User Notice"
+#define NID_id_qt_unotice               165
+#define OBJ_id_qt_unotice               OBJ_id_qt,2L
+
+#define SN_textNotice           "textNotice"
+#define NID_textNotice          293
+#define OBJ_textNotice          OBJ_id_qt,3L
+
+#define SN_server_auth          "serverAuth"
+#define LN_server_auth          "TLS Web Server Authentication"
+#define NID_server_auth         129
+#define OBJ_server_auth         OBJ_id_kp,1L
+
+#define SN_client_auth          "clientAuth"
+#define LN_client_auth          "TLS Web Client Authentication"
+#define NID_client_auth         130
+#define OBJ_client_auth         OBJ_id_kp,2L
+
+#define SN_code_sign            "codeSigning"
+#define LN_code_sign            "Code Signing"
+#define NID_code_sign           131
+#define OBJ_code_sign           OBJ_id_kp,3L
+
+#define SN_email_protect                "emailProtection"
+#define LN_email_protect                "E-mail Protection"
+#define NID_email_protect               132
+#define OBJ_email_protect               OBJ_id_kp,4L
+
+#define SN_ipsecEndSystem               "ipsecEndSystem"
+#define LN_ipsecEndSystem               "IPSec End System"
+#define NID_ipsecEndSystem              294
+#define OBJ_ipsecEndSystem              OBJ_id_kp,5L
+
+#define SN_ipsecTunnel          "ipsecTunnel"
+#define LN_ipsecTunnel          "IPSec Tunnel"
+#define NID_ipsecTunnel         295
+#define OBJ_ipsecTunnel         OBJ_id_kp,6L
+
+#define SN_ipsecUser            "ipsecUser"
+#define LN_ipsecUser            "IPSec User"
+#define NID_ipsecUser           296
+#define OBJ_ipsecUser           OBJ_id_kp,7L
+
+#define SN_time_stamp           "timeStamping"
+#define LN_time_stamp           "Time Stamping"
+#define NID_time_stamp          133
+#define OBJ_time_stamp          OBJ_id_kp,8L
+
+#define SN_OCSP_sign            "OCSPSigning"
+#define LN_OCSP_sign            "OCSP Signing"
+#define NID_OCSP_sign           180
+#define OBJ_OCSP_sign           OBJ_id_kp,9L
+
+#define SN_dvcs         "DVCS"
+#define LN_dvcs         "dvcs"
+#define NID_dvcs                297
+#define OBJ_dvcs                OBJ_id_kp,10L
+
+#define SN_id_it_caProtEncCert          "id-it-caProtEncCert"
+#define NID_id_it_caProtEncCert         298
+#define OBJ_id_it_caProtEncCert         OBJ_id_it,1L
+
+#define SN_id_it_signKeyPairTypes               "id-it-signKeyPairTypes"
+#define NID_id_it_signKeyPairTypes              299
+#define OBJ_id_it_signKeyPairTypes              OBJ_id_it,2L
+
+#define SN_id_it_encKeyPairTypes                "id-it-encKeyPairTypes"
+#define NID_id_it_encKeyPairTypes               300
+#define OBJ_id_it_encKeyPairTypes               OBJ_id_it,3L
+
+#define SN_id_it_preferredSymmAlg               "id-it-preferredSymmAlg"
+#define NID_id_it_preferredSymmAlg              301
+#define OBJ_id_it_preferredSymmAlg              OBJ_id_it,4L
+
+#define SN_id_it_caKeyUpdateInfo                "id-it-caKeyUpdateInfo"
+#define NID_id_it_caKeyUpdateInfo               302
+#define OBJ_id_it_caKeyUpdateInfo               OBJ_id_it,5L
+
+#define SN_id_it_currentCRL             "id-it-currentCRL"
+#define NID_id_it_currentCRL            303
+#define OBJ_id_it_currentCRL            OBJ_id_it,6L
+
+#define SN_id_it_unsupportedOIDs                "id-it-unsupportedOIDs"
+#define NID_id_it_unsupportedOIDs               304
+#define OBJ_id_it_unsupportedOIDs               OBJ_id_it,7L
+
+#define SN_id_it_subscriptionRequest            "id-it-subscriptionRequest"
+#define NID_id_it_subscriptionRequest           305
+#define OBJ_id_it_subscriptionRequest           OBJ_id_it,8L
+
+#define SN_id_it_subscriptionResponse           "id-it-subscriptionResponse"
+#define NID_id_it_subscriptionResponse          306
+#define OBJ_id_it_subscriptionResponse          OBJ_id_it,9L
+
+#define SN_id_it_keyPairParamReq                "id-it-keyPairParamReq"
+#define NID_id_it_keyPairParamReq               307
+#define OBJ_id_it_keyPairParamReq               OBJ_id_it,10L
+
+#define SN_id_it_keyPairParamRep                "id-it-keyPairParamRep"
+#define NID_id_it_keyPairParamRep               308
+#define OBJ_id_it_keyPairParamRep               OBJ_id_it,11L
+
+#define SN_id_it_revPassphrase          "id-it-revPassphrase"
+#define NID_id_it_revPassphrase         309
+#define OBJ_id_it_revPassphrase         OBJ_id_it,12L
+
+#define SN_id_it_implicitConfirm                "id-it-implicitConfirm"
+#define NID_id_it_implicitConfirm               310
+#define OBJ_id_it_implicitConfirm               OBJ_id_it,13L
+
+#define SN_id_it_confirmWaitTime                "id-it-confirmWaitTime"
+#define NID_id_it_confirmWaitTime               311
+#define OBJ_id_it_confirmWaitTime               OBJ_id_it,14L
+
+#define SN_id_it_origPKIMessage         "id-it-origPKIMessage"
+#define NID_id_it_origPKIMessage                312
+#define OBJ_id_it_origPKIMessage                OBJ_id_it,15L
+
+#define SN_id_regCtrl           "id-regCtrl"
+#define NID_id_regCtrl          313
+#define OBJ_id_regCtrl          OBJ_id_pkip,1L
+
+#define SN_id_regInfo           "id-regInfo"
+#define NID_id_regInfo          314
+#define OBJ_id_regInfo          OBJ_id_pkip,2L
+
+#define SN_id_regCtrl_regToken          "id-regCtrl-regToken"
+#define NID_id_regCtrl_regToken         315
+#define OBJ_id_regCtrl_regToken         OBJ_id_regCtrl,1L
+
+#define SN_id_regCtrl_authenticator             "id-regCtrl-authenticator"
+#define NID_id_regCtrl_authenticator            316
+#define OBJ_id_regCtrl_authenticator            OBJ_id_regCtrl,2L
+
+#define SN_id_regCtrl_pkiPublicationInfo                "id-regCtrl-pkiPublicationInfo"
+#define NID_id_regCtrl_pkiPublicationInfo               317
+#define OBJ_id_regCtrl_pkiPublicationInfo               OBJ_id_regCtrl,3L
+
+#define SN_id_regCtrl_pkiArchiveOptions         "id-regCtrl-pkiArchiveOptions"
+#define NID_id_regCtrl_pkiArchiveOptions                318
+#define OBJ_id_regCtrl_pkiArchiveOptions                OBJ_id_regCtrl,4L
+
+#define SN_id_regCtrl_oldCertID         "id-regCtrl-oldCertID"
+#define NID_id_regCtrl_oldCertID                319
+#define OBJ_id_regCtrl_oldCertID                OBJ_id_regCtrl,5L
+
+#define SN_id_regCtrl_protocolEncrKey           "id-regCtrl-protocolEncrKey"
+#define NID_id_regCtrl_protocolEncrKey          320
+#define OBJ_id_regCtrl_protocolEncrKey          OBJ_id_regCtrl,6L
+
+#define SN_id_regInfo_utf8Pairs         "id-regInfo-utf8Pairs"
+#define NID_id_regInfo_utf8Pairs                321
+#define OBJ_id_regInfo_utf8Pairs                OBJ_id_regInfo,1L
+
+#define SN_id_regInfo_certReq           "id-regInfo-certReq"
+#define NID_id_regInfo_certReq          322
+#define OBJ_id_regInfo_certReq          OBJ_id_regInfo,2L
+
+#define SN_id_alg_des40         "id-alg-des40"
+#define NID_id_alg_des40                323
+#define OBJ_id_alg_des40                OBJ_id_alg,1L
+
+#define SN_id_alg_noSignature           "id-alg-noSignature"
+#define NID_id_alg_noSignature          324
+#define OBJ_id_alg_noSignature          OBJ_id_alg,2L
+
+#define SN_id_alg_dh_sig_hmac_sha1              "id-alg-dh-sig-hmac-sha1"
+#define NID_id_alg_dh_sig_hmac_sha1             325
+#define OBJ_id_alg_dh_sig_hmac_sha1             OBJ_id_alg,3L
+
+#define SN_id_alg_dh_pop                "id-alg-dh-pop"
+#define NID_id_alg_dh_pop               326
+#define OBJ_id_alg_dh_pop               OBJ_id_alg,4L
+
+#define SN_id_cmc_statusInfo            "id-cmc-statusInfo"
+#define NID_id_cmc_statusInfo           327
+#define OBJ_id_cmc_statusInfo           OBJ_id_cmc,1L
+
+#define SN_id_cmc_identification                "id-cmc-identification"
+#define NID_id_cmc_identification               328
+#define OBJ_id_cmc_identification               OBJ_id_cmc,2L
+
+#define SN_id_cmc_identityProof         "id-cmc-identityProof"
+#define NID_id_cmc_identityProof                329
+#define OBJ_id_cmc_identityProof                OBJ_id_cmc,3L
+
+#define SN_id_cmc_dataReturn            "id-cmc-dataReturn"
+#define NID_id_cmc_dataReturn           330
+#define OBJ_id_cmc_dataReturn           OBJ_id_cmc,4L
+
+#define SN_id_cmc_transactionId         "id-cmc-transactionId"
+#define NID_id_cmc_transactionId                331
+#define OBJ_id_cmc_transactionId                OBJ_id_cmc,5L
+
+#define SN_id_cmc_senderNonce           "id-cmc-senderNonce"
+#define NID_id_cmc_senderNonce          332
+#define OBJ_id_cmc_senderNonce          OBJ_id_cmc,6L
+
+#define SN_id_cmc_recipientNonce                "id-cmc-recipientNonce"
+#define NID_id_cmc_recipientNonce               333
+#define OBJ_id_cmc_recipientNonce               OBJ_id_cmc,7L
+
+#define SN_id_cmc_addExtensions         "id-cmc-addExtensions"
+#define NID_id_cmc_addExtensions                334
+#define OBJ_id_cmc_addExtensions                OBJ_id_cmc,8L
+
+#define SN_id_cmc_encryptedPOP          "id-cmc-encryptedPOP"
+#define NID_id_cmc_encryptedPOP         335
+#define OBJ_id_cmc_encryptedPOP         OBJ_id_cmc,9L
+
+#define SN_id_cmc_decryptedPOP          "id-cmc-decryptedPOP"
+#define NID_id_cmc_decryptedPOP         336
+#define OBJ_id_cmc_decryptedPOP         OBJ_id_cmc,10L
+
+#define SN_id_cmc_lraPOPWitness         "id-cmc-lraPOPWitness"
+#define NID_id_cmc_lraPOPWitness                337
+#define OBJ_id_cmc_lraPOPWitness                OBJ_id_cmc,11L
+
+#define SN_id_cmc_getCert               "id-cmc-getCert"
+#define NID_id_cmc_getCert              338
+#define OBJ_id_cmc_getCert              OBJ_id_cmc,15L
+
+#define SN_id_cmc_getCRL                "id-cmc-getCRL"
+#define NID_id_cmc_getCRL               339
+#define OBJ_id_cmc_getCRL               OBJ_id_cmc,16L
+
+#define SN_id_cmc_revokeRequest         "id-cmc-revokeRequest"
+#define NID_id_cmc_revokeRequest                340
+#define OBJ_id_cmc_revokeRequest                OBJ_id_cmc,17L
+
+#define SN_id_cmc_regInfo               "id-cmc-regInfo"
+#define NID_id_cmc_regInfo              341
+#define OBJ_id_cmc_regInfo              OBJ_id_cmc,18L
+
+#define SN_id_cmc_responseInfo          "id-cmc-responseInfo"
+#define NID_id_cmc_responseInfo         342
+#define OBJ_id_cmc_responseInfo         OBJ_id_cmc,19L
+
+#define SN_id_cmc_queryPending          "id-cmc-queryPending"
+#define NID_id_cmc_queryPending         343
+#define OBJ_id_cmc_queryPending         OBJ_id_cmc,21L
+
+#define SN_id_cmc_popLinkRandom         "id-cmc-popLinkRandom"
+#define NID_id_cmc_popLinkRandom                344
+#define OBJ_id_cmc_popLinkRandom                OBJ_id_cmc,22L
+
+#define SN_id_cmc_popLinkWitness                "id-cmc-popLinkWitness"
+#define NID_id_cmc_popLinkWitness               345
+#define OBJ_id_cmc_popLinkWitness               OBJ_id_cmc,23L
+
+#define SN_id_cmc_confirmCertAcceptance         "id-cmc-confirmCertAcceptance"
+#define NID_id_cmc_confirmCertAcceptance                346
+#define OBJ_id_cmc_confirmCertAcceptance                OBJ_id_cmc,24L
+
+#define SN_id_on_personalData           "id-on-personalData"
+#define NID_id_on_personalData          347
+#define OBJ_id_on_personalData          OBJ_id_on,1L
+
+#define SN_id_pda_dateOfBirth           "id-pda-dateOfBirth"
+#define NID_id_pda_dateOfBirth          348
+#define OBJ_id_pda_dateOfBirth          OBJ_id_pda,1L
+
+#define SN_id_pda_placeOfBirth          "id-pda-placeOfBirth"
+#define NID_id_pda_placeOfBirth         349
+#define OBJ_id_pda_placeOfBirth         OBJ_id_pda,2L
+
+#define SN_id_pda_pseudonym             "id-pda-pseudonym"
+#define NID_id_pda_pseudonym            350
+#define OBJ_id_pda_pseudonym            OBJ_id_pda,3L
+
+#define SN_id_pda_gender                "id-pda-gender"
+#define NID_id_pda_gender               351
+#define OBJ_id_pda_gender               OBJ_id_pda,4L
+
+#define SN_id_pda_countryOfCitizenship          "id-pda-countryOfCitizenship"
+#define NID_id_pda_countryOfCitizenship         352
+#define OBJ_id_pda_countryOfCitizenship         OBJ_id_pda,5L
+
+#define SN_id_pda_countryOfResidence            "id-pda-countryOfResidence"
+#define NID_id_pda_countryOfResidence           353
+#define OBJ_id_pda_countryOfResidence           OBJ_id_pda,6L
+
+#define SN_id_aca_authenticationInfo            "id-aca-authenticationInfo"
+#define NID_id_aca_authenticationInfo           354
+#define OBJ_id_aca_authenticationInfo           OBJ_id_aca,1L
+
+#define SN_id_aca_accessIdentity                "id-aca-accessIdentity"
+#define NID_id_aca_accessIdentity               355
+#define OBJ_id_aca_accessIdentity               OBJ_id_aca,2L
+
+#define SN_id_aca_chargingIdentity              "id-aca-chargingIdentity"
+#define NID_id_aca_chargingIdentity             356
+#define OBJ_id_aca_chargingIdentity             OBJ_id_aca,3L
+
+#define SN_id_aca_group         "id-aca-group"
+#define NID_id_aca_group                357
+#define OBJ_id_aca_group                OBJ_id_aca,4L
+
+#define SN_id_aca_role          "id-aca-role"
+#define NID_id_aca_role         358
+#define OBJ_id_aca_role         OBJ_id_aca,5L
+
+#define SN_id_qcs_pkixQCSyntax_v1               "id-qcs-pkixQCSyntax-v1"
+#define NID_id_qcs_pkixQCSyntax_v1              359
+#define OBJ_id_qcs_pkixQCSyntax_v1              OBJ_id_qcs,1L
+
+#define SN_id_cct_crs           "id-cct-crs"
+#define NID_id_cct_crs          360
+#define OBJ_id_cct_crs          OBJ_id_cct,1L
+
+#define SN_id_cct_PKIData               "id-cct-PKIData"
+#define NID_id_cct_PKIData              361
+#define OBJ_id_cct_PKIData              OBJ_id_cct,2L
+
+#define SN_id_cct_PKIResponse           "id-cct-PKIResponse"
+#define NID_id_cct_PKIResponse          362
+#define OBJ_id_cct_PKIResponse          OBJ_id_cct,3L
+
+#define SN_ad_OCSP              "OCSP"
+#define LN_ad_OCSP              "OCSP"
+#define NID_ad_OCSP             178
+#define OBJ_ad_OCSP             OBJ_id_ad,1L
+
+#define SN_ad_ca_issuers                "caIssuers"
+#define LN_ad_ca_issuers                "CA Issuers"
+#define NID_ad_ca_issuers               179
+#define OBJ_ad_ca_issuers               OBJ_id_ad,2L
+
+#define SN_ad_timeStamping              "ad_timestamping"
+#define LN_ad_timeStamping              "AD Time Stamping"
+#define NID_ad_timeStamping             363
+#define OBJ_ad_timeStamping             OBJ_id_ad,3L
+
+#define SN_ad_dvcs              "AD_DVCS"
+#define LN_ad_dvcs              "ad dvcs"
+#define NID_ad_dvcs             364
+#define OBJ_ad_dvcs             OBJ_id_ad,4L
+
+#define OBJ_id_pkix_OCSP                OBJ_ad_OCSP
+
+#define SN_id_pkix_OCSP_basic           "basicOCSPResponse"
+#define LN_id_pkix_OCSP_basic           "Basic OCSP Response"
+#define NID_id_pkix_OCSP_basic          365
+#define OBJ_id_pkix_OCSP_basic          OBJ_id_pkix_OCSP,1L
+
+#define SN_id_pkix_OCSP_Nonce           "Nonce"
+#define LN_id_pkix_OCSP_Nonce           "OCSP Nonce"
+#define NID_id_pkix_OCSP_Nonce          366
+#define OBJ_id_pkix_OCSP_Nonce          OBJ_id_pkix_OCSP,2L
+
+#define SN_id_pkix_OCSP_CrlID           "CrlID"
+#define LN_id_pkix_OCSP_CrlID           "OCSP CRL ID"
+#define NID_id_pkix_OCSP_CrlID          367
+#define OBJ_id_pkix_OCSP_CrlID          OBJ_id_pkix_OCSP,3L
+
+#define SN_id_pkix_OCSP_acceptableResponses             "acceptableResponses"
+#define LN_id_pkix_OCSP_acceptableResponses             "Acceptable OCSP Responses"
+#define NID_id_pkix_OCSP_acceptableResponses            368
+#define OBJ_id_pkix_OCSP_acceptableResponses            OBJ_id_pkix_OCSP,4L
+
+#define SN_id_pkix_OCSP_noCheck         "noCheck"
+#define NID_id_pkix_OCSP_noCheck                369
+#define OBJ_id_pkix_OCSP_noCheck                OBJ_id_pkix_OCSP,5L
+
+#define SN_id_pkix_OCSP_archiveCutoff           "archiveCutoff"
+#define LN_id_pkix_OCSP_archiveCutoff           "OCSP Archive Cutoff"
+#define NID_id_pkix_OCSP_archiveCutoff          370
+#define OBJ_id_pkix_OCSP_archiveCutoff          OBJ_id_pkix_OCSP,6L
+
+#define SN_id_pkix_OCSP_serviceLocator          "serviceLocator"
+#define LN_id_pkix_OCSP_serviceLocator          "OCSP Service Locator"
+#define NID_id_pkix_OCSP_serviceLocator         371
+#define OBJ_id_pkix_OCSP_serviceLocator         OBJ_id_pkix_OCSP,7L
+
+#define SN_id_pkix_OCSP_extendedStatus          "extendedStatus"
+#define LN_id_pkix_OCSP_extendedStatus          "Extended OCSP Status"
+#define NID_id_pkix_OCSP_extendedStatus         372
+#define OBJ_id_pkix_OCSP_extendedStatus         OBJ_id_pkix_OCSP,8L
+
+#define SN_id_pkix_OCSP_valid           "valid"
+#define NID_id_pkix_OCSP_valid          373
+#define OBJ_id_pkix_OCSP_valid          OBJ_id_pkix_OCSP,9L
+
+#define SN_id_pkix_OCSP_path            "path"
+#define NID_id_pkix_OCSP_path           374
+#define OBJ_id_pkix_OCSP_path           OBJ_id_pkix_OCSP,10L
+
+#define SN_id_pkix_OCSP_trustRoot               "trustRoot"
+#define LN_id_pkix_OCSP_trustRoot               "Trust Root"
+#define NID_id_pkix_OCSP_trustRoot              375
+#define OBJ_id_pkix_OCSP_trustRoot              OBJ_id_pkix_OCSP,11L
+
+#define SN_algorithm            "algorithm"
+#define LN_algorithm            "algorithm"
+#define NID_algorithm           376
+#define OBJ_algorithm           1L,3L,14L,3L,2L
+
+#define SN_md5WithRSA           "RSA-NP-MD5"
+#define LN_md5WithRSA           "md5WithRSA"
+#define NID_md5WithRSA          104
+#define OBJ_md5WithRSA          OBJ_algorithm,3L
+
+#define SN_des_ecb              "DES-ECB"
+#define LN_des_ecb              "des-ecb"
+#define NID_des_ecb             29
+#define OBJ_des_ecb             OBJ_algorithm,6L
+
+#define SN_des_cbc              "DES-CBC"
+#define LN_des_cbc              "des-cbc"
+#define NID_des_cbc             31
+#define OBJ_des_cbc             OBJ_algorithm,7L
+
+#define SN_des_ofb64            "DES-OFB"
+#define LN_des_ofb64            "des-ofb"
+#define NID_des_ofb64           45
+#define OBJ_des_ofb64           OBJ_algorithm,8L
+
+#define SN_des_cfb64            "DES-CFB"
+#define LN_des_cfb64            "des-cfb"
+#define NID_des_cfb64           30
+#define OBJ_des_cfb64           OBJ_algorithm,9L
+
+#define SN_rsaSignature         "rsaSignature"
+#define NID_rsaSignature                377
+#define OBJ_rsaSignature                OBJ_algorithm,11L
+
+#define SN_dsa_2                "DSA-old"
+#define LN_dsa_2                "dsaEncryption-old"
+#define NID_dsa_2               67
+#define OBJ_dsa_2               OBJ_algorithm,12L
+
+#define SN_dsaWithSHA           "DSA-SHA"
+#define LN_dsaWithSHA           "dsaWithSHA"
+#define NID_dsaWithSHA          66
+#define OBJ_dsaWithSHA          OBJ_algorithm,13L
+
+#define SN_shaWithRSAEncryption         "RSA-SHA"
+#define LN_shaWithRSAEncryption         "shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption                42
+#define OBJ_shaWithRSAEncryption                OBJ_algorithm,15L
+
+#define SN_des_ede              "DES-EDE"
+#define LN_des_ede              "des-ede"
+#define NID_des_ede             32
+#define OBJ_des_ede             OBJ_algorithm,17L
+
+#define SN_des_ede3             "DES-EDE3"
+#define LN_des_ede3             "des-ede3"
+#define NID_des_ede3            33
+
+#define SN_des_ede_cbc          "DES-EDE-CBC"
+#define LN_des_ede_cbc          "des-ede-cbc"
+#define NID_des_ede_cbc         43
+
+#define SN_des_ede_cfb64                "DES-EDE-CFB"
+#define LN_des_ede_cfb64                "des-ede-cfb"
+#define NID_des_ede_cfb64               60
+
+#define SN_des_ede3_cfb64               "DES-EDE3-CFB"
+#define LN_des_ede3_cfb64               "des-ede3-cfb"
+#define NID_des_ede3_cfb64              61
+
+#define SN_des_ede_ofb64                "DES-EDE-OFB"
+#define LN_des_ede_ofb64                "des-ede-ofb"
+#define NID_des_ede_ofb64               62
+
+#define SN_des_ede3_ofb64               "DES-EDE3-OFB"
+#define LN_des_ede3_ofb64               "des-ede3-ofb"
+#define NID_des_ede3_ofb64              63
+
+#define SN_desx_cbc             "DESX-CBC"
+#define LN_desx_cbc             "desx-cbc"
+#define NID_desx_cbc            80
+
+#define SN_sha          "SHA"
+#define LN_sha          "sha"
+#define NID_sha         41
+#define OBJ_sha         OBJ_algorithm,18L
+
+#define SN_sha1         "SHA1"
+#define LN_sha1         "sha1"
+#define NID_sha1                64
+#define OBJ_sha1                OBJ_algorithm,26L
+
+#define SN_dsaWithSHA1_2                "DSA-SHA1-old"
+#define LN_dsaWithSHA1_2                "dsaWithSHA1-old"
+#define NID_dsaWithSHA1_2               70
+#define OBJ_dsaWithSHA1_2               OBJ_algorithm,27L
+
+#define SN_sha1WithRSA          "RSA-SHA1-2"
+#define LN_sha1WithRSA          "sha1WithRSA"
+#define NID_sha1WithRSA         115
+#define OBJ_sha1WithRSA         OBJ_algorithm,29L
+
+#define SN_ripemd160            "RIPEMD160"
+#define LN_ripemd160            "ripemd160"
+#define NID_ripemd160           117
+#define OBJ_ripemd160           1L,3L,36L,3L,2L,1L
+
+#define SN_ripemd160WithRSA             "RSA-RIPEMD160"
+#define LN_ripemd160WithRSA             "ripemd160WithRSA"
+#define NID_ripemd160WithRSA            119
+#define OBJ_ripemd160WithRSA            1L,3L,36L,3L,3L,1L,2L
+
+#define SN_sxnet                "SXNetID"
+#define LN_sxnet                "Strong Extranet ID"
+#define NID_sxnet               143
+#define OBJ_sxnet               1L,3L,101L,1L,4L,1L
+
+#define SN_X500         "X500"
+#define LN_X500         "directory services (X.500)"
+#define NID_X500                11
+#define OBJ_X500                2L,5L
+
+#define SN_X509         "X509"
+#define NID_X509                12
+#define OBJ_X509                OBJ_X500,4L
+
+#define SN_commonName           "CN"
+#define LN_commonName           "commonName"
+#define NID_commonName          13
+#define OBJ_commonName          OBJ_X509,3L
+
+#define SN_surname              "S"
+#define LN_surname              "surname"
+#define NID_surname             100
+#define OBJ_surname             OBJ_X509,4L
+
+#define SN_serialNumber         "SN"
+#define LN_serialNumber         "serialNumber"
+#define NID_serialNumber                105
+#define OBJ_serialNumber                OBJ_X509,5L
+
+#define SN_countryName          "C"
+#define LN_countryName          "countryName"
+#define NID_countryName         14
+#define OBJ_countryName         OBJ_X509,6L
+
+#define SN_localityName         "L"
+#define LN_localityName         "localityName"
+#define NID_localityName                15
+#define OBJ_localityName                OBJ_X509,7L
+
+#define SN_stateOrProvinceName          "ST"
+#define LN_stateOrProvinceName          "stateOrProvinceName"
+#define NID_stateOrProvinceName         16
+#define OBJ_stateOrProvinceName         OBJ_X509,8L
+
+#define SN_organizationName             "O"
+#define LN_organizationName             "organizationName"
+#define NID_organizationName            17
+#define OBJ_organizationName            OBJ_X509,10L
+
+#define SN_organizationalUnitName               "OU"
+#define LN_organizationalUnitName               "organizationalUnitName"
+#define NID_organizationalUnitName              18
+#define OBJ_organizationalUnitName              OBJ_X509,11L
+
+#define SN_title                "T"
+#define LN_title                "title"
+#define NID_title               106
+#define OBJ_title               OBJ_X509,12L
+
+#define SN_description          "D"
+#define LN_description          "description"
+#define NID_description         107
+#define OBJ_description         OBJ_X509,13L
+
+#define SN_name         "name"
+#define LN_name         "name"
+#define NID_name                173
+#define OBJ_name                OBJ_X509,41L
+
+#define SN_givenName            "G"
+#define LN_givenName            "givenName"
+#define NID_givenName           99
+#define OBJ_givenName           OBJ_X509,42L
+
+#define SN_initials             "I"
+#define LN_initials             "initials"
+#define NID_initials            101
+#define OBJ_initials            OBJ_X509,43L
+
+#define SN_uniqueIdentifier             "UID"
+#define LN_uniqueIdentifier             "uniqueIdentifier"
+#define NID_uniqueIdentifier            102
+#define OBJ_uniqueIdentifier            OBJ_X509,45L
+
+#define SN_dnQualifier          "dnQualifier"
+#define LN_dnQualifier          "dnQualifier"
+#define NID_dnQualifier         174
+#define OBJ_dnQualifier         OBJ_X509,46L
+
+#define SN_X500algorithms               "X500algorithms"
+#define LN_X500algorithms               "directory services - algorithms"
+#define NID_X500algorithms              378
+#define OBJ_X500algorithms              OBJ_X500,8L
+
+#define SN_rsa          "RSA"
+#define LN_rsa          "rsa"
+#define NID_rsa         19
+#define OBJ_rsa         OBJ_X500algorithms,1L,1L
+
+#define SN_mdc2WithRSA          "RSA-MDC2"
+#define LN_mdc2WithRSA          "mdc2WithRSA"
+#define NID_mdc2WithRSA         96
+#define OBJ_mdc2WithRSA         OBJ_X500algorithms,3L,100L
+
+#define SN_mdc2         "MDC2"
+#define LN_mdc2         "mdc2"
+#define NID_mdc2                95
+#define OBJ_mdc2                OBJ_X500algorithms,3L,101L
+
+#define SN_id_ce                "id-ce"
+#define NID_id_ce               81
+#define OBJ_id_ce               OBJ_X500,29L
+
+#define SN_subject_key_identifier               "subjectKeyIdentifier"
+#define LN_subject_key_identifier               "X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier              82
+#define OBJ_subject_key_identifier              OBJ_id_ce,14L
+
+#define SN_key_usage            "keyUsage"
+#define LN_key_usage            "X509v3 Key Usage"
+#define NID_key_usage           83
+#define OBJ_key_usage           OBJ_id_ce,15L
+
+#define SN_private_key_usage_period             "privateKeyUsagePeriod"
+#define LN_private_key_usage_period             "X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period            84
+#define OBJ_private_key_usage_period            OBJ_id_ce,16L
+
+#define SN_subject_alt_name             "subjectAltName"
+#define LN_subject_alt_name             "X509v3 Subject Alternative Name"
+#define NID_subject_alt_name            85
+#define OBJ_subject_alt_name            OBJ_id_ce,17L
+
+#define SN_issuer_alt_name              "issuerAltName"
+#define LN_issuer_alt_name              "X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name             86
+#define OBJ_issuer_alt_name             OBJ_id_ce,18L
+
+#define SN_basic_constraints            "basicConstraints"
+#define LN_basic_constraints            "X509v3 Basic Constraints"
+#define NID_basic_constraints           87
+#define OBJ_basic_constraints           OBJ_id_ce,19L
+
+#define SN_crl_number           "crlNumber"
+#define LN_crl_number           "X509v3 CRL Number"
+#define NID_crl_number          88
+#define OBJ_crl_number          OBJ_id_ce,20L
+
+#define SN_crl_reason           "CRLReason"
+#define LN_crl_reason           "X509v3 CRL Reason Code"
+#define NID_crl_reason          141
+#define OBJ_crl_reason          OBJ_id_ce,21L
+
+#define SN_invalidity_date              "invalidityDate"
+#define LN_invalidity_date              "Invalidity Date"
+#define NID_invalidity_date             142
+#define OBJ_invalidity_date             OBJ_id_ce,24L
+
+#define SN_delta_crl            "deltaCRL"
+#define LN_delta_crl            "X509v3 Delta CRL Indicator"
+#define NID_delta_crl           140
+#define OBJ_delta_crl           OBJ_id_ce,27L
+
+#define SN_crl_distribution_points              "crlDistributionPoints"
+#define LN_crl_distribution_points              "X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points             103
+#define OBJ_crl_distribution_points             OBJ_id_ce,31L
+
+#define SN_certificate_policies         "certificatePolicies"
+#define LN_certificate_policies         "X509v3 Certificate Policies"
+#define NID_certificate_policies                89
+#define OBJ_certificate_policies                OBJ_id_ce,32L
+
+#define SN_authority_key_identifier             "authorityKeyIdentifier"
+#define LN_authority_key_identifier             "X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier            90
+#define OBJ_authority_key_identifier            OBJ_id_ce,35L
+
+#define SN_ext_key_usage                "extendedKeyUsage"
+#define LN_ext_key_usage                "X509v3 Extended Key Usage"
+#define NID_ext_key_usage               126
+#define OBJ_ext_key_usage               OBJ_id_ce,37L
+
+#define SN_netscape             "Netscape"
+#define LN_netscape             "Netscape Communications Corp."
+#define NID_netscape            57
+#define OBJ_netscape            2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension              "nsCertExt"
+#define LN_netscape_cert_extension              "Netscape Certificate Extension"
+#define NID_netscape_cert_extension             58
+#define OBJ_netscape_cert_extension             OBJ_netscape,1L
+
+#define SN_netscape_data_type           "nsDataType"
+#define LN_netscape_data_type           "Netscape Data Type"
+#define NID_netscape_data_type          59
+#define OBJ_netscape_data_type          OBJ_netscape,2L
+
+#define SN_netscape_cert_type           "nsCertType"
+#define LN_netscape_cert_type           "Netscape Cert Type"
+#define NID_netscape_cert_type          71
+#define OBJ_netscape_cert_type          OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url            "nsBaseUrl"
+#define LN_netscape_base_url            "Netscape Base Url"
+#define NID_netscape_base_url           72
+#define OBJ_netscape_base_url           OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url              "nsRevocationUrl"
+#define LN_netscape_revocation_url              "Netscape Revocation Url"
+#define NID_netscape_revocation_url             73
+#define OBJ_netscape_revocation_url             OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url           "nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url           "Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url          74
+#define OBJ_netscape_ca_revocation_url          OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url         "nsRenewalUrl"
+#define LN_netscape_renewal_url         "Netscape Renewal Url"
+#define NID_netscape_renewal_url                75
+#define OBJ_netscape_renewal_url                OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url               "nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url               "Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url              76
+#define OBJ_netscape_ca_policy_url              OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name             "nsSslServerName"
+#define LN_netscape_ssl_server_name             "Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name            77
+#define OBJ_netscape_ssl_server_name            OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment             "nsComment"
+#define LN_netscape_comment             "Netscape Comment"
+#define NID_netscape_comment            78
+#define OBJ_netscape_comment            OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence               "nsCertSequence"
+#define LN_netscape_cert_sequence               "Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence              79
+#define OBJ_netscape_cert_sequence              OBJ_netscape_data_type,5L
+
+#define SN_ns_sgc               "nsSGC"
+#define LN_ns_sgc               "Netscape Server Gated Crypto"
+#define NID_ns_sgc              139
+#define OBJ_ns_sgc              OBJ_netscape,4L,1L
+
+#define SN_org          "ORG"
+#define LN_org          "org"
+#define NID_org         379
+#define OBJ_org         OBJ_iso,3L
+
+#define SN_dod          "DOD"
+#define LN_dod          "dod"
+#define NID_dod         380
+#define OBJ_dod         OBJ_org,6L
+
+#define SN_iana         "IANA"
+#define LN_iana         "iana"
+#define NID_iana                381
+#define OBJ_iana                OBJ_dod,1L
+
+#define OBJ_internet            OBJ_iana
+
+#define SN_Directory            "directory"
+#define LN_Directory            "Directory"
+#define NID_Directory           382
+#define OBJ_Directory           OBJ_internet,1L
+
+#define SN_Management           "mgmt"
+#define LN_Management           "Management"
+#define NID_Management          383
+#define OBJ_Management          OBJ_internet,2L
+
+#define SN_Experimental         "experimental"
+#define LN_Experimental         "Experimental"
+#define NID_Experimental                384
+#define OBJ_Experimental                OBJ_internet,3L
+
+#define SN_Private              "private"
+#define LN_Private              "Private"
+#define NID_Private             385
+#define OBJ_Private             OBJ_internet,4L
+
+#define SN_Security             "security"
+#define LN_Security             "Security"
+#define NID_Security            386
+#define OBJ_Security            OBJ_internet,5L
+
+#define SN_SNMPv2               "snmpv2"
+#define LN_SNMPv2               "SNMPv2"
+#define NID_SNMPv2              387
+#define OBJ_SNMPv2              OBJ_internet,6L
+
+#define SN_Mail         "mail"
+#define LN_Mail         "Mail"
+#define NID_Mail                388
+#define OBJ_Mail                OBJ_internet,7L
+
+#define SN_Enterprises          "enterprises"
+#define LN_Enterprises          "Enterprises"
+#define NID_Enterprises         389
+#define OBJ_Enterprises         OBJ_private,1L
+
+#define SN_dcObject             "dcobject"
+#define LN_dcObject             "dcObject"
+#define NID_dcObject            390
+#define OBJ_dcObject            OBJ_enterprises,1466L,344L
+
+#define SN_domainComponent              "DC"
+#define LN_domainComponent              "domainComponent"
+#define NID_domainComponent             391
+#define OBJ_domainComponent             0L,9L,2342L,19200300L,100L,1L,25L
+
+#define SN_Domain               "domain"
+#define LN_Domain               "Domain"
+#define NID_Domain              392
+#define OBJ_Domain              0L,9L,2342L,19200300L,100L,4L,13L
+
+#define SN_rle_compression              "RLE"
+#define LN_rle_compression              "run length compression"
+#define NID_rle_compression             124
+#define OBJ_rle_compression             1L,1L,1L,1L,666L,1L
+
+#define SN_zlib_compression             "ZLIB"
+#define LN_zlib_compression             "zlib compression"
+#define NID_zlib_compression            125
+#define OBJ_zlib_compression            1L,1L,1L,1L,666L,2L
+
diff --git a/src/lib/libcrypto/opensslconf.h.in b/src/lib/libcrypto/opensslconf.h.in
new file mode 100644
index 0000000000..e4a8f8ad54
--- /dev/null
+++ b/src/lib/libcrypto/opensslconf.h.in
@@ -0,0 +1,142 @@
+/* crypto/opensslconf.h */
+/* WARNING: This file is autogenerated by Configure */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/usr/local/ssl"
+#endif
+#endif
+
+#define OPENSSL_UNISTD <unistd.h>
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H) && !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+#define RC4_INT unsigned int
+#endif
+
+#if defined(HEADER_DES_H) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )              /* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )       /* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )       /* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )          /* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )         /* HP-PA */
+  /* Unknown */
+#elif defined( __aux )          /* 68K */
+  /* Unknown */
+#elif defined( __dgux )         /* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )          /* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( i386 )           /* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/src/lib/libcrypto/perlasm/alpha.pl b/src/lib/libcrypto/perlasm/alpha.pl
new file mode 100644
index 0000000000..3dac571743
--- /dev/null
+++ b/src/lib/libcrypto/perlasm/alpha.pl
@@ -0,0 +1,434 @@
+#!/usr/local/bin/perl
+
+package alpha;
+use Carp qw(croak cluck);
+
+$label="100";
+
+$n_debug=0;
+$smear_regs=1;
+$reg_alloc=1;
+
+$align="3";
+$com_start="#";
+
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
+# General registers
+
+%regs=( 'r0',   '$0',
+        'r1',   '$1',
+        'r2',   '$2',
+        'r3',   '$3',
+        'r4',   '$4',
+        'r5',   '$5',
+        'r6',   '$6',
+        'r7',   '$7',
+        'r8',   '$8',
+        'r9',   '$22',
+        'r10',  '$23',
+        'r11',  '$24',
+        'r12',  '$25',
+        'r13',  '$27',
+        'r14',  '$28',
+        'r15',  '$21', # argc == 5
+        'r16',  '$20', # argc == 4
+        'r17',  '$19', # argc == 3
+        'r18',  '$18', # argc == 2
+        'r19',  '$17', # argc == 1
+        'r20',  '$16', # argc == 0
+        'r21',  '$9',  # save 0
+        'r22',  '$10', # save 1
+        'r23',  '$11', # save 2
+        'r24',  '$12', # save 3
+        'r25',  '$13', # save 4
+        'r26',  '$14', # save 5
+
+        'a0',   '$16',
+        'a1',   '$17',
+        'a2',   '$18',
+        'a3',   '$19',
+        'a4',   '$20',
+        'a5',   '$21',
+
+        's0',   '$9',
+        's1',   '$10',
+        's2',   '$11',
+        's3',   '$12',
+        's4',   '$13',
+        's5',   '$14',
+        'zero', '$31',
+        'sp',   '$30',
+        );
+
+$main'reg_s0="r21";
+$main'reg_s1="r22";
+$main'reg_s2="r23";
+$main'reg_s3="r24";
+$main'reg_s4="r25";
+$main'reg_s5="r26";
+
+@reg=(  '$0', '$1' ,'$2' ,'$3' ,'$4' ,'$5' ,'$6' ,'$7' ,'$8',
+        '$22','$23','$24','$25','$20','$21','$27','$28');
+
+
+sub main'sub    { &out3("subq",@_); }
+sub main'add    { &out3("addq",@_); }
+sub main'mov    { &out3("bis",$_[0],$_[0],$_[1]); }
+sub main'or     { &out3("bis",@_); }
+sub main'bis    { &out3("bis",@_); }
+sub main'br     { &out1("br",@_); }
+sub main'ld     { &out2("ldq",@_); }
+sub main'st     { &out2("stq",@_); }
+sub main'cmpult { &out3("cmpult",@_); }
+sub main'cmplt  { &out3("cmplt",@_); }
+sub main'bgt    { &out2("bgt",@_); }
+sub main'ble    { &out2("ble",@_); }
+sub main'blt    { &out2("blt",@_); }
+sub main'mul    { &out3("mulq",@_); }
+sub main'muh    { &out3("umulh",@_); }
+
+$main'QWS=8;
+
+sub main'asm_add
+        {
+        push(@out,@_);
+        }
+
+sub main'asm_finish
+        {
+        &main'file_end();
+        print &main'asm_get_output();
+        }
+
+sub main'asm_init
+        {
+        ($type,$fn)=@_;
+        $filename=$fn;
+
+        &main'asm_init_output();
+        &main'comment("Don't even think of reading this code");
+        &main'comment("It was automatically generated by $filename");
+        &main'comment("Which is a perl program used to generate the alpha assember.");
+        &main'comment("eric <eay\@cryptsoft.com>");
+        &main'comment("");
+
+        $filename =~ s/\.pl$//;
+        &main'file($filename);
+        }
+
+sub conv
+        {
+        local($r)=@_;
+        local($v);
+
+        return($regs{$r}) if defined($regs{$r});
+        return($r);
+        }
+
+sub main'QWPw
+        {
+        local($off,$reg)=@_;
+
+        return(&main'QWP($off*8,$reg));
+        }
+
+sub main'QWP
+        {
+        local($off,$reg)=@_;
+
+        $ret="$off(".&conv($reg).")";
+        return($ret);
+        }
+
+sub out3
+        {
+        local($name,$p1,$p2,$p3)=@_;
+
+        $p1=&conv($p1);
+        $p2=&conv($p2);
+        $p3=&conv($p3);
+        push(@out,"\t$name\t");
+        $l=length($p1)+1;
+        push(@out,$p1.",");
+        $ll=3-($l+9)/8;
+        $tmp1=sprintf("\t" x $ll);
+        push(@out,$tmp1);
+
+        $l=length($p2)+1;
+        push(@out,$p2.",");
+        $ll=3-($l+9)/8;
+        $tmp1=sprintf("\t" x $ll);
+        push(@out,$tmp1);
+
+        push(@out,&conv($p3)."\n");
+        }
+
+sub out2
+        {
+        local($name,$p1,$p2,$p3)=@_;
+
+        $p1=&conv($p1);
+        $p2=&conv($p2);
+        push(@out,"\t$name\t");
+        $l=length($p1)+1;
+        push(@out,$p1.",");
+        $ll=3-($l+9)/8;
+        $tmp1=sprintf("\t" x $ll);
+        push(@out,$tmp1);
+
+        push(@out,&conv($p2)."\n");
+        }
+
+sub out1
+        {
+        local($name,$p1)=@_;
+
+        $p1=&conv($p1);
+        push(@out,"\t$name\t".$p1."\n");
+        }
+
+sub out0
+        {
+        push(@out,"\t$_[0]\n");
+        }
+
+sub main'file
+        {
+        local($file)=@_;
+
+        local($tmp)=<<"EOF";
+ # DEC Alpha assember
+ # Generated from perl scripts contains in SSLeay
+        .file   1 "$file.s"
+        .set noat
+EOF
+        push(@out,$tmp);
+        }
+
+sub main'function_begin
+        {
+        local($func)=@_;
+
+print STDERR "$func\n";
+        local($tmp)=<<"EOF";
+        .text
+        .align $align
+        .globl $func
+        .ent $func
+${func}:
+${func}..ng:
+        .frame \$30,0,\$26,0
+        .prologue 0
+EOF
+        push(@out,$tmp);
+        $stack=0;
+        }
+
+sub main'function_end
+        {
+        local($func)=@_;
+
+        local($tmp)=<<"EOF";
+        ret     \$31,(\$26),1
+        .end $func
+EOF
+        push(@out,$tmp);
+        $stack=0;
+        %label=();
+        }
+
+sub main'function_end_A
+        {
+        local($func)=@_;
+
+        local($tmp)=<<"EOF";
+        ret     \$31,(\$26),1
+EOF
+        push(@out,$tmp);
+        }
+
+sub main'function_end_B
+        {
+        local($func)=@_;
+
+        $func=$under.$func;
+
+        push(@out,"\t.end $func\n");
+        $stack=0;
+        %label=();
+        }
+
+sub main'wparam
+        {
+        local($num)=@_;
+
+        if ($num < 6)
+                {
+                $num=20-$num;
+                return("r$num");
+                }
+        else
+                { return(&main'QWP($stack+$num*8,"sp")); }
+        }
+
+sub main'stack_push
+        {
+        local($num)=@_;
+        $stack+=$num*8;
+        &main'sub("sp",$num*8,"sp");
+        }
+
+sub main'stack_pop
+        {
+        local($num)=@_;
+        $stack-=$num*8;
+        &main'add("sp",$num*8,"sp");
+        }
+
+sub main'swtmp
+        {
+        return(&main'QWP(($_[0])*8,"sp"));
+        }
+
+# Should use swtmp, which is above sp.  Linix can trash the stack above esp
+#sub main'wtmp
+#       {
+#       local($num)=@_;
+#
+#       return(&main'QWP(-($num+1)*4,"esp","",0));
+#       }
+
+sub main'comment
+        {
+        foreach (@_)
+                {
+                if (/^\s*$/)
+                        { push(@out,"\n"); }
+                else
+                        { push(@out,"\t$com_start $_ $com_end\n"); }
+                }
+        }
+
+sub main'label
+        {
+        if (!defined($label{$_[0]}))
+                {
+                $label{$_[0]}=$label;
+                $label++;
+                }
+        return('$'.$label{$_[0]});
+        }
+
+sub main'set_label
+        {
+        if (!defined($label{$_[0]}))
+                {
+                $label{$_[0]}=$label;
+                $label++;
+                }
+#       push(@out,".align $align\n") if ($_[1] != 0);
+        push(@out,'$'."$label{$_[0]}:\n");
+        }
+
+sub main'file_end
+        {
+        }
+
+sub main'data_word
+        {
+        push(@out,"\t.long $_[0]\n");
+        }
+
+@pool_free=();
+@pool_taken=();
+$curr_num=0;
+$max=0;
+
+sub main'init_pool
+        {
+        local($args)=@_;
+        local($i);
+
+        @pool_free=();
+        for ($i=(14+(6-$args)); $i >= 0; $i--)
+                {
+                push(@pool_free,"r$i");
+                }
+        print STDERR "START :register pool:@pool_free\n";
+        $curr_num=$max=0;
+        }
+
+sub main'fin_pool
+        {
+        printf STDERR "END %2d:register pool:@pool_free\n",$max;
+        }
+
+sub main'GR
+        {
+        local($r)=@_;
+        local($i,@n,$_);
+
+        foreach (@pool_free)
+                {
+                if ($r ne $_)
+                        { push(@n,$_); }
+                else
+                        {
+                        $curr_num++;
+                        $max=$curr_num if ($curr_num > $max);
+                        }
+                }
+        @pool_free=@n;
+print STDERR "GR:@pool_free\n" if $reg_alloc;
+        return(@_);
+        }
+
+sub main'NR
+        {
+        local($num)=@_;
+        local(@ret);
+
+        $num=1 if $num == 0;
+        ($#pool_free >= ($num-1)) || croak "out of registers: want $num, have @pool_free";
+        while ($num > 0)
+                {
+                push(@ret,pop @pool_free);
+                $curr_num++;
+                $max=$curr_num if ($curr_num > $max);
+                $num--
+                }
+        print STDERR "nr @ret\n" if $n_debug;
+print STDERR "NR:@pool_free\n" if $reg_alloc;
+        return(@ret);
+
+        }
+
+sub main'FR
+        {
+        local(@r)=@_;
+        local(@a,$v,$w);
+
+        print STDERR "fr @r\n" if $n_debug;
+#       cluck "fr @r";
+        for $w (@pool_free)
+                {
+                foreach $v (@r)
+                        {
+                        croak "double register free of $v (@pool_free)" if $w eq $v;
+                        }
+                }
+        foreach $v (@r)
+                {
+                croak "bad argument to FR" if ($v !~ /^r\d+$/);
+                if ($smear_regs)
+                        { unshift(@pool_free,$v); }
+                else    { push(@pool_free,$v); }
+                $curr_num--;
+                }
+print STDERR "FR:@pool_free\n" if $reg_alloc;
+        }
+1;
diff --git a/src/lib/libcrypto/perlasm/x86nasm.pl b/src/lib/libcrypto/perlasm/x86nasm.pl
new file mode 100644
index 0000000000..b4da364bbf
--- /dev/null
+++ b/src/lib/libcrypto/perlasm/x86nasm.pl
@@ -0,0 +1,342 @@
+#!/usr/local/bin/perl
+
+package x86nasm;
+
+$label="L000";
+
+%lb=(   'eax',  'al',
+        'ebx',  'bl',
+        'ecx',  'cl',
+        'edx',  'dl',
+        'ax',   'al',
+        'bx',   'bl',
+        'cx',   'cl',
+        'dx',   'dl',
+        );
+
+%hb=(   'eax',  'ah',
+        'ebx',  'bh',
+        'ecx',  'ch',
+        'edx',  'dh',
+        'ax',   'ah',
+        'bx',   'bh',
+        'cx',   'ch',
+        'dx',   'dh',
+        );
+
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+
+sub main'external_label
+{
+        push(@labels,@_);
+        foreach (@_) {
+                push(@out, "extern\t_$_\n");
+        }
+}
+
+sub main'LB
+        {
+        (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+        return($lb{$_[0]});
+        }
+
+sub main'HB
+        {
+        (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+        return($hb{$_[0]});
+        }
+
+sub main'BP
+        {
+        &get_mem("BYTE",@_);
+        }
+
+sub main'DWP
+        {
+        &get_mem("DWORD",@_);
+        }
+
+sub main'BC
+        {
+        return "BYTE @_";
+        }
+
+sub main'DWC
+        {
+        return "DWORD @_";
+        }
+
+sub main'stack_push
+        {
+        my($num)=@_;
+        $stack+=$num*4;
+        &main'sub("esp",$num*4);
+        }
+
+sub main'stack_pop
+        {
+        my($num)=@_;
+        $stack-=$num*4;
+        &main'add("esp",$num*4);
+        }
+
+sub get_mem
+        {
+        my($size,$addr,$reg1,$reg2,$idx)=@_;
+        my($t,$post);
+        my($ret)="[";
+        $addr =~ s/^\s+//;
+        if ($addr =~ /^(.+)\+(.+)$/)
+                {
+                $reg2=&conv($1);
+                $addr="_$2";
+                }
+        elsif ($addr =~ /^[_a-zA-Z]/)
+                {
+                $addr="_$addr";
+                }
+
+        $reg1="$regs{$reg1}" if defined($regs{$reg1});
+        $reg2="$regs{$reg2}" if defined($regs{$reg2});
+        if (($addr ne "") && ($addr ne 0))
+                {
+                if ($addr !~ /^-/)
+                        { $ret.="${addr}+"; }
+                else    { $post=$addr; }
+                }
+        if ($reg2 ne "")
+                {
+                $t="";
+                $t="*$idx" if ($idx != 0);
+                $reg1="+".$reg1 if ("$reg1$post" ne "");
+                $ret.="$reg2$t$reg1$post]";
+                }
+        else
+                {
+                $ret.="$reg1$post]"
+                }
+        return($ret);
+        }
+
+sub main'mov    { &out2("mov",@_); }
+sub main'movb   { &out2("mov",@_); }
+sub main'and    { &out2("and",@_); }
+sub main'or     { &out2("or",@_); }
+sub main'shl    { &out2("shl",@_); }
+sub main'shr    { &out2("shr",@_); }
+sub main'xor    { &out2("xor",@_); }
+sub main'xorb   { &out2("xor",@_); }
+sub main'add    { &out2("add",@_); }
+sub main'adc    { &out2("adc",@_); }
+sub main'sub    { &out2("sub",@_); }
+sub main'rotl   { &out2("rol",@_); }
+sub main'rotr   { &out2("ror",@_); }
+sub main'exch   { &out2("xchg",@_); }
+sub main'cmp    { &out2("cmp",@_); }
+sub main'lea    { &out2("lea",@_); }
+sub main'mul    { &out1("mul",@_); }
+sub main'div    { &out1("div",@_); }
+sub main'dec    { &out1("dec",@_); }
+sub main'inc    { &out1("inc",@_); }
+sub main'jmp    { &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
+
+# This is a bit of a kludge: declare all branches as NEAR.
+sub main'je     { &out1("je NEAR",@_); }
+sub main'jle    { &out1("jle NEAR",@_); }
+sub main'jz     { &out1("jz NEAR",@_); }
+sub main'jge    { &out1("jge NEAR",@_); }
+sub main'jl     { &out1("jl NEAR",@_); }
+sub main'jb     { &out1("jb NEAR",@_); }
+sub main'jc     { &out1("jc NEAR",@_); }
+sub main'jnc    { &out1("jnc NEAR",@_); }
+sub main'jnz    { &out1("jnz NEAR",@_); }
+sub main'jne    { &out1("jne NEAR",@_); }
+sub main'jno    { &out1("jno NEAR",@_); }
+
+sub main'push   { &out1("push",@_); $stack+=4; }
+sub main'pop    { &out1("pop",@_); $stack-=4; }
+sub main'bswap  { &out1("bswap",@_); &using486(); }
+sub main'not    { &out1("not",@_); }
+sub main'call   { &out1("call",'_'.$_[0]); }
+sub main'ret    { &out0("ret"); }
+sub main'nop    { &out0("nop"); }
+
+sub out2
+        {
+        my($name,$p1,$p2)=@_;
+        my($l,$t);
+
+        push(@out,"\t$name\t");
+        $t=&conv($p1).",";
+        $l=length($t);
+        push(@out,$t);
+        $l=4-($l+9)/8;
+        push(@out,"\t" x $l);
+        push(@out,&conv($p2));
+        push(@out,"\n");
+        }
+
+sub out0
+        {
+        my($name)=@_;
+
+        push(@out,"\t$name\n");
+        }
+
+sub out1
+        {
+        my($name,$p1)=@_;
+        my($l,$t);
+        push(@out,"\t$name\t".&conv($p1)."\n");
+        }
+
+sub conv
+        {
+        my($p)=@_;
+        $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+        return $p;
+        }
+
+sub using486
+        {
+        return if $using486;
+        $using486++;
+        grep(s/\.386/\.486/,@out);
+        }
+
+sub main'file
+        {
+        push(@out, "segment .text\n");
+        }
+
+sub main'function_begin
+        {
+        my($func,$extra)=@_;
+
+        push(@labels,$func);
+        my($tmp)=<<"EOF";
+global  _$func
+_$func:
+        push    ebp
+        push    ebx
+        push    esi
+        push    edi
+EOF
+        push(@out,$tmp);
+        $stack=20;
+        }
+
+sub main'function_begin_B
+        {
+        my($func,$extra)=@_;
+        my($tmp)=<<"EOF";
+global  _$func
+_$func:
+EOF
+        push(@out,$tmp);
+        $stack=4;
+        }
+
+sub main'function_end
+        {
+        my($func)=@_;
+
+        my($tmp)=<<"EOF";
+        pop     edi
+        pop     esi
+        pop     ebx
+        pop     ebp
+        ret
+EOF
+        push(@out,$tmp);
+        $stack=0;
+        %label=();
+        }
+
+sub main'function_end_B
+        {
+        $stack=0;
+        %label=();
+        }
+
+sub main'function_end_A
+        {
+        my($func)=@_;
+
+        my($tmp)=<<"EOF";
+        pop     edi
+        pop     esi
+        pop     ebx
+        pop     ebp
+        ret
+EOF
+        push(@out,$tmp);
+        }
+
+sub main'file_end
+        {
+        }
+
+sub main'wparam
+        {
+        my($num)=@_;
+
+        return(&main'DWP($stack+$num*4,"esp","",0));
+        }
+
+sub main'swtmp
+        {
+        return(&main'DWP($_[0]*4,"esp","",0));
+        }
+
+# Should use swtmp, which is above esp.  Linix can trash the stack above esp
+#sub main'wtmp
+#       {
+#       my($num)=@_;
+#
+#       return(&main'DWP(-(($num+1)*4),"esp","",0));
+#       }
+
+sub main'comment
+        {
+        foreach (@_)
+                {
+                push(@out,"\t; $_\n");
+                }
+        }
+
+sub main'label
+        {
+        if (!defined($label{$_[0]}))
+                {
+                $label{$_[0]}="\$${label}${_[0]}";
+                $label++;
+                }
+        return($label{$_[0]});
+        }
+
+sub main'set_label
+        {
+        if (!defined($label{$_[0]}))
+                {
+                $label{$_[0]}="${label}${_[0]}";
+                $label++;
+                }
+        push(@out,"$label{$_[0]}:\n");
+        }
+
+sub main'data_word
+        {
+        push(@out,"\tDD\t$_[0]\n");
+        }
+
+sub out1p
+        {
+        my($name,$p1)=@_;
+        my($l,$t);
+
+        push(@out,"\t$name\t ".&conv($p1)."\n");
+        }
diff --git a/src/lib/libcrypto/pkcs7/bio_ber.c b/src/lib/libcrypto/pkcs7/bio_ber.c
new file mode 100644
index 0000000000..2f17723e98
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/bio_ber.c
@@ -0,0 +1,450 @@
+/* crypto/evp/bio_ber.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+
+static int ber_write(BIO *h,char *buf,int num);
+static int ber_read(BIO *h,char *buf,int size);
+/*static int ber_puts(BIO *h,char *str); */
+/*static int ber_gets(BIO *h,char *str,int size); */
+static long ber_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int ber_new(BIO *h);
+static int ber_free(BIO *data);
+#define BER_BUF_SIZE    (32)
+
+/* This is used to hold the state of the BER objects being read. */
+typedef struct ber_struct
+        {
+        int tag;
+        int class;
+        long length;
+        int inf;
+        int num_left;
+        int depth;
+        } BER_CTX;
+
+typedef struct bio_ber_struct
+        {
+        int tag;
+        int class;
+        long length;
+        int inf;
+
+        /* most of the following are used when doing non-blocking IO */
+        /* reading */
+        long num_left;  /* number of bytes still to read/write in block */
+        int depth;      /* used with idefinite encoding. */
+        int finished;   /* No more read data */
+
+        /* writting */ 
+        char *w_addr;
+        int w_offset;
+        int w_left;
+
+        int buf_len;
+        int buf_off;
+        unsigned char buf[BER_BUF_SIZE];
+        } BIO_BER_CTX;
+
+static BIO_METHOD methods_ber=
+        {
+        BIO_TYPE_CIPHER,"cipher",
+        ber_write,
+        ber_read,
+        NULL, /* ber_puts, */
+        NULL, /* ber_gets, */
+        ber_ctrl,
+        ber_new,
+        ber_free,
+        };
+
+BIO_METHOD *BIO_f_ber(void)
+        {
+        return(&methods_ber);
+        }
+
+static int ber_new(BIO *bi)
+        {
+        BIO_BER_CTX *ctx;
+
+        ctx=(BIO_BER_CTX *)Malloc(sizeof(BIO_BER_CTX));
+        if (ctx == NULL) return(0);
+
+        memset((char *)ctx,0,sizeof(BIO_BER_CTX));
+
+        bi->init=0;
+        bi->ptr=(char *)ctx;
+        bi->flags=0;
+        return(1);
+        }
+
+static int ber_free(BIO *a)
+        {
+        BIO_BER_CTX *b;
+
+        if (a == NULL) return(0);
+        b=(BIO_BER_CTX *)a->ptr;
+        memset(a->ptr,0,sizeof(BIO_BER_CTX));
+        Free(a->ptr);
+        a->ptr=NULL;
+        a->init=0;
+        a->flags=0;
+        return(1);
+        }
+
+int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx)
+        {
+        char buf[64];
+        int i,j,n;
+        int ret;
+        unsigned char *p;
+        unsigned long length
+        int tag;
+        int class;
+        long max;
+
+        BIO_clear_retry_flags(b);
+
+        /* Pack the buffer down if there is a hole at the front */
+        if (ctx->buf_off != 0)
+                {
+                p=ctx->buf;
+                j=ctx->buf_off;
+                n=ctx->buf_len-j;
+                for (i=0; i<n; i++)
+                        {
+                        p[0]=p[j];
+                        p++;
+                        }
+                ctx->buf_len-j;
+                ctx->buf_off=0;
+                }
+
+        /* If there is more room, read some more data */
+        i=BER_BUF_SIZE-ctx->buf_len;
+        if (i)
+                {
+                i=BIO_read(bio->next_bio,&(ctx->buf[ctx->buf_len]),i);
+                if (i <= 0)
+                        {
+                        BIO_copy_next_retry(b);
+                        return(i);
+                        }
+                else
+                        ctx->buf_len+=i;
+                }
+
+        max=ctx->buf_len;
+        p=ctx->buf;
+        ret=ASN1_get_object(&p,&length,&tag,&class,max);
+
+        if (ret & 0x80)
+                {
+                if ((ctx->buf_len < BER_BUF_SIZE) &&
+                        (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG))
+                        {
+                        ERR_get_error(); /* clear the error */
+                        BIO_set_retry_read(b);
+                        }
+                return(-1);
+                }
+
+        /* We have no error, we have a header, so make use of it */
+
+        if ((ctx->tag  >= 0) && (ctx->tag != tag))
+                {
+                BIOerr(BIO_F_BIO_BER_GET_HEADER,BIO_R_TAG_MISMATCH);
+                sprintf(buf,"tag=%d, got %d",ctx->tag,tag);
+                ERR_add_error_data(1,buf);
+                return(-1);
+                }
+        if (ret & 0x01)
+        if (ret & V_ASN1_CONSTRUCTED)
+        }
+        
+static int ber_read(BIO *b, char *out, int outl)
+        {
+        int ret=0,i,n;
+        BIO_BER_CTX *ctx;
+
+        BIO_clear_retry_flags(b);
+
+        if (out == NULL) return(0);
+        ctx=(BIO_BER_CTX *)b->ptr;
+
+        if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+        if (ctx->finished) return(0);
+
+again:
+        /* First see if we are half way through reading a block */
+        if (ctx->num_left > 0)
+                {
+                if (ctx->num_left < outl)
+                        n=ctx->num_left;
+                else
+                        n=outl;
+                i=BIO_read(b->next_bio,out,n);
+                if (i <= 0)
+                        {
+                        BIO_copy_next_retry(b);
+                        return(i);
+                        }
+                ctx->num_left-=i;
+                outl-=i;
+                ret+=i;
+                if (ctx->num_left <= 0)
+                        {
+                        ctx->depth--;
+                        if (ctx->depth <= 0)
+                                ctx->finished=1;
+                        }
+                if (outl <= 0)
+                        return(ret);
+                else
+                        goto again;
+                }
+        else    /* we need to read another BER header */
+                {
+                }
+        }
+
+static int ber_write(BIO *b, char *in, int inl)
+        {
+        int ret=0,n,i;
+        BIO_ENC_CTX *ctx;
+
+        ctx=(BIO_ENC_CTX *)b->ptr;
+        ret=inl;
+
+        BIO_clear_retry_flags(b);
+        n=ctx->buf_len-ctx->buf_off;
+        while (n > 0)
+                {
+                i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+                if (i <= 0)
+                        {
+                        BIO_copy_next_retry(b);
+                        return(i);
+                        }
+                ctx->buf_off+=i;
+                n-=i;
+                }
+        /* at this point all pending data has been written */
+
+        if ((in == NULL) || (inl <= 0)) return(0);
+
+        ctx->buf_off=0;
+        while (inl > 0)
+                {
+                n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
+                EVP_CipherUpdate(&(ctx->cipher),
+                        (unsigned char *)ctx->buf,&ctx->buf_len,
+                        (unsigned char *)in,n);
+                inl-=n;
+                in+=n;
+
+                ctx->buf_off=0;
+                n=ctx->buf_len;
+                while (n > 0)
+                        {
+                        i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+                        if (i <= 0)
+                                {
+                                BIO_copy_next_retry(b);
+                                return(i);
+                                }
+                        n-=i;
+                        ctx->buf_off+=i;
+                        }
+                ctx->buf_len=0;
+                ctx->buf_off=0;
+                }
+        BIO_copy_next_retry(b);
+        return(ret);
+        }
+
+static long ber_ctrl(BIO *b, int cmd, long num, char *ptr)
+        {
+        BIO *dbio;
+        BIO_ENC_CTX *ctx,*dctx;
+        long ret=1;
+        int i;
+
+        ctx=(BIO_ENC_CTX *)b->ptr;
+
+        switch (cmd)
+                {
+        case BIO_CTRL_RESET:
+                ctx->ok=1;
+                ctx->finished=0;
+                EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+                        ctx->cipher.berrypt);
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_EOF:      /* More to read */
+                if (ctx->cont <= 0)
+                        ret=1;
+                else
+                        ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_WPENDING:
+                ret=ctx->buf_len-ctx->buf_off;
+                if (ret <= 0)
+                        ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_PENDING: /* More to read in buffer */
+                ret=ctx->buf_len-ctx->buf_off;
+                if (ret <= 0)
+                        ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_CTRL_FLUSH:
+                /* do a final write */
+again:
+                while (ctx->buf_len != ctx->buf_off)
+                        {
+                        i=ber_write(b,NULL,0);
+                        if (i < 0)
+                                {
+                                ret=i;
+                                break;
+                                }
+                        }
+
+                if (!ctx->finished)
+                        {
+                        ctx->finished=1;
+                        ctx->buf_off=0;
+                        ret=EVP_CipherFinal(&(ctx->cipher),
+                                (unsigned char *)ctx->buf,
+                                &(ctx->buf_len));
+                        ctx->ok=(int)ret;
+                        if (ret <= 0) break;
+
+                        /* push out the bytes */
+                        goto again;
+                        }
+                
+                /* Finally flush the underlying BIO */
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+        case BIO_C_GET_CIPHER_STATUS:
+                ret=(long)ctx->ok;
+                break;
+        case BIO_C_DO_STATE_MACHINE:
+                BIO_clear_retry_flags(b);
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                BIO_copy_next_retry(b);
+                break;
+
+        case BIO_CTRL_DUP:
+                dbio=(BIO *)ptr;
+                dctx=(BIO_ENC_CTX *)dbio->ptr;
+                memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
+                dbio->init=1;
+                break;
+        default:
+                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+                break;
+                }
+        return(ret);
+        }
+
+/*
+void BIO_set_cipher_ctx(b,c)
+BIO *b;
+EVP_CIPHER_ctx *c;
+        {
+        if (b == NULL) return;
+
+        if ((b->callback != NULL) &&
+                (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+                return;
+
+        b->init=1;
+        ctx=(BIO_ENC_CTX *)b->ptr;
+        memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
+        
+        if (b->callback != NULL)
+                b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+        }
+*/
+
+void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i,
+             int e)
+        {
+        BIO_ENC_CTX *ctx;
+
+        if (b == NULL) return;
+
+        if ((b->callback != NULL) &&
+                (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+                return;
+
+        b->init=1;
+        ctx=(BIO_ENC_CTX *)b->ptr;
+        EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+        
+        if (b->callback != NULL)
+                b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+        }
+
diff --git a/src/lib/libcrypto/pkcs7/dec.c b/src/lib/libcrypto/pkcs7/dec.c
new file mode 100644
index 0000000000..b3661f28d3
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/dec.c
@@ -0,0 +1,246 @@
+/* crypto/pkcs7/verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/bio.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/asn1.h>
+
+int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+BIO *bio_err=NULL;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+        {
+        char *keyfile=NULL;
+        BIO *in;
+        EVP_PKEY *pkey;
+        X509 *x509;
+        PKCS7 *p7;
+        PKCS7_SIGNER_INFO *si;
+        X509_STORE_CTX cert_ctx;
+        X509_STORE *cert_store=NULL;
+        BIO *data,*detached=NULL,*p7bio=NULL;
+        char buf[1024*4];
+        unsigned char *pp;
+        int i,printit=0;
+        STACK_OF(PKCS7_SIGNER_INFO) *sk;
+
+        SSLeay_add_all_algorithms();
+        bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+        data=BIO_new(BIO_s_file());
+        pp=NULL;
+        while (argc > 1)
+                {
+                argc--;
+                argv++;
+                if (strcmp(argv[0],"-p") == 0)
+                        {
+                        printit=1;
+                        }
+                else if ((strcmp(argv[0],"-k") == 0) && (argc >= 2)) {
+                        keyfile = argv[1];
+                        argc-=1;
+                        argv+=1;
+                } else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
+                        {
+                        detached=BIO_new(BIO_s_file());
+                        if (!BIO_read_filename(detached,argv[1]))
+                                goto err;
+                        argc-=1;
+                        argv+=1;
+                        }
+                else break;
+                }
+
+         if (!BIO_read_filename(data,argv[0])) goto err; 
+
+        if(!keyfile) {
+                fprintf(stderr, "No private key file specified\n");
+                goto err;
+        }
+
+        if ((in=BIO_new_file(keyfile,"r")) == NULL) goto err;
+        if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+        BIO_reset(in);
+        if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+        BIO_free(in);
+
+        if (pp == NULL)
+                BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+
+        /* Load the PKCS7 object from a file */
+        if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err;
+
+
+
+        /* This stuff is being setup for certificate verification.
+         * When using SSL, it could be replaced with a 
+         * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
+        cert_store=X509_STORE_new();
+        X509_STORE_set_default_paths(cert_store);
+        X509_STORE_load_locations(cert_store,NULL,"../../certs");
+        X509_STORE_set_verify_cb_func(cert_store,verify_callback);
+
+        ERR_clear_error();
+
+        /* We need to process the data */
+        /* We cannot support detached encryption */
+        p7bio=PKCS7_dataDecode(p7,pkey,detached,x509);
+        
+        if (p7bio == NULL)
+                {
+                printf("problems decoding\n");
+                goto err;
+                }
+
+        /* We now have to 'read' from p7bio to calculate digests etc. */
+        for (;;)
+                {
+                i=BIO_read(p7bio,buf,sizeof(buf));
+                /* print it? */
+                if (i <= 0) break;
+                fwrite(buf,1, i, stdout);
+                }
+
+        /* We can now verify signatures */
+        sk=PKCS7_get_signer_info(p7);
+        if (sk == NULL)
+                {
+                fprintf(stderr, "there are no signatures on this data\n");
+                }
+        else
+                {
+                /* Ok, first we need to, for each subject entry,
+                 * see if we can verify */
+                ERR_clear_error();
+                for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sk); i++)
+                        {
+                        si=sk_PKCS7_SIGNER_INFO_value(sk,i);
+                        i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
+                        if (i <= 0)
+                                goto err;
+                        else
+                                fprintf(stderr,"Signature verified\n");
+                        }
+                }
+        X509_STORE_free(cert_store);
+
+        exit(0);
+err:
+        ERR_load_crypto_strings();
+        ERR_print_errors_fp(stderr);
+        exit(1);
+        }
+
+/* should be X509 * but we can just have them as char *. */
+int verify_callback(int ok, X509_STORE_CTX *ctx)
+        {
+        char buf[256];
+        X509 *err_cert;
+        int err,depth;
+
+        err_cert=X509_STORE_CTX_get_current_cert(ctx);
+        err=    X509_STORE_CTX_get_error(ctx);
+        depth=  X509_STORE_CTX_get_error_depth(ctx);
+
+        X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+        BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+        if (!ok)
+                {
+                BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+                        X509_verify_cert_error_string(err));
+                if (depth < 6)
+                        {
+                        ok=1;
+                        X509_STORE_CTX_set_error(ctx,X509_V_OK);
+                        }
+                else
+                        {
+                        ok=0;
+                        X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
+                        }
+                }
+        switch (ctx->error)
+                {
+        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+                X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+                BIO_printf(bio_err,"issuer= %s\n",buf);
+                break;
+        case X509_V_ERR_CERT_NOT_YET_VALID:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+                BIO_printf(bio_err,"notBefore=");
+                ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+                BIO_printf(bio_err,"\n");
+                break;
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+                BIO_printf(bio_err,"notAfter=");
+                ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+                BIO_printf(bio_err,"\n");
+                break;
+                }
+        BIO_printf(bio_err,"verify return:%d\n",ok);
+        return(ok);
+        }
diff --git a/src/lib/libcrypto/pkcs7/des.pem b/src/lib/libcrypto/pkcs7/des.pem
new file mode 100644
index 0000000000..62d1657e3e
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/des.pem
@@ -0,0 +1,15 @@
+
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ
+/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw
+AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
+QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G
+CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N
+WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
+oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL
+lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8
+5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA=
+
diff --git a/src/lib/libcrypto/pkcs7/es1.pem b/src/lib/libcrypto/pkcs7/es1.pem
new file mode 100644
index 0000000000..47112a238f
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/es1.pem
@@ -0,0 +1,66 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqGSIb3DQEBAQUABEDWak0y/5XZJhQJeCLo
+KECcHXkTEbjzYkYNHIinbiPmRK4QbNfs9z2mA3z/c2ykQ4eAqFR2jyNrUMN/+I5XEiv6MIHw
+AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
+QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G
+CSqGSIb3DQEBAQUABEAWg9+KgtCjc77Jdj1Ve4wGgHjVHbbSYEA1ZqKFDoi15vSr9hfpHmC4
+ycZzcRo16JkTfolefiHZzmyjVz94vSN6MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
+oAQI7X4Tk4mcbV6ggASBsHl1mCaJ3RhXWlNPCgCRU53d7M5x6TDZRkvwdtdvW96m1lupT03F
+XtonkBqk7oMkH7kGfs5/REQOPjx0QE2Ixmgt1W3szum82EZwA7pZNppcraK7W/odw/7bYZO+
+II3HPmRklE2N9qiu1LPaPUsnYogkO6SennyeL5tZ382vBweL/8pnG0qsbT1OBb65v+llnsjT
+pa1T/p+fIx/iJJGE6K9fYFokC6gXLQ6ozXRdOu5oBDB8mPCYYvAqKycidM/MrGGUkpEtS4f0
+lS31PwQi5YTim8Ig3/TOwVpPX32i46FTuEIEIMHkD/OvpfwCCzXUHHJnKnKUAUvIsSY3vGBs
+8ezpUDfBBBj9LHDy32hZ2tQilkDefP5VM2LLdrWgamYEgfiyITQvn08Ul5lQOQxbFKBheFq5
+otCCN4MR+w5eq12xQu6y+f9z0159ag2ru87D0lLtUtXXtCELbO1nUkT2sJ0k/iDs9TOXr6Cx
+go1XKYho83hlkXYiCteVizdAbgVGNsNRD4wtIdajsorET/LuJECgp11YeL9w1dlDB0HLEZfi
+XCsUphH4jGagba3hDeUSibnjSiJlN0ukfuQurBBbI2UkBAujiEAubKPn7C1FZJRSw6CPPX5t
+KEpmcqT1JNk6LO8Js6/1sCmmBh1VGCy1+EuTI9J1p7Dagf4nQ8cHitoCRpHuKZlFHnZyv7tw
+Rn/KOhHaYP2VzAh40gQIvKMAAWh9oFsEEIMwIoOmLwLH5wf+8QdbDhoECH8HwZt9a12dBAjL
+r4j2zlvtfgQIt7nmEM3wz1EECKlc3EIy1irCBBCAKINcermK3A+jI6ISN2RzBFA3dsh/xwMu
+l61aWMBBZzEz/SF92k6n35KZhCC0d6fIVC/1WMv0fnCwQ8oEDynSre216VEFiYKBaQLJe5o/
+mTAxC7Ht3goXnuc+i1FItOkLrgRI/wyvTICEn2WsNZiMADnGaee2bqPnUopo+VMGexJEtCPk
+l0ZNlDJGquPDkpUwaEtecVZzCNyVPYyyF4J/l8rmGDhDdYUIC8IKBEg/ip/E0BuubBLWVbv+
+HRl4QrnGpyCyeXRXXK603QP3sT1Zbbm1v5pI/loOhVHi724LmtXHSyp5qv9MDcxE1PoX10LY
+gBRtlwwESPeCF8bK5jk4xIQMhK5NMHj1Y1KQWTZ9NGITBL4hjRq2qp4Qk5GIpGgOVPopAuCo
+TIyPikpqBRNtLSPRSsDs6QPUPzWBh6JgxwRQblnDKKUkxUcnJiD4i9QtGa/ZabMn4KxtNOBL
+5JSh1nJkaLXCZY070131WWPAByLcd5TiXq8x84pmzV5NNk4tiMpoXhJNsx8e4rskQQlKd6ME
+SCe2eYDHKcKPX3WJbUzhrJSQ92/aWnI2iUY8WQ+kSNyiZ2QUjyuUg9Z66g/0d2STlvPOBHT/
+y5ODP2CwbcWX4QmCbUc9TT66fQRIrRVuwvtOfnUueyGgYhJ3HpAJfVaB/7kap5bj7Fi/azW4
+9JDfd1bC/W9h0Kyk7RO2gxvE0hIHc26mZJHTm9MNP5D328MnM2MdBEjKjQBtgrp+lFIii7MP
+nGHFTKUkG4WAIZJCf/CsT+p6/SW0qG71Me/YcSw5STB24j+a+HgMV8RVIeUlkP4z0IWWrSoB
+Gh4d/Z0EUMCVHs/HZ/bWgiyhtHpvuVAzidm8D81p1LJ5BQX5/5f/m+q5+fS/npL27dTEbNqs
+LSB6ij3MZAi7LwHWpTn9zWnDajCMEj9vlaV7mcKtHK5iBEg85agFi1h3MvicqLtoFe5hVv9T
+tG0j6CRkjkixPzivltlrf44KHv14gLM0XJxCGyq7vd3l8QYr3+9at0zNnX/yqTiBnsnE5dUE
+SIgrYuz87M2gi/ER9PcDoTtONH3+CkcqVy03q/Sj8cVWD/b1KgEhqnNOfc8Ak9PctyR/ItcR
+8Me5XVn1GJKkQJk4O29fxvgNoAQIrIESvUWGshAEQByXiFoFTDUByjTlgjcy77H1lrH+y3P/
+wAInJjJAut9kCNyGJV0PA4kdPB5USWltuO6t8gk4Pd2YBMl09zqUWkAEUCjFrtZ3mapjcGZI
+uQTASKR5LSjXoWxTT5gae/+64MerF/oCEeO3ehRTpjnPrsiRDo0rWIQTaj9+Nro8Z2xtWstw
+RnfoAHIxV1lEamPwjsceBEi2SD9hiifFeO5ECiVoaE1FdXUXhU+jwYAMx6jHWO9hMkYzS9pM
+Y3IyWR5ybtOjiQgkUdvRJPUPGf5DVVMPnymGX25aDh5PYpIESPbsM9akCpOOVuscywcUswmU
+o7dXvlB48WWCfg/al3BQKAZbn5ZXtWNwpUZkrEdHsrxAVv3rxRcdkT3Z1fzUbIuYkLJN200o
+WgRIJvn6RO8KEj7/HOg2sYuuM8nz1kR0TSgwX7/0y/7JfjBa0JIlP7o75sNJscE8oyoIMzuy
+Dvn6/U9g3BCDXn83A/s+ke60qn9gBFC6NAeLOlXal1YVWYhMQNOqCyUfAjiXBTawaysQb1Mk
+YgeNlF8xuEFcUQWIP+vNG7FJ5JPMaMRL4YEoaQ3sVFhYOERJR1cSb+8xt4QCYtBKQgRIUOmJ
+CHW5o1hXJWJiTkZK2qWFcEMzTINSj5EpYFySr8aVBjkRnI7vxegRT/+XZZXoYedQ3UNsnGI3
+DdkWii5VzX0PNF6C60pfBEiVpausYuX7Wjb3Lfm8cBj7GgN69i6Pm2gxtobVcmpo2nS4D714
+ePyhlX9n8kJ6QAcqWMRj22smDPrHVGNTizfzHBh5zNllK9gESJizILOWI327og3ZWp+qUht5
+kNDJCzMK7Z09UAy+h+vq0VTQuEo3FgLzVdqkJujjSL4Nx97lXg51AovrEn3nd4evydwcjKLX
+1wRIo72NaeWuUEQ+rt1SlCsOJ7k1ioJSqhrPOfvwcaFcb4beVet1JWiy4yvowTjLDGbUje2s
+xjrlVt4BJWI/uA6jbQsrxSe89ADZBAi5YAlR4qszeAQIXD3VSBVKbRUECNTtyvw9vvqXBAhb
+IZNn4H4cxgQI+XW7GkfL+ekECCCCg2reMyGDBAh1PYqkg3lw3gQQkNlggEPU+BH8eh7Gm7n7
+7AQIjC5EWbkil5cEEKcpuqwTWww/X89KnQAg8TcECJPomqHvrlZFBBiRSuIiHpmN+PaujXpv
+qZV2VhjkB2j09GEECOIdv8AVOJgKBAjlHgIqAD9jZQQIXHbs44+wogcEIGGqTACRJxrhMcMG
+X8drNjksIPt+snxTXUBIkTVpZWoABAh6unXPTyIr8QQgBF8xKoX27MWk7iTNmkSNZggZXa2a
+DWCGHSYLngbSOHIECD9XmO6VsvTgBAjfqB70CEW4WwQIVIBkbCocznUEEHB/zFXy/sR4OYHe
+UfbNPnIEEDWBB/NTCLMGE+o8BfyujcAECFik7GQnnF9VBBAhLXExQeWAofZNc6NtN7qZBCC1
+gVIS3ruTwKltmcrgx3heT3M8ZJhCfWa+6KzchnmKygQQ+1NL5sSzR4m/fdrqxHFyUAQYCT2x
+PamQr3wK3h0lyZER+4H0zPM86AhFBBC3CkmvL2vjflMfujnzPBVpBBge9rMbI5+0q9DLrTiT
+5F3AIgXLpD8PQWAECHkHVo6RomV3BAgMbi8E271UeAQIqtS8wnI3XngECG3TWmOMb3/iBEha
+y+mvCS6I3n3JfL8e1B5P4qX9/czJRaERLuKpGNjLiL4A+zxN0LZ0UHd0qfmJjwOTxAx3iJAC
+lGXX4nB9ATYPUT5EU+o1Y4sECN01pP6vWNIdBDAsiE0Ts8/9ltJlqX2B3AoOM4qOt9EaCjXf
+lB+aEmrhtjUwuZ6GqS5Ke7P6XnakTk4ECCLIMatNdootAAAAAAAAAAAAAA==
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/example.c b/src/lib/libcrypto/pkcs7/example.c
new file mode 100644
index 0000000000..7354890084
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/example.c
@@ -0,0 +1,327 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/pkcs7.h>
+#include <openssl/asn1_mac.h>
+
+int add_signed_time(PKCS7_SIGNER_INFO *si)
+        {
+        ASN1_UTCTIME *sign_time;
+
+        /* The last parameter is the amount to add/subtract from the current
+         * time (in seconds) */
+        sign_time=X509_gmtime_adj(NULL,0);
+        PKCS7_add_signed_attribute(si,NID_pkcs9_signingTime,
+                V_ASN1_UTCTIME,(char *)sign_time);
+        return(1);
+        }
+
+ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si)
+        {
+        ASN1_TYPE *so;
+
+        so=PKCS7_get_signed_attribute(si,NID_pkcs9_signingTime);
+        if (so->type == V_ASN1_UTCTIME)
+            return so->value.utctime;
+        return NULL;
+        }
+        
+static int signed_string_nid= -1;
+
+void add_signed_string(PKCS7_SIGNER_INFO *si, char *str)
+        {
+        ASN1_OCTET_STRING *os;
+
+        /* To a an object of OID 1.2.3.4.5, which is an octet string */
+        if (signed_string_nid == -1)
+                signed_string_nid=
+                        OBJ_create("1.2.3.4.5","OID_example","Our example OID");
+        os=ASN1_OCTET_STRING_new();
+        ASN1_OCTET_STRING_set(os,str,strlen(str));
+        /* When we add, we do not free */
+        PKCS7_add_signed_attribute(si,signed_string_nid,
+                V_ASN1_OCTET_STRING,(char *)os);
+        }
+
+int get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len)
+        {
+        ASN1_TYPE *so;
+        ASN1_OCTET_STRING *os;
+        int i;
+
+        if (signed_string_nid == -1)
+                signed_string_nid=
+                        OBJ_create("1.2.3.4.5","OID_example","Our example OID");
+        /* To retrieve */
+        so=PKCS7_get_signed_attribute(si,signed_string_nid);
+        if (so != NULL)
+                {
+                if (so->type == V_ASN1_OCTET_STRING)
+                        {
+                        os=so->value.octet_string;
+                        i=os->length;
+                        if ((i+1) > len)
+                                i=len-1;
+                        memcpy(buf,os->data,i);
+                        return(i);
+                        }
+                }
+        return(0);
+        }
+
+static signed_seq2string_nid= -1;
+/* ########################################### */
+int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2)
+        {
+        /* To add an object of OID 1.9.999, which is a sequence containing
+         * 2 octet strings */
+        unsigned char *p;
+        ASN1_OCTET_STRING *os1,*os2;
+        ASN1_STRING *seq;
+        unsigned char *data;
+        int i,total;
+
+        if (signed_seq2string_nid == -1)
+                signed_seq2string_nid=
+                        OBJ_create("1.9.9999","OID_example","Our example OID");
+
+        os1=ASN1_OCTET_STRING_new();
+        os2=ASN1_OCTET_STRING_new();
+        ASN1_OCTET_STRING_set(os1,str1,strlen(str1));
+        ASN1_OCTET_STRING_set(os2,str1,strlen(str1));
+        i =i2d_ASN1_OCTET_STRING(os1,NULL);
+        i+=i2d_ASN1_OCTET_STRING(os2,NULL);
+        total=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+
+        data=malloc(total);
+        p=data;
+        ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+        i2d_ASN1_OCTET_STRING(os1,&p);
+        i2d_ASN1_OCTET_STRING(os2,&p);
+
+        seq=ASN1_STRING_new();
+        ASN1_STRING_set(seq,data,total);
+        free(data);
+        ASN1_OCTET_STRING_free(os1);
+        ASN1_OCTET_STRING_free(os2);
+
+        PKCS7_add_signed_attribute(si,signed_seq2string_nid,
+                V_ASN1_SEQUENCE,(char *)seq);
+        return(1);
+        }
+
+/* For this case, I will malloc the return strings */
+int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2)
+        {
+        ASN1_TYPE *so;
+
+        if (signed_seq2string_nid == -1)
+                signed_seq2string_nid=
+                        OBJ_create("1.9.9999","OID_example","Our example OID");
+        /* To retrieve */
+        so=PKCS7_get_signed_attribute(si,signed_seq2string_nid);
+        if (so && (so->type == V_ASN1_SEQUENCE))
+                {
+                ASN1_CTX c;
+                ASN1_STRING *s;
+                long length;
+                ASN1_OCTET_STRING *os1,*os2;
+
+                s=so->value.sequence;
+                c.p=ASN1_STRING_data(s);
+                c.max=c.p+ASN1_STRING_length(s);
+                if (!asn1_GetSequence(&c,&length)) goto err;
+                /* Length is the length of the seqence */
+
+                c.q=c.p;
+                if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
+                        goto err;
+                c.slen-=(c.p-c.q);
+
+                c.q=c.p;
+                if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
+                        goto err;
+                c.slen-=(c.p-c.q);
+
+                if (!asn1_Finish(&c)) goto err;
+                *str1=malloc(os1->length+1);
+                *str2=malloc(os2->length+1);
+                memcpy(*str1,os1->data,os1->length);
+                memcpy(*str2,os2->data,os2->length);
+                (*str1)[os1->length]='\0';
+                (*str2)[os2->length]='\0';
+                ASN1_OCTET_STRING_free(os1);
+                ASN1_OCTET_STRING_free(os2);
+                return(1);
+                }
+err:
+        return(0);
+        }
+
+
+/* #######################################
+ * THE OTHER WAY TO DO THINGS
+ * #######################################
+ */
+X509_ATTRIBUTE *create_time(void)
+        {
+        ASN1_UTCTIME *sign_time;
+        X509_ATTRIBUTE *ret;
+
+        /* The last parameter is the amount to add/subtract from the current
+         * time (in seconds) */
+        sign_time=X509_gmtime_adj(NULL,0);
+        ret=X509_ATTRIBUTE_create(NID_pkcs9_signingTime,
+                V_ASN1_UTCTIME,(char *)sign_time);
+        return(ret);
+        }
+
+ASN1_UTCTIME *sk_get_time(STACK_OF(X509_ATTRIBUTE) *sk)
+        {
+        ASN1_TYPE *so;
+        PKCS7_SIGNER_INFO si;
+
+        si.auth_attr=sk;
+        so=PKCS7_get_signed_attribute(&si,NID_pkcs9_signingTime);
+        if (so->type == V_ASN1_UTCTIME)
+            return so->value.utctime;
+        return NULL;
+        }
+        
+X509_ATTRIBUTE *create_string(char *str)
+        {
+        ASN1_OCTET_STRING *os;
+        X509_ATTRIBUTE *ret;
+
+        /* To a an object of OID 1.2.3.4.5, which is an octet string */
+        if (signed_string_nid == -1)
+                signed_string_nid=
+                        OBJ_create("1.2.3.4.5","OID_example","Our example OID");
+        os=ASN1_OCTET_STRING_new();
+        ASN1_OCTET_STRING_set(os,str,strlen(str));
+        /* When we add, we do not free */
+        ret=X509_ATTRIBUTE_create(signed_string_nid,
+                V_ASN1_OCTET_STRING,(char *)os);
+        return(ret);
+        }
+
+int sk_get_string(STACK_OF(X509_ATTRIBUTE) *sk, char *buf, int len)
+        {
+        ASN1_TYPE *so;
+        ASN1_OCTET_STRING *os;
+        int i;
+        PKCS7_SIGNER_INFO si;
+
+        si.auth_attr=sk;
+
+        if (signed_string_nid == -1)
+                signed_string_nid=
+                        OBJ_create("1.2.3.4.5","OID_example","Our example OID");
+        /* To retrieve */
+        so=PKCS7_get_signed_attribute(&si,signed_string_nid);
+        if (so != NULL)
+                {
+                if (so->type == V_ASN1_OCTET_STRING)
+                        {
+                        os=so->value.octet_string;
+                        i=os->length;
+                        if ((i+1) > len)
+                                i=len-1;
+                        memcpy(buf,os->data,i);
+                        return(i);
+                        }
+                }
+        return(0);
+        }
+
+X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2)
+        {
+        /* To add an object of OID 1.9.999, which is a sequence containing
+         * 2 octet strings */
+        unsigned char *p;
+        ASN1_OCTET_STRING *os1,*os2;
+        ASN1_STRING *seq;
+        X509_ATTRIBUTE *ret;
+        unsigned char *data;
+        int i,total;
+
+        if (signed_seq2string_nid == -1)
+                signed_seq2string_nid=
+                        OBJ_create("1.9.9999","OID_example","Our example OID");
+
+        os1=ASN1_OCTET_STRING_new();
+        os2=ASN1_OCTET_STRING_new();
+        ASN1_OCTET_STRING_set(os1,str1,strlen(str1));
+        ASN1_OCTET_STRING_set(os2,str1,strlen(str1));
+        i =i2d_ASN1_OCTET_STRING(os1,NULL);
+        i+=i2d_ASN1_OCTET_STRING(os2,NULL);
+        total=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+
+        data=malloc(total);
+        p=data;
+        ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+        i2d_ASN1_OCTET_STRING(os1,&p);
+        i2d_ASN1_OCTET_STRING(os2,&p);
+
+        seq=ASN1_STRING_new();
+        ASN1_STRING_set(seq,data,total);
+        free(data);
+        ASN1_OCTET_STRING_free(os1);
+        ASN1_OCTET_STRING_free(os2);
+
+        ret=X509_ATTRIBUTE_create(signed_seq2string_nid,
+                V_ASN1_SEQUENCE,(char *)seq);
+        return(ret);
+        }
+
+/* For this case, I will malloc the return strings */
+int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2)
+        {
+        ASN1_TYPE *so;
+        PKCS7_SIGNER_INFO si;
+
+        if (signed_seq2string_nid == -1)
+                signed_seq2string_nid=
+                        OBJ_create("1.9.9999","OID_example","Our example OID");
+
+        si.auth_attr=sk;
+        /* To retrieve */
+        so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid);
+        if (so->type == V_ASN1_SEQUENCE)
+                {
+                ASN1_CTX c;
+                ASN1_STRING *s;
+                long length;
+                ASN1_OCTET_STRING *os1,*os2;
+
+                s=so->value.sequence;
+                c.p=ASN1_STRING_data(s);
+                c.max=c.p+ASN1_STRING_length(s);
+                if (!asn1_GetSequence(&c,&length)) goto err;
+                /* Length is the length of the seqence */
+
+                c.q=c.p;
+                if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
+                        goto err;
+                c.slen-=(c.p-c.q);
+
+                c.q=c.p;
+                if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) 
+                        goto err;
+                c.slen-=(c.p-c.q);
+
+                if (!asn1_Finish(&c)) goto err;
+                *str1=malloc(os1->length+1);
+                *str2=malloc(os2->length+1);
+                memcpy(*str1,os1->data,os1->length);
+                memcpy(*str2,os2->data,os2->length);
+                (*str1)[os1->length]='\0';
+                (*str2)[os2->length]='\0';
+                ASN1_OCTET_STRING_free(os1);
+                ASN1_OCTET_STRING_free(os2);
+                return(1);
+                }
+err:
+        return(0);
+        }
+
+
diff --git a/src/lib/libcrypto/pkcs7/example.h b/src/lib/libcrypto/pkcs7/example.h
new file mode 100644
index 0000000000..96167de188
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/example.h
@@ -0,0 +1,57 @@
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+int add_signed_time(PKCS7_SIGNER_INFO *si);
+ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si);
+int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2);
diff --git a/src/lib/libcrypto/pkcs7/info.pem b/src/lib/libcrypto/pkcs7/info.pem
new file mode 100644
index 0000000000..989baf8709
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/info.pem
@@ -0,0 +1,57 @@
+issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
+subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
+serial :047D
+
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1149 (0x47d)
+        Signature Algorithm: md5withRSAEncryption
+        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
+        Validity
+            Not Before: May 13 05:40:58 1998 GMT
+            Not After : May 12 05:40:58 2000 GMT
+        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Modulus:
+                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
+                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
+                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
+                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
+                    e7:e7:0c:4d:0b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Comment: 
+                Generated with SSLeay
+    Signature Algorithm: md5withRSAEncryption
+        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
+        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
+        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
+        50:74:ad:92:cb:4e:90:e5:fa:7d
+
+-----BEGIN CERTIFICATE-----
+MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
+ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
+IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
+NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
+aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
+9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
+lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
+hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
+UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
+4A3ZItobUHStkstOkOX6fQ==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
+mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
+fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
+zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
+p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
+bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
+IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libcrypto/pkcs7/infokey.pem b/src/lib/libcrypto/pkcs7/infokey.pem
new file mode 100644
index 0000000000..1e2acc954d
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/infokey.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
+mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
+fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
+zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
+p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
+bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
+IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libcrypto/pkcs7/t/3des.pem b/src/lib/libcrypto/pkcs7/t/3des.pem
new file mode 100644
index 0000000000..b2b5081a10
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/3des.pem
@@ -0,0 +1,16 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEC2vXI1xQDW6lUHM3zQ
+/9uBEBOO5A3TtkrklAXq7v01gsIC21t52qSk36REXY+slhNZ0OQ349tgkTsoETHFLoEwMIHw
+AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
+QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR9MA0G
+CSqGSIb3DQEBAQUABEB8ujxbabxXUYJhopuDm3oDq4JNqX6Io4p3ro+ShqfIndsXTZ1v5a2N
+WtLLCWlHn/habjBwZ/DgQgcKASbZ7QxNMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
+oAQIbsL5v1wX98KggAQoAaJ4WHm68fXY1WE5OIjfVBIDpO1K+i8dmKhjnAjrjoyZ9Bwc8rDL
+lgQg4CXb805h5xl+GfvSwUaHJayte1m2mcOhs3J2YyqbQ+MEIMIiJQccmhO3oDKm36CFvYR8
+5PjpclVcZyX2ngbwPFMnBAgy0clOAE6UKAAAAAAAAAAAAAA=
+-----END PKCS7-----
+
diff --git a/src/lib/libcrypto/pkcs7/t/3dess.pem b/src/lib/libcrypto/pkcs7/t/3dess.pem
new file mode 100644
index 0000000000..23f013516a
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/3dess.pem
@@ -0,0 +1,32 @@
+-----BEGIN PKCS7-----
+MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
+BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
+BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
+ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
+AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
+gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
+ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
+A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
+dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
+hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
+hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
+igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
+syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
+kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
+MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
+TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
+mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
+8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
+ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
+BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
+REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
+AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B
+CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG
+SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv
+BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA
+9CWR6g==
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/t/c.pem b/src/lib/libcrypto/pkcs7/t/c.pem
new file mode 100644
index 0000000000..a4b55e321a
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/c.pem
@@ -0,0 +1,48 @@
+issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
+subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
+serial :047D
+
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1149 (0x47d)
+        Signature Algorithm: md5withRSAEncryption
+        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
+        Validity
+            Not Before: May 13 05:40:58 1998 GMT
+            Not After : May 12 05:40:58 2000 GMT
+        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Modulus:
+                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
+                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
+                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
+                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
+                    e7:e7:0c:4d:0b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Comment: 
+                Generated with SSLeay
+    Signature Algorithm: md5withRSAEncryption
+        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
+        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
+        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
+        50:74:ad:92:cb:4e:90:e5:fa:7d
+
+-----BEGIN CERTIFICATE-----
+MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
+ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
+IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
+NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
+aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
+9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
+lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
+hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
+UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
+4A3ZItobUHStkstOkOX6fQ==
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libcrypto/pkcs7/t/ff b/src/lib/libcrypto/pkcs7/t/ff
new file mode 100644
index 0000000000..23f013516a
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/ff
@@ -0,0 +1,32 @@
+-----BEGIN PKCS7-----
+MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
+BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
+BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
+ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
+AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
+gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
+ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
+A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
+dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
+hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
+hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
+igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
+syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
+kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
+MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
+TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
+mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
+8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
+ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
+BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
+REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
+AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B
+CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG
+SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv
+BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA
+9CWR6g==
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/t/msie-e b/src/lib/libcrypto/pkcs7/t/msie-e
new file mode 100644
index 0000000000..aafae69fc9
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-e
@@ -0,0 +1,20 @@
+
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV
+BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k
+aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECMzu8y
+wQ/qZbO8cAGMRBF+mPruv3+Dvb9aWNZ2k8njUgqF6mcdhVB2MkGcsG3memRXJBixvMYWVkU3qK4Z
+VuKsMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE
+BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG
+SIb3DQEBAQUABEBcWwYFHJbJGhiztt7lzue3Lc9CH5WAbyR+2BZ3uv+JxZfRs1PuaWPOwRa0Vgs3
+YwSJoRfxQj2Gk0wFqG1qt6d1MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQI8vRlP/Nx
+2iSggASCAZhR5srxyspy7DfomRJ9ff8eMCtaNwEoEx7G25PZRonC57hBvGoScLtEPU3Wp9FEbPN7
+oJESeC+AqMTyTLNy8aQsyC5s53E9UkoIvg62ekYZBbXZqXsrxx4PhiiX3NH8GVh42phB0Chjw0nK
+HZeRDmxGY3Cmk+J+l0uVKxbNIfJIKOguLBnhqmnKH/PrnzDt591u0ULy2aTLqRm+4/1Yat/QPb6J
+eoKGwNPBbS9ogBdrCNCp9ZFg3Xar2AtQHzyTQIfYeH3SRQUpKmRm5U5o9p5emgEdT+ZfJm/J4tSH
+OmbgAFsbHQakA4MBZ4J5qfDJhOA2g5lWk1hIeu5Dn/AaLRZd0yz3oY0Ieo/erPWx/bCqtBzYbMe9
+qSFTedKlbc9EGe3opOTdBZVzK8KH3w3zsy5luxKdOUG59YYb5F1IZiWGiDyuo/HuacX+griu5LeD
+bEzOtZnko+TZXvWIko30fD79j3T4MRRhWXbgj2HKza+4vJ0mzcC/1+GPsJjAEAA/JgIEDU4w6/DI
+/HQHhLAO3G+9xKD7MvmrzkoAAAAAAAAAAAAA
+
+
diff --git a/src/lib/libcrypto/pkcs7/t/msie-e.pem b/src/lib/libcrypto/pkcs7/t/msie-e.pem
new file mode 100644
index 0000000000..a2a5e24e74
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-e.pem
@@ -0,0 +1,22 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHA6CAMIIDkAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ
+bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT
+aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ
+uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQIzO7zLBD+pls7xwAYxEEX6Y+u6/f4O9
+v1pY1naTyeNSCoXqZx2FUHYyQZywbeZ6ZFckGLG8xhZWRTeorhlW4qwwgfACAQAw
+gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT
+GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW
+QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFxbBgUclskaGLO23uXO57ctz0If
+lYBvJH7YFne6/4nFl9GzU+5pY87BFrRWCzdjBImhF/FCPYaTTAWobWq3p3UwggHD
+BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECPL0ZT/zcdokgIIBmFHmyvHK
+ynLsN+iZEn19/x4wK1o3ASgTHsbbk9lGicLnuEG8ahJwu0Q9Tdan0URs83ugkRJ4
+L4CoxPJMs3LxpCzILmzncT1SSgi+DrZ6RhkFtdmpeyvHHg+GKJfc0fwZWHjamEHQ
+KGPDScodl5EObEZjcKaT4n6XS5UrFs0h8kgo6C4sGeGqacof8+ufMO3n3W7RQvLZ
+pMupGb7j/Vhq39A9vol6gobA08FtL2iAF2sI0Kn1kWDddqvYC1AfPJNAh9h4fdJF
+BSkqZGblTmj2nl6aAR1P5l8mb8ni1Ic6ZuAAWxsdBqQDgwFngnmp8MmE4DaDmVaT
+WEh67kOf8BotFl3TLPehjQh6j96s9bH9sKq0HNhsx72pIVN50qVtz0QZ7eik5N0F
+lXMrwoffDfOzLmW7Ep05Qbn1hhvkXUhmJYaIPK6j8e5pxf6CuK7kt4NsTM61meSj
+5Nle9YiSjfR8Pv2PdPgxFGFZduCPYcrNr7i8nSbNwL/X4Y+wmMAQAD8mAgQNTjDr
+8Mj8dAeEsA7cb73EoPsy+avOSgAAAAA=
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/t/msie-enc-01 b/src/lib/libcrypto/pkcs7/t/msie-enc-01
new file mode 100644
index 0000000000..2c93ab6462
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-enc-01
@@ -0,0 +1,62 @@
+
+MIAGCSqGSIb3DQEHA6CAMIACAQAxgfMwgfACAQAwgZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0
+IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMT
+EkRFTU8gWkVSTyBWQUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKvMaW8xh6oF/X+CJivz
+IZV7yHxlp4O3NHQtWG0A8MOZB+CtKlU7/6g5e/a9Du/TOqxRMqtYRp63pa2Q/mM4IYMwgAYJ
+KoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAifz6RvzOPYlKCABIGwxtGA/FLBBRs1wbBP
+gDCbSG0yCwjJNsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrI
+pd8WiSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqrcWTm
+STSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sgQki4t2g4/Saq
+Kl4EMISgluk6swdND0tiHY7v5d6YR29ePCl2/STJ98eJpWkEEC22GNNvOy7ru/Rv2He4MgQg
+optd7sk9MMd9xhJppg7CcH/yDx//HrtgpOcWmn6VxpgECFqon4uXkQtIBIH4PaNclFn7/hLx
+Pw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5mYXfw+b81lh1kutxaPaV4YJ9
+ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/t
+Mnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVwNx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78Y
+M+NaIpIQ3On4DokJA2ZHtjBjZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3Te
+dvKJsbZuu0stErbvWcRy11I328l557EECAJT7d44OJ3rBBBj6bnnx6dDU2SRqp2CEoQaBAhK
+RBuyhNxkygQIOY9/NhwqAJAECOvX0Zd0DqgoBAjobPpMHhVV3gQQWLU2vEoZ51BwzxdzCmxO
+wwQI4oKfudaNqoAESKzBNAqv5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQ
+NUEM1dNU+EYslL4o3RoSHRjUgPU+2t9c0prS9A/bPARIEOP94PynaTNxwHi3VTK7SzuQmgzA
+4n942E9joSiqsQPlsKAb3sPUaLC3SuUxSjNBgfpvD0bmrA/5h+WZoYXvIogFpwjkSmnFBEie
+0lh5Ov1aRrvCw5/j3Q/W/4ZtN5U+aeVBJMtA8n0Mxd5kPxHbNVh4oGprZ6wEegV8ht3voyZa
+mZ5Cyxc8ffMYnM/JJI6/oEYEUEMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62r5HgNbdD
+FHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3PbfknszCEBEh4PdXYbbaR
+3AacN3Q5kYYmWsq3WW6xgrg0mmEGosGvwSQxBBuiXZrxScCa4ivEq05UZwyShePvKduOvnUE
+2zDO6IXFLZxhTZAESEm9/FovLgGAiJ7iMGmYvsISLJScwG4n+wrSaQNQXizs9N3ykys54wBN
+d/+BQ4F7pncHhDQ2Dyt5MekB8Y8iNOocUTFCu524vQRIaWCXmXP3vU7D21dp0XnAMzRQJ565
+JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6BFDK
+6CmKbnyyjOfE2iLGJmTFa905V2KrVDCmlEu/xyGMs80yTyZC+ySzM83FMVvLEQmSzcTNUZVp
+DfA1kNXbXkPouBXXT6g8r8JCRljaKKABmgRIlMheOJQRUUU4cgvhMreXPayhq5Ao4VMSCkA5
+hYRCBczm4Di/MMohF0SxIsdRY6gY9CPnrBXAsY6h1RbR7Tw0iQZmeXi52DCiBEj0by+SYMAa
+9z0CReIzl8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG
+955HlAoEQBOGJbcESCgd5XSirZ9Y3AbCfuKOqoMBvEUGn+w/pMaqnGvnr5FZhuBDKrhRXqtx
+QsxA//drGUxsrZOuSL/0+fbvo7n2h1Z8Ny86jOvVZAQIAjw2l1Yc5RAESNc9i3I8pKEOVQf/
+UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs/4n+Vu3SVYU3cAxo
+lUTiCGUSlARIF+TD57SI5+RI+MNtnD9rs4E1ml51YoHGWFj3UPriDmY0FKEwIgqtMXMY3fZ9
+Kq8d83bjDzxwbDX7WwR7KbSeJWT42pCz7kM+BEjjPsOnZHuusXT3x2rrsBnYtYsbt98mSFiS
+KzTtFmXfkOBbCQdit1P76QnYJ1aXMGs6zP6GypQTadK/zYWvlm38QkVwueaJ0woESKW2pqKA
+70h2UMDHOrpepU1lj0YMzmotDHSTU3L909VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1Yda
+KPmgsv62RWLYl80wXQRQwG0e/mgG75jp9lOhJdVXqcYbQpS9viwVaVkwH+69mu/bQI4gjoEs
+UYX6O71Re2z+cYhcm9UrK+DXuSFBXQOIlAFxKMW4B0apd6fU84FsZLMESOorXE5OE0A2B2ji
+J8QI0Exk4hUvWrMNJfUZwFyS7E05xV9ORuX1xmsKqkT4tVR5Nqln4vhvAY860VBoloz0CDkd
+8seSBEjeMgRI9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+
+F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCbBEjdlI1c+IQGA/IuTDMJYCuQ/v+8BG5ZeWVH
+icPZmXfRat9eFK1dGKAJef6+Tf9HPuDjSpDyffrifsp7Dc34lmm7GN1+ON3ZMtwEUNm6epb8
+1RKWjoI7jIKUV/M2p/0eeGSqs4b06KF/VR6dBwsJVL5DpnTsp3MV4j/CAOlRdSPZ5++tsKbM
+aplk+ceqQtpEFz1MYTtVV4+rlrWaBEA1okJyNZ5/tNOwM7B+XfOZ0xw+uyVi9v4byTZM2Qds
+J+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNedXPHtBAiBKX+Mdy3wFQQIqE9gVgvrFNUE
+CKKoTFoMGqnPBAjDPgLCklNfrwQI3Ek1vSq68w8ECBodu2FOZJVkBAgzwjfSr2N9WQQQTCoQ
+KkAbrS9tnjXn1I3+ZwQIrPx3eINo/YUECIeYWCFskxlYBAiDUdvZXwD3vgQIkEyZbbZWbUUE
+CH4+odl1Isk3BBj68fkqJ0fKJRWVLWuW/O3VE4BOPKwFlaIECFseVTdDUho8BAj+cOKvV2WA
+hgQgaXr+wwq+ItblG0Qxz8IVUXX6PV2mIdHwz4SCCvnCsaIECJhBYxdfLI/XBCDswamPn9MR
+yXi2HVQBineV+GtWVkIoZ2dCLFB9mQRMoAQI0nUR5a5AOJoECA+AunKlAlx8BAi5RtFeF4g1
+FQQIz/ie+16LlQcECOmNuVg5DXjMBAjH2nkfpXZgWwQIVdLuO/+kuHAECO/5rEHmyI9vBBD4
+16BU4Rd3YerDQnHtrwOQBCCkho1XxK5Maz8KLCNi20wvcGt8wsIXlj2h5q9ITBq7IgQQvKVY
+4OfJ7bKbItP2dylwQgQYPIGxwkkbRXNraONYvN19G8UdF35rFOuIBAjf0sKz/618ZQQIxObr
+xJkRe0sECIC+ssnjEb2NBBBI+XM4OntVWGsRV9Td3sFgBAinGwIroo8O0gQQMGAwgc9PaLaG
+gBCiwSTrYQQIVHjfCQgOtygEUIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/g0thR0lM
++Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy043GNZBAhOqjyB2JbD
+NwQoR23XCYD9x6E20ChHJRXmaHwyMdYXKl5CUxypl7ois+sy2D7jDukS3wQIsTyyPgJi0GsA
+AAAAAAAAAAAA
+
diff --git a/src/lib/libcrypto/pkcs7/t/msie-enc-01.pem b/src/lib/libcrypto/pkcs7/t/msie-enc-01.pem
new file mode 100644
index 0000000000..9abf00b2f2
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-enc-01.pem
@@ -0,0 +1,66 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHA6CAMIILyAIBADGB8zCB8AIBADCBmTCBkjELMAkGA1UEBhMC
+QVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYD
+VQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
+TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBAgIEbjANBgkq
+hkiG9w0BAQEFAARAq8xpbzGHqgX9f4ImK/MhlXvIfGWng7c0dC1YbQDww5kH4K0q
+VTv/qDl79r0O79M6rFEyq1hGnrelrZD+YzghgzCCCssGCSqGSIb3DQEHATAaBggq
+hkiG9w0DAjAOAgIAoAQIn8+kb8zj2JSAggqgxtGA/FLBBRs1wbBPgDCbSG0yCwjJ
+NsFg89/k6xuXo8c5YTwsw8+XlIVq03navpew6XxxzY090rD2OJ0t6HA6GqrIpd8W
+iSh/Atqn0yfLFmkLqgIAPRfzxUxqUocxLpQsLIFp2YNUGE+yps+UZmIjw/WHfdqr
+cWTmSTSvKuy3UkIJZCkGDBpTvqk4BFaHh4oTXEpgpNY+GKxjf9TDN9GQPqQZR7sg
+Qki4t2g4/SaqKl6EoJbpOrMHTQ9LYh2O7+XemEdvXjwpdv0kyffHiaVpBBAtthjT
+bzsu67v0b9h3uDKim13uyT0wx33GEmmmDsJwf/IPH/8eu2Ck5xaafpXGmFqon4uX
+kQtIPaNclFn7/hLxPw2VmBGaC0SYF3U1jyN96EBxdjqy8Aa6ByMXYDW5BcfqniD5
+mYXfw+b81lh1kutxaPaV4YJ9ZlRUW752N7VHo/fG0/fukoe5W9a8kIhgLpygllb/
+GP4oSF4wM6n1/OgRzZj2IWFiobKO4d/tMnh+C+PoEVAuFZcxQwi9GqvsK5OoIjVw
+Nx0XcVSOl1TTYS9SwC7ugMBCab73JiruC24pL78YM+NaIpIQ3On4DokJA2ZHtjBj
+ZIxF4tKA144RvFN6pBd6TVE5XM6KD/Vh9bjSmujtEAfdQ3TedvKJsbZuu0stErbv
+WcRy11I328l557ECU+3eODid62PpuefHp0NTZJGqnYIShBpKRBuyhNxkyjmPfzYc
+KgCQ69fRl3QOqCjobPpMHhVV3li1NrxKGedQcM8XcwpsTsPigp+51o2qgKzBNAqv
+5kGumHOlMKsRfrs7jZCcSaOuEj97pYx08FLEgF23cav39MOQNUEM1dNU+EYslL4o
+3RoSHRjUgPU+2t9c0prS9A/bPBDj/eD8p2kzccB4t1Uyu0s7kJoMwOJ/eNhPY6Eo
+qrED5bCgG97D1Giwt0rlMUozQYH6bw9G5qwP+YflmaGF7yKIBacI5EppxZ7SWHk6
+/VpGu8LDn+PdD9b/hm03lT5p5UEky0DyfQzF3mQ/Eds1WHigamtnrAR6BXyG3e+j
+JlqZnkLLFzx98xicz8kkjr+gRkMyyiS5FnYyvxKzfMtyn2lZ2st9nZGNNgMc9N62
+r5HgNbdDFHuRdKKzV+8kQfuMc3mOPpK1t9TFY+QgrxiB5p6S7VooI97YtP3Pbfkn
+szCEeD3V2G22kdwGnDd0OZGGJlrKt1lusYK4NJphBqLBr8EkMQQbol2a8UnAmuIr
+xKtOVGcMkoXj7ynbjr51BNswzuiFxS2cYU2QSb38Wi8uAYCInuIwaZi+whIslJzA
+bif7CtJpA1BeLOz03fKTKznjAE13/4FDgXumdweENDYPK3kx6QHxjyI06hxRMUK7
+nbi9aWCXmXP3vU7D21dp0XnAMzRQJ565JV3aHRoY7XDa4LePa7PP9ywyafOE5yCW
+7ndqx3J+2JhTDvSFsW8/q3H3iyeFhykuJVS6yugpim58soznxNoixiZkxWvdOVdi
+q1QwppRLv8chjLPNMk8mQvskszPNxTFbyxEJks3EzVGVaQ3wNZDV215D6LgV10+o
+PK/CQkZY2iigAZqUyF44lBFRRThyC+Eyt5c9rKGrkCjhUxIKQDmFhEIFzObgOL8w
+yiEXRLEix1FjqBj0I+esFcCxjqHVFtHtPDSJBmZ5eLnYMKL0by+SYMAa9z0CReIz
+l8JLL6EVIFz8kFxlkGWjr4dnOzhhPOq/mCpp0WxbavDfdhE87MdXJZBnLwoT62QG
+955HlAoEQBOGJbcoHeV0oq2fWNwGwn7ijqqDAbxFBp/sP6TGqpxr56+RWYbgQyq4
+UV6rcULMQP/3axlMbK2Trki/9Pn276O59odWfDcvOozr1WQCPDaXVhzlENc9i3I8
+pKEOVQf/UBczJ0NR9aTEF80dRg2lpXwD0ho4N0AvSiVbgxC7cPZHQwIqvq9LHRUs
+/4n+Vu3SVYU3cAxolUTiCGUSlBfkw+e0iOfkSPjDbZw/a7OBNZpedWKBxlhY91D6
+4g5mNBShMCIKrTFzGN32fSqvHfN24w88cGw1+1sEeym0niVk+NqQs+5DPuM+w6dk
+e66xdPfHauuwGdi1ixu33yZIWJIrNO0WZd+Q4FsJB2K3U/vpCdgnVpcwazrM/obK
+lBNp0r/Nha+WbfxCRXC55onTCqW2pqKA70h2UMDHOrpepU1lj0YMzmotDHSTU3L9
+09VvUMNg9uqfrQ6mSkb9j5Tl8oF2otOw5EzA1YdaKPmgsv62RWLYl80wXcBtHv5o
+Bu+Y6fZToSXVV6nGG0KUvb4sFWlZMB/uvZrv20COII6BLFGF+ju9UXts/nGIXJvV
+Kyvg17khQV0DiJQBcSjFuAdGqXen1POBbGSz6itcTk4TQDYHaOInxAjQTGTiFS9a
+sw0l9RnAXJLsTTnFX05G5fXGawqqRPi1VHk2qWfi+G8BjzrRUGiWjPQIOR3yx5IE
+SN4y9FvpYuflIeHg9urkwp6N+1f0DrJJhJY9ZQ0HTQhziJmIfvbEjNqCl7hEC28+
+F8I5tuViLgfSwcFFCvnS6WFoN4X6QdFdqMCb3ZSNXPiEBgPyLkwzCWArkP7/vARu
+WXllR4nD2Zl30WrfXhStXRigCXn+vk3/Rz7g40qQ8n364n7Kew3N+JZpuxjdfjjd
+2TLc2bp6lvzVEpaOgjuMgpRX8zan/R54ZKqzhvTooX9VHp0HCwlUvkOmdOyncxXi
+P8IA6VF1I9nn762wpsxqmWT5x6pC2kQXPUxhO1VXj6uWtZo1okJyNZ5/tNOwM7B+
+XfOZ0xw+uyVi9v4byTZM2QdsJ+d3YGYLAugTGHISLqQEerD8/gGK+/SL06b2gNed
+XPHtgSl/jHct8BWoT2BWC+sU1aKoTFoMGqnPwz4CwpJTX6/cSTW9KrrzDxodu2FO
+ZJVkM8I30q9jfVlMKhAqQButL22eNefUjf5nrPx3eINo/YWHmFghbJMZWINR29lf
+APe+kEyZbbZWbUV+PqHZdSLJN/rx+SonR8olFZUta5b87dUTgE48rAWVolseVTdD
+Uho8/nDir1dlgIZpev7DCr4i1uUbRDHPwhVRdfo9XaYh0fDPhIIK+cKxophBYxdf
+LI/X7MGpj5/TEcl4th1UAYp3lfhrVlZCKGdnQixQfZkETKDSdRHlrkA4mg+AunKl
+Alx8uUbRXheINRXP+J77XouVB+mNuVg5DXjMx9p5H6V2YFtV0u47/6S4cO/5rEHm
+yI9v+NegVOEXd2Hqw0Jx7a8DkKSGjVfErkxrPwosI2LbTC9wa3zCwheWPaHmr0hM
+GrsivKVY4OfJ7bKbItP2dylwQjyBscJJG0Vza2jjWLzdfRvFHRd+axTriN/SwrP/
+rXxlxObrxJkRe0uAvrLJ4xG9jUj5czg6e1VYaxFX1N3ewWCnGwIroo8O0jBgMIHP
+T2i2hoAQosEk62FUeN8JCA63KIoraFoANfhZgIShpOd/RRxFU4/7xZR5tMdGoYz/
+g0thR0lM+Hi88FtFD4mAh/Oat4Ri8B7bv04aokjN2UHz6nPbHHjZ8zIqpbYTCy04
+3GNZTqo8gdiWwzdHbdcJgP3HoTbQKEclFeZofDIx1hcqXkJTHKmXuiKz6zLYPuMO
+6RLfsTyyPgJi0GsAAAAA
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/t/msie-enc-02 b/src/lib/libcrypto/pkcs7/t/msie-enc-02
new file mode 100644
index 0000000000..7017055965
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-enc-02
@@ -0,0 +1,90 @@
+
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV
+BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k
+aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABEACr4tn
+kSzvo3aIlHfJLGbfokNCV6FjdDP1vQhL+kdXONqcFCEf9ReETCvaHslIr/Wepc5j2hjZselzgqLn
+rM1ZMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE
+BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG
+SIb3DQEBAQUABEBanBxKOvUoRn3DiFY55lly2TPu2Cv+dI/GLrzW6qvnUMZPWGPGaUlPyWLMZrXJ
+xGXZUiRJKTBwDu91fnodUEK9MIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQImxKZEDWP
+EuOggASCBACBi1bX/qc3geqFyfRpX7JyIo/g4CDr62GlwvassAGlIO8zJ5Z/UDIIooeV6QS4D4OW
+PymKd0WXhwcJI0yBcJTWEoxND27LM7CWFJpA07AoxVCRHTOPgm794NynLecNUOqVTFyS4CRuLhVG
+PAk0nFZG/RE2yMtx4rAkSiVgOexES7wq/xWuoDSSmuTMNQOTbKfkEKqdFLkM/d62gD2wnaph7vKk
+PPK82wdZP8rF3nUUC5c4ahbNoa8g+5B3tIF/Jz3ZZK3vGLU0IWO+i7W451dna13MglDDjXOeikNl
+XLsQdAVo0nsjfGu+f66besJojPzysNA+IEZl6gNWUetl9lim4SqrxubUExdS2rmXnXXmEuEW/HC7
+dlTAeYq5Clqx5id6slhC2C2oegMww3XH9yxHw6OqzvXY6pVPEScEtBMQLgaKFQT+m2SRtbTVFG7c
+QcnUODyVB1IbpQTF1DHeeOX1W/HfpWZym8dzkti6SCyeumHmqO406xDiIMVKtHOqM86nEHuAMZsr
+cLy+ey6TEJvR6S4N8QRzng8JJDZDTJXQN6q84aEudsnOrw2KyOVwPpI6ey4qBsHUgQ8kAFy5lsQa
+WV45h6exgUwbBcKLgPZGFj+OdD2RKJsTb83/UqbJS5Q/lGXhzBlnaYucyJxEprRxbntmcnOEPFJe
++tRDUwOTd7qlJljdhIJL+uDcooL9Ahgo6Cwep6tduekv2cSEohJeTE8Dvy34YRhMbLvnFNdmnpNy
+rNZDYVVxxaKoyd2AfB8NPFZh1VdAYfI3R1QAQ2kXEef5NNIfVQfMzD9akJn4RP+Kv32Qaxm4FrnK
+xmwRyGJShavIBc2ax+F1r1+NZXuSBHn5vfoRTxOk0ST4dXsw74dnlYUMRaSu4qqUdM9jsXSyeX4Z
+gQgkR2bkaYO6ezFgenFIa7QWVw8rXZAEZ5aibCxbnY1VE41PYIvhlLdbFJhH9gY22s+fFAuwnzyA
+SRjC40A9aAEItRlaPStWSGiqlLRgNkBBwdpv2l2YPBd2QzHx6ek6XGrvRJuAC+Nh62rtQKwpNH54
+YAOHW55maBFW2SQ3TF+cZ6NbbqhCmHTyyR7mcSYc9sXSVDWEhYKQ1iyU870zhHWVpvglZizZetJC
+ZFjYex3b1ngVdcgargOvpPq9urCKKi2mbkqv/EFpzSWGXkKSpfCG/XfMnEOtkNrB8S06vnk2JcJB
+OBqJot+uuSH5hOg0vTpxX2DuONJSiWSWyfRE/lTfJJFXwhod7SXclUyXPeSyibcSic2hVAzDmwjD
+31js/j2k02PI/agPhr3UQ8cMgcNAiaoCKbNaWfn6BGbCAbTchxzUlo2cSJiLlrX2IDZmfXbXmZCo
+m1smWIG+BIIEALiuAxDb6dWLAYyVBoN9hYI4AiPeZAY9MtvQ6AV8o2/EFm6PvYGXy3Hei5830CH0
+PBeX7Kdd6ff1y33TW/l5qSkIL1ULTGR7okFfJePHDmq1dFt6/JOMptiQ8WSu7CsJQvZ9VTFXeYFc
+ZqCPPZc1NrPegNK70Zf9QxWIbDAevJ5KLBf1c6j8pU2/6LnvDY6VjaTvYSgr7vTR8eVzH4Rm77W0
+iOHxg5VcODv6cGSVyuvbX8UAGo8Cmb58ERDtBDJBQXVpWKLNAuDJ9GX8n2zNkpjZLbPSkcmuhqGa
+BJBE/BaCTkUQWlY9dIbRtEnxIU1mfbPPdx1Ppa8DqGDjSOsQdKcKYNNZtayEw++EIpmpdBNsKphC
+fB8UEK2Wkk4ZVW+qyGoi/r0MFsvO1NmSOOZ0o/jy/YHmoeURHhPy97AO3eVTkEAa5CfJEJybmo56
+7CDw/FwoGAUCgsoz7rlxzMudr/IhHIH+APinncxXlHO2ecvHD9i8DaHGA8tVifgsUhqQoZieULut
+eF94O5UAxOkv41UZssYTwN4nYrN1QkesZl3BX4ORS4EE30/PQ23ARf3WZptZrCJevGm2ZYzGeh8x
+g17mCDfiLO+bff4qP/4mC96Pu4ia6j4to5BwKIJS/+DCuoD8WeSKF4pugXQkMUiHdQnNnVP9Sp2O
+/4ly5mO8JzrQC59V2bnTNBqPhpno8kfJvK5TypPSVC+bTzern3rJ6UceB3srcn9zxKx9GdNydJQj
+yWjv8ec3n3d1nuQwhz5Q053NBhIjwoGg3Go7LO6i78ZOlpF7dcoAO13NfHLyNjnyHCaiWtVRTct9
+rLf5vN00urSn8YJngHk1eTKK8nHGIcOg6YdYDOD2nE5XwRijKmieG8Xa3eKRzfbL06GrBQENle6J
+mC131bp3cRVxpjq+o6RAbGoMm4yICsL4eTarCQrsyHmoPHqr91UHo91avyxU7knWmEhX27ybmsrs
+8aeZwPHixL14TeyhruCqRVvkf1Ks7P+z8MPUboGNqQe2WLN8ktCGEr15O8MJR/em86G03Jfo4oaw
+/DVUH5RwLT6acedOGuzMh/2r8BcmemhVQ8/cWvV4YJ0tOW4hzyVHC5hQf8sZ3LzxXLH6Ohnrbprh
+xvrdbaSdChWZDDP0bCCbxEhkwuBkBeKZrMbwRTP+TPTPYLVTH/CmKLzKh/114tkGkyO3hHS4qExU
+V39F2Sj4mylx+hD0+20D9pntpNi7htccGlOm6yNM69at/3+kLgJJyoIlaxLcCUYHNMifDt+T3p/t
+5U4XmD53uUQ6M8dvj/udqPekNSUfse15yrd9pjOt5PcJuqW28q0sFHf9pHIgz3XZFMe5PD7ppw6r
+S+C6Ir4PrYIEggQA7ZDVtiCm+BbtNNB/UJm79/OQ5mp5bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOB
+DICj7jHOXSHT7JlGyX6aSFJUltucAnZvwzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwf
+WSDRtIHkWTjly+pe4yy5K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/y
+NH8Wy3qvb2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6KCEi
+LgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili20hCn4hVfsqUQk2PT
+8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvlSVIfY+/v/FR8feKOjaGhyGF51BAx
+aM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKmCMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vP
+Ko/mQCfWy/9icUaIfKQldvkllUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnl
+m89saTJxRb7NWHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj
+hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUDsvjgjgLQ3P2U
+p2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1IyKqHFoB7h48OXxXKKY94DY0TG
+x6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJGObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuF
+yhdPZyuniIcmtLNxRZ1duYHErcAyX56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT
+7lTcXvDJgOUNnBRaIcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxy
+Xg4pkneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7VKHtXrNyj
+dPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/6EIHBy2hZ7ukfjHmdP4L
+yQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8Ro9eo6mfjjQ45z8adC43a47klwTEzvod
+3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5
+BpRD9Tgm3u6HPQSCBADgkWEN75Mu9TGosXY0xm1k6K6sPv8L949CrLWo4r1I2LA072bTGvQP28Vs
+hUA76jgcT1ocC++9PoktIK10YCq5w+FfMAQ04KeCXuAdmiY2iAT4Slea61PMCMta3mVGyLUZCLEm
+P+I0UKR5mlO0fGEcjU9j8TmbjZqxNFqloLsU7oSi7Os0EtYHkdAVrExUyOc/ZDie6fBjdLTmLdCm
+bE9JNwjlbXypdTZupGgLNhKGDIskUAAMwZYayI6YfSIMkNCeAYTnjOuGZZ1msCXGXsfMBR1sfUIj
+9UeGjwD8gq+UVVHX/oeoH/m0eJ5ppqi3+nUlgc9DvpYsC/Fg0G2KuYb9B+VJ+a4GMzQSPREoFtQp
+B9dtLkBb7Ha/hpGWTIdqzW0eAo5llyN8FNvl2Fu2IcLaNmWFO69gLjRKQopp0dvFOuwAVI6fvGDj
+p1WigoNbFZl8N+iiWmzKOjoG2ZLbez1clZCms/JPJrXhEMMOxWpVzkQyN336VWHmGgMcjaKCGSeA
+2nnESIGuiCXMrkHlGfabYIsKcHFCo2t13uXyZPf0zSPTkuD0Eh92wqC9pvA3gvrrCUfo9Mn3bs+e
+KWKmDlpcs8mDn032oIg+zrQhIduMqXVn3evzeVM3B5MBOGMvg51/SXg7R+MC/463juQQEb9IVe/I
+YGnO//oWm9lw/377Af/qH+FnN02obJw1FvesQIs9e5RHNQykKbO+vmVJQl1nd9DZWrHDNO7/80Yz
+2hCm7Tws5nSRN2iFlyRaYJHr7ypxkU2rCak2r6ua7XDwu1qU2RT3+qPjT1RuxQ2oTlHyGkKPMZGC
+Rc+CSWz5aeeCmHZVwdb3nC8YpfsujMiYqygLeuQ82pjKuR7DIKGmnfcOLdv5F+Ek2Wyy0D98iSgk
++aoQGYLhL9llU13pn21uRsDY5uGcXiIw1IETFlTdgENEv8futZuJsegrp7fmFXyNoNyFNyypeDrM
+6ZqR4vKxFjg3tKKeVpkw/W4EAklzMxmNiazGNDBHsnYV3rwPlKa+HeeE2YxnsKwGLCNgRYUXTaJk
+461vS160z3dvh/mLfdZ7MYCkmO3bNE3ELUDAw7YQkSuo9ujzdFKte9LC34sjg9fOex3ThAg5Y50n
+wYm4zBmGM7yEqL8O6QgnM6tIDFS9XryDaLNzcGhMWqMvhzO6sC/AA2WfLgwS517Cp03IkJQWqG9q
+w52+E+GAtpioJfczEhlv9BrhjttdugRSjJrG8SYVYE4zG3Aur5eNBoGaALIOHOtPw8+JovQmIWcF
+oaJ/WQuglFrWtew51IK6F8RiHAOBVavZOuZcO7tV+5enVfreOd0rX8ZOy4hYmHhmF1hOrrWOn+Ee
+E0SYKonXN01BM9xMBIIBSLCvNAppnGPTUGjwbMJRg1VJ2KMiBWH5oJp8tyfIAxMuWFdtaLYbRSOD
+XbOAshPVK8JAY8DQDkzqaCTAkLTfSRAt9yY6SbUpMsRv7xa8nMZNJBJzJT9b/wNjgiOJgaGuJMkV
+2g/DX2jfP3PrMM/Sbnz7edORXHj1Pa5XTT8nG5MS0FuZgvevdq3o/gVVAz+ZCKOH3ShMzZvfp01l
+SX5gaJTflmU6cdNwtn2yZ6IScF7OrjUeA9iEoSVR9dQcA+4lB3RAG3LMwcnxXY35D7+PMJzHIZdF
+cSnq+n03ACY2/E/T31iijRH29rvYHGI+mP/ieYs45iq4fTWo6i1HofeWLdP0fX7xW3XO0/hWYFiw
+BxKu66whAbRhaib3XJNvetVs25ToYXyiDpjG+cd5rCMei8sGQwTBj9Zeh0URoeMW1inTP0JvCmMU
+rZgAAAAAAAAAAAAA
+
diff --git a/src/lib/libcrypto/pkcs7/t/msie-enc-02.pem b/src/lib/libcrypto/pkcs7/t/msie-enc-02.pem
new file mode 100644
index 0000000000..279c5d830b
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-enc-02.pem
@@ -0,0 +1,106 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHA6CAMIITQAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ
+bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT
+aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ
+uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQAKvi2eRLO+jdoiUd8ksZt+iQ0JXoWN0
+M/W9CEv6R1c42pwUIR/1F4RMK9oeyUiv9Z6lzmPaGNmx6XOCoueszVkwgfACAQAw
+gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT
+GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW
+QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQFqcHEo69ShGfcOIVjnmWXLZM+7Y
+K/50j8YuvNbqq+dQxk9YY8ZpSU/JYsxmtcnEZdlSJEkpMHAO73V+eh1QQr0wghFz
+BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECJsSmRA1jxLjgIIRSIGLVtf+
+pzeB6oXJ9GlfsnIij+DgIOvrYaXC9qywAaUg7zMnln9QMgiih5XpBLgPg5Y/KYp3
+RZeHBwkjTIFwlNYSjE0PbsszsJYUmkDTsCjFUJEdM4+Cbv3g3Kct5w1Q6pVMXJLg
+JG4uFUY8CTScVkb9ETbIy3HisCRKJWA57ERLvCr/Fa6gNJKa5Mw1A5Nsp+QQqp0U
+uQz93raAPbCdqmHu8qQ88rzbB1k/ysXedRQLlzhqFs2hryD7kHe0gX8nPdlkre8Y
+tTQhY76LtbjnV2drXcyCUMONc56KQ2VcuxB0BWjSeyN8a75/rpt6wmiM/PKw0D4g
+RmXqA1ZR62X2WKbhKqvG5tQTF1LauZeddeYS4Rb8cLt2VMB5irkKWrHmJ3qyWELY
+Lah6AzDDdcf3LEfDo6rO9djqlU8RJwS0ExAuBooVBP6bZJG1tNUUbtxBydQ4PJUH
+UhulBMXUMd545fVb8d+lZnKbx3OS2LpILJ66Yeao7jTrEOIgxUq0c6ozzqcQe4Ax
+mytwvL57LpMQm9HpLg3xBHOeDwkkNkNMldA3qrzhoS52yc6vDYrI5XA+kjp7LioG
+wdSBDyQAXLmWxBpZXjmHp7GBTBsFwouA9kYWP450PZEomxNvzf9SpslLlD+UZeHM
+GWdpi5zInESmtHFue2Zyc4Q8Ul761ENTA5N3uqUmWN2Egkv64Nyigv0CGCjoLB6n
+q1256S/ZxISiEl5MTwO/LfhhGExsu+cU12aek3Ks1kNhVXHFoqjJ3YB8Hw08VmHV
+V0Bh8jdHVABDaRcR5/k00h9VB8zMP1qQmfhE/4q/fZBrGbgWucrGbBHIYlKFq8gF
+zZrH4XWvX41le5IEefm9+hFPE6TRJPh1ezDvh2eVhQxFpK7iqpR0z2OxdLJ5fhmB
+CCRHZuRpg7p7MWB6cUhrtBZXDytdkARnlqJsLFudjVUTjU9gi+GUt1sUmEf2Bjba
+z58UC7CfPIBJGMLjQD1oAQi1GVo9K1ZIaKqUtGA2QEHB2m/aXZg8F3ZDMfHp6Tpc
+au9Em4AL42Hrau1ArCk0fnhgA4dbnmZoEVbZJDdMX5xno1tuqEKYdPLJHuZxJhz2
+xdJUNYSFgpDWLJTzvTOEdZWm+CVmLNl60kJkWNh7HdvWeBV1yBquA6+k+r26sIoq
+LaZuSq/8QWnNJYZeQpKl8Ib9d8ycQ62Q2sHxLTq+eTYlwkE4Gomi3665IfmE6DS9
+OnFfYO440lKJZJbJ9ET+VN8kkVfCGh3tJdyVTJc95LKJtxKJzaFUDMObCMPfWOz+
+PaTTY8j9qA+GvdRDxwyBw0CJqgIps1pZ+foEZsIBtNyHHNSWjZxImIuWtfYgNmZ9
+dteZkKibWyZYgb64rgMQ2+nViwGMlQaDfYWCOAIj3mQGPTLb0OgFfKNvxBZuj72B
+l8tx3oufN9Ah9DwXl+ynXen39ct901v5eakpCC9VC0xke6JBXyXjxw5qtXRbevyT
+jKbYkPFkruwrCUL2fVUxV3mBXGagjz2XNTaz3oDSu9GX/UMViGwwHryeSiwX9XOo
+/KVNv+i57w2OlY2k72EoK+700fHlcx+EZu+1tIjh8YOVXDg7+nBklcrr21/FABqP
+Apm+fBEQ7QQyQUF1aViizQLgyfRl/J9szZKY2S2z0pHJroahmgSQRPwWgk5FEFpW
+PXSG0bRJ8SFNZn2zz3cdT6WvA6hg40jrEHSnCmDTWbWshMPvhCKZqXQTbCqYQnwf
+FBCtlpJOGVVvqshqIv69DBbLztTZkjjmdKP48v2B5qHlER4T8vewDt3lU5BAGuQn
+yRCcm5qOeuwg8PxcKBgFAoLKM+65cczLna/yIRyB/gD4p53MV5RztnnLxw/YvA2h
+xgPLVYn4LFIakKGYnlC7rXhfeDuVAMTpL+NVGbLGE8DeJ2KzdUJHrGZdwV+DkUuB
+BN9Pz0NtwEX91mabWawiXrxptmWMxnofMYNe5gg34izvm33+Kj/+Jgvej7uImuo+
+LaOQcCiCUv/gwrqA/FnkiheKboF0JDFIh3UJzZ1T/Uqdjv+JcuZjvCc60AufVdm5
+0zQaj4aZ6PJHybyuU8qT0lQvm083q596yelHHgd7K3J/c8SsfRnTcnSUI8lo7/Hn
+N593dZ7kMIc+UNOdzQYSI8KBoNxqOyzuou/GTpaRe3XKADtdzXxy8jY58hwmolrV
+UU3Lfay3+bzdNLq0p/GCZ4B5NXkyivJxxiHDoOmHWAzg9pxOV8EYoyponhvF2t3i
+kc32y9OhqwUBDZXuiZgtd9W6d3EVcaY6vqOkQGxqDJuMiArC+Hk2qwkK7Mh5qDx6
+q/dVB6PdWr8sVO5J1phIV9u8m5rK7PGnmcDx4sS9eE3soa7gqkVb5H9SrOz/s/DD
+1G6BjakHtlizfJLQhhK9eTvDCUf3pvOhtNyX6OKGsPw1VB+UcC0+mnHnThrszIf9
+q/AXJnpoVUPP3Fr1eGCdLTluIc8lRwuYUH/LGdy88Vyx+joZ626a4cb63W2knQoV
+mQwz9Gwgm8RIZMLgZAXimazG8EUz/kz0z2C1Ux/wpii8yof9deLZBpMjt4R0uKhM
+VFd/Rdko+JspcfoQ9PttA/aZ7aTYu4bXHBpTpusjTOvWrf9/pC4CScqCJWsS3AlG
+BzTInw7fk96f7eVOF5g+d7lEOjPHb4/7naj3pDUlH7Htecq3faYzreT3CbqltvKt
+LBR3/aRyIM912RTHuTw+6acOq0vguiK+D62C7ZDVtiCm+BbtNNB/UJm79/OQ5mp5
+bTI0kPmDeycaWTa0Ojpum+c/dpG/iJOBDICj7jHOXSHT7JlGyX6aSFJUltucAnZv
+wzhPDmdDaIDiKSk85GqgdDWVfGosSCX9Ph/T3WpIxnwfWSDRtIHkWTjly+pe4yy5
+K6/XISy/L5Zh/fhiI5fjHjgzmlibs2ru4nVw6hBhUvlSSe2BEs5d9h/yNH8Wy3qv
+b2D3jh7hkepFtZJGNTHp8ZUC7Ns2JIpQYObsaxdI65i3mMOu7fRwI+0/4ejsWhP6
+KCEiLgwvLg0qM82ma6YB7qHAHboaczRVEffDcJUG4a5uycB0DoZFn+uEaEFyili2
+0hCn4hVfsqUQk2PT8Mo1tSl5e30xI1YJZrRgiJm9nHRX6fLizngP+ILJLPHZsPvl
+SVIfY+/v/FR8feKOjaGhyGF51BAxaM2NIQ4jMP5/X+U5gQybi0E6u7rroDhaHsKm
+CMgXqszwXWCpedA/sEbeHpiTC59YlPPSlIOMc9vPKo/mQCfWy/9icUaIfKQldvkl
+lUxxNkqu6AbIpHVscbAEzSPs5xbQXU8EZNNCDisFnnpY3nQ3eLnlm89saTJxRb7N
+WHRMlmPv7qgD7uMIq3vdOGA7i5wT9MeoNIgK1/DsgH30s6RWjJy4YyyLmRTXPzbj
+hbQVpEmiMRbEidIvUx2OjKVxVQIcgtLsa2lvHQ4XL1cpLr5GVtOgy0fMg5OCDUUD
+svjgjgLQ3P2Up2nVY5FM6/QpPc5DTLuuR9ekI2/c9Biz09RtcYDUQK2ajdo8h1Iy
+KqHFoB7h48OXxXKKY94DY0TGx6PonB/epj8orAw4QKmm5M0vXYwBOqRymCTHTqOJ
+GObdLx1euFFyqguzHJOU2gAGZI0z9Lg1yRuFyhdPZyuniIcmtLNxRZ1duYHErcAy
+X56qndmLXt7UVkATai/rIMuoJLfAsUnVuTUS5p7tJM754UZT7lTcXvDJgOUNnBRa
+IcxC3pxvbrYDJ2iFJ72xkxUP2p74gucqg25XnCVmQuLg6zDDxF6CLuw9isxyXg4p
+kneMN//7fpp8GYl9nyZm2yqYYM+jcw0fcVc64L+X4w/gL3H2UMGgxIHSJp7HIG7V
+KHtXrNyjdPXXPVUsMsAAimqOr0Lr2sZWirfuivLaPTqhbkvG5PF7K3gT80AOIcd/
+6EIHBy2hZ7ukfjHmdP4LyQOhTQklaKzGHI0mypq0uFLWJOUlZnVrMiLP1xrWkpC8
+Ro9eo6mfjjQ45z8adC43a47klwTEzvod3rNEFIGJJUEjAN3mbqie7IxoSJknBBJK
+0D9lZEQ8lZWlq7vuN8JdqPM6xh155jMVsPwjLK6Tzkj5BpRD9Tgm3u6HPeCRYQ3v
+ky71MaixdjTGbWTorqw+/wv3j0KstajivUjYsDTvZtMa9A/bxWyFQDvqOBxPWhwL
+770+iS0grXRgKrnD4V8wBDTgp4Je4B2aJjaIBPhKV5rrU8wIy1reZUbItRkIsSY/
+4jRQpHmaU7R8YRyNT2PxOZuNmrE0WqWguxTuhKLs6zQS1geR0BWsTFTI5z9kOJ7p
+8GN0tOYt0KZsT0k3COVtfKl1Nm6kaAs2EoYMiyRQAAzBlhrIjph9IgyQ0J4BhOeM
+64ZlnWawJcZex8wFHWx9QiP1R4aPAPyCr5RVUdf+h6gf+bR4nmmmqLf6dSWBz0O+
+liwL8WDQbYq5hv0H5Un5rgYzNBI9ESgW1CkH120uQFvsdr+GkZZMh2rNbR4CjmWX
+I3wU2+XYW7Yhwto2ZYU7r2AuNEpCimnR28U67ABUjp+8YOOnVaKCg1sVmXw36KJa
+bMo6OgbZktt7PVyVkKaz8k8mteEQww7FalXORDI3ffpVYeYaAxyNooIZJ4DaecRI
+ga6IJcyuQeUZ9ptgiwpwcUKja3Xe5fJk9/TNI9OS4PQSH3bCoL2m8DeC+usJR+j0
+yfduz54pYqYOWlyzyYOfTfagiD7OtCEh24ypdWfd6/N5UzcHkwE4Yy+DnX9JeDtH
+4wL/jreO5BARv0hV78hgac7/+hab2XD/fvsB/+of4Wc3TahsnDUW96xAiz17lEc1
+DKQps76+ZUlCXWd30NlascM07v/zRjPaEKbtPCzmdJE3aIWXJFpgkevvKnGRTasJ
+qTavq5rtcPC7WpTZFPf6o+NPVG7FDahOUfIaQo8xkYJFz4JJbPlp54KYdlXB1vec
+Lxil+y6MyJirKAt65DzamMq5HsMgoaad9w4t2/kX4STZbLLQP3yJKCT5qhAZguEv
+2WVTXemfbW5GwNjm4ZxeIjDUgRMWVN2AQ0S/x+61m4mx6Cunt+YVfI2g3IU3LKl4
+OszpmpHi8rEWODe0op5WmTD9bgQCSXMzGY2JrMY0MEeydhXevA+Upr4d54TZjGew
+rAYsI2BFhRdNomTjrW9LXrTPd2+H+Yt91nsxgKSY7ds0TcQtQMDDthCRK6j26PN0
+Uq170sLfiyOD1857HdOECDljnSfBibjMGYYzvISovw7pCCczq0gMVL1evINos3Nw
+aExaoy+HM7qwL8ADZZ8uDBLnXsKnTciQlBaob2rDnb4T4YC2mKgl9zMSGW/0GuGO
+2126BFKMmsbxJhVgTjMbcC6vl40GgZoAsg4c60/Dz4mi9CYhZwWhon9ZC6CUWta1
+7DnUgroXxGIcA4FVq9k65lw7u1X7l6dV+t453Stfxk7LiFiYeGYXWE6utY6f4R4T
+RJgqidc3TUEz3EywrzQKaZxj01Bo8GzCUYNVSdijIgVh+aCafLcnyAMTLlhXbWi2
+G0Ujg12zgLIT1SvCQGPA0A5M6mgkwJC030kQLfcmOkm1KTLEb+8WvJzGTSQScyU/
+W/8DY4IjiYGhriTJFdoPw19o3z9z6zDP0m58+3nTkVx49T2uV00/JxuTEtBbmYL3
+r3at6P4FVQM/mQijh90oTM2b36dNZUl+YGiU35ZlOnHTcLZ9smeiEnBezq41HgPY
+hKElUfXUHAPuJQd0QBtyzMHJ8V2N+Q+/jzCcxyGXRXEp6vp9NwAmNvxP099Yoo0R
+9va72BxiPpj/4nmLOOYquH01qOotR6H3li3T9H1+8Vt1ztP4VmBYsAcSruusIQG0
+YWom91yTb3rVbNuU6GF8og6YxvnHeawjHovLBkMEwY/WXodFEaHjFtYp0z9Cbwpj
+FK2YAAAAAA==
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/t/msie-s-a-e b/src/lib/libcrypto/pkcs7/t/msie-s-a-e
new file mode 100644
index 0000000000..0067794d70
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-s-a-e
@@ -0,0 +1,91 @@
+
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHCMIHMAgEAMHYwYjERMA8GA1UEBxMISW50ZXJuZXQxFzAV
+BgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5k
+aXZpZHVhbCBTdWJzY3JpYmVyAhBgQJiC3qfbCbjdj5INYLnKMA0GCSqGSIb3DQEBAQUABECjscaS
+G0U299fqiEAgTqTFQBp8Ai6zzjl557cVb3k6z4QZ7CbqBjSXAjLbh5e7S5Hd/FrFcDnxl1Ka06ha
+VHGPMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UE
+BxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0GCSqG
+SIb3DQEBAQUABECsyHXZ1xaiv0UQRvOmVYsaF38AL2XX75wxbCsz5/wOg7g3RP4aicZxaR4sBog0
+f2G1o9om/hu+A0rIYF/L4/GUMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQIsozQrnwj
+cc2ggASCBAAQz/LPoJe/+iYWeTwSebz6Q9UeKZzQ2UWm7GLtEM3s3c9SCvpmkwIRdEhLjWaBJMyI
+DiL7t1I1vMf9inB8LXgAcIEYkpNScjS8ERA9Ebb7ieNKSBg7w7B8ATHFxLSlDADqRgoZrB1Ctfgf
+ximp3EgxTgnhtyQhZxXW7kBQyFRwumplrJXOp7albP7IothrOKncw30IJT1fwPxWNMItI9juXF0U
+CbWVSjPzGBo4+XNXMvUO6MplOQEz/ywEQ9E8OZAQex1Zw9qq5ppsXB2pMsYV5sLJGikukMYKquiz
+3YK+tN6J8ahLcDUs+VGwqvZi17gpBTlbEP+ZmXJpnO63t1yTEB0V5AZcRKWUOhzlCBM5YUagqNoY
+cpsmSvOK6bYzkUKOrzWpDCAtGZ/Dvul5dTZZmxs2WpM+iyeHXMxO3huy8K1brPTqt1f1sHhuq1jD
+1eXedaCjIgUW9qV18vNAQCof/Yb6T/1fxztf/jD7pPLQJ+7LJkKCAEHGcaizpoKqhYcttaEhLq1G
+O+Ohqf7yFegMdTJ3wwP324w5ZYSU5fLo2Z34/Edf6EGvXyTIqVfAmEBALd6JGVdN5GlYYTxrL+eO
+P80Z4ao4YKoxwEmRp5bmQsQ8B29QhOFKmC6eiG5B96qLMtp7Zmu1grDNxTd6OXShWVwYARD0/B1P
+Sy0PAfk9Gb4fAkO9fZJDQYZ7s0mM5iOPEeSR7820TolOb+KfRabLA9d714jsc2jEykKlpP66Bh4j
+aCsyqJ0uUQcE8SnzrKAqGwgWiCGQpiTa+HBiP6eRlRGOKQj5Y06vcNx6Ija4cGe6+yCN8HV8tCY0
+okZK98NQCl5t79R/ZB2c3NvBJH+/g3ulU48ikT3tVmDxE3mOZofZyGFEM99P+YCMScLDxTl3hzGy
+0YkI8U855P7qOAbcFfh2T5n+LSELwLhbkymEfZT917GWTfmypBWMvJx0WHeDhKwQYPdzbKgWETnc
+yeKasaCW+oLdhBwrd6Ws2r4MA8cwiYXDLbwYmCxJA8VF++8kubF2HJOjSyMBS+QT2PSV/0D9UWoi
+Vfk7R4OvWBJVvq7nV+lXS0O5igjExxlmx1OaBfg7+Cr/MbK4zVNrKSJn82NnKKt6LC6RaTmvFYay
+0sDFxQ7Xo+Th6tDNKmKWJt6Kegfjc+qTWJTKb3kL+UI8vS0zTLy1+M/rZ4ekos/JiS5rYIcAswvg
+58kBgp/0rc6upBeWjBaK5O0aLAeBQfLulo1axWX04OSVKmYeoAltyR6UO9ME3acurQyg7Ta24yqO
+whi/PrIaEiO7dsWvFtzsshVzBLic02NlAkPkMUzliPYnZHWQglDAVxL5K2qhvK1OFCkQpIgBsBDM
+6KYRL/mkBIIEALIl927rIkaN37/BQIcxLcSa05YfC0Hl3mxWESt1A0D4lA37A9S8EbYmDfAYlMc0
+3HhZGdZEtawfpJFyDHzNZceNWBch6nxeNZCY4YFdsbzuGS0RKpwNA9S/czOJ4p9ymBCxuhGepI3U
+PKbC8C749Www1/wMdAot1n+K7M/PBGR8hWmaH5SS7U3yMwAB1fq2NDjx4ur+Um+MclSdN01MDXzG
+EO+eAo1pdAY8479234l8dB2YVAhZ1ZlJ4KmbqMKJrGJXnQUEYS6/cTDRjsUocsoW7uGg1ci2GiHa
+qjlkfpBfie3SdhFW/K8hwAH0HALs56oFN66wUkP/AaJAPfIUNhR6RpHKzZ9zCC42oB2mNawQRMnF
+ETBl1s/SwMxLKRp7jAfKs4NZxSY6I9z/2dTpzS3tsHMjxVDuxkolvRNWBILEMeL1CBvip2HhmoUw
+/Sz5NDgyzk1aQLV6DQNJ2RZLMZDRCtSwZSBu6lhhSgTJGazP0+NbqXXC5aQTrqrFIcWyDXz+ADle
+kszzYM/gSaQTCALTwfDDaU9Ek3xVgW+XBtExtJ3U+0AN3l0j86rUIdIvp6eWdxWQqv9LtpoorKMD
+KfUc5PYV09Z1JgsT4X51Zzq+74l5dz7udIM7UNbdTpmRm9PDj3TUbGCvNR9hqOEGTLbkvb1ZR24a
+h6uGRl2znB25IpDAGRhNRb9is/pO2tvHwHTDMOjrgvZG/pNvXgSUxz0pRjUjXIcqBe2X2gcQfeal
+r8gY76o83WEGL6ODryV9vTQVHt52+izgpYoBZaVlpgqbZl54c+OE0Zxf9RwXwDbcYu5Ku5E0MPL0
+qUjc0y2+Y6E4P5bAWaZGMGT+ORkyVUzcaWmM/+XlO7PER5wrWlCIMZCX1L/nvioY0q0CKqALn7DJ
+QU+qenbwrb6uwS7uNZY6V86s0aDYpU7yRyqxC5SbuyNJb02gdxUCgpIscFaMUjMVRml4M4BIjX/b
+U+HgHoVMUm8SnN9gRcT2izPrgOGVcMTJjfenzoCKoCPo9RjgGMctgB4DvKamErNU7OrilIfuoqzE
+PNSeP9SPw/zkDmNvMebM499We9CVnsHUWqF00/ZJWoua77+0f1bLS/tmci1JBvIcMo/4SJvgH+KF
+o0gijP9gqAPd5iCOnpnJlHUqRIym42SmyKEDuzdSwXKjAR6j7uXda39JyMJr8gGzEsu0jYRkAmj1
+YdiqwKXUcLMkcj1AKeU/PxTUVw0YKsv/rowrPYww3xQUWqNivrXB7GCHE3BzsYNdHsmziaGIXQbA
++EBHdkuKrM8BcC+fxhF/l/KUxngsD1E75IcUv8zFDF+sk4CBYHqks9S4JYlcubuizqsILbdGzIMN
+Z7w34k0XT+sEggQAyzr8MHeIJGsT+AYnZr08PeTbyr01JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzY
+CXrxZcUmuay6/MV8w/f5T6vQXdoSw5puWodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSV
+OWSvST0AtAX57fFOTckm+facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4Eg
+XBLNvOZY9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ40BQD
+c6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q53DvKVtXp9Ycam5J
+TmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp6B+06HljUwQLBJs9XtCfqH5Zgdz9
+gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/TH68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4
+zVkwsn203bUmKLyz+yl1zItDpn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeD
+JJVld3ac6F8+3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w
+95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUCQkJyqTeTeGgH
+rn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrVuh6V9m7Mpl9hzpogg++EZqah
+fzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUt
+j2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRI
+Ipi+7tX0FsilqEbmjG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRm
+hOhGqUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38Bw10ERap
+m8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6L7IwJWotIUx8E0XH0/cU
+xS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+NtgabrZ6SsKGthGa7eULTpz0McWTLRU0y/
+/tkckpm5pDnXSFbIMskwwjECz82UZBSPpigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9P
+O1tQd60EO+3awASCBAAZQvWV3/yJ6FxPttbP+qeURpJoPEZfpN2UYZmd8HqtR0YbaOZ6Rln9nvpd
+K9fylXdw9z2xeCbjDWUttJB4VqZxGJM8eCTC1VDVyAOsQ5n7SY55dMkQbU+o4Z/4J5m8+wz50BBI
+LfruL1eZ6/CF6CdvxVRiJ10sXc0Tn2sVMXqkw7Adp1GYoCI9c6VFSFK74+n+y7LVFQ5HBnbQyKJc
+dvdLOXwZOPaFHC5UNXRmOpcwdPqyXUe+xIsOMYbzdlAnI9eGDNeRDktUa/Rh0CbZCxjmJzoZEYOE
+ZjsYZlEfp1Kb61t8z4m28hGLEg88T1Ihmxa2HeUWes1RpmgIOP+/2Lb3smj/l/fpSu4gabFgyCAV
+H5HdCYMScUv8SVu55+tpeO8ELoHHQUXV4rr084O4budzhgNSOPyLGDl5sfDUXiyusPCxS4JVO/KY
+6V2Qrtg/q2wtmXpEkZnGT+Qi3WDzwt4W81alztnYMP17oGLmxX71KV9OEiMZjI4WaaGt+OOINLtR
+qefioZ1NI2L1s5M0tybwTsyU9WERM+3pUwXIfJVsbMZRlNaO2OogcHbaR4UWvhOj+3CTG1sThiYQ
+MxMnp1Rpqx3nhyzqLO3TRrkYvxnA3cdPBn9EeqpgBMg7X3hCiMV3Fl5cj/WOMhtHYgY7BgeCXo46
+EFVZ4+WroGZ46xGiRDiIblo8bzLd7QCxvukzxy3mUDgsZQ8pds4N28weSUhBk5MAPbfBpRvXUVJx
+MhKqXucQU1Md1qSGLbuuIQuz9pAGp1JFUx/vEkCgm74daSoVWCZuB+1ZE4f48clvrBj51xMNf8CP
+EFE7vySzVb6X2H1i5X3Z+Y3DdIcWw4Y2FClfcJk4Mwq8Cq2GALGFEge9YSEE9YmyuU6OFeU0ICon
+iXAgZ72SM8fBwJPruLFbdsNYKW+oAfmPisXSWMcZmdSbfk0GYv+vKtu3eegSbWw1UsCVtZOh9E5Z
+uQ83l59CBqO9sV/SFU3WrrJ0qNWxrmXu9nJn5Qf5iCRoFGYNHYHkIG5FS6N00GEDZxGkxmro2d++
+Adj5LVHc/b1cYWmrux+jEqI8ZK8cyTB0XMbBA/HYbx9NXazr7znP4/Mlv3pZToEcYt+lgLHAArtU
+AdhybhbLIwNMq0gr6EwtDklBa3ns4Wx/rJU8H7LGs6gV8uqeaSketv+nz+sQhfctxZ1rx+5qzXfy
+FOQVpO23KDQunBi1Bl9k61Di4q9JWcyADBXPHXJzp7mL8Fk7zdvMAEfuED1phdRm6GgDYoYUs4yQ
+IrhSjFlWyk7hT8475xk3BIv++obvWSAv/3+pF6A6U2RXDChVmnG0JnPa9wYYtdzBmLfZKBjX+DjD
+yEMsuhPsCzuN4R6tBIIBWCVRKmKwdkatmpsQBgDw48u0/Arffl5/DRlS9ee+QffFecUitDdCK+kt
+X5L2fGYrL5g6SltncMIeV1ptx4nuSjC/O944q1KYtqvQiPFWJqEXIRMNbbYOC47sjLza0tEFrimN
+wxcrWGSzsy5R9beFQ1aHPcMrDWfCoviNRk2qPtxuKIC5Qk2ZuOmJLjCiLwUGEb0/1Mpzv3MqQa7d
+mRayXg3DZWJPajxNZv6eS357ElMvwGQmqafb2mlQJwWLsg9m9PG7uqEoyrqSc6MiuY+icLEFib9j
+OfRQrx70rTSKUfTr4MtP0aZZAefjCrpVIyTekhFDOk0Nmx057eonlyGgmGpl5/Uo+t1J1Z11Ya/l
+bNbfmebRISJeTVW0I8FhseAZMI1GSwp/ludJxSLYOgyRkh+GX134MexNo7O9F1SxLCfWaSG9Fc3s
+5ify04ua9/t8SGrYZPm/l3MkAAAAAAAAAAAAAA==
+
+
diff --git a/src/lib/libcrypto/pkcs7/t/msie-s-a-e.pem b/src/lib/libcrypto/pkcs7/t/msie-s-a-e.pem
new file mode 100644
index 0000000000..55dbd8f80b
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/msie-s-a-e.pem
@@ -0,0 +1,106 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHA6CAMIITUAIBADGCAcIwgcwCAQAwdjBiMREwDwYDVQQHEwhJ
+bnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlT
+aWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXICEGBAmILep9sJ
+uN2Pkg1gucowDQYJKoZIhvcNAQEBBQAEQKOxxpIbRTb31+qIQCBOpMVAGnwCLrPO
+OXnntxVveTrPhBnsJuoGNJcCMtuHl7tLkd38WsVwOfGXUprTqFpUcY8wgfACAQAw
+gZkwgZIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsT
+GURFTU9OU1RSQVRJT04gQU5EIFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBW
+QUxVRSBDQQICBG4wDQYJKoZIhvcNAQEBBQAEQKzIddnXFqK/RRBG86ZVixoXfwAv
+ZdfvnDFsKzPn/A6DuDdE/hqJxnFpHiwGiDR/YbWj2ib+G74DSshgX8vj8ZQwghGD
+BgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECLKM0K58I3HNgIIRWBDP8s+g
+l7/6JhZ5PBJ5vPpD1R4pnNDZRabsYu0Qzezdz1IK+maTAhF0SEuNZoEkzIgOIvu3
+UjW8x/2KcHwteABwgRiSk1JyNLwRED0RtvuJ40pIGDvDsHwBMcXEtKUMAOpGChms
+HUK1+B/GKancSDFOCeG3JCFnFdbuQFDIVHC6amWslc6ntqVs/sii2Gs4qdzDfQgl
+PV/A/FY0wi0j2O5cXRQJtZVKM/MYGjj5c1cy9Q7oymU5ATP/LARD0Tw5kBB7HVnD
+2qrmmmxcHakyxhXmwskaKS6Qxgqq6LPdgr603onxqEtwNSz5UbCq9mLXuCkFOVsQ
+/5mZcmmc7re3XJMQHRXkBlxEpZQ6HOUIEzlhRqCo2hhymyZK84rptjORQo6vNakM
+IC0Zn8O+6Xl1NlmbGzZakz6LJ4dczE7eG7LwrVus9Oq3V/WweG6rWMPV5d51oKMi
+BRb2pXXy80BAKh/9hvpP/V/HO1/+MPuk8tAn7ssmQoIAQcZxqLOmgqqFhy21oSEu
+rUY746Gp/vIV6Ax1MnfDA/fbjDllhJTl8ujZnfj8R1/oQa9fJMipV8CYQEAt3okZ
+V03kaVhhPGsv544/zRnhqjhgqjHASZGnluZCxDwHb1CE4UqYLp6IbkH3qosy2ntm
+a7WCsM3FN3o5dKFZXBgBEPT8HU9LLQ8B+T0Zvh8CQ719kkNBhnuzSYzmI48R5JHv
+zbROiU5v4p9FpssD13vXiOxzaMTKQqWk/roGHiNoKzKonS5RBwTxKfOsoCobCBaI
+IZCmJNr4cGI/p5GVEY4pCPljTq9w3HoiNrhwZ7r7II3wdXy0JjSiRkr3w1AKXm3v
+1H9kHZzc28Ekf7+De6VTjyKRPe1WYPETeY5mh9nIYUQz30/5gIxJwsPFOXeHMbLR
+iQjxTznk/uo4BtwV+HZPmf4tIQvAuFuTKYR9lP3XsZZN+bKkFYy8nHRYd4OErBBg
+93NsqBYROdzJ4pqxoJb6gt2EHCt3pazavgwDxzCJhcMtvBiYLEkDxUX77yS5sXYc
+k6NLIwFL5BPY9JX/QP1RaiJV+TtHg69YElW+rudX6VdLQ7mKCMTHGWbHU5oF+Dv4
+Kv8xsrjNU2spImfzY2coq3osLpFpOa8VhrLSwMXFDtej5OHq0M0qYpYm3op6B+Nz
+6pNYlMpveQv5Qjy9LTNMvLX4z+tnh6Siz8mJLmtghwCzC+DnyQGCn/Stzq6kF5aM
+Fork7RosB4FB8u6WjVrFZfTg5JUqZh6gCW3JHpQ70wTdpy6tDKDtNrbjKo7CGL8+
+shoSI7t2xa8W3OyyFXMEuJzTY2UCQ+QxTOWI9idkdZCCUMBXEvkraqG8rU4UKRCk
+iAGwEMzophEv+aSyJfdu6yJGjd+/wUCHMS3EmtOWHwtB5d5sVhErdQNA+JQN+wPU
+vBG2Jg3wGJTHNNx4WRnWRLWsH6SRcgx8zWXHjVgXIep8XjWQmOGBXbG87hktESqc
+DQPUv3MzieKfcpgQsboRnqSN1DymwvAu+PVsMNf8DHQKLdZ/iuzPzwRkfIVpmh+U
+ku1N8jMAAdX6tjQ48eLq/lJvjHJUnTdNTA18xhDvngKNaXQGPOO/dt+JfHQdmFQI
+WdWZSeCpm6jCiaxiV50FBGEuv3Ew0Y7FKHLKFu7hoNXIthoh2qo5ZH6QX4nt0nYR
+VvyvIcAB9BwC7OeqBTeusFJD/wGiQD3yFDYUekaRys2fcwguNqAdpjWsEETJxREw
+ZdbP0sDMSykae4wHyrODWcUmOiPc/9nU6c0t7bBzI8VQ7sZKJb0TVgSCxDHi9Qgb
+4qdh4ZqFMP0s+TQ4Ms5NWkC1eg0DSdkWSzGQ0QrUsGUgbupYYUoEyRmsz9PjW6l1
+wuWkE66qxSHFsg18/gA5XpLM82DP4EmkEwgC08Hww2lPRJN8VYFvlwbRMbSd1PtA
+Dd5dI/Oq1CHSL6enlncVkKr/S7aaKKyjAyn1HOT2FdPWdSYLE+F+dWc6vu+JeXc+
+7nSDO1DW3U6ZkZvTw4901GxgrzUfYajhBky25L29WUduGoerhkZds5wduSKQwBkY
+TUW/YrP6Ttrbx8B0wzDo64L2Rv6Tb14ElMc9KUY1I1yHKgXtl9oHEH3mpa/IGO+q
+PN1hBi+jg68lfb00FR7edvos4KWKAWWlZaYKm2ZeeHPjhNGcX/UcF8A23GLuSruR
+NDDy9KlI3NMtvmOhOD+WwFmmRjBk/jkZMlVM3GlpjP/l5TuzxEecK1pQiDGQl9S/
+574qGNKtAiqgC5+wyUFPqnp28K2+rsEu7jWWOlfOrNGg2KVO8kcqsQuUm7sjSW9N
+oHcVAoKSLHBWjFIzFUZpeDOASI1/21Ph4B6FTFJvEpzfYEXE9osz64DhlXDEyY33
+p86AiqAj6PUY4BjHLYAeA7ymphKzVOzq4pSH7qKsxDzUnj/Uj8P85A5jbzHmzOPf
+VnvQlZ7B1FqhdNP2SVqLmu+/tH9Wy0v7ZnItSQbyHDKP+Eib4B/ihaNIIoz/YKgD
+3eYgjp6ZyZR1KkSMpuNkpsihA7s3UsFyowEeo+7l3Wt/ScjCa/IBsxLLtI2EZAJo
+9WHYqsCl1HCzJHI9QCnlPz8U1FcNGCrL/66MKz2MMN8UFFqjYr61wexghxNwc7GD
+XR7Js4mhiF0GwPhAR3ZLiqzPAXAvn8YRf5fylMZ4LA9RO+SHFL/MxQxfrJOAgWB6
+pLPUuCWJXLm7os6rCC23RsyDDWe8N+JNF0/ryzr8MHeIJGsT+AYnZr08PeTbyr01
+JEoT7lPYT6PzX4F63QKKDl+mB+PwLMzYCXrxZcUmuay6/MV8w/f5T6vQXdoSw5pu
+WodBYwVReYh1IaEN+jiTapm9YBVmcIsJPO6abHowknSVOWSvST0AtAX57fFOTckm
++facfBK9s9T1lUUgF44Bh5e8f9qKqfOV44nqdCOEyUm0Dao497ieN4EgXBLNvOZY
+9+irMiXjp0lcyFvhrJOczfyCr9EiiaiH1TfSzKGKsf2W84iKn/JH6x2eOo7xjwJ4
+0BQDc6S1cUNEuqBhP6by0FioOXYOKVyifpxk84Eb+F/4CNdTJTvCPwsiegdfsX/Q
+53DvKVtXp9Ycam5JTmKRHXK/bMHF4ONv3p/O/kn/BqRx+fbbP2eMX8Z1F/ltHKfp
+6B+06HljUwQLBJs9XtCfqH5Zgdz9gad5WZF5ykFArmHDgeFlgggvbZ7z9vqnjN/T
+H68TxJzauYQ5vLHQ6wGXik4/4uq7/TqNmhxlQEM4zVkwsn203bUmKLyz+yl1zItD
+pn5zy1uXfGo99rBdUzdbdE9LmEFPMaFsaHd4a8oDaUroD7FgCbeDJJVld3ac6F8+
+3QbExPs48OrgA1kI3/UwXr52ldjiYzTLfAGR9BjqNFTw45FUHuMf8TEM5hcHx56w
+95eKAqraDk28o9k+M2UKpcmrdlWoWzdqVVFeWGpM8x9Y9Nt0lf/4VUQgrXjqTkUC
+QkJyqTeTeGgHrn3QBk2XAgpxZhaJs3InW0BkAlBmK99cMinUiJeFt5a4p5wPeXrV
+uh6V9m7Mpl9hzpogg++EZqahfzzNnDgxOZfW342DX052PdgXo0NnkhCk005LvFt6
+M2mRn0fLgNVfyUZZoOp8cO5ZWbhXXlrhrgUtj2zKPK6Q94Zj4kdXHBGpAkrB8ZQ4
+EGGODE0Dqusm8WPXzB+9236IMHPU7lFbyjBrFNI7O4jg+qRIIpi+7tX0FsilqEbm
+jG+OPwhZXrdqUqyF+rjKQuSRq7lOeDB4c6S2dq4OOny01i5HCbbyc9UvSHRmhOhG
+qUlzHyHLo3W7j+26V/MhkDXJ+Tx+qfylv4pbliwTteJJj+CZwzjv29qb6lxYi+38
+Bw10ERapm8UCRFBecVN7xXlcIfyeAl666Vi7EBJZv3EdFNrx1nlLwM65nYya7uj6
+L7IwJWotIUx8E0XH0/cUxS/dG8bxf9L/8652h5gq3LI+wTNGuEX0DMuz7BGQG+Nt
+gabrZ6SsKGthGa7eULTpz0McWTLRU0y//tkckpm5pDnXSFbIMskwwjECz82UZBSP
+pigdN/Pjg5d+0yWu7s3VJxw4ENWPPpzZ+j7sOXmdvn9PO1tQd60EO+3awBlC9ZXf
+/InoXE+21s/6p5RGkmg8Rl+k3ZRhmZ3weq1HRhto5npGWf2e+l0r1/KVd3D3PbF4
+JuMNZS20kHhWpnEYkzx4JMLVUNXIA6xDmftJjnl0yRBtT6jhn/gnmbz7DPnQEEgt
++u4vV5nr8IXoJ2/FVGInXSxdzROfaxUxeqTDsB2nUZigIj1zpUVIUrvj6f7LstUV
+DkcGdtDIolx290s5fBk49oUcLlQ1dGY6lzB0+rJdR77Eiw4xhvN2UCcj14YM15EO
+S1Rr9GHQJtkLGOYnOhkRg4RmOxhmUR+nUpvrW3zPibbyEYsSDzxPUiGbFrYd5RZ6
+zVGmaAg4/7/YtveyaP+X9+lK7iBpsWDIIBUfkd0JgxJxS/xJW7nn62l47wQugcdB
+RdXiuvTzg7hu53OGA1I4/IsYOXmx8NReLK6w8LFLglU78pjpXZCu2D+rbC2ZekSR
+mcZP5CLdYPPC3hbzVqXO2dgw/XugYubFfvUpX04SIxmMjhZpoa3444g0u1Gp5+Kh
+nU0jYvWzkzS3JvBOzJT1YREz7elTBch8lWxsxlGU1o7Y6iBwdtpHhRa+E6P7cJMb
+WxOGJhAzEyenVGmrHeeHLOos7dNGuRi/GcDdx08Gf0R6qmAEyDtfeEKIxXcWXlyP
+9Y4yG0diBjsGB4JejjoQVVnj5augZnjrEaJEOIhuWjxvMt3tALG+6TPHLeZQOCxl
+Dyl2zg3bzB5JSEGTkwA9t8GlG9dRUnEyEqpe5xBTUx3WpIYtu64hC7P2kAanUkVT
+H+8SQKCbvh1pKhVYJm4H7VkTh/jxyW+sGPnXEw1/wI8QUTu/JLNVvpfYfWLlfdn5
+jcN0hxbDhjYUKV9wmTgzCrwKrYYAsYUSB71hIQT1ibK5To4V5TQgKieJcCBnvZIz
+x8HAk+u4sVt2w1gpb6gB+Y+KxdJYxxmZ1Jt+TQZi/68q27d56BJtbDVSwJW1k6H0
+Tlm5DzeXn0IGo72xX9IVTdausnSo1bGuZe72cmflB/mIJGgUZg0dgeQgbkVLo3TQ
+YQNnEaTGaujZ374B2PktUdz9vVxhaau7H6MSojxkrxzJMHRcxsED8dhvH01drOvv
+Oc/j8yW/ellOgRxi36WAscACu1QB2HJuFssjA0yrSCvoTC0OSUFreezhbH+slTwf
+ssazqBXy6p5pKR62/6fP6xCF9y3FnWvH7mrNd/IU5BWk7bcoNC6cGLUGX2TrUOLi
+r0lZzIAMFc8dcnOnuYvwWTvN28wAR+4QPWmF1GboaANihhSzjJAiuFKMWVbKTuFP
+zjvnGTcEi/76hu9ZIC//f6kXoDpTZFcMKFWacbQmc9r3Bhi13MGYt9koGNf4OMPI
+Qyy6E+wLO43hHq0lUSpisHZGrZqbEAYA8OPLtPwK335efw0ZUvXnvkH3xXnFIrQ3
+QivpLV+S9nxmKy+YOkpbZ3DCHldabceJ7kowvzveOKtSmLar0IjxViahFyETDW22
+DguO7Iy82tLRBa4pjcMXK1hks7MuUfW3hUNWhz3DKw1nwqL4jUZNqj7cbiiAuUJN
+mbjpiS4woi8FBhG9P9TKc79zKkGu3ZkWsl4Nw2ViT2o8TWb+nkt+exJTL8BkJqmn
+29ppUCcFi7IPZvTxu7qhKMq6knOjIrmPonCxBYm/Yzn0UK8e9K00ilH06+DLT9Gm
+WQHn4wq6VSMk3pIRQzpNDZsdOe3qJ5choJhqZef1KPrdSdWddWGv5WzW35nm0SEi
+Xk1VtCPBYbHgGTCNRksKf5bnScUi2DoMkZIfhl9d+DHsTaOzvRdUsSwn1mkhvRXN
+7OYn8tOLmvf7fEhq2GT5v5dzJAAAAAA=
+-----END PKCS7-----
diff --git a/src/lib/libcrypto/pkcs7/t/nav-smime b/src/lib/libcrypto/pkcs7/t/nav-smime
new file mode 100644
index 0000000000..6ee4b597a1
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/nav-smime
@@ -0,0 +1,157 @@
+From angela@c2.net.au Thu May 14 13:32:27 1998
+X-UIDL: 83c94dd550e54329bf9571b72038b8c8
+Return-Path: angela@c2.net.au
+Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27838 for <tjh@cryptsoft.com>; Thu, 14 May 1998 13:32:26 +1000 (EST)
+Message-ID: <355A6779.4B63E64C@cryptsoft.com>
+Date: Thu, 14 May 1998 13:39:37 +1000
+From: Angela van Lent <angela@c2.net.au>
+X-Mailer: Mozilla 4.03 [en] (Win95; U)
+MIME-Version: 1.0
+To: tjh@cryptsoft.com
+Subject: signed
+Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms9A58844C95949ECC78A1C54C"
+Content-Length: 2604
+Status: OR
+
+This is a cryptographically signed message in MIME format.
+
+--------------ms9A58844C95949ECC78A1C54C
+Content-Type: text/plain; charset=us-ascii
+Content-Transfer-Encoding: 7bit
+
+signed body
+
+--------------ms9A58844C95949ECC78A1C54C
+Content-Type: application/x-pkcs7-signature; name="smime.p7s"
+Content-Transfer-Encoding: base64
+Content-Disposition: attachment; filename="smime.p7s"
+Content-Description: S/MIME Cryptographic Signature
+
+MIIGHgYJKoZIhvcNAQcCoIIGDzCCBgsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
+BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
+BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
+ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
+AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
+gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
+ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
+A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
+dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
+hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
+hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
+igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
+syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
+kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
+MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
+TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
+mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
+8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
+ggF7MIIBdwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
+BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
+REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
+AgIEfjAJBgUrDgMCGgUAoHowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAbBgkqhkiG9w0B
+CQ8xDjAMMAoGCCqGSIb3DQMHMBwGCSqGSIb3DQEJBTEPFw05ODA1MTQwMzM5MzdaMCMGCSqG
+SIb3DQEJBDEWBBQstNMnSV26ba8PapQEDhO21yNFrjANBgkqhkiG9w0BAQEFAARAW9Xb9YXv
+BfcNkutgFX9Gr8iXhBVsNtGEVrjrpkQwpKa7jHI8SjAlLhk/4RFwDHf+ISB9Np3Z1WDWnLcA
+9CWR6g==
+--------------ms9A58844C95949ECC78A1C54C--
+
+
+From angela@c2.net.au Thu May 14 13:33:16 1998
+X-UIDL: 8f076c44ff7c5967fd5b00c4588a8731
+Return-Path: angela@c2.net.au
+Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id NAA27847 for <tjh@cryptsoft.com>; Thu, 14 May 1998 13:33:15 +1000 (EST)
+Message-ID: <355A67AB.2AF38806@cryptsoft.com>
+Date: Thu, 14 May 1998 13:40:27 +1000
+From: Angela van Lent <angela@c2.net.au>
+X-Mailer: Mozilla 4.03 [en] (Win95; U)
+MIME-Version: 1.0
+To: tjh@cryptsoft.com
+Subject: signed
+Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------msD7863B84BD61E02C407F2F5E"
+Content-Length: 2679
+Status: OR
+
+This is a cryptographically signed message in MIME format.
+
+--------------msD7863B84BD61E02C407F2F5E
+Content-Type: text/plain; charset=us-ascii
+Content-Transfer-Encoding: 7bit
+
+signed body 2
+
+--------------msD7863B84BD61E02C407F2F5E
+Content-Type: application/x-pkcs7-signature; name="smime.p7s"
+Content-Transfer-Encoding: base64
+Content-Disposition: attachment; filename="smime.p7s"
+Content-Description: S/MIME Cryptographic Signature
+
+MIIGVgYJKoZIhvcNAQcCoIIGRzCCBkMCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
+BGswggJTMIIB/aADAgECAgIEfjANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCQVUxEzAR
+BgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNv
+ZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UE
+AxMSREVNTyBaRVJPIFZBTFVFIENBMB4XDTk4MDUxMzA2MjY1NloXDTAwMDUxMjA2MjY1Nlow
+gaUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFu
+ZTEaMBgGA1UEChMRQ3J5cHRzb2Z0IFB0eSBMdGQxEjAQBgNVBAsTCVNNSU1FIDAwMzEZMBcG
+A1UEAxMQQW5nZWxhIHZhbiBMZWVudDEjMCEGCSqGSIb3DQEJARYUYW5nZWxhQGNyeXB0c29m
+dC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC3+7dAb2LhuO7gt2cTM8vsNjhG5JfDh
+hX1Vl/wVGbKEEj0MA6vWEolvefQlxB+EzwCtR0YZ7eEC/T/4JoCyeQIDAQABoygwJjAkBglg
+hkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EAUnSP
+igs6TMFISTjw8cBtJYb98czgAVkVFjKyJQwYMH8FbDnCyx6NocM555nsyDstaw8fKR11Khds
+syd3ikkrhDCCAhAwggG6AgEDMA0GCSqGSIb3DQEBBAUAMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0EwHhcNOTgwMzAzMDc0MTMyWhcNMDgwMjI5MDc0MTMyWjCB
+kjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5l
+MRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZREVNT05TVFJBVElPTiBB
+TkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENBMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAL+0E2fLej3FSCwe2A2iRnMuC3z12qHIp6Ky1wo2zZcxft7AI+RfkrWrSGtf
+mfzBEuPrLdfulncC5Y1pNcM8RTUCAwEAATANBgkqhkiG9w0BAQQFAANBAGSbLMphL6F5pp3s
+8o0Xyh86FHFdpVOwYx09ELLkuG17V/P9pgIc0Eo/gDMbN+KT3IdgECf8S//pCRA6RrNjcXIx
+ggGzMIIBrwIBATCBmTCBkjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAP
+BgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdHNvZnQgUHR5IEx0ZDEiMCAGA1UECxMZ
+REVNT05TVFJBVElPTiBBTkQgVEVTVElORzEbMBkGA1UEAxMSREVNTyBaRVJPIFZBTFVFIENB
+AgIEfjAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN
+AQkFMQ8XDTk4MDUxNDAzNDAyN1owIwYJKoZIhvcNAQkEMRYEFOKcV8mNYJnM8rHQajcSEqJN
+rwdDMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsO
+AwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABEADPE/N
+coH+zTFuX5YpolupTKxKK8eEjc48TuADuO8bIHHDE/fEYaWunlwDuTlcFJl1ig0idffPB1qC
+Zp8SSVVY
+--------------msD7863B84BD61E02C407F2F5E--
+
+
+From angela@c2.net.au Thu May 14 14:05:32 1998
+X-UIDL: a7d629b4b9acacaee8b39371b860a32a
+Return-Path: angela@c2.net.au
+Received: from cryptsoft.com (play.cryptsoft.com [203.56.44.3]) by pandora.cryptsoft.com (8.8.3/8.7.3) with ESMTP id OAA28033 for <tjh@cryptsoft.com>; Thu, 14 May 1998 14:05:32 +1000 (EST)
+Message-ID: <355A6F3B.AC385981@cryptsoft.com>
+Date: Thu, 14 May 1998 14:12:43 +1000
+From: Angela van Lent <angela@c2.net.au>
+X-Mailer: Mozilla 4.03 [en] (Win95; U)
+MIME-Version: 1.0
+To: tjh@cryptsoft.com
+Subject: encrypted
+Content-Type: application/x-pkcs7-mime; name="smime.p7m"
+Content-Transfer-Encoding: base64
+Content-Disposition: attachment; filename="smime.p7m"
+Content-Description: S/MIME Encrypted Message
+Content-Length: 905
+Status: OR
+
+MIAGCSqGSIb3DQEHA6CAMIACAQAxggHmMIHwAgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEG
+A1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNUUkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQD
+ExJERU1PIFpFUk8gVkFMVUUgQ0ECAgR+MA0GCSqGSIb3DQEBAQUABEA92N29Yk39RUY2tIVd
+exGT2MFX3J6H8LB8aDRJjw7843ALgJ5zXpM5+f80QkAWwEN2A6Pl3VxiCeKLi435zXVyMIHw
+AgEAMIGZMIGSMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMI
+QnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29mdCBQdHkgTHRkMSIwIAYDVQQLExlERU1PTlNU
+UkFUSU9OIEFORCBURVNUSU5HMRswGQYDVQQDExJERU1PIFpFUk8gVkFMVUUgQ0ECAgRuMA0G
+CSqGSIb3DQEBAQUABECR9IfyHtvnjFmZ8B2oUCEs1vxMsG0u1kxKE4RMPFyDqDCEARq7zXMg
+nzSUI7Wgv5USSKDqcLRJeW+jvYURv/nJMIAGCSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIA
+oAQIrLqrij2ZMpeggAQoibtn6reRZWuWk5Iv5IAhgitr8EYE4w4ySQ7EMB6mTlBoFpccUMWX
+BwQgQn1UoWCvYAlhDzURdbui64Dc0rS2wtj+kE/InS6y25EEEPe4NUKaF8/UlE+lo3LtILQE
+CL3uV8k7m0iqAAAAAAAAAAAAAA==
+
diff --git a/src/lib/libcrypto/pkcs7/t/s.pem b/src/lib/libcrypto/pkcs7/t/s.pem
new file mode 100644
index 0000000000..4fa925b182
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/s.pem
@@ -0,0 +1,57 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
+mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
+fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
+zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
+p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
+bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
+IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
+-----END RSA PRIVATE KEY-----
+issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
+subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
+serial :047D
+
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1149 (0x47d)
+        Signature Algorithm: md5withRSAEncryption
+        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
+        Validity
+            Not Before: May 13 05:40:58 1998 GMT
+            Not After : May 12 05:40:58 2000 GMT
+        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Modulus:
+                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
+                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
+                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
+                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
+                    e7:e7:0c:4d:0b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Comment: 
+                Generated with SSLeay
+    Signature Algorithm: md5withRSAEncryption
+        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
+        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
+        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
+        50:74:ad:92:cb:4e:90:e5:fa:7d
+
+-----BEGIN CERTIFICATE-----
+MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
+ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
+IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
+NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
+aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
+9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
+lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
+hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
+UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
+4A3ZItobUHStkstOkOX6fQ==
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libcrypto/pkcs7/t/server.pem b/src/lib/libcrypto/pkcs7/t/server.pem
new file mode 100644
index 0000000000..989baf8709
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/t/server.pem
@@ -0,0 +1,57 @@
+issuer :/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=DEMONSTRATION AND TESTING/CN=DEMO ZERO VALUE CA
+subject:/C=AU/SP=Queensland/L=Brisbane/O=Cryptsoft Pty Ltd/OU=SMIME 003/CN=Information/Email=info@cryptsoft.com
+serial :047D
+
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1149 (0x47d)
+        Signature Algorithm: md5withRSAEncryption
+        Issuer: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=DEMONSTRATION AND TESTING, CN=DEMO ZERO VALUE CA
+        Validity
+            Not Before: May 13 05:40:58 1998 GMT
+            Not After : May 12 05:40:58 2000 GMT
+        Subject: C=AU, SP=Queensland, L=Brisbane, O=Cryptsoft Pty Ltd, OU=SMIME 003, CN=Information/Email=info@cryptsoft.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Modulus:
+                    00:ad:e7:23:89:ee:0d:87:b7:9c:32:44:4b:95:81:
+                    73:dd:22:80:4b:2d:c5:60:b8:fe:1e:18:63:ef:dc:
+                    89:89:22:df:95:3c:7a:db:3d:9a:06:a8:08:d6:29:
+                    fd:ef:41:09:91:ed:bc:ad:98:f9:f6:28:90:62:6f:
+                    e7:e7:0c:4d:0b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            Netscape Comment: 
+                Generated with SSLeay
+    Signature Algorithm: md5withRSAEncryption
+        52:15:ea:88:f4:f0:f9:0b:ef:ce:d5:f8:83:40:61:16:5e:55:
+        f9:ce:2d:d1:8b:31:5c:03:c6:2d:10:7c:61:d5:5c:0a:42:97:
+        d1:fd:65:b6:b6:84:a5:39:ec:46:ec:fc:e0:0d:d9:22:da:1b:
+        50:74:ad:92:cb:4e:90:e5:fa:7d
+
+-----BEGIN CERTIFICATE-----
+MIICTDCCAfagAwIBAgICBH0wDQYJKoZIhvcNAQEEBQAwgZIxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UE
+ChMRQ3J5cHRzb2Z0IFB0eSBMdGQxIjAgBgNVBAsTGURFTU9OU1RSQVRJT04gQU5E
+IFRFU1RJTkcxGzAZBgNVBAMTEkRFTU8gWkVSTyBWQUxVRSBDQTAeFw05ODA1MTMw
+NTQwNThaFw0wMDA1MTIwNTQwNThaMIGeMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+UXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0c29m
+dCBQdHkgTHRkMRIwEAYDVQQLEwlTTUlNRSAwMDMxFDASBgNVBAMTC0luZm9ybWF0
+aW9uMSEwHwYJKoZIhvcNAQkBFhJpbmZvQGNyeXB0c29mdC5jb20wXDANBgkqhkiG
+9w0BAQEFAANLADBIAkEArecjie4Nh7ecMkRLlYFz3SKASy3FYLj+Hhhj79yJiSLf
+lTx62z2aBqgI1in970EJke28rZj59iiQYm/n5wxNCwIDAQABoygwJjAkBglghkgB
+hvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0GCSqGSIb3DQEBBAUAA0EA
+UhXqiPTw+QvvztX4g0BhFl5V+c4t0YsxXAPGLRB8YdVcCkKX0f1ltraEpTnsRuz8
+4A3ZItobUHStkstOkOX6fQ==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAK3nI4nuDYe3nDJES5WBc90igEstxWC4/h4YY+/ciYki35U8ets9
+mgaoCNYp/e9BCZHtvK2Y+fYokGJv5+cMTQsCAwEAAQJBAIHpvXvqEcOEoDRRHuIG
+fkcB4jPHcr9KE9TpxabH6xs9beN6OJnkePXAHwaz5MnUgSnbpOKq+cw8miKjXwe/
+zVECIQDVLwncT2lRmXarEYHzb+q/0uaSvKhWKKt3kJasLNTrAwIhANDUc/ghut29
+p3jJYjurzUKuG774/5eLjPLsxPPIZzNZAiA/10hSq41UnGqHLEUIS9m2/EeEZe7b
+bm567dfRU9OnVQIgDo8ROrZXSchEGbaog5J5r/Fle83uO8l93R3GqVxKXZkCIFfk
+IPD5PIYQAyyod3hyKKza7ZP4CGY4oOfZetbkSGGG
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
new file mode 100644
index 0000000000..d834408bd4
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -0,0 +1,110 @@
+/* crypto/rand/rand_egd.c */
+/* Written by Ulf Moeller for the OpenSSL project. */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/rand.h>
+
+/* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
+ */
+
+#if defined(WIN32) || defined(VMS) || defined(__VMS)
+int RAND_egd(const char *path)
+        {
+        return(-1);
+        }
+#else
+#include <openssl/opensslconf.h>
+#include OPENSSL_UNISTD
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <string.h>
+
+#ifndef offsetof
+#  define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
+#endif
+
+int RAND_egd(const char *path)
+        {
+        int ret = -1;
+        struct sockaddr_un addr;
+        int len, num;
+        int fd = -1;
+        unsigned char buf[256];
+
+        memset(&addr, 0, sizeof(addr));
+        addr.sun_family = AF_UNIX;
+        if (strlen(path) > sizeof(addr.sun_path))
+                return (-1);
+        strcpy(addr.sun_path,path);
+        len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
+        fd = socket(AF_UNIX, SOCK_STREAM, 0);
+        if (fd == -1) return (-1);
+        if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err;
+        buf[0] = 1;
+        buf[1] = 255;
+        write(fd, buf, 2);
+        if (read(fd, buf, 1) != 1) goto err;
+    if (buf[0] == 0) goto err;
+        num = read(fd, buf, 255);
+        if (num < 1) goto err;
+        RAND_seed(buf, num);
+        if (RAND_status() == 1)
+                ret = num;
+ err:
+        if (fd != -1) close(fd);
+        return(ret);
+        }
+#endif
diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h
new file mode 100644
index 0000000000..120e9366d2
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_lcl.h
@@ -0,0 +1,184 @@
+/* crypto/rand/md_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_RAND_LCL_H
+#define HEADER_RAND_LCL_H
+
+#define ENTROPY_NEEDED 20  /* require 160 bits = 20 bytes of randomness */
+
+
+#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#if !defined(NO_SHA) && !defined(NO_SHA1)
+#define USE_SHA1_RAND
+#elif !defined(NO_MD5)
+#define USE_MD5_RAND
+#elif !defined(NO_MDC2) && !defined(NO_DES)
+#define USE_MDC2_RAND
+#elif !defined(NO_MD2)
+#define USE_MD2_RAND
+#else
+#error No message digest algorithm available
+#endif
+#endif
+
+#if defined(USE_MD5_RAND)
+#include <openssl/md5.h>
+#define MD_DIGEST_LENGTH        MD5_DIGEST_LENGTH
+#define MD(a,b,c)               MD5(a,b,c)
+#elif defined(USE_SHA1_RAND)
+#include <openssl/sha.h>
+#define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH
+#define MD(a,b,c)               SHA1(a,b,c)
+#elif defined(USE_MDC2_RAND)
+#include <openssl/mdc2.h>
+#define MD_DIGEST_LENGTH        MDC2_DIGEST_LENGTH
+#define MD(a,b,c)               MDC2(a,b,c)
+#elif defined(USE_MD2_RAND)
+#include <openssl/md2.h>
+#define MD_DIGEST_LENGTH        MD2_DIGEST_LENGTH
+#define MD(a,b,c)               MD2(a,b,c)
+#endif
+#if defined(USE_MD5_RAND)
+#include <openssl/md5.h>
+#define MD_DIGEST_LENGTH        MD5_DIGEST_LENGTH
+#define MD_CTX                  MD5_CTX
+#define MD_Init(a)              MD5_Init(a)
+#define MD_Update(a,b,c)        MD5_Update(a,b,c)
+#define MD_Final(a,b)           MD5_Final(a,b)
+#define MD(a,b,c)               MD5(a,b,c)
+#elif defined(USE_SHA1_RAND)
+#include <openssl/sha.h>
+#define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH
+#define MD_CTX                  SHA_CTX
+#define MD_Init(a)              SHA1_Init(a)
+#define MD_Update(a,b,c)        SHA1_Update(a,b,c)
+#define MD_Final(a,b)           SHA1_Final(a,b)
+#define MD(a,b,c)               SHA1(a,b,c)
+#elif defined(USE_MDC2_RAND)
+#include <openssl/mdc2.h>
+#define MD_DIGEST_LENGTH        MDC2_DIGEST_LENGTH
+#define MD_CTX                  MDC2_CTX
+#define MD_Init(a)              MDC2_Init(a)
+#define MD_Update(a,b,c)        MDC2_Update(a,b,c)
+#define MD_Final(a,b)           MDC2_Final(a,b)
+#define MD(a,b,c)               MDC2(a,b,c)
+#elif defined(USE_MD2_RAND)
+#include <openssl/md2.h>
+#define MD_DIGEST_LENGTH        MD2_DIGEST_LENGTH
+#define MD_CTX                  MD2_CTX
+#define MD_Init(a)              MD2_Init(a)
+#define MD_Update(a,b,c)        MD2_Update(a,b,c)
+#define MD_Final(a,b)           MD2_Final(a,b)
+#define MD(a,b,c)               MD2(a,b,c)
+#endif
+
+
+#endif
diff --git a/src/lib/libcrypto/rand/rand_os2.c b/src/lib/libcrypto/rand/rand_os2.c
new file mode 100644
index 0000000000..c3e36d4e5e
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_os2.c
@@ -0,0 +1,147 @@
+/* crypto/rand/rand_os2.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#ifdef OPENSSL_SYS_OS2
+
+#define INCL_DOSPROCESS
+#define INCL_DOSPROFILE
+#define INCL_DOSMISC
+#define INCL_DOSMODULEMGR
+#include <os2.h>
+
+#define   CMD_KI_RDCNT    (0x63)
+
+typedef struct _CPUUTIL {
+    ULONG ulTimeLow;            /* Low 32 bits of time stamp      */
+    ULONG ulTimeHigh;           /* High 32 bits of time stamp     */
+    ULONG ulIdleLow;            /* Low 32 bits of idle time       */
+    ULONG ulIdleHigh;           /* High 32 bits of idle time      */
+    ULONG ulBusyLow;            /* Low 32 bits of busy time       */
+    ULONG ulBusyHigh;           /* High 32 bits of busy time      */
+    ULONG ulIntrLow;            /* Low 32 bits of interrupt time  */
+    ULONG ulIntrHigh;           /* High 32 bits of interrupt time */
+} CPUUTIL;
+
+APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, ULONG ulParm2, ULONG ulParm3) = NULL;
+APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, ULONG _res_, PVOID buf, ULONG bufsz) = NULL;
+HMODULE hDoscalls = 0;
+
+int RAND_poll(void)
+{
+    char failed_module[20];
+    QWORD qwTime;
+    ULONG SysVars[QSV_FOREGROUND_PROCESS];
+
+    if (hDoscalls == 0) {
+        ULONG rc = DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", &hDoscalls);
+
+        if (rc == 0) {
+            rc = DosQueryProcAddr(hDoscalls, 976, NULL, (PFN *)&DosPerfSysCall);
+
+            if (rc)
+                DosPerfSysCall = NULL;
+
+            rc = DosQueryProcAddr(hDoscalls, 368, NULL, (PFN *)&DosQuerySysState);
+
+            if (rc)
+                DosQuerySysState = NULL;
+        }
+    }
+
+    /* Sample the hi-res timer, runs at around 1.1 MHz */
+    DosTmrQueryTime(&qwTime);
+    RAND_add(&qwTime, sizeof(qwTime), 2);
+
+    /* Sample a bunch of system variables, includes various process & memory statistics */
+    DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars));
+    RAND_add(SysVars, sizeof(SysVars), 4);
+
+    /* If available, sample CPU registers that count at CPU MHz
+     * Only fairly new CPUs (PPro & K6 onwards) & OS/2 versions support this
+     */
+    if (DosPerfSysCall) {
+        CPUUTIL util;
+
+        if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG)&util, 0, 0) == 0) {
+            RAND_add(&util, sizeof(util), 10);
+        }
+        else {
+            DosPerfSysCall = NULL;
+        }
+    }
+
+    /* DosQuerySysState() gives us a huge quantity of process, thread, memory & handle stats */
+    if (DosQuerySysState) {
+        char *buffer = OPENSSL_malloc(256 * 1024);
+
+        if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
+            /* First 4 bytes in buffer is a pointer to the thread count
+             * there should be at least 1 byte of entropy per thread
+             */
+            RAND_add(buffer, 256 * 1024, **(ULONG **)buffer);
+        }
+
+        OPENSSL_free(buffer);
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* OPENSSL_SYS_OS2 */
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
new file mode 100644
index 0000000000..0b29235130
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -0,0 +1,274 @@
+/* crypto/rand/rand_unix.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2))
+
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/times.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <time.h>
+
+#ifdef __OpenBSD__
+#undef DEVRANDOM
+#define DEVRANDOM "/dev/arandom"
+int RAND_poll(void)
+{
+        unsigned long l;
+        pid_t curr_pid = getpid();
+        FILE *fh;
+
+        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+         * have this. Use /dev/urandom if you can as /dev/random may block
+         * if it runs out of random entries.  */
+
+        if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+                {
+                unsigned char tmpbuf[ENTROPY_NEEDED];
+                int n;
+
+                setvbuf(fh, NULL, _IONBF, 0);
+                n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
+                fclose(fh);
+                RAND_add(tmpbuf,sizeof tmpbuf,n);
+                memset(tmpbuf,0,n);
+                }
+
+        /* put in some default random data, we need more than just this */
+        l=curr_pid;
+        RAND_add(&l,sizeof(l),0);
+        l=getuid();
+        RAND_add(&l,sizeof(l),0);
+
+        l=time(NULL);
+        RAND_add(&l,sizeof(l),0);
+
+        return 1;
+}
+#else
+int RAND_poll(void)
+{
+        unsigned long l;
+        pid_t curr_pid = getpid();
+#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+        unsigned char tmpbuf[ENTROPY_NEEDED];
+        int n = 0;
+#endif
+#ifdef DEVRANDOM
+        static const char *randomfiles[] = { DEVRANDOM, NULL };
+        const char **randomfile = NULL;
+        int fd;
+#endif
+#ifdef DEVRANDOM_EGD
+        static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
+        const char **egdsocket = NULL;
+#endif
+
+#ifdef DEVRANDOM
+        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+         * have this. Use /dev/urandom if you can as /dev/random may block
+         * if it runs out of random entries.  */
+
+        for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++)
+                {
+                if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK
+#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
+                   our controlling tty */
+                        |O_NOCTTY
+#endif
+#ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */
+                        |O_NOFOLLOW
+#endif
+                        )) >= 0)
+                        {
+                        struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
+                                                              each file. */
+                        int r;
+                        fd_set fset;
+
+                        do
+                                {
+                                FD_ZERO(&fset);
+                                FD_SET(fd, &fset);
+                                r = -1;
+
+                                if (select(fd+1,&fset,NULL,NULL,&t) < 0)
+                                        t.tv_usec=0;
+                                else if (FD_ISSET(fd, &fset))
+                                        {
+                                        r=read(fd,(unsigned char *)tmpbuf+n,
+                                               ENTROPY_NEEDED-n);
+                                        if (r > 0)
+                                                n += r;
+                                        }
+
+                                /* Some Unixen will update t, some
+                                   won't.  For those who won't, give
+                                   up here, otherwise, we will do
+                                   this once again for the remaining
+                                   time. */
+                                if (t.tv_usec == 10*1000)
+                                        t.tv_usec=0;
+                                }
+                        while ((r > 0 || (errno == EINTR || errno == EAGAIN))
+                                && t.tv_usec != 0 && n < ENTROPY_NEEDED);
+
+                        close(fd);
+                        }
+                }
+#endif
+
+#ifdef DEVRANDOM_EGD
+        /* Use an EGD socket to read entropy from an EGD or PRNGD entropy
+         * collecting daemon. */
+
+        for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED; egdsocket++)
+                {
+                int r;
+
+                r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf+n,
+                                         ENTROPY_NEEDED-n);
+                if (r > 0)
+                        n += r;
+                }
+#endif
+
+#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+        if (n > 0)
+                {
+                RAND_add(tmpbuf,sizeof tmpbuf,n);
+                memset(tmpbuf,0,n);
+                }
+#endif
+
+        /* put in some default random data, we need more than just this */
+        l=curr_pid;
+        RAND_add(&l,sizeof(l),0);
+        l=getuid();
+        RAND_add(&l,sizeof(l),0);
+
+        l=time(NULL);
+        RAND_add(&l,sizeof(l),0);
+
+#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+        return 1;
+#else
+        return 0;
+#endif
+}
+
+#endif
+#endif
diff --git a/src/lib/libcrypto/rand/rand_vms.c b/src/lib/libcrypto/rand/rand_vms.c
new file mode 100644
index 0000000000..29b2d7af0b
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_vms.c
@@ -0,0 +1,135 @@
+/* crypto/rand/rand_vms.c -*- mode:C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if defined(OPENSSL_SYS_VMS)
+
+#include <descrip.h>
+#include <jpidef.h>
+#include <ssdef.h>
+#include <starlet.h>
+#ifdef __DECC
+# pragma message disable DOLLARID
+#endif
+
+static struct items_data_st
+        {
+        short length, code;     /* length is amount of bytes */
+        } items_data[] =
+                { { 4, JPI$_BUFIO },
+                  { 4, JPI$_CPUTIM },
+                  { 4, JPI$_DIRIO },
+                  { 8, JPI$_LOGINTIM },
+                  { 4, JPI$_PAGEFLTS },
+                  { 4, JPI$_PID },
+                  { 4, JPI$_WSSIZE },
+                  { 0, 0 }
+                };
+                  
+int RAND_poll(void)
+        {
+        long pid, iosb[2];
+        int status = 0;
+        struct
+                {
+                short length, code;
+                long *buffer;
+                int *retlen;
+                } item[32], *pitem;
+        unsigned char data_buffer[256];
+        short total_length = 0;
+        struct items_data_st *pitems_data;
+
+        pitems_data = items_data;
+        pitem = item;
+
+        /* Setup */
+        while (pitems_data->length)
+                {
+                pitem->length = pitems_data->length;
+                pitem->code = pitems_data->code;
+                pitem->buffer = (long *)data_buffer[total_length];
+                pitem->retlen = 0;
+                total_length += pitems_data->length;
+                pitems_data++;
+                pitem++;
+                }
+        pitem->length = pitem->code = 0;
+
+        /*
+         * Scan through all the processes in the system and add entropy with
+         * results from the processes that were possible to look at.
+         * However, view the information as only half trustable.
+         */
+        pid = -1;                       /* search context */
+        while ((status = sys$getjpiw(0, &pid,  0, item, iosb, 0, 0))
+                != SS$_NOMOREPROC)
+                {
+                if (status == SS$_NORMAL)
+                        {
+                        RAND_add(data_buffer, total_length, total_length/2);
+                        }
+                }
+        sys$gettim(iosb);
+        RAND_add((unsigned char *)iosb, sizeof(iosb), sizeof(iosb)/2);
+        return 1;
+}
+
+#endif
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c
new file mode 100644
index 0000000000..9f2dcff9a9
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_win.c
@@ -0,0 +1,732 @@
+/* crypto/rand/rand_win.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if defined(WINDOWS) || defined(WIN32)
+#include <windows.h>
+#ifndef _WIN32_WINNT
+# define _WIN32_WINNT 0x0400
+#endif
+#include <wincrypt.h>
+#include <tlhelp32.h>
+
+/* Intel hardware RNG CSP -- available from
+ * http://developer.intel.com/design/security/rng/redist_license.htm
+ */
+#define PROV_INTEL_SEC 22
+#define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider"
+
+static void readtimer(void);
+static void readscreen(void);
+
+/* It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
+   when WINVER is 0x0500 and up, which currently only happens on Win2000.
+   Unfortunately, those are typedefs, so they're a little bit difficult to
+   detect properly.  On the other hand, the macro CURSOR_SHOWING is defined
+   within the same conditional, so it can be use to detect the absence of said
+   typedefs. */
+
+#ifndef CURSOR_SHOWING
+/*
+ * Information about the global cursor.
+ */
+typedef struct tagCURSORINFO
+{
+    DWORD   cbSize;
+    DWORD   flags;
+    HCURSOR hCursor;
+    POINT   ptScreenPos;
+} CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
+
+#define CURSOR_SHOWING     0x00000001
+#endif /* CURSOR_SHOWING */
+
+typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *, LPCTSTR, LPCTSTR,
+                                    DWORD, DWORD);
+typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
+typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
+
+typedef HWND (WINAPI *GETFOREGROUNDWINDOW)(VOID);
+typedef BOOL (WINAPI *GETCURSORINFO)(PCURSORINFO);
+typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT);
+
+typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD);
+typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD);
+typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32);
+typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32);
+typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32);
+typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
+typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
+
+#include <lmcons.h>
+#include <lmstats.h>
+#if 1 /* The NET API is Unicode only.  It requires the use of the UNICODE
+       * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
+       * was added to the Platform SDK to allow the NET API to be used in
+       * non-Unicode applications provided that Unicode strings were still
+       * used for input.  LMSTR is defined as LPWSTR.
+       */
+typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
+        (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
+typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
+#endif /* 1 */
+
+int RAND_poll(void)
+{
+        MEMORYSTATUS m;
+        HCRYPTPROV hProvider = 0;
+        BYTE buf[64];
+        DWORD w;
+        HWND h;
+
+        HMODULE advapi, kernel, user, netapi;
+        CRYPTACQUIRECONTEXT acquire = 0;
+        CRYPTGENRANDOM gen = 0;
+        CRYPTRELEASECONTEXT release = 0;
+#if 1 /* There was previously a problem with NETSTATGET.  Currently, this
+       * section is still experimental, but if all goes well, this conditional
+       * will be removed
+       */
+        NETSTATGET netstatget = 0;
+        NETFREE netfree = 0;
+#endif /* 1 */
+
+        /* Determine the OS version we are on so we can turn off things 
+         * that do not work properly.
+         */
+        OSVERSIONINFO osverinfo ;
+        osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
+        GetVersionEx( &osverinfo ) ;
+
+        /* load functions dynamically - not available on all systems */
+        advapi = LoadLibrary("ADVAPI32.DLL");
+        kernel = LoadLibrary("KERNEL32.DLL");
+        user = LoadLibrary("USER32.DLL");
+        netapi = LoadLibrary("NETAPI32.DLL");
+
+#if 1 /* There was previously a problem with NETSTATGET.  Currently, this
+       * section is still experimental, but if all goes well, this conditional
+       * will be removed
+       */
+        if (netapi)
+                {
+                netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
+                netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
+                }
+
+        if (netstatget && netfree)
+                {
+                LPBYTE outbuf;
+                /* NetStatisticsGet() is a Unicode only function
+                 * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0
+                 * contains 17 fields.  We treat each field as a source of
+                 * one byte of entropy.
+                 */
+
+                if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0)
+                        {
+                        RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
+                        netfree(outbuf);
+                        }
+                if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0)
+                        {
+                        RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
+                        netfree(outbuf);
+                        }
+                }
+
+        if (netapi)
+                FreeLibrary(netapi);
+#endif /* 1 */
+ 
+        /* It appears like this can cause an exception deep within ADVAPI32.DLL
+         * at random times on Windows 2000.  Reported by Jeffrey Altman.  
+         * Only use it on NT.
+         */
+        if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
+                osverinfo.dwMajorVersion < 5)
+                {
+                /* Read Performance Statistics from NT/2000 registry
+                 * The size of the performance data can vary from call
+                 * to call so we must guess the size of the buffer to use
+                 * and increase its size if we get an ERROR_MORE_DATA
+                 * return instead of ERROR_SUCCESS.
+                 */
+                LONG   rc=ERROR_MORE_DATA;
+                char * buf=NULL;
+                DWORD bufsz=0;
+                DWORD length;
+
+                while (rc == ERROR_MORE_DATA)
+                        {
+                        buf = realloc(buf,bufsz+8192);
+                        if (!buf)
+                                break;
+                        bufsz += 8192;
+
+                        length = bufsz;
+                        rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, "Global",
+                                NULL, NULL, buf, &length);
+                        }
+                if (rc == ERROR_SUCCESS)
+                        {
+                        /* For entropy count assume only least significant
+                         * byte of each DWORD is random.
+                         */
+                        RAND_add(&length, sizeof(length), 0);
+                        RAND_add(buf, length, length / 4.0);
+                        }
+                if (buf)
+                        free(buf);
+                }
+
+        if (advapi)
+                {
+                acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
+                        "CryptAcquireContextA");
+                gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
+                        "CryptGenRandom");
+                release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
+                        "CryptReleaseContext");
+                }
+
+        if (acquire && gen && release)
+                {
+                /* poll the CryptoAPI PRNG */
+                /* The CryptoAPI returns sizeof(buf) bytes of randomness */
+                if (acquire(&hProvider, 0, 0, PROV_RSA_FULL,
+                        CRYPT_VERIFYCONTEXT))
+                        {
+                        if (gen(hProvider, sizeof(buf), buf) != 0)
+                                {
+                                RAND_add(buf, sizeof(buf), sizeof(buf));
+#ifdef DEBUG
+                                printf("randomness from PROV_RSA_FULL\n");
+#endif
+                                }
+                        release(hProvider, 0); 
+                        }
+                
+                /* poll the Pentium PRG with CryptoAPI */
+                if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0))
+                        {
+                        if (gen(hProvider, sizeof(buf), buf) != 0)
+                                {
+                                RAND_add(buf, sizeof(buf), sizeof(buf));
+#ifdef DEBUG
+                                printf("randomness from PROV_INTEL_SEC\n");
+#endif
+                                }
+                        release(hProvider, 0);
+                        }
+                }
+
+        if (advapi)
+                FreeLibrary(advapi);
+
+        /* timer data */
+        readtimer();
+        
+        /* memory usage statistics */
+        GlobalMemoryStatus(&m);
+        RAND_add(&m, sizeof(m), 1);
+
+        /* process ID */
+        w = GetCurrentProcessId();
+        RAND_add(&w, sizeof(w), 1);
+
+        if (user)
+                {
+                GETCURSORINFO cursor;
+                GETFOREGROUNDWINDOW win;
+                GETQUEUESTATUS queue;
+
+                win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
+                cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
+                queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
+
+                if (win)
+                        {
+                        /* window handle */
+                        h = win();
+                        RAND_add(&h, sizeof(h), 0);
+                        }
+                if (cursor)
+                        {
+                        /* unfortunately, its not safe to call GetCursorInfo()
+                         * on NT4 even though it exists in SP3 (or SP6) and
+                         * higher.
+                         */
+                        if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
+                                osverinfo.dwMajorVersion < 5)
+                                cursor = 0;
+                        }
+                if (cursor)
+                        {
+                        /* cursor position */
+                        /* assume 2 bytes of entropy */
+                        CURSORINFO ci;
+                        ci.cbSize = sizeof(CURSORINFO);
+                        if (cursor(&ci))
+                                RAND_add(&ci, ci.cbSize, 2);
+                        }
+
+                if (queue)
+                        {
+                        /* message queue status */
+                        /* assume 1 byte of entropy */
+                        w = queue(QS_ALLEVENTS);
+                        RAND_add(&w, sizeof(w), 1);
+                        }
+
+                FreeLibrary(user);
+                }
+
+        /* Toolhelp32 snapshot: enumerate processes, threads, modules and heap
+         * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
+         * (Win 9x and 2000 only, not available on NT)
+         *
+         * This seeding method was proposed in Peter Gutmann, Software
+         * Generation of Practically Strong Random Numbers,
+         * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
+     * revised version at http://www.cryptoengines.com/~peter/06_random.pdf
+         * (The assignment of entropy estimates below is arbitrary, but based
+         * on Peter's analysis the full poll appears to be safe. Additional
+         * interactive seeding is encouraged.)
+         */
+
+        if (kernel)
+                {
+                CREATETOOLHELP32SNAPSHOT snap;
+                HANDLE handle;
+
+                HEAP32FIRST heap_first;
+                HEAP32NEXT heap_next;
+                HEAP32LIST heaplist_first, heaplist_next;
+                PROCESS32 process_first, process_next;
+                THREAD32 thread_first, thread_next;
+                MODULE32 module_first, module_next;
+
+                HEAPLIST32 hlist;
+                HEAPENTRY32 hentry;
+                PROCESSENTRY32 p;
+                THREADENTRY32 t;
+                MODULEENTRY32 m;
+
+                snap = (CREATETOOLHELP32SNAPSHOT)
+                        GetProcAddress(kernel, "CreateToolhelp32Snapshot");
+                heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
+                heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
+                heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
+                heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
+                process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
+                process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
+                thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
+                thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
+                module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
+                module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
+
+                if (snap && heap_first && heap_next && heaplist_first &&
+                        heaplist_next && process_first && process_next &&
+                        thread_first && thread_next && module_first &&
+                        module_next && (handle = snap(TH32CS_SNAPALL,0))
+                        != NULL)
+                        {
+                        /* heap list and heap walking */
+                        /* HEAPLIST32 contains 3 fields that will change with
+                         * each entry.  Consider each field a source of 1 byte
+                         * of entropy.
+                         * HEAPENTRY32 contains 5 fields that will change with 
+                         * each entry.  Consider each field a source of 1 byte
+                         * of entropy.
+                         */
+                        hlist.dwSize = sizeof(HEAPLIST32);              
+                        if (heaplist_first(handle, &hlist))
+                                do
+                                        {
+                                        RAND_add(&hlist, hlist.dwSize, 3);
+                                        hentry.dwSize = sizeof(HEAPENTRY32);
+                                        if (heap_first(&hentry,
+                                                hlist.th32ProcessID,
+                                                hlist.th32HeapID))
+                                                {
+                                                int entrycnt = 50;
+                                                do
+                                                        RAND_add(&hentry,
+                                                                hentry.dwSize, 5);
+                                                while (heap_next(&hentry)
+                                                        && --entrycnt > 0);
+                                                }
+                                        } while (heaplist_next(handle,
+                                                &hlist));
+                        
+                        /* process walking */
+                        /* PROCESSENTRY32 contains 9 fields that will change
+                         * with each entry.  Consider each field a source of
+                         * 1 byte of entropy.
+                         */
+                        p.dwSize = sizeof(PROCESSENTRY32);
+                        if (process_first(handle, &p))
+                                do
+                                        RAND_add(&p, p.dwSize, 9);
+                                while (process_next(handle, &p));
+
+                        /* thread walking */
+                        /* THREADENTRY32 contains 6 fields that will change
+                         * with each entry.  Consider each field a source of
+                         * 1 byte of entropy.
+                         */
+                        t.dwSize = sizeof(THREADENTRY32);
+                        if (thread_first(handle, &t))
+                                do
+                                        RAND_add(&t, t.dwSize, 6);
+                                while (thread_next(handle, &t));
+
+                        /* module walking */
+                        /* MODULEENTRY32 contains 9 fields that will change
+                         * with each entry.  Consider each field a source of
+                         * 1 byte of entropy.
+                         */
+                        m.dwSize = sizeof(MODULEENTRY32);
+                        if (module_first(handle, &m))
+                                do
+                                        RAND_add(&m, m.dwSize, 9);
+                                while (module_next(handle, &m));
+
+                        CloseHandle(handle);
+                        }
+
+                FreeLibrary(kernel);
+                }
+
+#ifdef DEBUG
+        printf("Exiting RAND_poll\n");
+#endif
+
+        return(1);
+}
+
+int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
+        {
+        double add_entropy=0;
+
+        switch (iMsg)
+                {
+        case WM_KEYDOWN:
+                        {
+                        static WPARAM key;
+                        if (key != wParam)
+                                add_entropy = 0.05;
+                        key = wParam;
+                        }
+                        break;
+        case WM_MOUSEMOVE:
+                        {
+                        static int lastx,lasty,lastdx,lastdy;
+                        int x,y,dx,dy;
+
+                        x=LOWORD(lParam);
+                        y=HIWORD(lParam);
+                        dx=lastx-x;
+                        dy=lasty-y;
+                        if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0)
+                                add_entropy=.2;
+                        lastx=x, lasty=y;
+                        lastdx=dx, lastdy=dy;
+                        }
+                break;
+                }
+
+        readtimer();
+        RAND_add(&iMsg, sizeof(iMsg), add_entropy);
+        RAND_add(&wParam, sizeof(wParam), 0);
+        RAND_add(&lParam, sizeof(lParam), 0);
+ 
+        return (RAND_status());
+        }
+
+
+void RAND_screen(void) /* function available for backward compatibility */
+{
+        RAND_poll();
+        readscreen();
+}
+
+
+/* feed timing information to the PRNG */
+static void readtimer(void)
+{
+        DWORD w;
+        LARGE_INTEGER l;
+        static int have_perfc = 1;
+#ifndef __GNUC__
+        static int have_tsc = 1;
+        DWORD cyclecount;
+
+        if (have_tsc) {
+          __try {
+            __asm {
+              rdtsc
+              mov cyclecount, eax
+              }
+            RAND_add(&cyclecount, sizeof(cyclecount), 1);
+          } __except(EXCEPTION_EXECUTE_HANDLER) {
+            have_tsc = 0;
+          }
+        }
+#else
+# define have_tsc 0
+#endif
+
+        if (have_perfc) {
+          if (QueryPerformanceCounter(&l) == 0)
+            have_perfc = 0;
+          else
+            RAND_add(&l, sizeof(l), 0);
+        }
+
+        if (!have_tsc && !have_perfc) {
+          w = GetTickCount();
+          RAND_add(&w, sizeof(w), 0);
+        }
+}
+
+/* feed screen contents to PRNG */
+/*****************************************************************************
+ *
+ * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
+ *
+ * Code adapted from
+ * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
+ * the original copyright message is:
+ *
+ *   (C) Copyright Microsoft Corp. 1993.  All rights reserved.
+ *
+ *   You have a royalty-free right to use, modify, reproduce and
+ *   distribute the Sample Files (and/or any modified version) in
+ *   any way you find useful, provided that you agree that
+ *   Microsoft has no warranty obligations or liability for any
+ *   Sample Application Files which are modified.
+ */
+
+static void readscreen(void)
+{
+  HDC           hScrDC;         /* screen DC */
+  HDC           hMemDC;         /* memory DC */
+  HBITMAP       hBitmap;        /* handle for our bitmap */
+  HBITMAP       hOldBitmap;     /* handle for previous bitmap */
+  BITMAP        bm;             /* bitmap properties */
+  unsigned int  size;           /* size of bitmap */
+  char          *bmbits;        /* contents of bitmap */
+  int           w;              /* screen width */
+  int           h;              /* screen height */
+  int           y;              /* y-coordinate of screen lines to grab */
+  int           n = 16;         /* number of screen lines to grab at a time */
+
+  /* Create a screen DC and a memory DC compatible to screen DC */
+  hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+  hMemDC = CreateCompatibleDC(hScrDC);
+
+  /* Get screen resolution */
+  w = GetDeviceCaps(hScrDC, HORZRES);
+  h = GetDeviceCaps(hScrDC, VERTRES);
+
+  /* Create a bitmap compatible with the screen DC */
+  hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
+
+  /* Select new bitmap into memory DC */
+  hOldBitmap = SelectObject(hMemDC, hBitmap);
+
+  /* Get bitmap properties */
+  GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
+  size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
+
+  bmbits = OPENSSL_malloc(size);
+  if (bmbits) {
+    /* Now go through the whole screen, repeatedly grabbing n lines */
+    for (y = 0; y < h-n; y += n)
+        {
+        unsigned char md[MD_DIGEST_LENGTH];
+
+        /* Bitblt screen DC to memory DC */
+        BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
+
+        /* Copy bitmap bits from memory DC to bmbits */
+        GetBitmapBits(hBitmap, size, bmbits);
+
+        /* Get the hash of the bitmap */
+        MD(bmbits,size,md);
+
+        /* Seed the random generator with the hash value */
+        RAND_add(md, MD_DIGEST_LENGTH, 0);
+        }
+
+    OPENSSL_free(bmbits);
+  }
+
+  /* Select old bitmap back into memory DC */
+  hBitmap = SelectObject(hMemDC, hOldBitmap);
+
+  /* Clean up */
+  DeleteObject(hBitmap);
+  DeleteDC(hMemDC);
+  DeleteDC(hScrDC);
+}
+
+#else /* Unix version */
+
+#include <time.h>
+
+int RAND_poll(void)
+{
+        unsigned long l;
+        pid_t curr_pid = getpid();
+#ifdef DEVRANDOM
+        FILE *fh;
+#endif
+
+#ifdef DEVRANDOM
+        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+         * have this. Use /dev/urandom if you can as /dev/random may block
+         * if it runs out of random entries.  */
+
+        if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+                {
+                unsigned char tmpbuf[ENTROPY_NEEDED];
+                int n;
+                
+                setvbuf(fh, NULL, _IONBF, 0);
+                n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
+                fclose(fh);
+                RAND_add(tmpbuf,sizeof tmpbuf,n);
+                memset(tmpbuf,0,n);
+                }
+#endif
+
+        /* put in some default random data, we need more than just this */
+        l=curr_pid;
+        RAND_add(&l,sizeof(l),0);
+        l=getuid();
+        RAND_add(&l,sizeof(l),0);
+
+        l=time(NULL);
+        RAND_add(&l,sizeof(l),0);
+
+#ifdef DEVRANDOM
+        return 1;
+#endif
+        return 0;
+}
+
+#endif
diff --git a/src/lib/libcrypto/rc2/tab.c b/src/lib/libcrypto/rc2/tab.c
new file mode 100644
index 0000000000..25dc14eeba
--- /dev/null
+++ b/src/lib/libcrypto/rc2/tab.c
@@ -0,0 +1,86 @@
+#include <stdio.h>
+
+unsigned char ebits_to_num[256]={
+        0xbd,0x56,0xea,0xf2,0xa2,0xf1,0xac,0x2a,
+        0xb0,0x93,0xd1,0x9c,0x1b,0x33,0xfd,0xd0,
+        0x30,0x04,0xb6,0xdc,0x7d,0xdf,0x32,0x4b,
+        0xf7,0xcb,0x45,0x9b,0x31,0xbb,0x21,0x5a,
+        0x41,0x9f,0xe1,0xd9,0x4a,0x4d,0x9e,0xda,
+        0xa0,0x68,0x2c,0xc3,0x27,0x5f,0x80,0x36,
+        0x3e,0xee,0xfb,0x95,0x1a,0xfe,0xce,0xa8,
+        0x34,0xa9,0x13,0xf0,0xa6,0x3f,0xd8,0x0c,
+        0x78,0x24,0xaf,0x23,0x52,0xc1,0x67,0x17,
+        0xf5,0x66,0x90,0xe7,0xe8,0x07,0xb8,0x60,
+        0x48,0xe6,0x1e,0x53,0xf3,0x92,0xa4,0x72,
+        0x8c,0x08,0x15,0x6e,0x86,0x00,0x84,0xfa,
+        0xf4,0x7f,0x8a,0x42,0x19,0xf6,0xdb,0xcd,
+        0x14,0x8d,0x50,0x12,0xba,0x3c,0x06,0x4e,
+        0xec,0xb3,0x35,0x11,0xa1,0x88,0x8e,0x2b,
+        0x94,0x99,0xb7,0x71,0x74,0xd3,0xe4,0xbf,
+        0x3a,0xde,0x96,0x0e,0xbc,0x0a,0xed,0x77,
+        0xfc,0x37,0x6b,0x03,0x79,0x89,0x62,0xc6,
+        0xd7,0xc0,0xd2,0x7c,0x6a,0x8b,0x22,0xa3,
+        0x5b,0x05,0x5d,0x02,0x75,0xd5,0x61,0xe3,
+        0x18,0x8f,0x55,0x51,0xad,0x1f,0x0b,0x5e,
+        0x85,0xe5,0xc2,0x57,0x63,0xca,0x3d,0x6c,
+        0xb4,0xc5,0xcc,0x70,0xb2,0x91,0x59,0x0d,
+        0x47,0x20,0xc8,0x4f,0x58,0xe0,0x01,0xe2,
+        0x16,0x38,0xc4,0x6f,0x3b,0x0f,0x65,0x46,
+        0xbe,0x7e,0x2d,0x7b,0x82,0xf9,0x40,0xb5,
+        0x1d,0x73,0xf8,0xeb,0x26,0xc7,0x87,0x97,
+        0x25,0x54,0xb1,0x28,0xaa,0x98,0x9d,0xa5,
+        0x64,0x6d,0x7a,0xd4,0x10,0x81,0x44,0xef,
+        0x49,0xd6,0xae,0x2e,0xdd,0x76,0x5c,0x2f,
+        0xa7,0x1c,0xc9,0x09,0x69,0x9a,0x83,0xcf,
+        0x29,0x39,0xb9,0xe9,0x4c,0xff,0x43,0xab,
+        };
+
+unsigned char num_to_ebits[256]={
+        0x5d,0xbe,0x9b,0x8b,0x11,0x99,0x6e,0x4d,
+        0x59,0xf3,0x85,0xa6,0x3f,0xb7,0x83,0xc5,
+        0xe4,0x73,0x6b,0x3a,0x68,0x5a,0xc0,0x47,
+        0xa0,0x64,0x34,0x0c,0xf1,0xd0,0x52,0xa5,
+        0xb9,0x1e,0x96,0x43,0x41,0xd8,0xd4,0x2c,
+        0xdb,0xf8,0x07,0x77,0x2a,0xca,0xeb,0xef,
+        0x10,0x1c,0x16,0x0d,0x38,0x72,0x2f,0x89,
+        0xc1,0xf9,0x80,0xc4,0x6d,0xae,0x30,0x3d,
+        0xce,0x20,0x63,0xfe,0xe6,0x1a,0xc7,0xb8,
+        0x50,0xe8,0x24,0x17,0xfc,0x25,0x6f,0xbb,
+        0x6a,0xa3,0x44,0x53,0xd9,0xa2,0x01,0xab,
+        0xbc,0xb6,0x1f,0x98,0xee,0x9a,0xa7,0x2d,
+        0x4f,0x9e,0x8e,0xac,0xe0,0xc6,0x49,0x46,
+        0x29,0xf4,0x94,0x8a,0xaf,0xe1,0x5b,0xc3,
+        0xb3,0x7b,0x57,0xd1,0x7c,0x9c,0xed,0x87,
+        0x40,0x8c,0xe2,0xcb,0x93,0x14,0xc9,0x61,
+        0x2e,0xe5,0xcc,0xf6,0x5e,0xa8,0x5c,0xd6,
+        0x75,0x8d,0x62,0x95,0x58,0x69,0x76,0xa1,
+        0x4a,0xb5,0x55,0x09,0x78,0x33,0x82,0xd7,
+        0xdd,0x79,0xf5,0x1b,0x0b,0xde,0x26,0x21,
+        0x28,0x74,0x04,0x97,0x56,0xdf,0x3c,0xf0,
+        0x37,0x39,0xdc,0xff,0x06,0xa4,0xea,0x42,
+        0x08,0xda,0xb4,0x71,0xb0,0xcf,0x12,0x7a,
+        0x4e,0xfa,0x6c,0x1d,0x84,0x00,0xc8,0x7f,
+        0x91,0x45,0xaa,0x2b,0xc2,0xb1,0x8f,0xd5,
+        0xba,0xf2,0xad,0x19,0xb2,0x67,0x36,0xf7,
+        0x0f,0x0a,0x92,0x7d,0xe3,0x9d,0xe9,0x90,
+        0x3e,0x23,0x27,0x66,0x13,0xec,0x81,0x15,
+        0xbd,0x22,0xbf,0x9f,0x7e,0xa9,0x51,0x4b,
+        0x4c,0xfb,0x02,0xd3,0x70,0x86,0x31,0xe7,
+        0x3b,0x05,0x03,0x54,0x60,0x48,0x65,0x18,
+        0xd2,0xcd,0x5f,0x32,0x88,0x0e,0x35,0xfd,
+        };
+        
+main()
+        {
+        int i,j;
+
+        for (i=0; i<256; i++)
+                {
+                for (j=0; j<256; j++)
+                        if (ebits_to_num[j] == i)
+                                {
+                                printf("0x%02x,",j);
+                                break;
+                                }
+                }
+        }
diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c
new file mode 100644
index 0000000000..7b58a0eca3
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_null.c
@@ -0,0 +1,149 @@
+/* rsa_null.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+
+/* This is a dummy RSA implementation that just returns errors when called.
+ * It is designed to allow some RSA functions to work while stopping those
+ * covered by the RSA patent. That is RSA, encryption, decryption, signing
+ * and verify is not allowed but RSA key generation, key checking and other
+ * operations (like storing RSA keys) are permitted.
+ */
+
+static int RSA_null_public_encrypt(int flen, unsigned char *from,
+                unsigned char *to, RSA *rsa,int padding);
+static int RSA_null_private_encrypt(int flen, unsigned char *from,
+                unsigned char *to, RSA *rsa,int padding);
+static int RSA_null_public_decrypt(int flen, unsigned char *from,
+                unsigned char *to, RSA *rsa,int padding);
+static int RSA_null_private_decrypt(int flen, unsigned char *from,
+                unsigned char *to, RSA *rsa,int padding);
+#if 0 /* not currently used */
+static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
+#endif
+static int RSA_null_init(RSA *rsa);
+static int RSA_null_finish(RSA *rsa);
+static RSA_METHOD rsa_null_meth={
+        "Null RSA",
+        RSA_null_public_encrypt,
+        RSA_null_public_decrypt,
+        RSA_null_private_encrypt,
+        RSA_null_private_decrypt,
+        NULL, NULL,
+        RSA_null_init,
+        RSA_null_finish,
+        0,
+        NULL,
+        };
+
+RSA_METHOD *RSA_null_method(void)
+        {
+        return(&rsa_null_meth);
+        }
+
+static int RSA_null_public_encrypt(int flen, unsigned char *from,
+             unsigned char *to, RSA *rsa, int padding)
+        {
+        RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+        return -1;
+        }
+
+static int RSA_null_private_encrypt(int flen, unsigned char *from,
+             unsigned char *to, RSA *rsa, int padding)
+        {
+        RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+        return -1;
+        }
+
+static int RSA_null_private_decrypt(int flen, unsigned char *from,
+             unsigned char *to, RSA *rsa, int padding)
+        {
+        RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+        return -1;
+        }
+
+static int RSA_null_public_decrypt(int flen, unsigned char *from,
+             unsigned char *to, RSA *rsa, int padding)
+        {
+        RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+        return -1;
+        }
+
+#if 0 /* not currently used */
+static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+        {
+        RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+        return -1;
+        }
+#endif
+
+static int RSA_null_init(RSA *rsa)
+        {
+        return(1);
+        }
+
+static int RSA_null_finish(RSA *rsa)
+        {
+        return(1);
+        }
+
+
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c
new file mode 100644
index 0000000000..e5ae0c1f69
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_test.c
@@ -0,0 +1,314 @@
+/* test vectors from p1ovect1.txt */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "openssl/e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifdef NO_RSA
+int main(int argc, char *argv[])
+{
+    printf("No RSA support\n");
+    return(0);
+}
+#else
+#include <openssl/rsa.h>
+
+#define SetKey \
+  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
+  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
+  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
+  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
+  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
+  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
+  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
+  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
+  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
+  return (sizeof(ctext_ex) - 1);
+
+static int key1(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
+"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
+"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
+"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
+"\xF5";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
+"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
+"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
+"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
+
+    static unsigned char p[] =
+"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
+"\x0D";
+    
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x89";
+
+    static unsigned char dmp1[] =
+"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
+"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
+
+    static unsigned char dmq1[] =
+"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
+"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
+"\x51";
+
+    static unsigned char iqmp[] =
+"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
+"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
+
+    static unsigned char ctext_ex[] =
+"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
+"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
+"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
+"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
+
+    SetKey;
+    }
+
+static int key2(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
+"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
+"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
+"\x34\x77\xCF";
+
+    static unsigned char e[] = "\x3";
+
+    static unsigned char d[] =
+"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
+"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
+"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
+"\xE5\xEB";
+
+    static unsigned char p[] =
+"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
+"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
+    
+    static unsigned char dmp1[] =
+"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
+"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
+
+    static unsigned char dmq1[] =
+"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
+"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
+
+    static unsigned char iqmp[] =
+"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
+"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
+
+    static unsigned char ctext_ex[] =
+"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
+"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
+"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
+"\x62\x51";
+
+    SetKey;
+    }
+
+static int key3(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
+"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
+"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
+"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
+"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
+"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
+"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
+"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
+"\xCB";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
+"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
+"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
+"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
+"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
+"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
+"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
+"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
+"\xC1";
+
+    static unsigned char p[] =
+"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
+"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
+"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
+"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
+"\x99";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
+"\x03";
+
+    static unsigned char dmp1[] =
+"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
+"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
+"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
+"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
+
+    static unsigned char dmq1[] =
+"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
+"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
+"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
+"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
+    
+    static unsigned char iqmp[] =
+"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
+"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
+"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
+"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
+"\xF7";
+
+    static unsigned char ctext_ex[] =
+"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
+"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
+"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
+"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
+"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
+"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
+"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
+"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
+
+    SetKey;
+    }
+
+static int pad_unknown(void)
+{
+    unsigned long l;
+    while ((l = ERR_get_error()) != 0)
+      if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
+        return(1);
+    return(0);
+}
+
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+    {
+    int err=0;
+    int v;
+    RSA *key;
+    unsigned char ptext[256];
+    unsigned char ctext[256];
+    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
+    unsigned char ctext_ex[256];
+    int plen;
+    int clen = 0;
+    int num;
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+        
+    plen = sizeof(ptext_ex) - 1;
+
+    for (v = 0; v < 3; v++)
+        {
+        key = RSA_new();
+        switch (v) {
+    case 0:
+        clen = key1(key, ctext_ex);
+        break;
+    case 1:
+        clen = key2(key, ctext_ex);
+        break;
+    case 2:
+        clen = key3(key, ctext_ex);
+        break;
+        }
+
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_PADDING);
+        if (num != clen)
+            {
+            printf("PKCS#1 v1.5 encryption failed!\n");
+            err=1;
+            goto oaep;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("PKCS#1 v1.5 decryption failed!\n");
+            err=1;
+            }
+        else
+            printf("PKCS #1 v1.5 encryption/decryption ok\n");
+
+    oaep:
+        ERR_clear_error();
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_OAEP_PADDING);
+        if (num == -1 && pad_unknown())
+            {
+            printf("No OAEP support\n");
+            goto next;
+            }
+        if (num != clen)
+            {
+            printf("OAEP encryption failed!\n");
+            err=1;
+            goto next;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (encrypted data) failed!\n");
+            err=1;
+            }
+        else if (memcmp(ctext, ctext_ex, num) == 0)
+            {
+            printf("OAEP test vector %d passed!\n", v);
+            goto next;
+            }
+    
+        /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
+           Try decrypting ctext_ex */
+
+        num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (test vector data) failed!\n");
+            err=1;
+            }
+        else
+            printf("OAEP encryption/decryption ok\n");
+    next:
+        RSA_free(key);
+        }
+
+    ERR_remove_state(0);
+
+    CRYPTO_mem_leaks_fp(stdout);
+
+    return err;
+    }
+#endif
diff --git a/src/lib/libcrypto/symhacks.h b/src/lib/libcrypto/symhacks.h
new file mode 100644
index 0000000000..358ad355bb
--- /dev/null
+++ b/src/lib/libcrypto/symhacks.h
@@ -0,0 +1,154 @@
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SYMHACKS_H
+#define HEADER_SYMHACKS_H
+
+/* Hacks to solve the problem with linkers incapable of handling very long
+   symbol names.  In the case of VMS, the limit is 31 characters on VMS for
+   VAX. */
+#ifdef VMS
+
+/* Hack a long name in crypto/asn1/a_mbstr.c */
+#undef ASN1_STRING_set_default_mask_asc
+#define ASN1_STRING_set_default_mask_asc        ASN1_STRING_set_def_mask_asc
+
+#if 0 /* No longer needed, since safestack macro magic does the job */
+/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
+#undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
+#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO       i2d_ASN1_SET_OF_PKCS7_SIGINF
+#undef d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO
+#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO       d2i_ASN1_SET_OF_PKCS7_SIGINF
+#endif
+
+#if 0 /* No longer needed, since safestack macro magic does the job */
+/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
+#undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
+#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO        i2d_ASN1_SET_OF_PKCS7_RECINF
+#undef d2i_ASN1_SET_OF_PKCS7_RECIP_INFO
+#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO        d2i_ASN1_SET_OF_PKCS7_RECINF
+#endif
+
+#if 0 /* No longer needed, since safestack macro magic does the job */
+/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
+#undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
+#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION      i2d_ASN1_SET_OF_ACC_DESC
+#undef d2i_ASN1_SET_OF_ACCESS_DESCRIPTION
+#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION      d2i_ASN1_SET_OF_ACC_DESC
+#endif
+
+/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
+#undef PEM_read_NETSCAPE_CERT_SEQUENCE
+#define PEM_read_NETSCAPE_CERT_SEQUENCE         PEM_read_NS_CERT_SEQ
+#undef PEM_write_NETSCAPE_CERT_SEQUENCE
+#define PEM_write_NETSCAPE_CERT_SEQUENCE        PEM_write_NS_CERT_SEQ
+#undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
+#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE     PEM_read_bio_NS_CERT_SEQ
+#undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
+#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE    PEM_write_bio_NS_CERT_SEQ
+#undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
+#define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
+
+/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
+#undef PEM_read_PKCS8_PRIV_KEY_INFO
+#define PEM_read_PKCS8_PRIV_KEY_INFO            PEM_read_P8_PRIV_KEY_INFO
+#undef PEM_write_PKCS8_PRIV_KEY_INFO
+#define PEM_write_PKCS8_PRIV_KEY_INFO           PEM_write_P8_PRIV_KEY_INFO
+#undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
+#define PEM_read_bio_PKCS8_PRIV_KEY_INFO        PEM_read_bio_P8_PRIV_KEY_INFO
+#undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
+#define PEM_write_bio_PKCS8_PRIV_KEY_INFO       PEM_write_bio_P8_PRIV_KEY_INFO
+#undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
+#define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO    PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
+
+/* Hack other PEM names */
+#undef PEM_write_bio_PKCS8PrivateKey_nid
+#define PEM_write_bio_PKCS8PrivateKey_nid       PEM_write_bio_PKCS8PrivKey_nid
+
+/* Hack some long X509 names */
+#undef X509_REVOKED_get_ext_by_critical
+#define X509_REVOKED_get_ext_by_critical        X509_REVOKED_get_ext_by_critic
+
+/* Hack some long CRYPTO names */
+#define CRYPTO_set_dynlock_destroy_callback     CRYPTO_set_dynlock_destroy_cb
+#define CRYPTO_set_dynlock_create_callback      CRYPTO_set_dynlock_create_cb
+#define CRYPTO_set_dynlock_lock_callback        CRYPTO_set_dynlock_lock_cb
+#define CRYPTO_get_dynlock_lock_callback        CRYPTO_get_dynlock_lock_cb
+#define CRYPTO_get_dynlock_destroy_callback     CRYPTO_get_dynlock_destroy_cb
+#define CRYPTO_get_dynlock_create_callback      CRYPTO_get_dynlock_create_cb
+
+/* Hack some long SSL names */
+#define SSL_CTX_set_default_verify_paths        SSL_CTX_set_def_verify_paths
+#define SSL_get_ex_data_X509_STORE_CTX_idx      SSL_get_ex_d_X509_STORE_CTX_idx
+#define SSL_add_file_cert_subjects_to_stack     SSL_add_file_cert_subjs_to_stk
+#define SSL_add_dir_cert_subjects_to_stack      SSL_add_dir_cert_subjs_to_stk
+#define SSL_CTX_use_certificate_chain_file      SSL_CTX_use_cert_chain_file
+#define SSL_CTX_set_cert_verify_callback        SSL_CTX_set_cert_verify_cb
+#define SSL_CTX_set_default_passwd_cb_userdata  SSL_CTX_set_def_passwd_cb_ud
+
+/* Hack some long ENGINE names */
+#define ENGINE_get_default_BN_mod_exp_crt       ENGINE_get_def_BN_mod_exp_crt
+#define ENGINE_set_default_BN_mod_exp_crt       ENGINE_set_def_BN_mod_exp_crt
+
+#endif /* defined VMS */
+
+
+/* Case insensiteve linking causes problems.... */
+#if defined(WIN16) || defined(VMS)
+#undef ERR_load_CRYPTO_strings
+#define ERR_load_CRYPTO_strings                 ERR_load_CRYPTOlib_strings
+#endif
+
+
+#endif /* ! defined HEADER_VMS_IDHACKS_H */
diff --git a/src/lib/libcrypto/threads/README b/src/lib/libcrypto/threads/README
new file mode 100644
index 0000000000..df6b26e146
--- /dev/null
+++ b/src/lib/libcrypto/threads/README
@@ -0,0 +1,14 @@
+Mutithreading testing area.
+
+Since this stuff is very very platorm specific, this is not part of the
+normal build.  Have a read of doc/threads.doc.
+
+mttest will do some testing and will currently build under Windows NT/95,
+Solaris and Linux.  The IRIX stuff is not finished.
+
+I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
+and things seem to work ok.
+
+The Linux pthreads package can be retrieved from 
+http://www.mit.edu:8001/people/proven/pthreads.html
+
diff --git a/src/lib/libcrypto/threads/profile.sh b/src/lib/libcrypto/threads/profile.sh
new file mode 100644
index 0000000000..6e3e342fc0
--- /dev/null
+++ b/src/lib/libcrypto/threads/profile.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -p -DSOLARIS -I../../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+
diff --git a/src/lib/libcrypto/threads/ptest.bat b/src/lib/libcrypto/threads/ptest.bat
new file mode 100644
index 0000000000..4071b5ffea
--- /dev/null
+++ b/src/lib/libcrypto/threads/ptest.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+purify cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssl32.lib ..\..\out\crypt32.lib
+
diff --git a/src/lib/libcrypto/threads/pthread.sh b/src/lib/libcrypto/threads/pthread.sh
new file mode 100644
index 0000000000..f1c49821d2
--- /dev/null
+++ b/src/lib/libcrypto/threads/pthread.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# build using pthreads
+#
+# http://www.mit.edu:8001/people/proven/pthreads.html
+#
+/bin/rm -f mttest
+pgcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto 
+
diff --git a/src/lib/libcrypto/threads/pthread2.sh b/src/lib/libcrypto/threads/pthread2.sh
new file mode 100644
index 0000000000..41264c6a50
--- /dev/null
+++ b/src/lib/libcrypto/threads/pthread2.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# build using pthreads where it's already built into the system
+#
+/bin/rm -f mttest
+gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread
+
diff --git a/src/lib/libcrypto/threads/pthreads-vms.com b/src/lib/libcrypto/threads/pthreads-vms.com
new file mode 100644
index 0000000000..63f5b8cc2e
--- /dev/null
+++ b/src/lib/libcrypto/threads/pthreads-vms.com
@@ -0,0 +1,9 @@
+$! To compile mttest on VMS.
+$!
+$! WARNING: only tested with DEC C so far.
+$
+$ arch := vax
+$ if f$getsyi("CPU") .ge. 128 then arch := axp
+$ define/user openssl [--.include.openssl]
+$ cc/def=PTHREADS mttest.c
+$ link mttest,[--.'arch'.exe.ssl]libssl/lib,[--.'arch'.exe.crypto]libcrypto/lib
diff --git a/src/lib/libcrypto/threads/purify.sh b/src/lib/libcrypto/threads/purify.sh
new file mode 100644
index 0000000000..6d44fe26b7
--- /dev/null
+++ b/src/lib/libcrypto/threads/purify.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+purify cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+
diff --git a/src/lib/libcrypto/threads/solaris.sh b/src/lib/libcrypto/threads/solaris.sh
new file mode 100644
index 0000000000..bc93094a27
--- /dev/null
+++ b/src/lib/libcrypto/threads/solaris.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+
diff --git a/src/lib/libcrypto/threads/win32.bat b/src/lib/libcrypto/threads/win32.bat
new file mode 100644
index 0000000000..ee6da80a07
--- /dev/null
+++ b/src/lib/libcrypto/threads/win32.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssleay32.lib ..\..\out\libeay32.lib
+
diff --git a/src/lib/libcrypto/tmdiff.h b/src/lib/libcrypto/tmdiff.h
new file mode 100644
index 0000000000..41a8a1e0e0
--- /dev/null
+++ b/src/lib/libcrypto/tmdiff.h
@@ -0,0 +1,81 @@
+/* crypto/tmdiff.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Header for dynamic hash table routines
+ * Author - Eric Young
+ */
+
+#ifndef HEADER_TMDIFF_H
+#define HEADER_TMDIFF_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+char *ms_time_new(void );
+void ms_time_free(char *a);
+void ms_time_get(char *a);
+double ms_time_diff(char *start,char *end);
+int ms_time_cmp(char *ap,char *bp);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/src/lib/libcrypto/ui/ui_compat.c b/src/lib/libcrypto/ui/ui_compat.c
new file mode 100644
index 0000000000..13e0f70d90
--- /dev/null
+++ b/src/lib/libcrypto/ui/ui_compat.c
@@ -0,0 +1,67 @@
+/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/ui_compat.h>
+
+int _ossl_old_des_read_pw_string(char *buf,int length,const char *prompt,int verify)
+        {
+        return UI_UTIL_read_pw_string(buf, length, prompt, verify);
+        }
+
+int _ossl_old_des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
+        {
+        return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
+        }
diff --git a/src/lib/libcrypto/uid.c b/src/lib/libcrypto/uid.c
new file mode 100644
index 0000000000..b5b61b76d4
--- /dev/null
+++ b/src/lib/libcrypto/uid.c
@@ -0,0 +1,88 @@
+/* crypto/uid.c */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/crypto.h>
+
+#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2)
+
+#include <unistd.h>
+
+int OPENSSL_issetugid(void)
+        {
+        return issetugid();
+        }
+
+#elif defined(WIN32)
+
+int OPENSSL_issetugid(void)
+        {
+        return 0;
+        }
+
+#else
+
+#include <unistd.h>
+#include <sys/types.h>
+
+int OPENSSL_issetugid(void)
+        {
+        if (getuid() != geteuid()) return 1;
+        if (getgid() != getegid()) return 1;
+        return 0;
+        }
+#endif
+
+
+
diff --git a/src/lib/libcrypto/util/clean-depend.pl b/src/lib/libcrypto/util/clean-depend.pl
new file mode 100644
index 0000000000..af676af751
--- /dev/null
+++ b/src/lib/libcrypto/util/clean-depend.pl
@@ -0,0 +1,38 @@
+#!/usr/local/bin/perl -w
+# Clean the dependency list in a makefile of standard includes...
+# Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+use strict;
+
+while(<STDIN>) {
+    print;
+    last if /^# DO NOT DELETE THIS LINE/;
+}
+
+my %files;
+
+while(<STDIN>) {
+    my ($file,$deps)=/^(.*): (.*)$/;
+    next if !defined $deps;
+    my @deps=split ' ',$deps;
+    @deps=grep(!/^\/usr\/include/,@deps);
+    @deps=grep(!/^\/usr\/lib\/gcc-lib/,@deps);
+    push @{$files{$file}},@deps;
+}
+
+my $file;
+foreach $file (sort keys %files) {
+    my $len=0;
+    my $dep;
+    foreach $dep (sort @{$files{$file}}) {
+        $len=0 if $len+length($dep)+1 >= 80;
+        if($len == 0) {
+            print "\n$file:";
+            $len=length($file)+1;
+        }
+        print " $dep";
+        $len+=length($dep)+1;
+    }
+}
+
+print "\n";
diff --git a/src/lib/libcrypto/util/cygwin.sh b/src/lib/libcrypto/util/cygwin.sh
new file mode 100644
index 0000000000..b607399b02
--- /dev/null
+++ b/src/lib/libcrypto/util/cygwin.sh
@@ -0,0 +1,125 @@
+#!/bin/bash
+#
+# This script configures, builds and packs the binary package for
+# the Cygwin net distribution version of OpenSSL
+#
+
+# Uncomment when debugging
+#set -x
+
+CONFIG_OPTIONS="--prefix=/usr shared no-idea no-rc5 no-mdc2"
+INSTALL_PREFIX=/tmp/install
+
+VERSION=
+SUBVERSION=$1
+
+function cleanup()
+{
+  rm -rf ${INSTALL_PREFIX}/etc
+  rm -rf ${INSTALL_PREFIX}/usr
+}
+
+function get_openssl_version()
+{
+  eval `grep '^VERSION=' Makefile.ssl`
+  if [ -z "${VERSION}" ]
+  then
+    echo "Error: Couldn't retrieve OpenSSL version from Makefile.ssl."
+    echo "       Check value of variable VERSION in Makefile.ssl."
+    exit 1
+  fi
+}
+
+function base_install()
+{
+  mkdir -p ${INSTALL_PREFIX}
+  cleanup
+  make install INSTALL_PREFIX="${INSTALL_PREFIX}"
+}
+
+function doc_install()
+{
+  DOC_DIR=${INSTALL_PREFIX}/usr/doc/openssl
+
+  mkdir -p ${DOC_DIR}
+  cp CHANGES CHANGES.SSLeay INSTALL LICENSE NEWS README ${DOC_DIR}
+
+  create_cygwin_readme
+}
+
+function create_cygwin_readme()
+{
+  README_DIR=${INSTALL_PREFIX}/usr/doc/Cygwin
+  README_FILE=${README_DIR}/openssl-${VERSION}.README
+
+  mkdir -p ${README_DIR}
+  cat > ${README_FILE} <<- EOF
+        The Cygwin version has been built using the following configure:
+
+          ./config ${CONFIG_OPTIONS}
+
+        The IDEA, RC5 and MDC2 algorithms are disabled due to patent and/or
+        licensing issues.
+        EOF
+}
+
+function create_profile_files()
+{
+  PROFILE_DIR=${INSTALL_PREFIX}/etc/profile.d
+
+  mkdir -p $PROFILE_DIR
+  cat > ${PROFILE_DIR}/openssl.sh <<- "EOF"
+        export MANPATH="${MANPATH}:/usr/ssl/man"
+        EOF
+  cat > ${PROFILE_DIR}/openssl.csh <<- "EOF"
+        if ( $?MANPATH ) then
+          setenv MANPATH "${MANPATH}:/usr/ssl/man"
+        else
+          setenv MANPATH ":/usr/ssl/man"
+        endif
+        EOF
+}
+
+if [ -z "${SUBVERSION}" ]
+then
+  echo "Usage: $0 subversion"
+  exit 1
+fi
+
+if [ ! -f config ]
+then
+  echo "You must start this script in the OpenSSL toplevel source dir."
+  exit 1
+fi
+
+./config ${CONFIG_OPTIONS}
+
+get_openssl_version
+
+make || exit 1
+
+base_install
+
+doc_install
+
+create_cygwin_readme
+
+create_profile_files
+
+cd ${INSTALL_PREFIX}
+strip usr/bin/*.exe usr/bin/*.dll
+
+# Runtime package
+find etc usr/bin usr/doc usr/ssl/certs usr/ssl/man/man[157] usr/ssl/misc \
+     usr/ssl/openssl.cnf usr/ssl/private -empty -o \! -type d |
+tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 -
+# Development package
+find usr/include usr/lib usr/ssl/man/man3 -empty -o \! -type d |
+tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 -
+
+ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2
+ls -l openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2
+
+cleanup
+
+exit 0
diff --git a/src/lib/libcrypto/util/domd b/src/lib/libcrypto/util/domd
new file mode 100644
index 0000000000..324051f60b
--- /dev/null
+++ b/src/lib/libcrypto/util/domd
@@ -0,0 +1,11 @@
+#!/bin/sh
+# Do a makedepend, only leave out the standard headers
+# Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+TOP=$1
+shift
+
+cp Makefile.ssl Makefile.save
+makedepend -f Makefile.ssl $@
+$TOP/util/clean-depend.pl < Makefile.ssl > Makefile.new
+mv Makefile.new Makefile.ssl
diff --git a/src/lib/libcrypto/util/mkdir-p.pl b/src/lib/libcrypto/util/mkdir-p.pl
new file mode 100644
index 0000000000..6c69c2daa4
--- /dev/null
+++ b/src/lib/libcrypto/util/mkdir-p.pl
@@ -0,0 +1,33 @@
+#!/usr/local/bin/perl
+
+# mkdir-p.pl
+
+# On some systems, the -p option to mkdir (= also create any missing parent
+# directories) is not available.
+
+my $arg;
+
+foreach $arg (@ARGV) {
+  &do_mkdir_p($arg);
+}
+
+
+sub do_mkdir_p {
+  local($dir) = @_;
+
+  $dir =~ s|/*\Z(?!\n)||s;
+
+  if (-d $dir) {
+    return;
+  }
+
+  if ($dir =~ m|[^/]/|s) {
+    local($parent) = $dir;
+    $parent =~ s|[^/]*\Z(?!\n)||s;
+
+    do_mkdir_p($parent);
+  }
+
+  mkdir($dir, 0777) || die "Cannot create directory $dir: $!\n";
+  print "created directory `$dir'\n";
+}
diff --git a/src/lib/libcrypto/util/mkfiles.pl b/src/lib/libcrypto/util/mkfiles.pl
new file mode 100644
index 0000000000..6fa424bd19
--- /dev/null
+++ b/src/lib/libcrypto/util/mkfiles.pl
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+#
+# This is a hacked version of files.pl for systems that can't do a 'make files'.
+# Do a perl util/mkminfo.pl >MINFO to build MINFO
+# Written by Steve Henson 1999.
+
+# List of directories to process
+
+my @dirs = (
+".",
+"crypto",
+"crypto/md2",
+"crypto/md5",
+"crypto/sha",
+"crypto/mdc2",
+"crypto/hmac",
+"crypto/ripemd",
+"crypto/des",
+"crypto/rc2",
+"crypto/rc4",
+"crypto/rc5",
+"crypto/idea",
+"crypto/bf",
+"crypto/cast",
+"crypto/bn",
+"crypto/rsa",
+"crypto/dsa",
+"crypto/dh",
+"crypto/buffer",
+"crypto/bio",
+"crypto/stack",
+"crypto/lhash",
+"crypto/rand",
+"crypto/err",
+"crypto/objects",
+"crypto/evp",
+"crypto/asn1",
+"crypto/pem",
+"crypto/x509",
+"crypto/x509v3",
+"crypto/conf",
+"crypto/txt_db",
+"crypto/pkcs7",
+"crypto/pkcs12",
+"crypto/comp",
+"ssl",
+"rsaref",
+"apps",
+"test",
+"tools"
+);
+
+foreach (@dirs) {
+        &files_dir ($_, "Makefile.ssl");
+}
+
+exit(0);
+
+sub files_dir
+{
+my ($dir, $makefile) = @_;
+
+my %sym;
+
+open (IN, "$dir/$makefile") || die "Can't open $dir/$makefile";
+
+my $s="";
+
+while (<IN>)
+        {
+        chop;
+        s/#.*//;
+        if (/^(\S+)\s*=\s*(.*)$/)
+                {
+                $o="";
+                ($s,$b)=($1,$2);
+                for (;;)
+                        {
+                        if ($b =~ /\\$/)
+                                {
+                                chop($b);
+                                $o.=$b." ";
+                                $b=<IN>;
+                                chop($b);
+                                }
+                        else
+                                {
+                                $o.=$b." ";
+                                last;
+                                }
+                        }
+                $o =~ s/^\s+//;
+                $o =~ s/\s+$//;
+                $o =~ s/\s+/ /g;
+
+                $o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
+                $sym{$s}=$o;
+                }
+        }
+
+print "RELATIVE_DIRECTORY=$dir\n";
+
+foreach (sort keys %sym)
+        {
+        print "$_=$sym{$_}\n";
+        }
+print "RELATIVE_DIRECTORY=\n";
+
+close (IN);
+}
diff --git a/src/lib/libcrypto/util/mklink.pl b/src/lib/libcrypto/util/mklink.pl
new file mode 100644
index 0000000000..de555820ec
--- /dev/null
+++ b/src/lib/libcrypto/util/mklink.pl
@@ -0,0 +1,55 @@
+#!/usr/local/bin/perl
+
+# mklink.pl
+
+# The first command line argument is a non-empty relative path
+# specifying the "from" directory.
+# Each other argument is a file name not containing / and
+# names a file in the current directory.
+#
+# For each of these files, we create in the "from" directory a link
+# of the same name pointing to the local file.
+#
+# We assume that the directory structure is a tree, i.e. that it does
+# not contain symbolic links and that the parent of / is never referenced.
+# Apart from this, this script should be able to handle even the most
+# pathological cases.
+
+my $from = shift;
+my @files = @ARGV;
+
+my @from_path = split(/\//, $from);
+my $pwd = `pwd`;
+chop($pwd);
+my @pwd_path = split(/\//, $pwd);
+
+my @to_path = ();
+
+my $dirname;
+foreach $dirname (@from_path) {
+
+    # In this loop, @to_path always is a relative path from
+    # @pwd_path (interpreted is an absolute path) to the original pwd.
+
+    # At the end, @from_path (as a relative path from the original pwd)
+    # designates the same directory as the absolute path @pwd_path,
+    # which means that @to_path then is a path from there to the original pwd.
+
+    next if ($dirname eq "" || $dirname eq ".");
+
+    if ($dirname eq "..") {
+        @to_path = (pop(@pwd_path), @to_path);
+    } else {
+        @to_path = ("..", @to_path);
+        push(@pwd_path, $dirname);
+    }
+}
+
+my $to = join('/', @to_path);
+
+my $file;
+foreach $file (@files) {
+#    print "ln -s $to/$file $from/$file\n";
+    symlink("$to/$file", "$from/$file");
+    print $file . " => $from/$file\n";
+}
diff --git a/src/lib/libcrypto/util/pl/Mingw32.pl b/src/lib/libcrypto/util/pl/Mingw32.pl
new file mode 100644
index 0000000000..84c2a22db3
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/Mingw32.pl
@@ -0,0 +1,79 @@
+#!/usr/local/bin/perl
+#
+# Mingw32.pl -- Mingw32 with GNU cp (Mingw32f.pl uses DOS tools) 
+#
+
+$o='/';
+$cp='cp';
+$rm='rem'; # use 'rm -f' if using GNU file utilities
+$mkdir='gmkdir';
+
+# gcc wouldn't accept backslashes in paths
+#$o='\\';
+#$cp='copy';
+#$rm='del';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+        { $cflags="-g2 -ggdb"; }
+else
+        { $cflags="-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall"; }
+
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="-lwsock32 -lgdi32";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib='ranlib';
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_asm_obj="";
+$bn_asm_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+sub do_lib_rule
+        {
+        local($obj,$target,$name,$shlib)=@_;
+        local($ret,$_,$Name);
+
+        $target =~ s/\//$o/g if $o ne '/';
+        $target="$target";
+        ($Name=$name) =~ tr/a-z/A-Z/;
+
+        $ret.="$target: \$(${Name}OBJ)\n";
+        $ret.="\t\$(RM) $target\n";
+        $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+        $ret.="\t\$(RANLIB) $target\n\n";
+        }
+
+sub do_link_rule
+        {
+        local($target,$files,$dep_libs,$libs)=@_;
+        local($ret,$_);
+        
+        $file =~ s/\//$o/g if $o ne '/';
+        $n=&bname($target);
+        $ret.="$target: $files $dep_libs\n";
+        $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+        return($ret);
+        }
+1;
+
diff --git a/src/lib/libcrypto/util/pl/OS2-EMX.pl b/src/lib/libcrypto/util/pl/OS2-EMX.pl
new file mode 100644
index 0000000000..57180556ca
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/OS2-EMX.pl
@@ -0,0 +1,96 @@
+#!/usr/local/bin/perl
+#
+# OS2-EMX.pl - for EMX GCC on OS/2
+#
+
+$o='\\';
+$cp='copy';
+$rm='rm -f';
+
+# C compiler stuff
+
+$cc='gcc';
+$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmt -Wall ";
+
+if ($debug) { 
+        $cflags.="-g "; 
+}
+
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS} -Zbsd-signals';
+$efile='-o ';
+$exep='.exe';
+$ex_libs="-lsocket";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib="ar s";
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_asm_obj="";
+$bn_asm_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+if (!$no_asm)
+        {
+        $bn_asm_obj='crypto\bn\asm\bn-os2.o crypto\bn\asm\co-os2.o';
+        $bn_asm_src='crypto\bn\asm\bn-os2.asm crypto\bn\asm\co-os2.asm';
+        $des_enc_obj='crypto\des\asm\d-os2.o crypto\des\asm\y-os2.o';
+        $des_enc_src='crypto\des\asm\d-os2.asm crypto\des\asm\y-os2.asm';
+        $bf_enc_obj='crypto\bf\asm\b-os2.o';
+        $bf_enc_src='crypto\bf\asm\b-os2.asm';
+        $cast_enc_obj='crypto\cast\asm\c-os2.o';
+        $cast_enc_src='crypto\cast\asm\c-os2.asm';
+        $rc4_enc_obj='crypto\rc4\asm\r4-os2.o';
+        $rc4_enc_src='crypto\rc4\asm\r4-os2.asm';
+        $rc5_enc_obj='crypto\rc5\asm\r5-os2.o';
+        $rc5_enc_src='crypto\rc5\asm\r5-os2.asm';
+        $md5_asm_obj='crypto\md5\asm\m5-os2.o';
+        $md5_asm_src='crypto\md5\asm\m5-os2.asm';
+        $sha1_asm_obj='crypto\sha\asm\s1-os2.o';
+        $sha1_asm_src='crypto\sha\asm\s1-os2.asm';
+        $rmd160_asm_obj='crypto\ripemd\asm\rm-os2.o';
+        $rmd160_asm_src='crypto\ripemd\asm\rm-os2.asm';
+        }
+
+sub do_lib_rule
+        {
+        local($obj,$target,$name,$shlib)=@_;
+        local($ret,$_,$Name);
+
+        $target =~ s/\//$o/g if $o ne '/';
+        $target="$target";
+        ($Name=$name) =~ tr/a-z/A-Z/;
+
+        $ret.="$target: \$(${Name}OBJ)\n";
+        $ret.="\t\$(RM) $target\n";
+        $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+        $ret.="\t\$(RANLIB) $target\n\n";
+        }
+
+sub do_link_rule
+        {
+        local($target,$files,$dep_libs,$libs)=@_;
+        local($ret,$_);
+        
+        $file =~ s/\//$o/g if $o ne '/';
+        $n=&bname($target);
+        $ret.="$target: $files $dep_libs\n";
+        $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+        return($ret);
+        }
+
+1;
diff --git a/src/lib/libcrypto/util/pl/ultrix.pl b/src/lib/libcrypto/util/pl/ultrix.pl
new file mode 100644
index 0000000000..ea370c71f9
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/ultrix.pl
@@ -0,0 +1,38 @@
+#!/usr/local/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='cc';
+if ($debug)
+        { $cflags="-g -DREF_CHECK -DCRYPTO_MDEBUG"; }
+else
+        { $cflags="-O2"; }
+
+$cflags.=" -std1 -DL_ENDIAN";
+
+if (!$no_asm)
+        {
+        $bn_asm_obj='$(OBJ_D)/mips1.o';
+        $bn_asm_src='crypto/bn/asm/mips1.s';
+        }
+
+sub do_link_rule
+        {
+        local($target,$files,$dep_libs,$libs)=@_;
+        local($ret,$_);
+        
+        $file =~ s/\//$o/g if $o ne '/';
+        $n=&bname($target);
+        $ret.="$target: $files $dep_libs\n";
+        $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+        return($ret);
+        }
+
+1;
diff --git a/src/lib/libcrypto/util/pod2man.pl b/src/lib/libcrypto/util/pod2man.pl
new file mode 100644
index 0000000000..f5ec0767ed
--- /dev/null
+++ b/src/lib/libcrypto/util/pod2man.pl
@@ -0,0 +1,1181 @@
+: #!/usr/bin/perl-5.005
+    eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+        if $running_under_some_shell;
+
+$DEF_PM_SECTION = '3pm' || '3';
+
+=head1 NAME
+
+pod2man - translate embedded Perl pod directives into man pages
+
+=head1 SYNOPSIS
+
+B<pod2man>
+[ B<--section=>I<manext> ]
+[ B<--release=>I<relpatch> ]
+[ B<--center=>I<string> ]
+[ B<--date=>I<string> ]
+[ B<--fixed=>I<font> ]
+[ B<--official> ]
+[ B<--lax> ]
+I<inputfile>
+
+=head1 DESCRIPTION
+
+B<pod2man> converts its input file containing embedded pod directives (see
+L<perlpod>) into nroff source suitable for viewing with nroff(1) or
+troff(1) using the man(7) macro set.
+
+Besides the obvious pod conversions, B<pod2man> also takes care of
+func(), func(n), and simple variable references like $foo or @bar so
+you don't have to use code escapes for them; complex expressions like
+C<$fred{'stuff'}> will still need to be escaped, though.  Other nagging
+little roffish things that it catches include translating the minus in
+something like foo-bar, making a long dash--like this--into a real em
+dash, fixing up "paired quotes", putting a little space after the
+parens in something like func(), making C++ and PI look right, making
+double underbars have a little tiny space between them, making ALLCAPS
+a teeny bit smaller in troff(1), and escaping backslashes so you don't
+have to.
+
+=head1 OPTIONS
+
+=over 8
+
+=item center
+
+Set the centered header to a specific string.  The default is
+"User Contributed Perl Documentation", unless the C<--official> flag is
+given, in which case the default is "Perl Programmers Reference Guide".
+
+=item date
+
+Set the left-hand footer string to this value.  By default,
+the modification date of the input file will be used.
+
+=item fixed
+
+The fixed font to use for code refs.  Defaults to CW.
+
+=item official
+
+Set the default header to indicate that this page is of
+the standard release in case C<--center> is not given.
+
+=item release
+
+Set the centered footer.  By default, this is the current
+perl release.
+
+=item section
+
+Set the section for the C<.TH> macro.  The standard conventions on
+sections are to use 1 for user commands,  2 for system calls, 3 for
+functions, 4 for devices, 5 for file formats, 6 for games, 7 for
+miscellaneous information, and 8 for administrator commands.  This works
+best if you put your Perl man pages in a separate tree, like
+F</usr/local/perl/man/>.  By default, section 1 will be used
+unless the file ends in F<.pm> in which case section 3 will be selected.
+
+=item lax
+
+Don't complain when required sections aren't present.
+
+=back
+
+=head1 Anatomy of a Proper Man Page
+
+For those not sure of the proper layout of a man page, here's
+an example of the skeleton of a proper man page.  Head of the
+major headers should be setout as a C<=head1> directive, and
+are historically written in the rather startling ALL UPPER CASE
+format, although this is not mandatory.
+Minor headers may be included using C<=head2>, and are
+typically in mixed case.
+
+=over 10
+
+=item NAME
+
+Mandatory section; should be a comma-separated list of programs or
+functions documented by this podpage, such as:
+
+    foo, bar - programs to do something
+
+=item SYNOPSIS
+
+A short usage summary for programs and functions, which
+may someday be deemed mandatory.
+
+=item DESCRIPTION
+
+Long drawn out discussion of the program.  It's a good idea to break this
+up into subsections using the C<=head2> directives, like
+
+    =head2 A Sample Subection
+
+    =head2 Yet Another Sample Subection
+
+=item OPTIONS
+
+Some people make this separate from the description.
+
+=item RETURN VALUE
+
+What the program or function returns if successful.
+
+=item ERRORS
+
+Exceptions, return codes, exit stati, and errno settings.
+
+=item EXAMPLES
+
+Give some example uses of the program.
+
+=item ENVIRONMENT
+
+Envariables this program might care about.
+
+=item FILES
+
+All files used by the program.  You should probably use the FE<lt>E<gt>
+for these.
+
+=item SEE ALSO
+
+Other man pages to check out, like man(1), man(7), makewhatis(8), or catman(8).
+
+=item NOTES
+
+Miscellaneous commentary.
+
+=item CAVEATS
+
+Things to take special care with; sometimes called WARNINGS.
+
+=item DIAGNOSTICS
+
+All possible messages the program can print out--and
+what they mean.
+
+=item BUGS
+
+Things that are broken or just don't work quite right.
+
+=item RESTRICTIONS
+
+Bugs you don't plan to fix :-)
+
+=item AUTHOR
+
+Who wrote it (or AUTHORS if multiple).
+
+=item HISTORY
+
+Programs derived from other sources sometimes have this, or
+you might keep a modification log here.
+
+=back
+
+=head1 EXAMPLES
+
+    pod2man program > program.1
+    pod2man some_module.pm > /usr/perl/man/man3/some_module.3
+    pod2man --section=7 note.pod > note.7
+
+=head1 DIAGNOSTICS
+
+The following diagnostics are generated by B<pod2man>.  Items
+marked "(W)" are non-fatal, whereas the "(F)" errors will cause
+B<pod2man> to immediately exit with a non-zero status.
+
+=over 4
+
+=item bad option in paragraph %d of %s: ``%s'' should be [%s]<%s>
+
+(W) If you start include an option, you should set it off
+as bold, italic, or code.
+
+=item can't open %s: %s
+
+(F) The input file wasn't available for the given reason.
+
+=item Improper man page - no dash in NAME header in paragraph %d of %s
+
+(W) The NAME header did not have an isolated dash in it.  This is
+considered important.
+
+=item Invalid man page - no NAME line in %s
+
+(F) You did not include a NAME header, which is essential.
+
+=item roff font should be 1 or 2 chars, not `%s'  (F)
+
+(F) The font specified with the C<--fixed> option was not
+a one- or two-digit roff font.
+
+=item %s is missing required section: %s
+
+(W) Required sections include NAME, DESCRIPTION, and if you're
+using a section starting with a 3, also a SYNOPSIS.  Actually,
+not having a NAME is a fatal.
+
+=item Unknown escape: %s in %s
+
+(W) An unknown HTML entity (probably for an 8-bit character) was given via
+a C<EE<lt>E<gt>> directive.  Besides amp, lt, gt, and quot, recognized
+entities are Aacute, aacute, Acirc, acirc, AElig, aelig, Agrave, agrave,
+Aring, aring, Atilde, atilde, Auml, auml, Ccedil, ccedil, Eacute, eacute,
+Ecirc, ecirc, Egrave, egrave, ETH, eth, Euml, euml, Iacute, iacute, Icirc,
+icirc, Igrave, igrave, Iuml, iuml, Ntilde, ntilde, Oacute, oacute, Ocirc,
+ocirc, Ograve, ograve, Oslash, oslash, Otilde, otilde, Ouml, ouml, szlig,
+THORN, thorn, Uacute, uacute, Ucirc, ucirc, Ugrave, ugrave, Uuml, uuml,
+Yacute, yacute, and yuml.
+
+=item Unmatched =back
+
+(W) You have a C<=back> without a corresponding C<=over>.
+
+=item Unrecognized pod directive: %s
+
+(W) You specified a pod directive that isn't in the known list of
+C<=head1>, C<=head2>, C<=item>, C<=over>, C<=back>, or C<=cut>.
+
+
+=back
+
+=head1 NOTES
+
+If you would like to print out a lot of man page continuously, you
+probably want to set the C and D registers to set contiguous page
+numbering and even/odd paging, at least on some versions of man(7).
+Settting the F register will get you some additional experimental
+indexing:
+
+    troff -man -rC1 -rD1 -rF1 perl.1 perldata.1 perlsyn.1 ...
+
+The indexing merely outputs messages via C<.tm> for each
+major page, section, subsection, item, and any C<XE<lt>E<gt>>
+directives.
+
+
+=head1 RESTRICTIONS
+
+None at this time.
+
+=head1 BUGS
+
+The =over and =back directives don't really work right.  They
+take absolute positions instead of offsets, don't nest well, and
+making people count is suboptimal in any event.
+
+=head1 AUTHORS
+
+Original prototype by Larry Wall, but so massively hacked over by
+Tom Christiansen such that Larry probably doesn't recognize it anymore.
+
+=cut
+
+$/ = "";
+$cutting = 1;
+@Indices = ();
+
+# We try first to get the version number from a local binary, in case we're
+# running an installed version of Perl to produce documentation from an
+# uninstalled newer version's pod files.
+if ($^O ne 'plan9' and $^O ne 'dos' and $^O ne 'os2' and $^O ne 'MSWin32') {
+  my $perl = (-x './perl' && -f './perl' ) ?
+                 './perl' :
+                 ((-x '../perl' && -f '../perl') ?
+                      '../perl' :
+                      '');
+  ($version,$patch) = `$perl -e 'print $]'` =~ /^(\d\.\d{3})(\d{2})?/ if $perl;
+}
+# No luck; we'll just go with the running Perl's version
+($version,$patch) = $] =~ /^(.{5})(\d{2})?/ unless $version;
+$DEF_RELEASE  = "perl $version";
+$DEF_RELEASE .= ", patch $patch" if $patch;
+
+
+sub makedate {
+    my $secs = shift;
+    my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($secs);
+    my $mname = (qw{Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec})[$mon];
+    $year += 1900;
+    return "$mday/$mname/$year";
+}
+
+use Getopt::Long;
+
+$DEF_SECTION = 1;
+$DEF_CENTER = "User Contributed Perl Documentation";
+$STD_CENTER = "Perl Programmers Reference Guide";
+$DEF_FIXED = 'CW';
+$DEF_LAX = 0;
+
+sub usage {
+    warn "$0: @_\n" if @_;
+    die <<EOF;
+usage: $0 [options] podpage
+Options are:
+        --section=manext      (default "$DEF_SECTION")
+        --release=relpatch    (default "$DEF_RELEASE")
+        --center=string       (default "$DEF_CENTER")
+        --date=string         (default "$DEF_DATE")
+        --fixed=font          (default "$DEF_FIXED")
+        --official            (default NOT)
+        --lax                 (default NOT)
+EOF
+}
+
+$uok = GetOptions( qw(
+        section=s
+        release=s
+        center=s
+        date=s
+        fixed=s
+        official
+        lax
+        help));
+
+$DEF_DATE = makedate((stat($ARGV[0]))[9] || time());
+
+usage("Usage error!") unless $uok;
+usage() if $opt_help;
+usage("Need one and only one podpage argument") unless @ARGV == 1;
+
+$section = $opt_section || ($ARGV[0] =~ /\.pm$/
+                                ? $DEF_PM_SECTION : $DEF_SECTION);
+$RP = $opt_release || $DEF_RELEASE;
+$center = $opt_center || ($opt_official ? $STD_CENTER : $DEF_CENTER);
+$lax = $opt_lax || $DEF_LAX;
+
+$CFont = $opt_fixed || $DEF_FIXED;
+
+if (length($CFont) == 2) {
+    $CFont_embed = "\\f($CFont";
+}
+elsif (length($CFont) == 1) {
+    $CFont_embed = "\\f$CFont";
+}
+else {
+    die "roff font should be 1 or 2 chars, not `$CFont_embed'";
+}
+
+$date = $opt_date || $DEF_DATE;
+
+for (qw{NAME DESCRIPTION}) {
+# for (qw{NAME DESCRIPTION AUTHOR}) {
+    $wanna_see{$_}++;
+}
+$wanna_see{SYNOPSIS}++ if $section =~ /^3/;
+
+
+$name = @ARGV ? $ARGV[0] : "<STDIN>";
+$Filename = $name;
+if ($section =~ /^1/) {
+    require File::Basename;
+    $name = uc File::Basename::basename($name);
+}
+$name =~ s/\.(pod|p[lm])$//i;
+
+# Lose everything up to the first of
+#     */lib/*perl*      standard or site_perl module
+#     */*perl*/lib      from -D prefix=/opt/perl
+#     */*perl*/         random module hierarchy
+# which works.
+$name =~ s-//+-/-g;
+if ($name =~ s-^.*?/lib/[^/]*perl[^/]*/--i
+        or $name =~ s-^.*?/[^/]*perl[^/]*/lib/--i
+        or $name =~ s-^.*?/[^/]*perl[^/]*/--i) {
+    # Lose ^site(_perl)?/.
+    $name =~ s-^site(_perl)?/--;
+    # Lose ^arch/.      (XXX should we use Config? Just for archname?)
+    $name =~ s~^(.*-$^O|$^O-.*)/~~o;
+    # Lose ^version/.
+    $name =~ s-^\d+\.\d+/--;
+}
+
+# Translate Getopt/Long to Getopt::Long, etc.
+$name =~ s(/)(::)g;
+
+if ($name ne 'something') {
+    FCHECK: {
+        open(F, "< $ARGV[0]") || die "can't open $ARGV[0]: $!";
+        while (<F>) {
+            next unless /^=\b/;
+            if (/^=head1\s+NAME\s*$/) {  # an /m would forgive mistakes
+                $_ = <F>;
+                unless (/\s*-+\s+/) {
+                    $oops++;
+                    warn "$0: Improper man page - no dash in NAME header in paragraph $. of $ARGV[0]\n"
+                } else {
+                    my @n = split /\s+-+\s+/;
+                    if (@n != 2) {
+                        $oops++;
+                        warn "$0: Improper man page - malformed NAME header in paragraph $. of $ARGV[0]\n"
+                    }
+                    else {
+                        %namedesc = @n;
+                    }
+                }
+                last FCHECK;
+            }
+            next if /^=cut\b/;  # DB_File and Net::Ping have =cut before NAME
+            next if /^=pod\b/;  # It is OK to have =pod before NAME
+            die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
+        }
+        die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
+    }
+    close F;
+}
+
+print <<"END";
+.rn '' }`
+''' \$RCSfile\$\$Revision\$\$Date\$
+'''
+''' \$Log\$
+'''
+.de Sh
+.br
+.if t .Sp
+.ne 5
+.PP
+\\fB\\\\\$1\\fR
+.PP
+..
+.de Sp
+.if t .sp .5v
+.if n .sp
+..
+.de Ip
+.br
+.ie \\\\n(.\$>=3 .ne \\\\\$3
+.el .ne 3
+.IP "\\\\\$1" \\\\\$2
+..
+.de Vb
+.ft $CFont
+.nf
+.ne \\\\\$1
+..
+.de Ve
+.ft R
+
+.fi
+..
+'''
+'''
+'''     Set up \\*(-- to give an unbreakable dash;
+'''     string Tr holds user defined translation string.
+'''     Bell System Logo is used as a dummy character.
+'''
+.tr \\(*W-|\\(bv\\*(Tr
+.ie n \\{\\
+.ds -- \\(*W-
+.ds PI pi
+.if (\\n(.H=4u)&(1m=24u) .ds -- \\(*W\\h'-12u'\\(*W\\h'-12u'-\\" diablo 10 pitch
+.if (\\n(.H=4u)&(1m=20u) .ds -- \\(*W\\h'-12u'\\(*W\\h'-8u'-\\" diablo 12 pitch
+.ds L" ""
+.ds R" ""
+'''   \\*(M", \\*(S", \\*(N" and \\*(T" are the equivalent of
+'''   \\*(L" and \\*(R", except that they are used on ".xx" lines,
+'''   such as .IP and .SH, which do another additional levels of
+'''   double-quote interpretation
+.ds M" """
+.ds S" """
+.ds N" """""
+.ds T" """""
+.ds L' '
+.ds R' '
+.ds M' '
+.ds S' '
+.ds N' '
+.ds T' '
+'br\\}
+.el\\{\\
+.ds -- \\(em\\|
+.tr \\*(Tr
+.ds L" ``
+.ds R" ''
+.ds M" ``
+.ds S" ''
+.ds N" ``
+.ds T" ''
+.ds L' `
+.ds R' '
+.ds M' `
+.ds S' '
+.ds N' `
+.ds T' '
+.ds PI \\(*p
+'br\\}
+END
+
+print <<'END';
+.\"     If the F register is turned on, we'll generate
+.\"     index entries out stderr for the following things:
+.\"             TH      Title 
+.\"             SH      Header
+.\"             Sh      Subsection 
+.\"             Ip      Item
+.\"             X<>     Xref  (embedded
+.\"     Of course, you have to process the output yourself
+.\"     in some meaninful fashion.
+.if \nF \{
+.de IX
+.tm Index:\\$1\t\\n%\t"\\$2"
+..
+.nr % 0
+.rr F
+.\}
+END
+
+print <<"END";
+.TH $name $section "$RP" "$date" "$center"
+.UC
+END
+
+push(@Indices, qq{.IX Title "$name $section"});
+
+while (($name, $desc) = each %namedesc) {
+    for ($name, $desc) { s/^\s+//; s/\s+$//; }
+    push(@Indices, qq(.IX Name "$name - $desc"\n));
+}
+
+print <<'END';
+.if n .hy 0
+.if n .na
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.de CQ          \" put $1 in typewriter font
+END
+print ".ft $CFont\n";
+print <<'END';
+'if n "\c
+'if t \\&\\$1\c
+'if n \\&\\$1\c
+'if n \&"
+\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
+'.ft R
+..
+.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
+.       \" AM - accent mark definitions
+.bd B 3
+.       \" fudge factors for nroff and troff
+.if n \{\
+.       ds #H 0
+.       ds #V .8m
+.       ds #F .3m
+.       ds #[ \f1
+.       ds #] \fP
+.\}
+.if t \{\
+.       ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+.       ds #V .6m
+.       ds #F 0
+.       ds #[ \&
+.       ds #] \&
+.\}
+.       \" simple accents for nroff and troff
+.if n \{\
+.       ds ' \&
+.       ds ` \&
+.       ds ^ \&
+.       ds , \&
+.       ds ~ ~
+.       ds ? ?
+.       ds ! !
+.       ds /
+.       ds q
+.\}
+.if t \{\
+.       ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+.       ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+.       ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+.       ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+.       ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+.       ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
+.       ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
+.       ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.       ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
+.\}
+.       \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
+.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
+.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
+.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+.ds oe o\h'-(\w'o'u*4/10)'e
+.ds Oe O\h'-(\w'O'u*4/10)'E
+.       \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+.       \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+.       ds : e
+.       ds 8 ss
+.       ds v \h'-1'\o'\(aa\(ga'
+.       ds _ \h'-1'^
+.       ds . \h'-1'.
+.       ds 3 3
+.       ds o a
+.       ds d- d\h'-1'\(ga
+.       ds D- D\h'-1'\(hy
+.       ds th \o'bp'
+.       ds Th \o'LP'
+.       ds ae ae
+.       ds Ae AE
+.       ds oe oe
+.       ds Oe OE
+.\}
+.rm #[ #] #H #V #F C
+END
+
+$indent = 0;
+
+$begun = "";
+
+# Unrolling [^A-Z>]|[A-Z](?!<) gives:    // MRE pp 165.
+my $nonest = '(?:[^A-Z>]*(?:[A-Z](?!<)[^A-Z>]*)*)';
+
+while (<>) {
+    if ($cutting) {
+        next unless /^=/;
+        $cutting = 0;
+    }
+    if ($begun) {
+        if (/^=end\s+$begun/) {
+            $begun = "";
+        }
+        elsif ($begun =~ /^(roff|man)$/) {
+            print STDOUT $_;
+        }
+        next;
+    }
+    chomp;
+
+    # Translate verbatim paragraph
+
+    if (/^\s/) {
+        @lines = split(/\n/);
+        for (@lines) {
+            1 while s
+                {^( [^\t]* ) \t ( \t* ) }
+                { $1 . ' ' x (8 - (length($1)%8) + 8 * (length($2))) }ex;
+            s/\\/\\e/g;
+            s/\A/\\&/s;
+        }
+        $lines = @lines;
+        makespace() unless $verbatim++;
+        print ".Vb $lines\n";
+        print join("\n", @lines), "\n";
+        print ".Ve\n";
+        $needspace = 0;
+        next;
+    }
+
+    $verbatim = 0;
+
+    if (/^=for\s+(\S+)\s*/s) {
+        if ($1 eq "man" or $1 eq "roff") {
+            print STDOUT $',"\n\n";
+        } else {
+            # ignore unknown for
+        }
+        next;
+    }
+    elsif (/^=begin\s+(\S+)\s*/s) {
+        $begun = $1;
+        if ($1 eq "man" or $1 eq "roff") {
+            print STDOUT $'."\n\n";
+        }
+        next;
+    }
+
+    # check for things that'll hosed our noremap scheme; affects $_
+    init_noremap();
+
+    if (!/^=item/) {
+
+        # trofficate backslashes; must do it before what happens below
+        s/\\/noremap('\\e')/ge;
+
+        # protect leading periods and quotes against *roff
+        # mistaking them for directives
+        s/^(?:[A-Z]<)?[.']/\\&$&/gm;
+
+        # first hide the escapes in case we need to
+        # intuit something and get it wrong due to fmting
+
+        1 while s/([A-Z]<$nonest>)/noremap($1)/ge;
+
+        # func() is a reference to a perl function
+        s{
+            \b
+            (
+                [:\w]+ \(\)
+            )
+        } {I<$1>}gx;
+
+        # func(n) is a reference to a perl function or a man page
+        s{
+            ([:\w]+)
+            (
+                \( [^\051]+ \)
+            )
+        } {I<$1>\\|$2}gx;
+
+        # convert simple variable references
+        s/(\s+)([\$\@%][\w:]+)(?!\()/${1}C<$2>/g;
+
+        if (m{ (
+                    [\-\w]+
+                    \(
+                        [^\051]*?
+                        [\@\$,]
+                        [^\051]*?
+                    \)
+                )
+            }x && $` !~ /([LCI]<[^<>]*|-)$/ && !/^=\w/)
+        {
+            warn "$0: bad option in paragraph $. of $ARGV: ``$1'' should be [LCI]<$1>\n";
+            $oops++;
+        }
+
+        while (/(-[a-zA-Z])\b/g && $` !~ /[\w\-]$/) {
+            warn "$0: bad option in paragraph $. of $ARGV: ``$1'' should be [CB]<$1>\n";
+            $oops++;
+        }
+
+        # put it back so we get the <> processed again;
+        clear_noremap(0); # 0 means leave the E's
+
+    } else {
+        # trofficate backslashes
+        s/\\/noremap('\\e')/ge;
+
+    }
+
+    # need to hide E<> first; they're processed in clear_noremap
+    s/(E<[^<>]+>)/noremap($1)/ge;
+
+
+    $maxnest = 10;
+    while ($maxnest-- && /[A-Z]</) {
+
+        # can't do C font here
+        s/([BI])<($nonest)>/font($1) . $2 . font('R')/eg;
+
+        # files and filelike refs in italics
+        s/F<($nonest)>/I<$1>/g;
+
+        # no break -- usually we want C<> for this
+        s/S<($nonest)>/nobreak($1)/eg;
+
+        # LREF: a la HREF L<show this text|man/section>
+        s:L<([^|>]+)\|[^>]+>:$1:g;
+
+        # LREF: a manpage(3f)
+        s:L<([a-zA-Z][^\s\/]+)(\([^\)]+\))?>:the I<$1>$2 manpage:g;
+
+        # LREF: an =item on another manpage
+        s{
+            L<
+                ([^/]+)
+                /
+                (
+                    [:\w]+
+                    (\(\))?
+                )
+            >
+        } {the C<$2> entry in the I<$1> manpage}gx;
+
+        # LREF: an =item on this manpage
+        s{
+           ((?:
+            L<
+                /
+                (
+                    [:\w]+
+                    (\(\))?
+                )
+            >
+            (,?\s+(and\s+)?)?
+          )+)
+        } { internal_lrefs($1) }gex;
+
+        # LREF: a =head2 (head1?), maybe on a manpage, maybe right here
+        # the "func" can disambiguate
+        s{
+            L<
+                (?:
+                    ([a-zA-Z]\S+?) /
+                )?
+                "?(.*?)"?
+            >
+        }{
+            do {
+                $1      # if no $1, assume it means on this page.
+                    ?  "the section on I<$2> in the I<$1> manpage"
+                    :  "the section on I<$2>"
+            }
+        }gesx; # s in case it goes over multiple lines, so . matches \n
+
+        s/Z<>/\\&/g;
+
+        # comes last because not subject to reprocessing
+        s/C<($nonest)>/noremap("${CFont_embed}${1}\\fR")/eg;
+    }
+
+    if (s/^=//) {
+        $needspace = 0;         # Assume this.
+
+        s/\n/ /g;
+
+        ($Cmd, $_) = split(' ', $_, 2);
+
+        $dotlevel = 1;
+        if ($Cmd eq 'head1') {
+           $dotlevel = 1;
+        }
+        elsif ($Cmd eq 'head2') {
+           $dotlevel = 1;
+        }
+        elsif ($Cmd eq 'item') {
+           $dotlevel = 2;
+        }
+
+        if (defined $_) {
+            &escapes($dotlevel);
+            s/"/""/g;
+        }
+
+        clear_noremap(1);
+
+        if ($Cmd eq 'cut') {
+            $cutting = 1;
+        }
+        elsif ($Cmd eq 'head1') {
+            s/\s+$//;
+            delete $wanna_see{$_} if exists $wanna_see{$_};
+            print qq{.SH "$_"\n};
+      push(@Indices, qq{.IX Header "$_"\n});
+        }
+        elsif ($Cmd eq 'head2') {
+            print qq{.Sh "$_"\n};
+      push(@Indices, qq{.IX Subsection "$_"\n});
+        }
+        elsif ($Cmd eq 'over') {
+            push(@indent,$indent);
+            $indent += ($_ + 0) || 5;
+        }
+        elsif ($Cmd eq 'back') {
+            $indent = pop(@indent);
+            warn "$0: Unmatched =back in paragraph $. of $ARGV\n" unless defined $indent;
+            $needspace = 1;
+        }
+        elsif ($Cmd eq 'item') {
+            s/^\*( |$)/\\(bu$1/g;
+            # if you know how to get ":s please do
+            s/\\\*\(L"([^"]+?)\\\*\(R"/'$1'/g;
+            s/\\\*\(L"([^"]+?)""/'$1'/g;
+            s/[^"]""([^"]+?)""[^"]/'$1'/g;
+            # here do something about the $" in perlvar?
+            print STDOUT qq{.Ip "$_" $indent\n};
+      push(@Indices, qq{.IX Item "$_"\n});
+        }
+        elsif ($Cmd eq 'pod') {
+            # this is just a comment
+        } 
+        else {
+            warn "$0: Unrecognized pod directive in paragraph $. of $ARGV: $Cmd\n";
+        }
+    }
+    else {
+        if ($needspace) {
+            &makespace;
+        }
+        &escapes(0);
+        clear_noremap(1);
+        print $_, "\n";
+        $needspace = 1;
+    }
+}
+
+print <<"END";
+
+.rn }` ''
+END
+
+if (%wanna_see && !$lax) {
+    @missing = keys %wanna_see;
+    warn "$0: $Filename is missing required section"
+        .  (@missing > 1 && "s")
+        .  ": @missing\n";
+    $oops++;
+}
+
+foreach (@Indices) { print "$_\n"; }
+
+exit;
+#exit ($oops != 0);
+
+#########################################################################
+
+sub nobreak {
+    my $string = shift;
+    $string =~ s/ /\\ /g;
+    $string;
+}
+
+sub escapes {
+    my $indot = shift;
+
+    s/X<(.*?)>/mkindex($1)/ge;
+
+    # translate the minus in foo-bar into foo\-bar for roff
+    s/([^0-9a-z-])-([^-])/$1\\-$2/g;
+
+    # make -- into the string version \*(-- (defined above)
+    s/\b--\b/\\*(--/g;
+    s/"--([^"])/"\\*(--$1/g;  # should be a better way
+    s/([^"])--"/$1\\*(--"/g;
+
+    # fix up quotes; this is somewhat tricky
+    my $dotmacroL = 'L';
+    my $dotmacroR = 'R';
+    if ( $indot == 1 ) {
+        $dotmacroL = 'M';
+        $dotmacroR = 'S';
+    }  
+    elsif ( $indot >= 2 ) {
+        $dotmacroL = 'N';
+        $dotmacroR = 'T';
+    }  
+    if (!/""/) {
+        s/(^|\s)(['"])/noremap("$1\\*($dotmacroL$2")/ge;
+        s/(['"])($|[\-\s,;\\!?.])/noremap("\\*($dotmacroR$1$2")/ge;
+    }
+
+    #s/(?!")(?:.)--(?!")(?:.)/\\*(--/g;
+    #s/(?:(?!")(?:.)--(?:"))|(?:(?:")--(?!")(?:.))/\\*(--/g;
+
+
+    # make sure that func() keeps a bit a space tween the parens
+    ### s/\b\(\)/\\|()/g;
+    ### s/\b\(\)/(\\|)/g;
+
+    # make C++ into \*C+, which is a squinched version (defined above)
+    s/\bC\+\+/\\*(C+/g;
+
+    # make double underbars have a little tiny space between them
+    s/__/_\\|_/g;
+
+    # PI goes to \*(PI (defined above)
+    s/\bPI\b/noremap('\\*(PI')/ge;
+
+    # make all caps a teeny bit smaller, but don't muck with embedded code literals
+    my $hidCFont = font('C');
+    if ($Cmd !~ /^head1/) { # SH already makes smaller
+        # /g isn't enough; 1 while or we'll be off
+
+#       1 while s{
+#           (?!$hidCFont)(..|^.|^)
+#           \b
+#           (
+#               [A-Z][\/A-Z+:\-\d_$.]+
+#           )
+#           (s?)                
+#           \b
+#       } {$1\\s-1$2\\s0}gmox;
+
+        1 while s{
+            (?!$hidCFont)(..|^.|^)
+            (
+                \b[A-Z]{2,}[\/A-Z+:\-\d_\$]*\b
+            )
+        } {
+            $1 . noremap( '\\s-1' .  $2 . '\\s0' )
+        }egmox;
+
+    }
+}
+
+# make troff just be normal, but make small nroff get quoted
+# decided to just put the quotes in the text; sigh;
+sub ccvt {
+    local($_,$prev) = @_;
+    noremap(qq{.CQ "$_" \n\\&});
+}
+
+sub makespace {
+    if ($indent) {
+        print ".Sp\n";
+    }
+    else {
+        print ".PP\n";
+    }
+}
+
+sub mkindex {
+    my ($entry) = @_;
+    my @entries = split m:\s*/\s*:, $entry;
+    push @Indices, ".IX Xref " . join ' ', map {qq("$_")} @entries;
+    return '';
+}
+
+sub font {
+    local($font) = shift;
+    return '\\f' . noremap($font);
+}
+
+sub noremap {
+    local($thing_to_hide) = shift;
+    $thing_to_hide =~ tr/\000-\177/\200-\377/;
+    return $thing_to_hide;
+}
+
+sub init_noremap {
+        # escape high bit characters in input stream
+        s/([\200-\377])/"E<".ord($1).">"/ge;
+}
+
+sub clear_noremap {
+    my $ready_to_print = $_[0];
+
+    tr/\200-\377/\000-\177/;
+
+    # trofficate backslashes
+    # s/(?!\\e)(?:..|^.|^)\\/\\e/g;
+
+    # now for the E<>s, which have been hidden until now
+    # otherwise the interative \w<> processing would have
+    # been hosed by the E<gt>
+    s {
+            E<
+            (
+                ( \d + ) 
+                | ( [A-Za-z]+ ) 
+            )
+            >   
+    } {
+         do {
+             defined $2
+                ? chr($2)
+                :       
+             exists $HTML_Escapes{$3}
+                ? do { $HTML_Escapes{$3} }
+                : do {
+                    warn "$0: Unknown escape in paragraph $. of $ARGV: ``$&''\n";
+                    "E<$1>";
+                }
+         }
+    }egx if $ready_to_print;
+}
+
+sub internal_lrefs {
+    local($_) = shift;
+    local $trailing_and = s/and\s+$// ? "and " : "";
+
+    s{L</([^>]+)>}{$1}g;
+    my(@items) = split( /(?:,?\s+(?:and\s+)?)/ );
+    my $retstr = "the ";
+    my $i;
+    for ($i = 0; $i <= $#items; $i++) {
+        $retstr .= "C<$items[$i]>";
+        $retstr .= ", " if @items > 2 && $i != $#items;
+        $retstr .= " and " if $i+2 == @items;
+    }
+
+    $retstr .= " entr" . ( @items > 1  ? "ies" : "y" )
+            .  " elsewhere in this document";
+    # terminal space to avoid words running together (pattern used
+    # strips terminal spaces)
+    $retstr .= " " if length $trailing_and;
+    $retstr .=  $trailing_and;
+
+    return $retstr;
+
+}
+
+BEGIN {
+%HTML_Escapes = (
+    'amp'       =>      '&',    #   ampersand
+    'lt'        =>      '<',    #   left chevron, less-than
+    'gt'        =>      '>',    #   right chevron, greater-than
+    'quot'      =>      '"',    #   double quote
+
+    "Aacute"    =>      "A\\*'",        #   capital A, acute accent
+    "aacute"    =>      "a\\*'",        #   small a, acute accent
+    "Acirc"     =>      "A\\*^",        #   capital A, circumflex accent
+    "acirc"     =>      "a\\*^",        #   small a, circumflex accent
+    "AElig"     =>      '\*(AE',        #   capital AE diphthong (ligature)
+    "aelig"     =>      '\*(ae',        #   small ae diphthong (ligature)
+    "Agrave"    =>      "A\\*`",        #   capital A, grave accent
+    "agrave"    =>      "A\\*`",        #   small a, grave accent
+    "Aring"     =>      'A\\*o',        #   capital A, ring
+    "aring"     =>      'a\\*o',        #   small a, ring
+    "Atilde"    =>      'A\\*~',        #   capital A, tilde
+    "atilde"    =>      'a\\*~',        #   small a, tilde
+    "Auml"      =>      'A\\*:',        #   capital A, dieresis or umlaut mark
+    "auml"      =>      'a\\*:',        #   small a, dieresis or umlaut mark
+    "Ccedil"    =>      'C\\*,',        #   capital C, cedilla
+    "ccedil"    =>      'c\\*,',        #   small c, cedilla
+    "Eacute"    =>      "E\\*'",        #   capital E, acute accent
+    "eacute"    =>      "e\\*'",        #   small e, acute accent
+    "Ecirc"     =>      "E\\*^",        #   capital E, circumflex accent
+    "ecirc"     =>      "e\\*^",        #   small e, circumflex accent
+    "Egrave"    =>      "E\\*`",        #   capital E, grave accent
+    "egrave"    =>      "e\\*`",        #   small e, grave accent
+    "ETH"       =>      '\\*(D-',       #   capital Eth, Icelandic
+    "eth"       =>      '\\*(d-',       #   small eth, Icelandic
+    "Euml"      =>      "E\\*:",        #   capital E, dieresis or umlaut mark
+    "euml"      =>      "e\\*:",        #   small e, dieresis or umlaut mark
+    "Iacute"    =>      "I\\*'",        #   capital I, acute accent
+    "iacute"    =>      "i\\*'",        #   small i, acute accent
+    "Icirc"     =>      "I\\*^",        #   capital I, circumflex accent
+    "icirc"     =>      "i\\*^",        #   small i, circumflex accent
+    "Igrave"    =>      "I\\*`",        #   capital I, grave accent
+    "igrave"    =>      "i\\*`",        #   small i, grave accent
+    "Iuml"      =>      "I\\*:",        #   capital I, dieresis or umlaut mark
+    "iuml"      =>      "i\\*:",        #   small i, dieresis or umlaut mark
+    "Ntilde"    =>      'N\*~',         #   capital N, tilde
+    "ntilde"    =>      'n\*~',         #   small n, tilde
+    "Oacute"    =>      "O\\*'",        #   capital O, acute accent
+    "oacute"    =>      "o\\*'",        #   small o, acute accent
+    "Ocirc"     =>      "O\\*^",        #   capital O, circumflex accent
+    "ocirc"     =>      "o\\*^",        #   small o, circumflex accent
+    "Ograve"    =>      "O\\*`",        #   capital O, grave accent
+    "ograve"    =>      "o\\*`",        #   small o, grave accent
+    "Oslash"    =>      "O\\*/",        #   capital O, slash
+    "oslash"    =>      "o\\*/",        #   small o, slash
+    "Otilde"    =>      "O\\*~",        #   capital O, tilde
+    "otilde"    =>      "o\\*~",        #   small o, tilde
+    "Ouml"      =>      "O\\*:",        #   capital O, dieresis or umlaut mark
+    "ouml"      =>      "o\\*:",        #   small o, dieresis or umlaut mark
+    "szlig"     =>      '\*8',          #   small sharp s, German (sz ligature)
+    "THORN"     =>      '\\*(Th',       #   capital THORN, Icelandic
+    "thorn"     =>      '\\*(th',,      #   small thorn, Icelandic
+    "Uacute"    =>      "U\\*'",        #   capital U, acute accent
+    "uacute"    =>      "u\\*'",        #   small u, acute accent
+    "Ucirc"     =>      "U\\*^",        #   capital U, circumflex accent
+    "ucirc"     =>      "u\\*^",        #   small u, circumflex accent
+    "Ugrave"    =>      "U\\*`",        #   capital U, grave accent
+    "ugrave"    =>      "u\\*`",        #   small u, grave accent
+    "Uuml"      =>      "U\\*:",        #   capital U, dieresis or umlaut mark
+    "uuml"      =>      "u\\*:",        #   small u, dieresis or umlaut mark
+    "Yacute"    =>      "Y\\*'",        #   capital Y, acute accent
+    "yacute"    =>      "y\\*'",        #   small y, acute accent
+    "yuml"      =>      "y\\*:",        #   small y, dieresis or umlaut mark
+);
+}
+
diff --git a/src/lib/libcrypto/util/selftest.pl b/src/lib/libcrypto/util/selftest.pl
new file mode 100644
index 0000000000..91e962a312
--- /dev/null
+++ b/src/lib/libcrypto/util/selftest.pl
@@ -0,0 +1,174 @@
+#!/usr/local/bin/perl -w
+#
+# Run the test suite and generate a report
+#
+
+if (! -f "Configure") {
+    print "Please run perl util/selftest.pl in the OpenSSL directory.\n";
+    exit 1;
+}
+
+my $report="testlog";
+my $os="??";
+my $version="??";
+my $platform0="??";
+my $platform="??";
+my $options="??";
+my $last="??";
+my $ok=0;
+my $cc="cc";
+my $cversion="??";
+my $sep="-----------------------------------------------------------------------------\n";
+
+open(OUT,">$report") or die;
+
+print OUT "OpenSSL self-test report:\n\n";
+
+$uname=`uname -a`;
+$uname="??" if $uname eq "";
+
+$c=`sh config -t`;
+foreach $_ (split("\n",$c)) {
+    $os=$1 if (/Operating system: (.*)$/);
+    $platform0=$1 if (/Configuring for (.*)$/);
+}
+
+system "sh config" if (! -f "Makefile.ssl");
+
+if (open(IN,"<Makefile.ssl")) {
+    while (<IN>) {
+        $version=$1 if (/^VERSION=(.*)$/);
+        $platform=$1 if (/^PLATFORM=(.*)$/);
+        $options=$1 if (/^OPTIONS=(.*)$/);
+        $cc=$1 if (/^CC= *(.*)$/);
+    }
+    close(IN);
+} else {
+    print OUT "Error running config!\n";
+}
+
+$cversion=`$cc -v 2>&1`;
+$cversion=`$cc -V 2>&1` if $cversion =~ "usage";
+$cversion=`$cc --version` if $cversion eq "";
+$cversion =~ s/Reading specs.*\n//;
+$cversion =~ s/usage.*\n//;
+chomp $cversion;
+
+if (open(IN,"<CHANGES")) {
+    while(<IN>) {
+        if (/\*\) (.{0,55})/) {
+            $last=$1;
+            last;
+        }
+    }
+    close(IN);
+}
+
+print OUT "OpenSSL version:  $version\n";
+print OUT "Last change:      $last...\n";
+print OUT "Options:          $options\n" if $options ne "";
+print OUT "OS (uname):       $uname";
+print OUT "OS (config):      $os\n";
+print OUT "Target (default): $platform0\n";
+print OUT "Target:           $platform\n";
+print OUT "Compiler:         $cversion\n";
+print OUT "\n";
+
+print "Checking compiler...\n";
+if (open(TEST,">cctest.c")) {
+    print TEST "#include <stdio.h>\nmain(){printf(\"Hello world\\n\");}\n";
+    close(TEST);
+    system("$cc -o cctest cctest.c");
+    if (`./cctest` !~ /Hello world/) {
+        print OUT "Compiler doesn't work.\n";
+        goto err;
+    }
+} else {
+    print OUT "Can't create cctest.c\n";
+}
+if (open(TEST,">cctest.c")) {
+    print TEST "#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
+    close(TEST);
+    system("$cc -o cctest -Iinclude cctest.c");
+    $cctest = `./cctest`;
+    if ($cctest !~ /OpenSSL $version/) {
+        if ($cctest =~ /OpenSSL/) {
+            print OUT "#include uses headers from different OpenSSL version!\n";
+        } else {
+            print OUT "Can't compile test program!\n";
+        }
+        goto err;
+    }
+} else {
+    print OUT "Can't create cctest.c\n";
+}
+
+print "Running make...\n";
+if (system("make 2>&1 | tee make.log") > 255) {
+
+    print OUT "make failed!\n";
+    if (open(IN,"<make.log")) {
+        print OUT $sep;
+        while (<IN>) {
+            print OUT;
+        }
+        close(IN);
+        print OUT $sep;
+    } else {
+        print OUT "make.log not found!\n";
+    }
+    goto err;
+}
+
+$_=$options;
+s/no-asm//;
+if (/no-/)
+{
+    print OUT "Test skipped.\n";
+    goto err;
+}
+
+print "Running make test...\n";
+if (system("make test 2>&1 | tee make.log") > 255)
+ {
+    print OUT "make test failed!\n";
+} else {
+    $ok=1;
+}
+
+if ($ok and open(IN,"<make.log")) {
+    while (<IN>) {
+        $ok=2 if /^platform: $platform/;
+    }
+    close(IN);
+}
+
+if ($ok != 2) {
+    print OUT "Failure!\n";
+    if (open(IN,"<make.log")) {
+        print OUT $sep;
+        while (<IN>) {
+            print OUT;
+        }
+        close(IN);
+        print OUT $sep;
+    } else {
+        print OUT "make.log not found!\n";
+    }
+} else {
+    print OUT "Test passed.\n";
+}
+err:
+close(OUT);
+
+print "\n";
+open(IN,"<$report") or die;
+while (<IN>) {
+    if (/$sep/) {
+        print "[...]\n";
+        last;
+    }
+    print;
+}
+print "\nTest report in file $report\n";
+
diff --git a/src/lib/libcrypto/x509v3/tabtest.c b/src/lib/libcrypto/x509v3/tabtest.c
new file mode 100644
index 0000000000..dad0d38dd5
--- /dev/null
+++ b/src/lib/libcrypto/x509v3/tabtest.c
@@ -0,0 +1,88 @@
+/* tabtest.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Simple program to check the ext_dat.h is correct and print out
+ * problems if it is not.
+ */
+
+#include <stdio.h>
+
+#include <openssl/x509v3.h>
+
+#include "ext_dat.h"
+
+main()
+{
+        int i, prev = -1, bad = 0;
+        X509V3_EXT_METHOD **tmp;
+        i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *);
+        if(i != STANDARD_EXTENSION_COUNT)
+                fprintf(stderr, "Extension number invalid expecting %d\n", i);
+        tmp = standard_exts;
+        for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) {
+                if((*tmp)->ext_nid < prev) bad = 1;
+                prev = (*tmp)->ext_nid;
+                
+        }
+        if(bad) {
+                tmp = standard_exts;
+                fprintf(stderr, "Extensions out of order!\n");
+                for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++)
+                printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid));
+        } else fprintf(stderr, "Order OK\n");
+}
diff --git a/src/lib/libcrypto/x509v3/v3conf.c b/src/lib/libcrypto/x509v3/v3conf.c
new file mode 100644
index 0000000000..21cf746f45
--- /dev/null
+++ b/src/lib/libcrypto/x509v3/v3conf.c
@@ -0,0 +1,128 @@
+/* v3conf.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+/* Test application to add extensions from a config file */
+
+int main(int argc, char **argv)
+{
+        LHASH *conf;
+        X509 *cert;
+        FILE *inf;
+        char *conf_file;
+        int i;
+        int count;
+        X509_EXTENSION *ext;
+        X509V3_add_standard_extensions();
+        ERR_load_crypto_strings();
+        if(!argv[1]) {
+                fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
+                exit(1);
+        }
+        conf_file = argv[2];
+        if(!conf_file) conf_file = "test.cnf";
+        conf = CONF_load(NULL, "test.cnf", NULL);
+        if(!conf) {
+                fprintf(stderr, "Error opening Config file %s\n", conf_file);
+                ERR_print_errors_fp(stderr);
+                exit(1);
+        }
+
+        inf = fopen(argv[1], "r");
+        if(!inf) {
+                fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
+                exit(1);
+        }
+        cert = PEM_read_X509(inf, NULL, NULL);
+        if(!cert) {
+                fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
+                exit(1);
+        }
+        fclose(inf);
+
+        sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
+        cert->cert_info->extensions = NULL;
+
+        if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
+                fprintf(stderr, "Error adding extensions\n");
+                ERR_print_errors_fp(stderr);
+                exit(1);
+        }
+
+        count = X509_get_ext_count(cert);
+        printf("%d extensions\n", count);
+        for(i = 0; i < count; i++) {
+                ext = X509_get_ext(cert, i);
+                printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
+                if(ext->critical) printf(",critical:\n");
+                else printf(":\n");
+                X509V3_EXT_print_fp(stdout, ext, 0);
+                printf("\n");
+                
+        }
+        return 0;
+}
+
diff --git a/src/lib/libcrypto/x509v3/v3prin.c b/src/lib/libcrypto/x509v3/v3prin.c
new file mode 100644
index 0000000000..ee798859f0
--- /dev/null
+++ b/src/lib/libcrypto/x509v3/v3prin.c
@@ -0,0 +1,101 @@
+/* v3prin.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+int main(int argc, char **argv)
+{
+        X509 *cert;
+        FILE *inf;
+        int i, count;
+        X509_EXTENSION *ext;
+        X509V3_add_standard_extensions();
+        ERR_load_crypto_strings();
+        if(!argv[1]) {
+                fprintf(stderr, "Usage v3prin cert.pem\n");
+                exit(1);
+        }
+        if(!(inf = fopen(argv[1], "r"))) {
+                fprintf(stderr, "Can't open %s\n", argv[1]);
+                exit(1);
+        }
+        if(!(cert = PEM_read_X509(inf, NULL, NULL))) {
+                fprintf(stderr, "Can't read certificate %s\n", argv[1]);
+                ERR_print_errors_fp(stderr);
+                exit(1);
+        }
+        fclose(inf);
+        count = X509_get_ext_count(cert);
+        printf("%d extensions\n", count);
+        for(i = 0; i < count; i++) {
+                ext = X509_get_ext(cert, i);
+                printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
+                if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr);
+                printf("\n");
+                
+        }
+        return 0;
+}