46 files changed, 8413 insertions, 7 deletions

diff --git a/src/lib/libcrypto/des/DES.pm b/src/lib/libcrypto/des/DES.pm
new file mode 100644
index 0000000000..6a175b6ca4
--- /dev/null
+++ b/src/lib/libcrypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here.  Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/src/lib/libcrypto/des/DES.xs b/src/lib/libcrypto/des/DES.xs
new file mode 100644
index 0000000000..b8050b9edf
--- /dev/null
+++ b/src/lib/libcrypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+    croak("%s not implemented on this architecture", s);
+    return -1;
+}
+
+MODULE = DES    PACKAGE = DES   PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+        char *  buf
+        char *  salt
+
+void
+des_set_odd_parity(key)
+        des_cblock *    key
+PPCODE:
+        {
+        SV *s;
+
+        s=sv_newmortal();
+        sv_setpvn(s,(char *)key,8);
+        des_set_odd_parity((des_cblock *)SvPV(s,na));
+        PUSHs(s);
+        }
+
+int
+des_is_weak_key(key)
+        des_cblock *    key
+
+des_key_schedule
+des_set_key(key)
+        des_cblock *    key
+CODE:
+        des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+        des_cblock *    input
+        des_key_schedule *      ks
+        int     encrypt
+CODE:
+        des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+        char *  input
+        des_key_schedule *      ks
+        des_cblock *    ivec
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+        char *c;
+
+        l=SvCUR(ST(0));
+        len=((((unsigned long)l)+7)/8)*8;
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(char *)SvPV(s,na);
+        des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+                l,*ks,ivec,encrypt);
+        sv_setpvn(ST(2),(char *)c[len-8],8);
+        PUSHs(s);
+        }
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+        char *  input
+        des_key_schedule *      ks1
+        des_key_schedule *      ks2
+        des_cblock *    ivec1
+        des_cblock *    ivec2
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+
+        l=SvCUR(ST(0));
+        len=((((unsigned long)l)+7)/8)*8;
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+                l,*ks1,*ks2,ivec1,ivec2,encrypt);
+        sv_setpvn(ST(3),(char *)ivec1,8);
+        sv_setpvn(ST(4),(char *)ivec2,8);
+        PUSHs(s);
+        }
+
+void
+des_cbc_cksum(input,ks,ivec)
+        char *  input
+        des_key_schedule *      ks
+        des_cblock *    ivec
+PPCODE:
+        {
+        SV *s1,*s2;
+        STRLEN len,l;
+        des_cblock c;
+        unsigned long i1,i2;
+
+        s1=sv_newmortal();
+        s2=sv_newmortal();
+        l=SvCUR(ST(0));
+        des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+                l,*ks,ivec);
+        i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+        i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+        sv_setiv(s1,i1);
+        sv_setiv(s2,i2);
+        sv_setpvn(ST(2),(char *)c,8);
+        PUSHs(s1);
+        PUSHs(s2);
+        }
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+        char *  input
+        int     numbits
+        des_key_schedule *      ks
+        des_cblock *    ivec
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len;
+        char *c;
+
+        len=SvCUR(ST(0));
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(char *)SvPV(s,na);
+        des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+                (int)numbits,(long)len,*ks,ivec,encrypt);
+        sv_setpvn(ST(3),(char *)ivec,8);
+        PUSHs(s);
+        }
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+        des_cblock *    input
+        des_key_schedule *      ks1
+        des_key_schedule *      ks2
+        int     encrypt
+CODE:
+        {
+        des_cblock c;
+
+        des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+                *ks1,*ks2,encrypt);
+        RETVAL= &c;
+        }
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+        unsigned char * input
+        int     numbits
+        des_key_schedule *      ks
+        des_cblock *    ivec
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+        unsigned char *c;
+
+        len=SvCUR(ST(0));
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(unsigned char *)SvPV(s,na);
+        des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+                numbits,len,*ks,ivec);
+        sv_setpvn(ST(3),(char *)ivec,8);
+        PUSHs(s);
+        }
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+        char *  input
+        des_key_schedule *      ks
+        des_cblock *    ivec
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+        char *c;
+
+        l=SvCUR(ST(0));
+        len=((((unsigned long)l)+7)/8)*8;
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(char *)SvPV(s,na);
+        des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+                l,*ks,ivec,encrypt);
+        sv_setpvn(ST(2),(char *)c[len-8],8);
+        PUSHs(s);
+        }
+
+des_cblock *
+des_random_key()
+CODE:
+        {
+        des_cblock c;
+
+        des_random_key(c);
+        RETVAL=&c;
+        }
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char *  str
+CODE:
+        {
+        des_cblock c;
+
+        des_string_to_key(str,&c);
+        RETVAL=&c;
+        }
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char *  str
+PPCODE:
+        {
+        des_cblock c1,c2;
+        SV *s1,*s2;
+
+        des_string_to_2keys(str,&c1,&c2);
+        EXTEND(sp,2);
+        s1=sv_newmortal();
+        sv_setpvn(s1,(char *)c1,8);
+        s2=sv_newmortal();
+        sv_setpvn(s2,(char *)c2,8);
+        PUSHs(s1);
+        PUSHs(s2);
+        }
diff --git a/src/lib/libcrypto/des/FILES0 b/src/lib/libcrypto/des/FILES0
new file mode 100644
index 0000000000..1c2e1f75b9
--- /dev/null
+++ b/src/lib/libcrypto/des/FILES0
@@ -0,0 +1,96 @@
+/* General stuff */
+COPYRIGHT       - Copyright info.
+MODES.DES       - A description of the features of the different modes of DES.
+FILES           - This file.
+INSTALL         - How to make things compile.
+Imakefile       - For use with kerberos.
+README          - What this package is.
+VERSION         - Which version this is and what was changed.
+KERBEROS        - Kerberos version 4 notes.
+Makefile.PL     - An old makefile to build with perl5, not current.
+Makefile        - The SSLeay makefile
+Makefile.uni    - The normal unix makefile.
+GNUmakefile     - The makefile for use with glibc.
+makefile.bc     - A Borland C makefile
+times           - Some outputs from 'speed' on some machines.
+vms.com         - For use when compiling under VMS
+
+/* My SunOS des(1) replacement */
+des.c           - des(1) source code.
+des.man         - des(1) manual.
+
+/* Testing and timing programs. */
+destest.c       - Source for libdes.a test program.
+speed.c         - Source for libdes.a timing program.
+rpw.c           - Source for libdes.a testing password reading routines.
+
+/* libdes.a source code */
+des_crypt.man   - libdes.a manual page.
+des.h           - Public libdes.a header file.
+ecb_enc.c       - des_ecb_encrypt() source, this contains the basic DES code.
+ecb3_enc.c      - des_ecb3_encrypt() source.
+cbc_ckm.c       - des_cbc_cksum() source.
+cbc_enc.c       - des_cbc_encrypt() source.
+ncbc_enc.c      - des_cbc_encrypt() that is 'normal' in that it copies
+                  the new iv values back in the passed iv vector.
+ede_enc.c       - des_ede3_cbc_encrypt() cbc mode des using triple DES.
+cbc3_enc.c      - des_3cbc_encrypt() source, don't use this function.
+cfb_enc.c       - des_cfb_encrypt() source.
+cfb64enc.c      - des_cfb64_encrypt() cfb in 64 bit mode but setup to be
+                  used as a stream cipher.
+cfb64ede.c      - des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
+                  used as a stream cipher and using triple DES.
+ofb_enc.c       - des_cfb_encrypt() source.
+ofb64_enc.c     - des_ofb_encrypt() ofb in 64 bit mode but setup to be
+                  used as a stream cipher.
+ofb64ede.c      - des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
+                  used as a stream cipher and using triple DES.
+enc_read.c      - des_enc_read() source.
+enc_writ.c      - des_enc_write() source.
+pcbc_enc.c      - des_pcbc_encrypt() source.
+qud_cksm.c      - quad_cksum() source.
+rand_key.c      - des_random_key() source.
+read_pwd.c      - Source for des_read_password() plus related functions.
+set_key.c       - Source for des_set_key().
+str2key.c       - Covert a string of any length into a key.
+fcrypt.c        - A small, fast version of crypt(3).
+des_locl.h      - Internal libdes.a header file.
+podd.h          - Odd parity tables - used in des_set_key().
+sk.h            - Lookup tables used in des_set_key().
+spr.h           - What is left of the S tables - used in ecb_encrypt().
+des_ver.h       - header file for the external definition of the
+                  version string.
+des.doc         - SSLeay documentation for the library.
+
+/* The perl scripts - you can ignore these files they are only
+ * included for the curious */
+des.pl          - des in perl anyone? des_set_key and des_ecb_encrypt
+                  both done in a perl library.
+testdes.pl      - Testing program for des.pl
+doIP            - Perl script used to develop IP xor/shift code.
+doPC1           - Perl script used to develop PC1 xor/shift code.
+doPC2           - Generates sk.h.
+PC1             - Output of doPC1 should be the same as output from PC1.
+PC2             - used in development of doPC2.
+shifts.pl       - Perl library used by my perl scripts.
+
+/* I started making a perl5 dynamic library for libdes
+ * but did not fully finish, these files are part of that effort. */
+DES.pm
+DES.pod
+DES.xs
+t
+typemap
+
+/* The following are for use with sun RPC implementaions. */
+rpc_des.h
+rpc_enc.c
+
+/* The following are contibuted by Mark Murray <mark@grondar.za>.  They
+ * are not normally built into libdes due to machine specific routines
+ * contained in them.  They are for use in the most recent incarnation of
+ * export kerberos v 4 (eBones). */
+supp.c
+new_rkey.c
+
+
diff --git a/src/lib/libcrypto/des/INSTALL b/src/lib/libcrypto/des/INSTALL
new file mode 100644
index 0000000000..32457d775c
--- /dev/null
+++ b/src/lib/libcrypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt.  For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevent option in the Makefile
+
+There are some special Makefile targets that make life easier.
+make cc         - standard cc build
+make gcc        - standard gcc build
+make x86-elf    - x86 assembler (elf), linux-elf.
+make x86-out    - x86 assembler (a.out), FreeBSD
+make x86-solaris- x86 assembler
+make x86-bsdi   - x86 assembler (a.out with primative assembler).
+
+If at all possible use the assembler (for Windows NT/95, use
+asm/win32.obj to link with).  The x86 assembler is very very fast.
+
+A make install will by default install
+libdes.a      in /usr/local/lib/libdes.a
+des           in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man       in /usr/local/man/man1/des.1
+des.h         in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace.  Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order.  It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/src/lib/libcrypto/des/Imakefile b/src/lib/libcrypto/des/Imakefile
new file mode 100644
index 0000000000..1b9b5629e1
--- /dev/null
+++ b/src/lib/libcrypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS=   cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+        qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+        enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+        ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS=   cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+        qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+        enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+        ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+        vms.com KERBEROS
+DES=    des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL=   des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE=    $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/src/lib/libcrypto/des/KERBEROS b/src/lib/libcrypto/des/KERBEROS
new file mode 100644
index 0000000000..f401b10014
--- /dev/null
+++ b/src/lib/libcrypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+   but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones.  It can be found on
+   gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+   and
+   nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+   3.00 or greater (libdes.tar.93-10-07.Z).  This versions differences
+   from the version in comp.sources.misc volume 29 patchlevel2.
+   The primarily difference is that it should compile under kerberos :-).
+   It can be found at.
+   ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig        Fri Jul  3 04:18:35 1987
+--- make_commands.c     Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+       if (!rename(o_file, z_file)) {
+          if (!vfork()) {
+               chdir("/tmp");
+!              execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+                     z_file+5, 0);
+               perror("/bin/ld");
+               _exit(1);
+--- 98,104 ----
+       if (!rename(o_file, z_file)) {
+          if (!vfork()) {
+               chdir("/tmp");
+!              execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+                     z_file+5, 0);
+               perror("/bin/ld");
+               _exit(1);
diff --git a/src/lib/libcrypto/des/Makefile b/src/lib/libcrypto/des/Makefile
new file mode 100644
index 0000000000..800af0b123
--- /dev/null
+++ b/src/lib/libcrypto/des/Makefile
@@ -0,0 +1,314 @@
+#
+# OpenSSL/crypto/des/Makefile
+#
+
+DIR=    des
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile
+AR=             ar r
+RANLIB=         ranlib
+DES_ENC=        des_enc.o fcrypt_b.o
+# or use
+#DES_ENC=       dx86-elf.o yx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+        ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+        fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+        qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+        des_enc.c fcrypt_b.c \
+        xcbc_enc.c \
+        str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+        read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+        ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+        enc_read.o enc_writ.o ofb64enc.o \
+        ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+        ${DES_ENC} \
+        fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+        ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER= des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+des: des.o cbc3_enc.o lib
+        $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+# elf
+asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s)
+
+asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s)
+
+# a.out
+asm/dx86-out.o: asm/dx86unix.cpp
+        $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+
+asm/yx86-out.o: asm/yx86unix.cpp
+        $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86unix.cpp
+        $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
+
+asm/yx86bsdi.o: asm/yx86unix.cpp
+        $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install: installs
+
+installs:
+        @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cbc_cksm.o: ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../e_os.h ../../include/openssl/crypto.h
+cfb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64enc.o: ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
+cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb_enc.o: cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c
+des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_old2.o: ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_old2.o: des_old2.c
+ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ecb3_enc.o: ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
+ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/opensslv.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_read.o: ../cryptlib.h des_locl.h enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+fcrypt_b.o: ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb64ede.o: ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb64enc.o: ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+pcbc_enc.o: ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+qud_cksm.o: ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rand_key.o: ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rand_key.o: rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+read2pwd.o: read2pwd.c
+rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h
+rpc_enc.o: rpc_enc.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+xcbc_enc.o: ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/src/lib/libcrypto/des/Makefile.ssl b/src/lib/libcrypto/des/Makefile.ssl
new file mode 100644
index 0000000000..0d9ba2b42f
--- /dev/null
+++ b/src/lib/libcrypto/des/Makefile.ssl
@@ -0,0 +1,316 @@
+#
+# SSLeay/crypto/des/Makefile
+#
+
+DIR=    des
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=           make -f Makefile.ssl
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile.ssl
+AR=             ar r
+RANLIB=         ranlib
+DES_ENC=        des_enc.o fcrypt_b.o
+# or use
+#DES_ENC=       dx86-elf.o yx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+        ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+        fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+        qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+        des_enc.c fcrypt_b.c \
+        xcbc_enc.c \
+        str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+        read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+        ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+        enc_read.o enc_writ.o ofb64enc.o \
+        ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+        ${DES_ENC} \
+        fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+        ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER= des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+des: des.o cbc3_enc.o lib
+        $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+# elf
+asm/dx86-elf.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > dx86-elf.s)
+
+asm/yx86-elf.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > yx86-elf.s)
+
+# a.out
+asm/dx86-out.o: asm/dx86unix.cpp
+        $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+
+asm/yx86-out.o: asm/yx86unix.cpp
+        $(CPP) -DOUT asm/yx86unix.cpp | as -o asm/yx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86unix.cpp
+        $(CPP) -DBSDI asm/dx86unix.cpp | sed 's/ :/:/' | as -o asm/dx86bsdi.o
+
+asm/yx86bsdi.o: asm/yx86unix.cpp
+        $(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
+        (cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install: installs
+
+installs:
+        @for i in $(EXHEADER) ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f asm/dx86unix.cpp asm/yx86unix.cpp asm/*-elf.* *.o asm/*.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cbc_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cbc_cksm.o: ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cbc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cbc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cbc_enc.o: ../../include/openssl/ui_compat.h cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+cfb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64enc.o: ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
+cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb_enc.o: cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_enc.o: ../../include/openssl/ui_compat.h des_enc.c des_locl.h ncbc_enc.c
+des_old.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_old.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_old.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+des_old2.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+des_old2.o: ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+des_old2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+des_old2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_old2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_old2.o: des_old2.c
+ecb3_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ecb3_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ecb3_enc.o: ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
+ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/opensslv.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+enc_read.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_read.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_read.o: ../cryptlib.h des_locl.h enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+fcrypt.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+fcrypt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+fcrypt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+fcrypt.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+fcrypt.o: ../../include/openssl/ui_compat.h des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+fcrypt_b.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+fcrypt_b.o: ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb64ede.o: ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb64enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb64enc.o: ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ofb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+ofb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ofb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ofb_enc.o: ../../include/openssl/ui_compat.h des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+pcbc_enc.o: ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+qud_cksm.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+qud_cksm.o: ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rand_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rand_key.o: ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rand_key.o: rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+read2pwd.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+read2pwd.o: read2pwd.c
+rpc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+rpc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+rpc_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rpc_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rpc_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rpc_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h rpc_des.h
+rpc_enc.o: rpc_enc.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+str2key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+str2key.o: ../../include/openssl/ui_compat.h des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+xcbc_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+xcbc_enc.o: ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/src/lib/libcrypto/des/README b/src/lib/libcrypto/des/README
new file mode 100644
index 0000000000..621a5ab467
--- /dev/null
+++ b/src/lib/libcrypto/des/README
@@ -0,0 +1,54 @@
+
+                libdes, Version 4.01 10-Jan-97
+
+                Copyright (c) 1997, Eric Young
+                          All rights reserved.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms specified in COPYRIGHT.
+    
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay.  Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command.  I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336).  It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+  ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/src/lib/libcrypto/des/VERSION b/src/lib/libcrypto/des/VERSION
new file mode 100644
index 0000000000..c7d01542bc
--- /dev/null
+++ b/src/lib/libcrypto/des/VERSION
@@ -0,0 +1,412 @@
+        Fixed the weak key values which were wrong :-(
+        Defining SIGACTION causes sigaction() to be used instead of signal().
+        SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
+        can cause problems.  This should hopefully not affect normal
+        applications.
+
+Version 4.04
+        Fixed a few tests in destest.  Also added x86 assember for
+        des_ncbc_encrypt() which is the standard cbc mode function.
+        This makes a very very large performace difference.
+        Ariel Glenn ariel@columbia.edu reports that the terminal
+        'turn echo off' can return (errno == EINVAL) under solaris
+        when redirection is used.  So I now catch that as well as ENOTTY.
+
+
+Version 4.03
+        Left a static out of enc_write.c, which caused to buffer to be
+        continiously malloc()ed.  Does anyone use these functions?  I keep
+        on feeling like removing them since I only had these in there
+        for a version of kerberised login.  Anyway, this was pointed out
+        by Theo de Raadt <deraadt@cvs.openbsd.org>
+        The 'n' bit ofb code was wrong, it was not shifting the shift
+        register. It worked correctly for n == 64.  Thanks to
+        Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
+
+Version 4.02
+        I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
+        when checking for weak keys which is wrong :-(, pointed out by
+        Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+        Even faster inner loop in the DES assembler for x86 and a modification
+        for IP/FP which is faster on x86.  Both of these changes are
+        from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
+        changes make the assembler run %40 faster on a pentium.  This is just
+        a case of getting the instruction sequence 'just right'.
+        All credit to 'Svend' :-)
+        Quite a few special x86 'make' targets.
+        A libdes-l (lite) distribution.
+
+Version 4.00
+        After a bit of a pause, I'll up the major version number since this
+        is mostly a performace release.  I've added x86 assembler and
+        added more options for performance.  A %28 speedup for gcc 
+        on a pentium and the assembler is a %50 speedup.
+        MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+        Run des_opts to work out which options should be used.
+        DES_RISC1/DES_RISC2 use alternative inner loops which use
+        more registers but should give speedups on any CPU that does
+        dual issue (pentium).  DES_UNROLL unrolls the inner loop,
+        which costs in code size.
+
+Version 3.26
+        I've finally removed one of the shifts in D_ENCRYPT.  This
+        meant I've changed the des_SPtrans table (spr.h), the set_key()
+        function and some things in des_enc.c.  This has definitly
+        made things faster :-).  I've known about this one for some
+        time but I've been too lazy to follow it up :-).
+        Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+        instead of L^=((..)|(..)|(..)..  This should save a register at
+        least.
+        Assember for x86.  The file to replace is des_enc.c, which is replaced
+        by one of the assembler files found in asm.  Look at des/asm/readme
+        for more info.
+
+        /* Modification to fcrypt so it can be compiled to support
+        HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+        Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+        SIGWINCH case put in des_read_passwd() so the function does not
+        'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+        Modified read_pwd.c so that stdin can be read if not a tty.
+        Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+        des_init_random_number_generator() shortened due to VMS linker
+        limits.
+        Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
+        8 byte quantites xored before and after encryption.
+        des_xcbc_encryption() - the name is funny to preserve the des_
+        prefix on all functions.
+
+Version 3.24 20/04/96
+        The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+        Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
+        it gives a %20 speedup :-)
+        Fixed the problem with des.pl under perl5.  The patches were
+        sent by Ed Kubaitis (ejk@uiuc.edu).
+        if fcrypt.c, changed values to handle illegal salt values the way
+        normal crypt() implementations do.  Some programs apparently use
+        them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+        Bug in des(1), an error with the uuencoding stuff when the
+        'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+        for the patch.
+
+Version 3.21 22/11/95
+        After some emailing back and forth with 
+        Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+        and in a future version I will probably put in some of the
+        optimisation he suggested for use with the DES_USE_PTR option.
+        Extra routines from Mark Murray <mark@grondar.za> for use in
+        freeBSD.  They mostly involve random number generation for use
+        with kerberos.  They involve evil machine specific system calls
+        etc so I would normally suggest pushing this stuff into the
+        application and/or using RAND_seed()/RAND_bytes() if you are
+        using this DES library as part of SSLeay.
+        Redone the read_pw() function so that it is cleaner and
+        supports termios, thanks to Sameer Parekh <sameer@c2.org>
+        for the initial patches for this.
+        Renamed 3ecb_encrypt() to ecb3_encrypt().  This has been
+         done just to make things more consistent.
+        I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+        Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+        my des_random_seed() function was only copying 4 bytes of the
+        passed seed into the init structure.  It is now fixed to copy 8.
+        My own suggestion is to used something like MD5 :-)
+
+Version 3.19 
+        While looking at my code one day, I though, why do I keep on
+        calling des_encrypt(in,out,ks,enc) when every function that
+        calls it has in and out the same.  So I dropped the 'out'
+        parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+        Fixed a few bit with the distribution and the filenames.
+        3.17 had been munged via a move to DOS and back again.
+        NO CODE CHANGES
+
+Version 3.17 14/07/95
+        Fixed ede3 cbc which I had broken in 3.16.  I have also
+        removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+        Added des_encrypt2() which does not use IP/FP, used by triple
+        des routines.  Tweaked things a bit elsewhere. %13 speedup on
+        sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+        Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+        'normal' and copies the new iv value back over the top of the
+        passed parameter.
+        CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+        the iv.  THIS WILL BREAK EXISTING CODE, but since this function
+        only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+        I need to update the documentation.
+
+Version 3.14 31/05/95
+        New release upon the world, as part of my SSL implementation.
+        New copyright and usage stuff.  Basically free for all to use
+        as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+        A fix in speed.c, if HZ is not defined, I set it to 100.0
+        which is reasonable for most unixes except SunOS 4.x.
+        I now have a #ifdef sun but timing for SunOS 4.x looked very
+        good :-(.  At my last job where I used SunOS 4.x, it was
+        defined to be 60.0 (look at the old INSTALL documentation), at
+        the last release had it changed to 100.0 since I now work with
+        Solaris2 and SVR4 boxes.
+        Thanks to  Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+        one out.
+
+Version 3.12 08/05/95
+        As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+        my D_ENCRYPT macro in crypt() had an un-necessary variable.
+        It has been removed.
+
+Version 3.11 03/05/95
+        Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+        and one iv.  It is a standard and I needed it for my SSL code.
+        It makes more sense to use this for triple DES than
+        3cbc_encrypt().  I have also added (or should I say tested :-)
+        cfb64_encrypt() which is cfb64 but it will encrypt a partial
+        number of bytes - 3 bytes in 3 bytes out.  Again this is for
+        my SSL library, as a form of encryption to use with SSL
+        telnet.
+
+Version 3.10 22/03/95
+        Fixed a bug in 3cbc_encrypt() :-(.  When making repeated calls
+        to cbc3_encrypt, the 2 iv values that were being returned to
+        be used in the next call were reversed :-(.
+        Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+        this error.
+
+Version 3.09 01/02/95
+        Fixed des_random_key to far more random, it was rather feeble
+        with regards to picking the initial seed.  The problem was
+        pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+        Added Makefile.PL so libdes can be built into perl5.
+        Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+        Added GNUmake and stuff so the library can be build with
+        glibc.
+
+Version 3.06 30/08/94
+        Added rpc_enc.c which contains _des_crypt.  This is for use in
+        secure_rpc v 4.0
+        Finally fixed the cfb_enc problems.
+        Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+        to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+        for unsigned long l; gcc does not produce ((l>>34) == 0)
+        This causes bugs in cfb_enc.
+        Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+        Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+        Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+        I now work in a place where there are 6+ architectures and 14+
+        OS versions :-).
+        Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+        Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+        Fixed up documentation.
+        quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+        Triple DES now defaults to triple cbc but can do triple ecb
+         with the -b flag.
+        Fixed some MSDOS uuen/uudecoding problems, thanks to
+        Added prototypes.
+        
+Version 2.22 29/06/93
+        Fixed a bug in des_is_weak_key() which stopped it working :-(
+        thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+        des(1) with no arguments gives quite a bit of help.
+        Added -c (generate ckecksum) flag to des(1).
+        Added -3 (triple DES) flag to des(1).
+        Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+        Added -u (uuencode) flag to des(1).
+        I have been playing with byte order in quad_cksum to make it
+         compatible with MIT's version.  All I can say is avid this
+         function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+        Added MSDOS specific macro in ecb_encrypt which gives a %70
+         speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+        Speedup in set_key (recoding of PC-1)
+         I now do it in 47 simple operations, down from 60.
+         Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+         for motivating me to look for a faster system :-)
+         The speedup is probably less that 1% but it is still 13
+         instructions less :-).
+
+Version 2.10 06/10/92
+        The code now works on the 64bit ETA10 and CRAY without modifications or
+         #defines.  I believe the code should work on any machine that
+         defines long, int or short to be 8 bytes long.
+        Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+         for helping me fix the code to run on 64bit machines (he had
+         access to an ETA10).
+        Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+         for testing the routines on a CRAY.
+        read_password.c has been renamed to read_passwd.c
+        string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+        Made mods so that the library should work on 64bit CPU's.
+        Removed all my uchar and ulong defs.  To many different
+         versions of unix define them in their header files in too many
+         different combinations :-)
+        IRIX - Sillicon Graphics mods (mostly in read_password.c).
+         Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+        Fixed a bug or 2 in enc_read.c
+        Fixed a bug in enc_write.c
+        Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+        Support for the ETA10.  This is a strange machine that defines
+        longs and ints as 8 bytes and shorts as 4 bytes.
+        Since I do evil things with long * that assume that they are 4
+        bytes.  Look in the Makefile for the option to compile for
+        this machine.  quad_cksum appears to have problems but I
+        will don't have the time to fix it right now, and this is not
+        a function that uses DES and so will not effect the main uses
+        of the library.
+
+Version 1.97 20/05/92 eay
+        Fixed the Imakefile and made some changes to des.h to fix some
+        problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+        Fixed a small bug in string_to_key() where problems could
+        occur if des_check_key was set to true and the string
+        generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+        Added an alternative version of the D_ENCRYPT macro in
+        ecb_encrypt and fcrypt.  Depending on the compiler, one version or the
+        other will be faster.  This was inspired by 
+        Dana How <how@isl.stanford.edu>, and her pointers about doing the
+        *(ulong *)((uchar *)ptr+(value&0xfc))
+        vs
+        ptr[value&0x3f]
+        to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+        Fixed an incompatibility between my string_to_key and the MIT
+         version.  When the key is longer than 8 chars, I was wrapping
+         with a different method.  To use the old version, define
+         OLD_STR_TO_KEY in the makefile.  Thanks to
+         viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+        Fixed the VMS mods so that echo is now turned off in
+         read_password.  Thanks again to brennan@coco.cchs.su.oz.AU.
+        MSDOS support added.  The routines can be compiled with
+         Turbo C (v2.0) and MSC (v5.1).  Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+        Changed D_ENCRYPT so that the rotation of R occurs outside of
+         the loop.  This required rotating all the longs in sp.h (now
+         called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+        speed.c has been changed so it will work without SIGALRM.  If
+         times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+        Added -E/-D options to des(1) so it can use string_to_key.
+        Added SVR4 mods suggested by witr@rwwa.COM
+        Added VMS mods suggested by brennan@coco.cchs.su.oz.AU.  If
+        anyone knows how to turn of tty echo in VMS please tell me or
+        implement it yourself :-).
+        Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+        does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+        Now contains a fast small crypt replacement.
+        Added des(1) command.
+        Added des_rw_mode so people can use cbc encryption with
+        enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+        Bug in cbc_cksum.
+        Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+        one out.
+
+Version 1.7 24/09/91 eay
+        Fixed set_key :-)
+        set_key is 4 times faster and takes less space.
+        There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+        Finally go IP and FP finished.
+        Now I need to fix set_key.
+        This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+        20% speedup in ecb_encrypt by changing the E bit selection
+        to use 2 32bit words.  This also required modification of the
+        sp table.  There is still a way to speedup the IP and IP-1
+        (hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+        Faster des_encrypt by loop unrolling
+        Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+        Optimised the code a bit more for the sparc.  I have improved the
+        speed of the inner des_encrypt by speeding up the initial and
+        final permutations.
+
+Version 1.40 23/10/1990 eay
+        Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30  2/10/1990 eay
+        Have made des_quad_cksum the same as MIT's, the full package
+        should be compatible with MIT's
+        Have tested on a DECstation 3100
+        Still need to fix des_set_key (make it faster).
+        Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+        Fixed byte order dependencies.
+        Fixed (I hope) all the word alignment problems.
+        Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+        Added des_enc_read and des_enc_write.
+        Still need to fix des_quad_cksum.
+        Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl
index b75d3c6b3a..60d577cc8d 100644
--- a/src/lib/libcrypto/des/asm/des-586.pl
+++ b/src/lib/libcrypto/des/asm/des-586.pl
@@ -22,10 +22,14 @@ $R="esi";
 &external_label("DES_SPtrans");
 &DES_encrypt("DES_encrypt1",1);
 &DES_encrypt("DES_encrypt2",0);
-&DES_encrypt3("DES_encrypt3",1);
-&DES_encrypt3("DES_decrypt3",0);
-&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
-&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+
+if (!$main'openbsd)
+        {
+        &DES_encrypt3("DES_encrypt3",1);
+        &DES_encrypt3("DES_decrypt3",0);
+        &cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
+        &cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+        }
 
 &asm_finish();
 
diff --git a/src/lib/libcrypto/des/asm/des686.pl b/src/lib/libcrypto/des/asm/des686.pl
new file mode 100644
index 0000000000..d3ad5d5edd
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/des686.pl
@@ -0,0 +1,230 @@
+#!/usr/local/bin/perl
+
+$prog="des686.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if (    ($ARGV[0] eq "elf"))
+        { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+        { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+        { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+        { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+        { require "x86ms.pl"; }
+else
+        {
+        print STDERR <<"EOF";
+Pick one target type from
+        elf     - linux, FreeBSD etc
+        a.out   - old linux
+        sol     - x86 solaris
+        cpp     - format so x86unix.cpp can be used
+        win32   - Windows 95/Windows NT
+EOF
+        exit(1);
+        }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&DES_encrypt("DES_encrypt1",1);
+&DES_encrypt("DES_encrypt2",0);
+
+&DES_encrypt3("DES_encrypt3",1);
+&DES_encrypt3("DES_decrypt3",0);
+
+&file_end();
+
+sub DES_encrypt
+        {
+        local($name,$do_ip)=@_;
+
+        &function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
+
+        &comment("");
+        &comment("Load the 2 words");
+        &mov("eax",&wparam(0));
+        &mov($L,&DWP(0,"eax","",0));
+        &mov($R,&DWP(4,"eax","",0));
+
+        $ksp=&wparam(1);
+
+        if ($do_ip)
+                {
+                &comment("");
+                &comment("IP");
+                &IP_new($L,$R,"eax");
+                }
+
+        &comment("");
+        &comment("fixup rotate");
+        &rotl($R,3);
+        &rotl($L,3);
+        &exch($L,$R);
+
+        &comment("");
+        &comment("load counter, key_schedule and enc flag");
+        &mov("eax",&wparam(2)); # get encrypt flag
+        &mov("ebp",&wparam(1)); # get ks
+        &cmp("eax","0");
+        &je(&label("start_decrypt"));
+
+        # encrypting part
+
+        for ($i=0; $i<16; $i+=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+
+                &comment("");
+                &comment("Round ".sprintf("%d",$i+1));
+                &D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+                }
+        &jmp(&label("end"));
+
+        &set_label("start_decrypt");
+
+        for ($i=15; $i>0; $i-=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+                &comment("");
+                &comment("Round ".sprintf("%d",$i-1));
+                &D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+                }
+
+        &set_label("end");
+
+        &comment("");
+        &comment("Fixup");
+        &rotr($L,3);            # r
+        &rotr($R,3);            # l
+
+        if ($do_ip)
+                {
+                &comment("");
+                &comment("FP");
+                &FP_new($R,$L,"eax");
+                }
+
+        &mov("eax",&wparam(0));
+        &mov(&DWP(0,"eax","",0),$L);
+        &mov(&DWP(4,"eax","",0),$R);
+
+        &function_end($name);
+        }
+
+
+# The logic is to load R into 2 registers and operate on both at the same time.
+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
+# while also masking the other copy and doing a lookup.  We then also accumulate the
+# L value in 2 registers then combine them at the end.
+sub D_ENCRYPT
+        {
+        local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
+
+        &mov(   $u,             &DWP(&n2a($S*4),$ks,"",0));
+        &mov(   $t,             &DWP(&n2a(($S+1)*4),$ks,"",0));
+        &xor(   $u,             $R              );
+        &xor(   $t,             $R              );
+        &rotr(  $t,             4               );
+
+        # the numbers at the end of the line are origional instruction order
+        &mov(   $tmp2,          $u              );                      # 1 2
+        &mov(   $tmp1,          $t              );                      # 1 1
+        &and(   $tmp2,          "0xfc"          );                      # 1 4
+        &and(   $tmp1,          "0xfc"          );                      # 1 3
+        &shr(   $t,             8               );                      # 1 5
+        &xor(   $L,             &DWP("0x100+$desSP",$tmp1,"",0));       # 1 7
+        &shr(   $u,             8               );                      # 1 6
+        &mov(   $tmp1,          &DWP("      $desSP",$tmp2,"",0));       # 1 8
+
+        &mov(   $tmp2,          $u              );                      # 2 2
+        &xor(   $L,             $tmp1           );                      # 1 9
+        &and(   $tmp2,          "0xfc"          );                      # 2 4
+        &mov(   $tmp1,          $t              );                      # 2 1
+        &and(   $tmp1,          "0xfc"          );                      # 2 3
+        &shr(   $t,             8               );                      # 2 5
+        &xor(   $L,             &DWP("0x300+$desSP",$tmp1,"",0));       # 2 7
+        &shr(   $u,             8               );                      # 2 6
+        &mov(   $tmp1,          &DWP("0x200+$desSP",$tmp2,"",0));       # 2 8
+        &mov(   $tmp2,          $u              );                      # 3 2
+
+        &xor(   $L,             $tmp1           );                      # 2 9
+        &and(   $tmp2,          "0xfc"          );                      # 3 4
+
+        &mov(   $tmp1,          $t              );                      # 3 1 
+        &shr(   $u,             8               );                      # 3 6
+        &and(   $tmp1,          "0xfc"          );                      # 3 3
+        &shr(   $t,             8               );                      # 3 5
+        &xor(   $L,             &DWP("0x500+$desSP",$tmp1,"",0));       # 3 7
+        &mov(   $tmp1,          &DWP("0x400+$desSP",$tmp2,"",0));       # 3 8
+
+        &and(   $t,             "0xfc"          );                      # 4 1
+        &xor(   $L,             $tmp1           );                      # 3 9
+
+        &and(   $u,             "0xfc"          );                      # 4 2
+        &xor(   $L,             &DWP("0x700+$desSP",$t,"",0));          # 4 3
+        &xor(   $L,             &DWP("0x600+$desSP",$u,"",0));          # 4 4
+        }
+
+sub PERM_OP
+        {
+        local($a,$b,$tt,$shift,$mask)=@_;
+
+        &mov(   $tt,            $a              );
+        &shr(   $tt,            $shift          );
+        &xor(   $tt,            $b              );
+        &and(   $tt,            $mask           );
+        &xor(   $b,             $tt             );
+        &shl(   $tt,            $shift          );
+        &xor(   $a,             $tt             );
+        }
+
+sub IP_new
+        {
+        local($l,$r,$tt)=@_;
+
+        &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+        &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+        &PERM_OP($r,$l,$tt, 2,"0x33333333");
+        &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+        &PERM_OP($r,$l,$tt, 1,"0x55555555");
+        }
+
+sub FP_new
+        {
+        local($l,$r,$tt)=@_;
+
+        &PERM_OP($l,$r,$tt, 1,"0x55555555");
+        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+        &PERM_OP($l,$r,$tt, 2,"0x33333333");
+        &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+        }
+
+sub n2a
+        {
+        sprintf("%d",$_[0]);
+        }
diff --git a/src/lib/libcrypto/des/asm/readme b/src/lib/libcrypto/des/asm/readme
new file mode 100644
index 0000000000..1beafe253b
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler.  It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right.  Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for.  So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c.  Replace the following
+4 functions
+des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules.   The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des.  The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft       Windows 95/Windows NT
+Elf             Includes Linux and FreeBSD(?).
+a.out           The older Linux.
+Solaris         Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type.  This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part.  I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things.  First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup.  This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor     eax,    eax                             # clear word
+movb    al,     cl                              # get low byte
+xor     edi     DWORD PTR 0x100+des_SP[eax]     # xor in word
+movb    al,     ch                              # get next byte
+xor     edi     DWORD PTR 0x300+des_SP[eax]     # xor in word
+shr     ecx     16
+which seems ok.  For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch.  When a full register is used after a partial write, eg.
+mov     al,     cl
+xor     edi,    DWORD PTR 0x100+des_SP[eax]
+386     - 1 cycle stall
+486     - 1 cycle stall
+586     - 0 cycle stall
+686     - at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov     eax,    ecx                             # copy word 
+shr     ecx,    8                               # line up next byte
+and     eax,    0fch                            # mask byte
+xor     edi     DWORD PTR 0x100+des_SP[eax]     # xor in array lookup
+mov     eax,    ecx                             # get word
+shr     ecx     8                               # line up next byte
+and     eax,    0fch                            # mask byte
+xor     edi     DWORD PTR 0x300+des_SP[eax]     # xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good.  This is the type of output
+Visual C++ generates.
+
+There is a third option.  instead of using
+mov     al,     ch
+which is bad on the pentium pro, one may be able to use
+movzx   eax,    ch
+which may not incur the partial write penalty.  On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while.  I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong.  The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums.  It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second.  He had a previous version at 250,000 and the best
+I was able to get was 203,000.  The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/src/lib/libcrypto/des/cbc3_enc.c b/src/lib/libcrypto/des/cbc3_enc.c
new file mode 100644
index 0000000000..b5db4e14f7
--- /dev/null
+++ b/src/lib/libcrypto/des/cbc3_enc.c
@@ -0,0 +1,99 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS! DON'T USE - this is only present for use in des.c */
+void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
+             DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock *iv1,
+             DES_cblock *iv2, int enc)
+        {
+        int off=((int)length-1)/8;
+        long l8=((length+7)/8)*8;
+        DES_cblock niv1,niv2;
+
+        if (enc == DES_ENCRYPT)
+                {
+                DES_cbc_encrypt((unsigned char*)input,
+                                (unsigned char*)output,length,&ks1,iv1,enc);
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv1,output[off],sizeof(DES_cblock));
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,l8,&ks2,iv1,!enc);
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,l8,&ks1,iv2,enc);
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv2,output[off],sizeof(DES_cblock));
+                }
+        else
+                {
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv2,input[off],sizeof(DES_cblock));
+                DES_cbc_encrypt((unsigned char*)input,
+                                (unsigned char*)output,l8,&ks1,iv2,enc);
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,l8,&ks2,iv1,!enc);
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv1,output[off],sizeof(DES_cblock));
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,length,&ks1,iv1,enc);
+                }
+        memcpy(*iv1,niv1,sizeof(DES_cblock));
+        memcpy(*iv2,niv2,sizeof(DES_cblock));
+        }
+
diff --git a/src/lib/libcrypto/des/des-lib.com b/src/lib/libcrypto/des/des-lib.com
new file mode 100644
index 0000000000..fc2c35a1ce
--- /dev/null
+++ b/src/lib/libcrypto/des/des-lib.com
@@ -0,0 +1,1003 @@
+$!
+$!  DES-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command files compiles and creates the 
+$!  "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" library.  The "xxx" denotes the machine 
+$!  architecture of AXP or VAX.
+$!
+$!  It was re-written to try to determine which "C" compiler to try to use
+$!  or the user can specify a compiler in P3.
+$!
+$!  Specify one of the following to build just that part, specify "ALL" to
+$!  just build everything.
+$!
+$!         ALL       To Just Build "Everything".
+$!         LIBRARY   To Just Build The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library.
+$!         DESTEST   To Just Build The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program.
+$!         SPEED     To Just Build The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program.
+$!         RPW       To Just Build The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program.
+$!         DES       To Just Build The [.xxx.EXE.CRYPTO.DES]DES.EXE Program.
+$!         DES_OPTS  To Just Build The [.xxx.EXE.CRYPTO.DES]DES_OPTS.EXE Program.
+$!
+$!  Specify either DEBUG or NODEBUG as P2 to compile with or without
+$!  debugging information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!         VAXC  For VAX C.
+$!         DECC  For DEC C.
+$!         GNUC  For GNU C.
+$!
+$!  If you don't speficy a compiler, it will try to determine which
+$!  "C" compiler to try to use.
+$!
+$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$! Make sure we know what architecture we run on.
+$!
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").GE.128)
+$ THEN
+$!
+$!  The Architecture Is AXP.
+$!
+$   ARCH := AXP
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH := VAX
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
+$! Define The OBJ Directory Name.
+$!
+$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The EXE Directory Name.
+$!
+$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ LIB_NAME := 'EXE_DIR'LIBDES.OLB
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDALL.EQS."TRUE")
+$ THEN
+$!
+$!  Since Nothing Special Was Specified, Do Everything.
+$!
+$   GOSUB LIBRARY
+$   GOSUB DESTEST
+$   GOSUB SPEED
+$   GOSUB RPW
+$   GOSUB DES
+$   GOSUB DES_OPTS
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!    Build Just What The User Wants Us To Build.
+$!
+$     GOSUB 'BUILDALL'
+$!
+$! End The BUILDALL Check.
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$ LIBRARY:
+$!
+$! Tell The User That We Are Compiling.
+$!
+$ WRITE SYS$OUTPUT "Compiling The ",LIB_NAME," Files."
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" Library...
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'LIB_NAME'
+$!
+$! End The Library Exist Check.
+$!
+$ ENDIF
+$!
+$! Define The DES Library Files.
+$!
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
+                "ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
+                "enc_read,enc_writ,ofb64enc,"+ -
+                "ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
+                "des_enc,fcrypt_b,read2pwd,"+ -
+                "fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp"
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",LIB_DES)
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$!  Tell The User We Are Compiling The Source File.
+$!
+$ WRITE SYS$OUTPUT "    ",FILE_NAME,".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + "." + ARCH + "OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The File Exists Check.
+$!
+$ ENDIF
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$!
+$! Add It To The Library.
+$!
+$ LIBRARY/REPLACE/OBJECT 'LIB_NAME' 'OBJECT_FILE'
+$!
+$! Time To Clean Up The Object File.
+$!
+$ DELETE 'OBJECT_FILE';*
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "Library ",LIB_NAME," Built."
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DESTEST Program.
+$!
+$ DESTEST:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DESTEST.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DESTEST.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DESTEST.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DESTEST.EXE"
+$!
+$! Compile The DESTEST Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DESTEST.OBJ SYS$DISK:[]DESTEST.C
+$!
+$! Link The DESTEST Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DESTEST.EXE -
+      'OBJ_DIR'DESTEST.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The SPEED Program.
+$!
+$ SPEED:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]SPEED.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File SPEED.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The SPEED.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"SPEED.EXE"
+$!
+$! Compile The SPEED Program.
+$!
+$ CC/OBJECT='OBJ_DIR'SPEED.OBJ SYS$DISK:[]SPEED.C
+$!
+$! Link The SPEED Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'SPEED.EXE -
+      'OBJ_DIR'SPEED.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The RPW Program.
+$!
+$ RPW:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]RPW.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File RPW.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The RPW.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"RPW.EXE"
+$!
+$! Compile The RPW Program.
+$!
+$ CC/OBJECT='OBJ_DIR'RPW.OBJ SYS$DISK:[]RPW.C
+$!
+$! Link The RPW Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'RPW.EXE -
+      'OBJ_DIR'RPW.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES Program.
+$!
+$ DES:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES.EXE"
+$!
+$! Compile The DES Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]DES.C
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]CBC3_ENC.C
+$!
+$! Link The DES Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES.EXE -
+      'OBJ_DIR'DES.OBJ,'OBJ_DIR'CBC3_ENC.OBJ,-
+      'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES_OPTS Program.
+$!
+$ DES_OPTS:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES_OPTS.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES_OPTS.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES_OPTS.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES_OPTS.EXE"
+$!
+$! Compile The DES_OPTS Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES_OPTS.OBJ SYS$DISK:[]DES_OPTS.C
+$!
+$! Link The DES_OPTS Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES_OPTS.EXE -
+      'OBJ_DIR'DES_OPTS.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!
+$     IF (F$GETSYI("CPU").LT.128)
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The AXP Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For AXP To Link Agianst 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The VAX/AXP DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."     
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Library Check.
+$!
+$ LIB_CHECK:
+$!
+$!  Look For The Library LIBDES.OLB.
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$!    Tell The User We Can't Find The [.xxx.CRYPTO.DES]LIBDES.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",LIB_NAME,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!    Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If We Are To "Just Build Everything".
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is "ALL", So Build Everything.
+$!
+$    BUILDALL = "TRUE"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Arguement.
+$!
+$   IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") -
+       .OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS")
+$   THEN
+$!
+$!    A Valid Arguement.
+$!
+$     BUILDALL = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything.
+$     WRITE SYS$OUTPUT "    LIBRARY  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library."
+$     WRITE SYS$OUTPUT "    DESTEST  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program."
+$     WRITE SYS$OUTPUT "    SPEED    :  To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program."
+$     WRITE SYS$OUTPUT "    RPW      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program."
+$     WRITE SYS$OUTPUT "    DES      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DES.EXE Program."
+$     WRITE SYS$OUTPUT "    DES_OPTS :  To Compile Just The [.xxx.EXE.CRYTPO.DES]DES_OPTS.EXE Program."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For: "
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Are To Compile Without Debugger Information.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!   P2 Is Blank, So Compile Without Debugger Information.
+$!
+$    DEBUGGER  = "NODEBUG"
+$    TRACEBACK = "NOTRACEBACK" 
+$    GCC_OPTIMIZE = "OPTIMIZE"
+$    CC_OPTIMIZE = "OPTIMIZE"
+$    WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$    WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later.
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN := ""
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = ""
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = ""
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+        CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
+$!
+$!  Check To See If The User Entered A Valid Paramter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+         THEN CC = "CC/DECC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
+           "/NOLIST/PREFIX=ALL" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."AXP"
+$     THEN
+$       WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$       EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c
new file mode 100644
index 0000000000..343135ff9e
--- /dev/null
+++ b/src/lib/libcrypto/des/des.c
@@ -0,0 +1,932 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_SYS_MSDOS
+#ifndef OPENSSL_SYS_VMS
+#include OPENSSL_UNISTD
+#else /* OPENSSL_SYS_VMS */
+#ifdef __DECC
+#include <unistd.h>
+#else /* not __DECC */
+#include <math.h>
+#endif /* __DECC */
+#endif /* OPENSSL_SYS_VMS */
+#else /* OPENSSL_SYS_MSDOS */
+#include <io.h>
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef OPENSSL_SYS_VMS
+#include <types.h>
+#include <stat.h>
+#else
+#ifndef _IRIX
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+#include <openssl/des.h>
+#include <openssl/rand.h>
+#include <openssl/ui_compat.h>
+
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
+int uuencode(unsigned char *in,int num,unsigned char *out);
+int uudecode(unsigned char *in,int num,unsigned char *out);
+void DES_3cbc_encrypt(DES_cblock *input,DES_cblock *output,long length,
+        DES_key_schedule sk1,DES_key_schedule sk2,
+        DES_cblock *ivec1,DES_cblock *ivec2,int enc);
+#ifdef OPENSSL_SYS_VMS
+#define EXIT(a) exit(a&0x10000000L)
+#else
+#define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY  1
+#define KEYSIZ  8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB+1];
+int do_encrypt,longk=0;
+FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum=0;
+#define INUUBUFN        (45*100)
+#define OUTUUBUF        (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+DES_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+char cksumname[200]="";
+
+int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
+
+int main(int argc, char **argv)
+        {
+        int i;
+        struct stat ins,outs;
+        char *p;
+        char *in=NULL,*out=NULL;
+
+        vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
+        error=0;
+        memset(key,0,sizeof(key));
+
+        for (i=1; i<argc; i++)
+                {
+                p=argv[i];
+                if ((p[0] == '-') && (p[1] != '\0'))
+                        {
+                        p++;
+                        while (*p)
+                                {
+                                switch (*(p++))
+                                        {
+                                case '3':
+                                        flag3=1;
+                                        longk=1;
+                                        break;
+                                case 'c':
+                                        cflag=1;
+                                        strncpy(cksumname,p,200);
+                                        cksumname[sizeof(cksumname)-1]='\0';
+                                        p+=strlen(cksumname);
+                                        break;
+                                case 'C':
+                                        cflag=1;
+                                        longk=1;
+                                        strncpy(cksumname,p,200);
+                                        cksumname[sizeof(cksumname)-1]='\0';
+                                        p+=strlen(cksumname);
+                                        break;
+                                case 'e':
+                                        eflag=1;
+                                        break;
+                                case 'v':
+                                        vflag=1;
+                                        break;
+                                case 'E':
+                                        eflag=1;
+                                        longk=1;
+                                        break;
+                                case 'd':
+                                        dflag=1;
+                                        break;
+                                case 'D':
+                                        dflag=1;
+                                        longk=1;
+                                        break;
+                                case 'b':
+                                        bflag=1;
+                                        break;
+                                case 'f':
+                                        fflag=1;
+                                        break;
+                                case 's':
+                                        sflag=1;
+                                        break;
+                                case 'u':
+                                        uflag=1;
+                                        strncpy(uuname,p,200);
+                                        uuname[sizeof(uuname)-1]='\0';
+                                        p+=strlen(uuname);
+                                        break;
+                                case 'h':
+                                        hflag=1;
+                                        break;
+                                case 'k':
+                                        kflag=1;
+                                        if ((i+1) == argc)
+                                                {
+                                                fputs("must have a key with the -k option\n",stderr);
+                                                error=1;
+                                                }
+                                        else
+                                                {
+                                                int j;
+
+                                                i++;
+                                                strncpy(key,argv[i],KEYSIZB);
+                                                for (j=strlen(argv[i])-1; j>=0; j--)
+                                                        argv[i][j]='\0';
+                                                }
+                                        break;
+                                default:
+                                        fprintf(stderr,"'%c' unknown flag\n",p[-1]);
+                                        error=1;
+                                        break;
+                                        }
+                                }
+                        }
+                else
+                        {
+                        if (in == NULL)
+                                in=argv[i];
+                        else if (out == NULL)
+                                out=argv[i];
+                        else
+                                error=1;
+                        }
+                }
+        if (error) usage();
+        /* We either
+         * do checksum or
+         * do encrypt or
+         * do decrypt or
+         * do decrypt then ckecksum or
+         * do checksum then encrypt
+         */
+        if (((eflag+dflag) == 1) || cflag)
+                {
+                if (eflag) do_encrypt=DES_ENCRYPT;
+                if (dflag) do_encrypt=DES_DECRYPT;
+                }
+        else
+                {
+                if (vflag) 
+                        {
+#ifndef _Windows                        
+                        fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif                  
+                        EXIT(1);
+                        }
+                else usage();
+                }
+
+#ifndef _Windows                        
+        if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif                  
+        if (    (in != NULL) &&
+                (out != NULL) &&
+#ifndef OPENSSL_SYS_MSDOS
+                (stat(in,&ins) != -1) &&
+                (stat(out,&outs) != -1) &&
+                (ins.st_dev == outs.st_dev) &&
+                (ins.st_ino == outs.st_ino))
+#else /* OPENSSL_SYS_MSDOS */
+                (strcmp(in,out) == 0))
+#endif
+                        {
+                        fputs("input and output file are the same\n",stderr);
+                        EXIT(3);
+                        }
+
+        if (!kflag)
+                if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
+                        {
+                        fputs("password error\n",stderr);
+                        EXIT(2);
+                        }
+
+        if (in == NULL)
+                DES_IN=stdin;
+        else if ((DES_IN=fopen(in,"r")) == NULL)
+                {
+                perror("opening input file");
+                EXIT(4);
+                }
+
+        CKSUM_OUT=stdout;
+        if (out == NULL)
+                {
+                DES_OUT=stdout;
+                CKSUM_OUT=stderr;
+                }
+        else if ((DES_OUT=fopen(out,"w")) == NULL)
+                {
+                perror("opening output file");
+                EXIT(5);
+                }
+
+#ifdef OPENSSL_SYS_MSDOS
+        /* This should set the file to binary mode. */
+        {
+#include <fcntl.h>
+        if (!(uflag && dflag))
+                setmode(fileno(DES_IN),O_BINARY);
+        if (!(uflag && eflag))
+                setmode(fileno(DES_OUT),O_BINARY);
+        }
+#endif
+
+        doencryption();
+        fclose(DES_IN);
+        fclose(DES_OUT);
+        EXIT(0);
+        }
+
+void usage(void)
+        {
+        char **u;
+        static const char *Usage[]={
+"des <options> [input-file [output-file]]",
+"options:",
+"-v         : des(1) version number",
+"-e         : encrypt using SunOS compatible user key to DES key conversion.",
+"-E         : encrypt ",
+"-d         : decrypt using SunOS compatible user key to DES key conversion.",
+"-D         : decrypt ",
+"-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
+"             DES key conversion and output to ckname (stdout default,",
+"             stderr if data being output on stdout).  The checksum is",
+"             generated before encryption and after decryption if used",
+"             in conjunction with -[eEdD].",
+"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+"-k key     : use key 'key'",
+"-h         : the key that is entered will be a hexadecimal number",
+"             that is used directly as the des key",
+"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+"             (uuname is the filename to put in the uuencode header).",
+"-b         : encrypt using DES in ecb encryption mode, the default is cbc mode.",
+"-3         : encrypt using triple DES encryption.  This uses 2 keys",
+"             generated from the input key.  If the input key is less",
+"             than 8 characters long, this is equivalent to normal",
+"             encryption.  Default is triple cbc, -b makes it triple ecb.",
+NULL
+};
+        for (u=(char **)Usage; *u; u++)
+                {
+                fputs(*u,stderr);
+                fputc('\n',stderr);
+                }
+
+        EXIT(1);
+        }
+
+void doencryption(void)
+        {
+#ifdef _LIBC
+        extern unsigned long time();
+#endif
+
+        register int i;
+        DES_key_schedule ks,ks2;
+        DES_cblock iv,iv2;
+        char *p;
+        int num=0,j,k,l,rem,ll,len,last,ex=0;
+        DES_cblock kk,k2;
+        FILE *O;
+        int Exit=0;
+#ifndef OPENSSL_SYS_MSDOS
+        static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
+#else
+        static unsigned char *buf=NULL,*obuf=NULL;
+
+        if (buf == NULL)
+                {
+                if (    (( buf=OPENSSL_malloc(BUFSIZE+8)) == NULL) ||
+                        ((obuf=OPENSSL_malloc(BUFSIZE+8)) == NULL))
+                        {
+                        fputs("Not enough memory\n",stderr);
+                        Exit=10;
+                        goto problems;
+                        }
+                }
+#endif
+
+        if (hflag)
+                {
+                j=(flag3?16:8);
+                p=key;
+                for (i=0; i<j; i++)
+                        {
+                        k=0;
+                        if ((*p <= '9') && (*p >= '0'))
+                                k=(*p-'0')<<4;
+                        else if ((*p <= 'f') && (*p >= 'a'))
+                                k=(*p-'a'+10)<<4;
+                        else if ((*p <= 'F') && (*p >= 'A'))
+                                k=(*p-'A'+10)<<4;
+                        else
+                                {
+                                fputs("Bad hex key\n",stderr);
+                                Exit=9;
+                                goto problems;
+                                }
+                        p++;
+                        if ((*p <= '9') && (*p >= '0'))
+                                k|=(*p-'0');
+                        else if ((*p <= 'f') && (*p >= 'a'))
+                                k|=(*p-'a'+10);
+                        else if ((*p <= 'F') && (*p >= 'A'))
+                                k|=(*p-'A'+10);
+                        else
+                                {
+                                fputs("Bad hex key\n",stderr);
+                                Exit=9;
+                                goto problems;
+                                }
+                        p++;
+                        if (i < 8)
+                                kk[i]=k;
+                        else
+                                k2[i-8]=k;
+                        }
+                DES_set_key_unchecked(&k2,&ks2);
+                OPENSSL_cleanse(k2,sizeof(k2));
+                }
+        else if (longk || flag3)
+                {
+                if (flag3)
+                        {
+                        DES_string_to_2keys(key,&kk,&k2);
+                        DES_set_key_unchecked(&k2,&ks2);
+                        OPENSSL_cleanse(k2,sizeof(k2));
+                        }
+                else
+                        DES_string_to_key(key,&kk);
+                }
+        else
+                for (i=0; i<KEYSIZ; i++)
+                        {
+                        l=0;
+                        k=key[i];
+                        for (j=0; j<8; j++)
+                                {
+                                if (k&1) l++;
+                                k>>=1;
+                                }
+                        if (l & 1)
+                                kk[i]=key[i]&0x7f;
+                        else
+                                kk[i]=key[i]|0x80;
+                        }
+
+        DES_set_key_unchecked(&kk,&ks);
+        OPENSSL_cleanse(key,sizeof(key));
+        OPENSSL_cleanse(kk,sizeof(kk));
+        /* woops - A bug that does not showup under unix :-( */
+        memset(iv,0,sizeof(iv));
+        memset(iv2,0,sizeof(iv2));
+
+        l=1;
+        rem=0;
+        /* first read */
+        if (eflag || (!dflag && cflag))
+                {
+                for (;;)
+                        {
+                        num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+                        l+=rem;
+                        num+=rem;
+                        if (l < 0)
+                                {
+                                perror("read error");
+                                Exit=6;
+                                goto problems;
+                                }
+
+                        rem=l%8;
+                        len=l-rem;
+                        if (feof(DES_IN))
+                                {
+                                for (i=7-rem; i>0; i--)
+                                        RAND_pseudo_bytes(buf + l++, 1);
+                                buf[l++]=rem;
+                                ex=1;
+                                len+=rem;
+                                }
+                        else
+                                l-=rem;
+
+                        if (cflag)
+                                {
+                                DES_cbc_cksum(buf,&cksum,
+                                        (long)len,&ks,&cksum);
+                                if (!eflag)
+                                        {
+                                        if (feof(DES_IN)) break;
+                                        else continue;
+                                        }
+                                }
+
+                        if (bflag && !flag3)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,do_encrypt);
+                        else if (flag3 && bflag)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb2_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,&ks2,do_encrypt);
+                        else if (flag3 && !bflag)
+                                {
+                                char tmpbuf[8];
+
+                                if (rem) memcpy(tmpbuf,&(buf[l]),
+                                        (unsigned int)rem);
+                                DES_3cbc_encrypt(
+                                        (DES_cblock *)buf,(DES_cblock *)obuf,
+                                        (long)l,ks,ks2,&iv,
+                                        &iv2,do_encrypt);
+                                if (rem) memcpy(&(buf[l]),tmpbuf,
+                                        (unsigned int)rem);
+                                }
+                        else
+                                {
+                                DES_cbc_encrypt(
+                                        buf,obuf,
+                                        (long)l,&ks,&iv,do_encrypt);
+                                if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
+                                }
+                        if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
+
+                        i=0;
+                        while (i < l)
+                                {
+                                if (uflag)
+                                        j=uufwrite(obuf,1,(unsigned int)l-i,
+                                                DES_OUT);
+                                else
+                                        j=fwrite(obuf,1,(unsigned int)l-i,
+                                                DES_OUT);
+                                if (j == -1)
+                                        {
+                                        perror("Write error");
+                                        Exit=7;
+                                        goto problems;
+                                        }
+                                i+=j;
+                                }
+                        if (feof(DES_IN))
+                                {
+                                if (uflag) uufwriteEnd(DES_OUT);
+                                break;
+                                }
+                        }
+                }
+        else /* decrypt */
+                {
+                ex=1;
+                for (;;)
+                        {
+                        if (ex) {
+                                if (uflag)
+                                        l=uufread(buf,1,BUFSIZE,DES_IN);
+                                else
+                                        l=fread(buf,1,BUFSIZE,DES_IN);
+                                ex=0;
+                                rem=l%8;
+                                l-=rem;
+                                }
+                        if (l < 0)
+                                {
+                                perror("read error");
+                                Exit=6;
+                                goto problems;
+                                }
+
+                        if (bflag && !flag3)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,do_encrypt);
+                        else if (flag3 && bflag)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb2_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,&ks2,do_encrypt);
+                        else if (flag3 && !bflag)
+                                {
+                                DES_3cbc_encrypt(
+                                        (DES_cblock *)buf,(DES_cblock *)obuf,
+                                        (long)l,ks,ks2,&iv,
+                                        &iv2,do_encrypt);
+                                }
+                        else
+                                {
+                                DES_cbc_encrypt(
+                                        buf,obuf,
+                                        (long)l,&ks,&iv,do_encrypt);
+                                if (l >= 8) memcpy(iv,&(buf[l-8]),8);
+                                }
+
+                        if (uflag)
+                                ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
+                        else
+                                ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+                        ll+=rem;
+                        rem=ll%8;
+                        ll-=rem;
+                        if (feof(DES_IN) && (ll == 0))
+                                {
+                                last=obuf[l-1];
+
+                                if ((last > 7) || (last < 0))
+                                        {
+                                        fputs("The file was not decrypted correctly.\n",
+                                                stderr);
+                                        Exit=8;
+                                        last=0;
+                                        }
+                                l=l-8+last;
+                                }
+                        i=0;
+                        if (cflag) DES_cbc_cksum(obuf,
+                                (DES_cblock *)cksum,(long)l/8*8,&ks,
+                                (DES_cblock *)cksum);
+                        while (i != l)
+                                {
+                                j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
+                                if (j == -1)
+                                        {
+                                        perror("Write error");
+                                        Exit=7;
+                                        goto problems;
+                                        }
+                                i+=j;
+                                }
+                        l=ll;
+                        if ((l == 0) && feof(DES_IN)) break;
+                        }
+                }
+        if (cflag)
+                {
+                l=0;
+                if (cksumname[0] != '\0')
+                        {
+                        if ((O=fopen(cksumname,"w")) != NULL)
+                                {
+                                CKSUM_OUT=O;
+                                l=1;
+                                }
+                        }
+                for (i=0; i<8; i++)
+                        fprintf(CKSUM_OUT,"%02X",cksum[i]);
+                fprintf(CKSUM_OUT,"\n");
+                if (l) fclose(CKSUM_OUT);
+                }
+problems:
+        OPENSSL_cleanse(buf,sizeof(buf));
+        OPENSSL_cleanse(obuf,sizeof(obuf));
+        OPENSSL_cleanse(&ks,sizeof(ks));
+        OPENSSL_cleanse(&ks2,sizeof(ks2));
+        OPENSSL_cleanse(iv,sizeof(iv));
+        OPENSSL_cleanse(iv2,sizeof(iv2));
+        OPENSSL_cleanse(kk,sizeof(kk));
+        OPENSSL_cleanse(k2,sizeof(k2));
+        OPENSSL_cleanse(uubuf,sizeof(uubuf));
+        OPENSSL_cleanse(b,sizeof(b));
+        OPENSSL_cleanse(bb,sizeof(bb));
+        OPENSSL_cleanse(cksum,sizeof(cksum));
+        if (Exit) EXIT(Exit);
+        }
+
+/*    We ignore this parameter but it should be > ~50 I believe    */
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
+        {
+        int i,j,left,rem,ret=num;
+        static int start=1;
+
+        if (start)
+                {
+                fprintf(fp,"begin 600 %s\n",
+                        (uuname[0] == '\0')?"text.d":uuname);
+                start=0;
+                }
+
+        if (uubufnum)
+                {
+                if (uubufnum+num < 45)
+                        {
+                        memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
+                        uubufnum+=num;
+                        return(num);
+                        }
+                else
+                        {
+                        i=45-uubufnum;
+                        memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
+                        j=uuencode((unsigned char *)uubuf,45,b);
+                        fwrite(b,1,(unsigned int)j,fp);
+                        uubufnum=0;
+                        data+=i;
+                        num-=i;
+                        }
+                }
+
+        for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
+                {
+                j=uuencode(&(data[i]),INUUBUFN,b);
+                fwrite(b,1,(unsigned int)j,fp);
+                }
+        rem=(num-i)%45;
+        left=(num-i-rem);
+        if (left)
+                {
+                j=uuencode(&(data[i]),left,b);
+                fwrite(b,1,(unsigned int)j,fp);
+                i+=left;
+                }
+        if (i != num)
+                {
+                memcpy(uubuf,&(data[i]),(unsigned int)rem);
+                uubufnum=rem;
+                }
+        return(ret);
+        }
+
+void uufwriteEnd(FILE *fp)
+        {
+        int j;
+        static const char *end=" \nend\n";
+
+        if (uubufnum != 0)
+                {
+                uubuf[uubufnum]='\0';
+                uubuf[uubufnum+1]='\0';
+                uubuf[uubufnum+2]='\0';
+                j=uuencode(uubuf,uubufnum,b);
+                fwrite(b,1,(unsigned int)j,fp);
+                }
+        fwrite(end,1,strlen(end),fp);
+        }
+
+/* int size:  should always be > ~ 60; I actually ignore this parameter :-)    */
+int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
+        {
+        int i,j,tot;
+        static int done=0;
+        static int valid=0;
+        static int start=1;
+
+        if (start)
+                {
+                for (;;)
+                        {
+                        b[0]='\0';
+                        fgets((char *)b,300,fp);
+                        if (b[0] == '\0')
+                                {
+                                fprintf(stderr,"no 'begin' found in uuencoded input\n");
+                                return(-1);
+                                }
+                        if (strncmp((char *)b,"begin ",6) == 0) break;
+                        }
+                start=0;
+                }
+        if (done) return(0);
+        tot=0;
+        if (valid)
+                {
+                memcpy(out,bb,(unsigned int)valid);
+                tot=valid;
+                valid=0;
+                }
+        for (;;)
+                {
+                b[0]='\0';
+                fgets((char *)b,300,fp);
+                if (b[0] == '\0') break;
+                i=strlen((char *)b);
+                if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
+                        {
+                        done=1;
+                        while (!feof(fp))
+                                {
+                                fgets((char *)b,300,fp);
+                                }
+                        break;
+                        }
+                i=uudecode(b,i,bb);
+                if (i < 0) break;
+                if ((i+tot+8) > num)
+                        {
+                        /* num to copy to make it a multiple of 8 */
+                        j=(num/8*8)-tot-8;
+                        memcpy(&(out[tot]),bb,(unsigned int)j);
+                        tot+=j;
+                        memcpy(bb,&(bb[j]),(unsigned int)i-j);
+                        valid=i-j;
+                        break;
+                        }
+                memcpy(&(out[tot]),bb,(unsigned int)i);
+                tot+=i;
+                }
+        return(tot);
+        }
+
+#define ccc2l(c,l)      (l =((DES_LONG)(*((c)++)))<<16, \
+                         l|=((DES_LONG)(*((c)++)))<< 8, \
+                         l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c)      (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                    *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                    *((c)++)=(unsigned char)(((l)    )&0xff))
+
+
+int uuencode(unsigned char *in, int num, unsigned char *out)
+        {
+        int j,i,n,tot=0;
+        DES_LONG l;
+        register unsigned char *p;
+        p=out;
+
+        for (j=0; j<num; j+=45)
+                {
+                if (j+45 > num)
+                        i=(num-j);
+                else    i=45;
+                *(p++)=i+' ';
+                for (n=0; n<i; n+=3)
+                        {
+                        ccc2l(in,l);
+                        *(p++)=((l>>18)&0x3f)+' ';
+                        *(p++)=((l>>12)&0x3f)+' ';
+                        *(p++)=((l>> 6)&0x3f)+' ';
+                        *(p++)=((l    )&0x3f)+' ';
+                        tot+=4;
+                        }
+                *(p++)='\n';
+                tot+=2;
+                }
+        *p='\0';
+        l=0;
+        return(tot);
+        }
+
+int uudecode(unsigned char *in, int num, unsigned char *out)
+        {
+        int j,i,k;
+        unsigned int n=0,space=0;
+        DES_LONG l;
+        DES_LONG w,x,y,z;
+        unsigned int blank=(unsigned int)'\n'-' ';
+
+        for (j=0; j<num; )
+                {
+                n= *(in++)-' ';
+                if (n == blank)
+                        {
+                        n=0;
+                        in--;
+                        }
+                if (n > 60)
+                        {
+                        fprintf(stderr,"uuencoded line length too long\n");
+                        return(-1);
+                        }
+                j++;
+
+                for (i=0; i<n; j+=4,i+=3)
+                        {
+                        /* the following is for cases where spaces are
+                         * removed from lines.
+                         */
+                        if (space)
+                                {
+                                w=x=y=z=0;
+                                }
+                        else
+                                {
+                                w= *(in++)-' ';
+                                x= *(in++)-' ';
+                                y= *(in++)-' ';
+                                z= *(in++)-' ';
+                                }
+                        if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
+                                {
+                                k=0;
+                                if (w == blank) k=1;
+                                if (x == blank) k=2;
+                                if (y == blank) k=3;
+                                if (z == blank) k=4;
+                                space=1;
+                                switch (k) {
+                                case 1: w=0; in--;
+                                case 2: x=0; in--;
+                                case 3: y=0; in--;
+                                case 4: z=0; in--;
+                                        break;
+                                case 0:
+                                        space=0;
+                                        fprintf(stderr,"bad uuencoded data values\n");
+                                        w=x=y=z=0;
+                                        return(-1);
+                                        break;
+                                        }
+                                }
+                        l=(w<<18)|(x<<12)|(y<< 6)|(z    );
+                        l2ccc(l,out);
+                        }
+                if (*(in++) != '\n')
+                        {
+                        fprintf(stderr,"missing nl in uuencoded line\n");
+                        w=x=y=z=0;
+                        return(-1);
+                        }
+                j++;
+                }
+        *out='\0';
+        w=x=y=z=0;
+        return(n);
+        }
diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h
index c5df1c9c7b..81bd874edd 100644
--- a/src/lib/libcrypto/des/des.h
+++ b/src/lib/libcrypto/des/des.h
@@ -56,8 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef HEADER_NEW_DES_H
-#define HEADER_NEW_DES_H
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
 
 #ifdef OPENSSL_NO_DES
 #error DES is disabled.
@@ -71,6 +71,8 @@
 # define OPENSSL_EXTERN OPENSSL_EXPORT
 #endif
 
+#define des_SPtrans DES_SPtrans
+
 #ifdef  __cplusplus
 extern "C" {
 #endif
diff --git a/src/lib/libcrypto/des/des.pod b/src/lib/libcrypto/des/des.pod
new file mode 100644
index 0000000000..bf479e83d2
--- /dev/null
+++ b/src/lib/libcrypto/des/des.pod
@@ -0,0 +1,217 @@
+=pod
+
+=head1 NAME
+
+des - encrypt or decrypt data using Data Encryption Standard
+
+=head1 SYNOPSIS
+
+B<des>
+(
+B<-e>
+|
+B<-E>
+) | (
+B<-d>
+|
+B<-D>
+) | (
+B<->[B<cC>][B<ckname>]
+) |
+[
+B<-b3hfs>
+] [
+B<-k>
+I<key>
+]
+] [
+B<-u>[I<uuname>]
+[
+I<input-file>
+[
+I<output-file>
+] ]
+
+=head1 NOTE
+
+This page describes the B<des> stand-alone program, not the B<openssl des>
+command.
+
+=head1 DESCRIPTION
+
+B<des>
+encrypts and decrypts data using the
+Data Encryption Standard algorithm.
+One of
+B<-e>, B<-E>
+(for encrypt) or
+B<-d>, B<-D>
+(for decrypt) must be specified.
+It is also possible to use
+B<-c>
+or
+B<-C>
+in conjunction or instead of the a encrypt/decrypt option to generate
+a 16 character hexadecimal checksum, generated via the
+I<des_cbc_cksum>.
+
+Two standard encryption modes are supported by the
+B<des>
+program, Cipher Block Chaining (the default) and Electronic Code Book
+(specified with
+B<-b>).
+
+The key used for the DES
+algorithm is obtained by prompting the user unless the
+B<-k>
+I<key>
+option is given.
+If the key is an argument to the
+B<des>
+command, it is potentially visible to users executing
+ps(1)
+or a derivative.  To minimise this possibility,
+B<des>
+takes care to destroy the key argument immediately upon entry.
+If your shell keeps a history file be careful to make sure it is not
+world readable.
+
+Since this program attempts to maintain compatibility with sunOS's
+des(1) command, there are 2 different methods used to convert the user
+supplied key to a des key.
+Whenever and one or more of
+B<-E>, B<-D>, B<-C>
+or
+B<-3>
+options are used, the key conversion procedure will not be compatible
+with the sunOS des(1) version but will use all the user supplied
+character to generate the des key.
+B<des>
+command reads from standard input unless
+I<input-file>
+is specified and writes to standard output unless
+I<output-file>
+is given.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-b>
+
+Select ECB
+(eight bytes at a time) encryption mode.
+
+=item B<-3>
+
+Encrypt using triple encryption.
+By default triple cbc encryption is used but if the
+B<-b>
+option is used then triple ECB encryption is performed.
+If the key is less than 8 characters long, the flag has no effect.
+
+=item B<-e>
+
+Encrypt data using an 8 byte key in a manner compatible with sunOS
+des(1).
+
+=item B<-E>
+
+Encrypt data using a key of nearly unlimited length (1024 bytes).
+This will product a more secure encryption.
+
+=item B<-d>
+
+Decrypt data that was encrypted with the B<-e> option.
+
+=item B<-D>
+
+Decrypt data that was encrypted with the B<-E> option.
+
+=item B<-c>
+
+Generate a 16 character hexadecimal cbc checksum and output this to
+stderr.
+If a filename was specified after the
+B<-c>
+option, the checksum is output to that file.
+The checksum is generated using a key generated in a sunOS compatible
+manner.
+
+=item B<-C>
+
+A cbc checksum is generated in the same manner as described for the
+B<-c>
+option but the DES key is generated in the same manner as used for the
+B<-E>
+and
+B<-D>
+options
+
+=item B<-f>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-s>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-k> I<key>
+
+Use the encryption 
+I<key>
+specified.
+
+=item B<-h>
+
+The
+I<key>
+is assumed to be a 16 character hexadecimal number.
+If the
+B<-3>
+option is used the key is assumed to be a 32 character hexadecimal
+number.
+
+=item B<-u>
+
+This flag is used to read and write uuencoded files.  If decrypting,
+the input file is assumed to contain uuencoded, DES encrypted data.
+If encrypting, the characters following the B<-u> are used as the name of
+the uuencoded file to embed in the begin line of the uuencoded
+output.  If there is no name specified after the B<-u>, the name text.des
+will be embedded in the header.
+
+=head1 SEE ALSO
+
+ps(1),
+L<des_crypt(3)|des_crypt(3)>
+
+=head1 BUGS
+
+The problem with using the
+B<-e>
+option is the short key length.
+It would be better to use a real 56-bit key rather than an
+ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
+radically reduces the time necessary for a brute-force cryptographic attack.
+My attempt to remove this problem is to add an alternative text-key to
+DES-key function.  This alternative function (accessed via
+B<-E>, B<-D>, B<-S>
+and
+B<-3>)
+uses DES to help generate the key.
+
+Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
+not decrypt filename (the B<-u> option will gobble the B<-d> option).
+
+The VMS operating system operates in a world where files are always a
+multiple of 512 bytes.  This causes problems when encrypted data is
+send from Unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the B<-u> option
+to uuencode the data before it is send to the VMS system.
+
+=head1 AUTHOR
+
+Eric Young (eay@cryptsoft.com)
+
+=cut
diff --git a/src/lib/libcrypto/des/des3s.cpp b/src/lib/libcrypto/des/des3s.cpp
new file mode 100644
index 0000000000..02d527c057
--- /dev/null
+++ b/src/lib/libcrypto/des/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+               : "=eax" (tsc)
+               :
+               : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+        {
+        des_key_schedule key1,key2,key3;
+        unsigned long s1,s2,e1,e2;
+        unsigned long data[2];
+        int i,j;
+
+        for (j=0; j<6; j++)
+                {
+                for (i=0; i<1000; i++) /**/
+                        {
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        GetTSC(s1);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        GetTSC(e1);
+                        GetTSC(s2);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        GetTSC(e2);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        }
+
+                printf("des %d %d (%d)\n",
+                        e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+                }
+        }
+
diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c
index 72be2d98d7..6a49ec4a55 100644
--- a/src/lib/libcrypto/des/des_enc.c
+++ b/src/lib/libcrypto/des/des_enc.c
@@ -59,6 +59,7 @@
 #include "des_locl.h"
 
 #ifndef OPENSSL_FIPS
+#ifndef OPENBSD_DES_ASM
 
 void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
         {
@@ -248,6 +249,7 @@ void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
         data[1]=ROTATE(r,3)&0xffffffffL;
         l=r=t=u=0;
         }
+#endif
 
 void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
                   DES_key_schedule *ks2, DES_key_schedule *ks3)
diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h
index 8f04b18c50..e44e8e98b2 100644
--- a/src/lib/libcrypto/des/des_locl.h
+++ b/src/lib/libcrypto/des/des_locl.h
@@ -421,7 +421,7 @@
         PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
         }
 
-extern const DES_LONG DES_SPtrans[8][64];
+OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];
 
 void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
                  DES_LONG Eswap0, DES_LONG Eswap1);
diff --git a/src/lib/libcrypto/des/des_old.c b/src/lib/libcrypto/des/des_old.c
new file mode 100644
index 0000000000..88e9802aad
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old.c
@@ -0,0 +1,271 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with libdes.  OpenSSL now provides
+ * functions where "des_" has been replaced with "DES_" in the names,
+ * to make it possible to make incompatible changes that are needed
+ * for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+const char *_ossl_old_des_options(void)
+        {
+        return DES_options();
+        }
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        des_key_schedule ks1,des_key_schedule ks2,
+        des_key_schedule ks3, int enc)
+        {
+        DES_ecb3_encrypt((const unsigned char *)input, (unsigned char *)output,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, enc);
+        }
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
+        {
+        return DES_cbc_cksum((unsigned char *)input, output, length,
+                (DES_key_schedule *)schedule, ivec);
+        }
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,
+        _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc)
+        {
+        DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, inw, outw, enc);
+        }
+void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+        long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_cfb_encrypt(in, out, numbits, length,
+                (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        des_key_schedule ks,int enc)
+        {
+        DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt(DES_LONG *data,des_key_schedule ks, int enc)
+        {
+        DES_encrypt1(data, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc)
+        {
+        DES_encrypt2(data, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+        des_key_schedule ks2, des_key_schedule ks3)
+        {
+        DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3);
+        }
+void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+        des_key_schedule ks2, des_key_schedule ks3)
+        {
+        DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3);
+        }
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
+        long length, des_key_schedule ks1, des_key_schedule ks2, 
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc)
+        {
+        DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, enc);
+        }
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, des_key_schedule ks1, des_key_schedule ks2,
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc)
+        {
+        DES_ede3_cfb64_encrypt(in, out, length,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, num, enc);
+        }
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, des_key_schedule ks1, des_key_schedule ks2,
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num)
+        {
+        DES_ede3_ofb64_encrypt(in, out, length,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, num);
+        }
+
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
+        _ossl_old_des_cblock (*out_white))
+        {
+        DES_xwhite_in2out(des_key, in_white, out_white);
+        }
+
+int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+        _ossl_old_des_cblock *iv)
+        {
+        return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
+        }
+int _ossl_old_des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+        _ossl_old_des_cblock *iv)
+        {
+        return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
+        }
+char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret)
+        {
+        return DES_fcrypt(buf, salt, ret);
+        }
+char *_ossl_old_des_crypt(const char *buf,const char *salt)
+        {
+        return DES_crypt(buf, salt);
+        }
+char *_ossl_old_crypt(const char *buf,const char *salt)
+        {
+        return DES_crypt(buf, salt);
+        }
+void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
+        int numbits,long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
+        {
+        DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
+                ivec);
+        }
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,int out_count,_ossl_old_des_cblock *seed)
+        {
+        return DES_quad_cksum((unsigned char *)input, output, length,
+                out_count, seed);
+        }
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
+        {
+        RAND_seed(key, sizeof(_ossl_old_des_cblock));
+        }
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
+        {
+        DES_random_key((DES_cblock *)ret);
+        }
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+                                int verify)
+        {
+        return DES_read_password(key, prompt, verify);
+        }
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1, _ossl_old_des_cblock *key2,
+        const char *prompt, int verify)
+        {
+        return DES_read_2passwords(key1, key2, prompt, verify);
+        }
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
+        {
+        DES_set_odd_parity(key);
+        }
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
+        {
+        return DES_is_weak_key(key);
+        }
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,des_key_schedule schedule)
+        {
+        return DES_set_key(key, (DES_key_schedule *)schedule);
+        }
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,des_key_schedule schedule)
+        {
+        return DES_key_sched(key, (DES_key_schedule *)schedule);
+        }
+void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key)
+        {
+        DES_string_to_key(str, key);
+        }
+void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2)
+        {
+        DES_string_to_2keys(str, key1, key2);
+        }
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc)
+        {
+        DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                ivec, num, enc);
+        }
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num)
+        {
+        DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                ivec, num);
+        }
diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h
new file mode 100644
index 0000000000..1d8bf65101
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old.h
@@ -0,0 +1,441 @@
+/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with openssl 0.9.6 and older as
+ * well as libdes.  OpenSSL now provides functions where "des_" has
+ * been replaced with "DES_" in the names, to make it possible to
+ * make incompatible changes that are needed for C type security and
+ * other stuff.
+ *
+ * This include files has two compatibility modes:
+ *
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
+ *     that is compatible with libdes and SSLeay.
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
+ *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
+ *
+ * Note that these modes break earlier snapshots of OpenSSL, where
+ * libdes compatibility was the only available mode or (later on) the
+ * prefered compatibility mode.  However, after much consideration
+ * (and more or less violent discussions with external parties), it
+ * was concluded that OpenSSL should be compatible with earlier versions
+ * of itself before anything else.  Also, in all honesty, libdes is
+ * an old beast that shouldn't really be used any more.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will disappear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DES_OLD_H
+#define HEADER_DES_OLD_H
+
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
+#endif
+
+#ifndef HEADER_DES_H
+#error You must include des.h, not des_old.h directly.
+#endif
+
+#ifdef _KERBEROS_DES_H
+#error <openssl/des_old.h> replaces <kerberos/des.h>.
+#endif
+
+#include <openssl/opensslconf.h> /* DES_LONG */
+#include <openssl/e_os2.h>      /* OPENSSL_EXTERN */
+#include <openssl/symhacks.h>
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef unsigned char _ossl_old_des_cblock[8];
+typedef struct _ossl_old_des_ks_struct
+        {
+        union   {
+                _ossl_old_des_cblock _;
+                /* make sure things are correct size on machines with
+                 * 8 byte longs */
+                DES_LONG pad[2];
+                } ks;
+        } _ossl_old_des_key_schedule[16];
+
+#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
+#define des_cblock DES_cblock
+#define const_des_cblock const_DES_cblock
+#define des_key_schedule DES_key_schedule
+#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
+#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
+#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
+        DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
+#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
+#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
+#define des_options()\
+        DES_options()
+#define des_cbc_cksum(i,o,l,k,iv)\
+        DES_cbc_cksum((i),(o),(l),&(k),(iv))
+#define des_cbc_encrypt(i,o,l,k,iv,e)\
+        DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
+#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
+#define des_ecb_encrypt(i,o,k,e)\
+        DES_ecb_encrypt((i),(o),&(k),(e))
+#define des_encrypt1(d,k,e)\
+        DES_encrypt1((d),&(k),(e))
+#define des_encrypt2(d,k,e)\
+        DES_encrypt2((d),&(k),(e))
+#define des_encrypt3(d,k1,k2,k3)\
+        DES_encrypt3((d),&(k1),&(k2),&(k3))
+#define des_decrypt3(d,k1,k2,k3)\
+        DES_decrypt3((d),&(k1),&(k2),&(k3))
+#define des_xwhite_in2out(k,i,o)\
+        DES_xwhite_in2out((k),(i),(o))
+#define des_enc_read(f,b,l,k,iv)\
+        DES_enc_read((f),(b),(l),&(k),(iv))
+#define des_enc_write(f,b,l,k,iv)\
+        DES_enc_write((f),(b),(l),&(k),(iv))
+#define des_fcrypt(b,s,r)\
+        DES_fcrypt((b),(s),(r))
+#define des_crypt(b,s)\
+        DES_crypt((b),(s))
+#if 0
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
+#define crypt(b,s)\
+        DES_crypt((b),(s))
+#endif
+#endif
+#define des_ofb_encrypt(i,o,n,l,k,iv)\
+        DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
+#define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_quad_cksum(i,o,l,c,s)\
+        DES_quad_cksum((i),(o),(l),(c),(s))
+#define des_random_seed(k)\
+        _ossl_096_des_random_seed((k))
+#define des_random_key(r)\
+        DES_random_key((r))
+#define des_read_password(k,p,v) \
+        DES_read_password((k),(p),(v))
+#define des_read_2passwords(k1,k2,p,v) \
+        DES_read_2passwords((k1),(k2),(p),(v))
+#define des_set_odd_parity(k)\
+        DES_set_odd_parity((k))
+#define des_check_key_parity(k)\
+        DES_check_key_parity((k))
+#define des_is_weak_key(k)\
+        DES_is_weak_key((k))
+#define des_set_key(k,ks)\
+        DES_set_key((k),&(ks))
+#define des_key_sched(k,ks)\
+        DES_key_sched((k),&(ks))
+#define des_set_key_checked(k,ks)\
+        DES_set_key_checked((k),&(ks))
+#define des_set_key_unchecked(k,ks)\
+        DES_set_key_unchecked((k),&(ks))
+#define des_string_to_key(s,k)\
+        DES_string_to_key((s),(k))
+#define des_string_to_2keys(s,k1,k2)\
+        DES_string_to_2keys((s),(k1),(k2))
+#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
+#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
+                
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define des_check_key DES_check_key
+#define des_rw_mode DES_rw_mode
+#else /* libdes compatibility */
+/* Map all symbol names to _ossl_old_des_* form, so we avoid all
+   clashes with libdes */
+#define des_cblock _ossl_old_des_cblock
+#define des_key_schedule _ossl_old_des_key_schedule
+#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
+#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
+#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
+#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
+#define des_options()\
+        _ossl_old_des_options()
+#define des_cbc_cksum(i,o,l,k,iv)\
+        _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
+#define des_cbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
+#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
+#define des_ecb_encrypt(i,o,k,e)\
+        _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
+#define des_encrypt(d,k,e)\
+        _ossl_old_des_encrypt((d),(k),(e))
+#define des_encrypt2(d,k,e)\
+        _ossl_old_des_encrypt2((d),(k),(e))
+#define des_encrypt3(d,k1,k2,k3)\
+        _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
+#define des_decrypt3(d,k1,k2,k3)\
+        _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
+#define des_xwhite_in2out(k,i,o)\
+        _ossl_old_des_xwhite_in2out((k),(i),(o))
+#define des_enc_read(f,b,l,k,iv)\
+        _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
+#define des_enc_write(f,b,l,k,iv)\
+        _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
+#define des_fcrypt(b,s,r)\
+        _ossl_old_des_fcrypt((b),(s),(r))
+#define des_crypt(b,s)\
+        _ossl_old_des_crypt((b),(s))
+#if 0
+#define crypt(b,s)\
+        _ossl_old_crypt((b),(s))
+#endif
+#define des_ofb_encrypt(i,o,n,l,k,iv)\
+        _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
+#define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_quad_cksum(i,o,l,c,s)\
+        _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
+#define des_random_seed(k)\
+        _ossl_old_des_random_seed((k))
+#define des_random_key(r)\
+        _ossl_old_des_random_key((r))
+#define des_read_password(k,p,v) \
+        _ossl_old_des_read_password((k),(p),(v))
+#define des_read_2passwords(k1,k2,p,v) \
+        _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
+#define des_set_odd_parity(k)\
+        _ossl_old_des_set_odd_parity((k))
+#define des_is_weak_key(k)\
+        _ossl_old_des_is_weak_key((k))
+#define des_set_key(k,ks)\
+        _ossl_old_des_set_key((k),(ks))
+#define des_key_sched(k,ks)\
+        _ossl_old_des_key_sched((k),(ks))
+#define des_string_to_key(s,k)\
+        _ossl_old_des_string_to_key((s),(k))
+#define des_string_to_2keys(s,k1,k2)\
+        _ossl_old_des_string_to_2keys((s),(k1),(k2))
+#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
+#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
+                
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define des_check_key DES_check_key
+#define des_rw_mode DES_rw_mode
+#endif
+
+const char *_ossl_old_des_options(void);
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        _ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, int enc);
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
+        _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
+void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+        long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        _ossl_old_des_key_schedule ks,int enc);
+void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+        _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+        _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, 
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
+        _ossl_old_des_cblock (*out_white));
+
+int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
+        _ossl_old_des_cblock *iv);
+int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
+        _ossl_old_des_cblock *iv);
+char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
+char *_ossl_old_des_crypt(const char *buf,const char *salt);
+#if !defined(PERL5) && !defined(NeXT)
+char *_ossl_old_crypt(const char *buf,const char *salt);
+#endif
+void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
+        int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,int out_count,_ossl_old_des_cblock *seed);
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
+        const char *prompt,int verify);
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
+void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key);
+void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_096_des_random_seed(des_cblock *key);
+
+/* The following definitions provide compatibility with the MIT Kerberos
+ * library. The _ossl_old_des_key_schedule structure is not binary compatible. */
+
+#define _KERBEROS_DES_H
+
+#define KRBDES_ENCRYPT DES_ENCRYPT
+#define KRBDES_DECRYPT DES_DECRYPT
+
+#ifdef KERBEROS
+#  define ENCRYPT DES_ENCRYPT
+#  define DECRYPT DES_DECRYPT
+#endif
+
+#ifndef NCOMPAT
+#  define C_Block des_cblock
+#  define Key_schedule des_key_schedule
+#  define KEY_SZ DES_KEY_SZ
+#  define string_to_key des_string_to_key
+#  define read_pw_string des_read_pw_string
+#  define random_key des_random_key
+#  define pcbc_encrypt des_pcbc_encrypt
+#  define set_key des_set_key
+#  define key_sched des_key_sched
+#  define ecb_encrypt des_ecb_encrypt
+#  define cbc_encrypt des_cbc_encrypt
+#  define ncbc_encrypt des_ncbc_encrypt
+#  define xcbc_encrypt des_xcbc_encrypt
+#  define cbc_cksum des_cbc_cksum
+#  define quad_cksum des_quad_cksum
+#  define check_parity des_check_key_parity
+#endif
+
+#define des_fixup_key_parity DES_fixup_key_parity
+
+#ifdef  __cplusplus
+}
+#endif
+
+/* for DES_read_pw_string et al */
+#include <openssl/ui_compat.h>
+
+#endif
diff --git a/src/lib/libcrypto/des/des_old2.c b/src/lib/libcrypto/des/des_old2.c
new file mode 100644
index 0000000000..c8fa3ee135
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old2.c
@@ -0,0 +1,82 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with OpenSSL 0.9.6c.  OpenSSL now
+ * provides functions where "des_" has been replaced with "DES_" in
+ * the names, to make it possible to make incompatible changes that
+ * are needed for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#undef OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+void _ossl_096_des_random_seed(DES_cblock *key)
+        {
+        RAND_seed(key, sizeof(DES_cblock));
+        }
diff --git a/src/lib/libcrypto/des/des_opts.c b/src/lib/libcrypto/des/des_opts.c
new file mode 100644
index 0000000000..79278b920e
--- /dev/null
+++ b/src/lib/libcrypto/des/des_opts.c
@@ -0,0 +1,604 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef OPENSSL_SYS_MSDOS
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+
+/* Depending on the VMS version, the tms structure is perhaps defined.
+   The __TMS macro will show if it was.  If it wasn't defined, we should
+   undefine TIMES, since that tells the rest of the program how things
+   should be handled.                           -- Richard Levitte */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+#undef TIMES
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include <openssl/des.h>
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+#define PART1
+#define PART2
+#define PART3
+#define PART4
+#endif
+
+#ifdef PART1
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#define DES_encrypt1 des_encrypt_u4_cisc_idx
+#define DES_encrypt2 des_encrypt2_u4_cisc_idx
+#define DES_encrypt3 des_encrypt3_u4_cisc_idx
+#define DES_decrypt3 des_decrypt3_u4_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_cisc_idx
+#define DES_encrypt2 des_encrypt2_u16_cisc_idx
+#define DES_encrypt3 des_encrypt3_u16_cisc_idx
+#define DES_decrypt3 des_decrypt3_u16_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc1_idx
+#define DES_encrypt2 des_encrypt2_u4_risc1_idx
+#define DES_encrypt3 des_encrypt3_u4_risc1_idx
+#define DES_decrypt3 des_decrypt3_u4_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc2_idx
+#define DES_encrypt2 des_encrypt2_u4_risc2_idx
+#define DES_encrypt3 des_encrypt3_u4_risc2_idx
+#define DES_decrypt3 des_decrypt3_u4_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc1_idx
+#define DES_encrypt2 des_encrypt2_u16_risc1_idx
+#define DES_encrypt3 des_encrypt3_u16_risc1_idx
+#define DES_decrypt3 des_decrypt3_u16_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc2_idx
+#define DES_encrypt2 des_encrypt2_u16_risc2_idx
+#define DES_encrypt3 des_encrypt3_u16_risc2_idx
+#define DES_decrypt3 des_decrypt3_u16_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_cisc_ptr
+#define DES_encrypt2 des_encrypt2_u4_cisc_ptr
+#define DES_encrypt3 des_encrypt3_u4_cisc_ptr
+#define DES_decrypt3 des_decrypt3_u4_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_cisc_ptr
+#define DES_encrypt2 des_encrypt2_u16_cisc_ptr
+#define DES_encrypt3 des_encrypt3_u16_cisc_ptr
+#define DES_decrypt3 des_decrypt3_u16_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc1_ptr
+#define DES_encrypt2 des_encrypt2_u4_risc1_ptr
+#define DES_encrypt3 des_encrypt3_u4_risc1_ptr
+#define DES_decrypt3 des_decrypt3_u4_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc2_ptr
+#define DES_encrypt2 des_encrypt2_u4_risc2_ptr
+#define DES_encrypt3 des_encrypt3_u4_risc2_ptr
+#define DES_decrypt3 des_decrypt3_u4_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc1_ptr
+#define DES_encrypt2 des_encrypt2_u16_risc1_ptr
+#define DES_encrypt3 des_encrypt3_u16_risc1_ptr
+#define DES_decrypt3 des_decrypt3_u16_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc2_ptr
+#define DES_encrypt2 des_encrypt2_u16_risc2_ptr
+#define DES_encrypt3 des_encrypt3_u16_risc2_ptr
+#define DES_decrypt3 des_decrypt3_u16_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   define HZ   100.0
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+        {
+        signal(SIGALRM,sig_done);
+        run=0;
+#ifdef LINT
+        sig=sig;
+#endif
+        }
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+        {
+        double ret;
+#ifdef TIMES
+        static struct tms tstart,tend;
+
+        if (s == START)
+                {
+                times(&tstart);
+                return(0);
+                }
+        else
+                {
+                times(&tend);
+                ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#else /* !times() */
+        static struct timeb tstart,tend;
+        long i;
+
+        if (s == START)
+                {
+                ftime(&tstart);
+                return(0);
+                }
+        else
+                {
+                ftime(&tend);
+                i=(long)tend.millitm-(long)tstart.millitm;
+                ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#endif
+        }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+        
+#define time_it(func,name,index) \
+        print_name(name); \
+        Time_F(START); \
+        for (count=0,run=1; COND(cb); count++) \
+                { \
+                unsigned long d[2]; \
+                func(d,&sch,DES_ENCRYPT); \
+                } \
+        tm[index]=Time_F(STOP); \
+        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+        tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+                tm[index]*8,1.0e6/tm[index]);
+
+int main(int argc, char **argv)
+        {
+        long count;
+        static unsigned char buf[BUFSIZE];
+        static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+        static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+        static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+        DES_key_schedule sch,sch2,sch3;
+        double d,tm[16],max=0;
+        int rank[16];
+        char *str[16];
+        int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+        long ca,cb,cc,cd,ce;
+#endif
+
+        for (i=0; i<12; i++)
+                {
+                tm[i]=0.0;
+                rank[i]=0;
+                }
+
+#ifndef TIMES
+        fprintf(stderr,"To get the most accurate results, try to run this\n");
+        fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+        DES_set_key_unchecked(&key,&sch);
+        DES_set_key_unchecked(&key2,&sch2);
+        DES_set_key_unchecked(&key3,&sch3);
+
+#ifndef SIGALRM
+        fprintf(stderr,"First we calculate the approximate speed ...\n");
+        DES_set_key_unchecked(&key,sch);
+        count=10;
+        do      {
+                long i;
+                unsigned long data[2];
+
+                count*=2;
+                Time_F(START);
+                for (i=count; i; i--)
+                        DES_encrypt1(data,&(sch[0]),DES_ENCRYPT);
+                d=Time_F(STOP);
+                } while (d < 3.0);
+        ca=count;
+        cb=count*3;
+        cc=count*3*8/BUFSIZE+1;
+        cd=count*8/BUFSIZE+1;
+
+        ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        alarm(10);
+#endif
+
+#ifdef PART1
+        time_it(des_encrypt_u4_cisc_idx,  "des_encrypt_u4_cisc_idx  ", 0);
+        time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+        time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+        num+=3;
+#endif
+#ifdef PART2
+        time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
+        time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+        time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
+        num+=3;
+#endif
+#ifdef PART3
+        time_it(des_encrypt_u4_cisc_ptr,  "des_encrypt_u4_cisc_ptr  ", 6);
+        time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+        time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+        num+=3;
+#endif
+#ifdef PART4
+        time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
+        time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
+        time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
+        num+=3;
+#endif
+
+#ifdef PART1
+        str[0]=" 4  c i";
+        print_it("des_encrypt_u4_cisc_idx  ",0);
+        max=tm[0];
+        max_idx=0;
+        str[1]="16  c i";
+        print_it("des_encrypt_u16_cisc_idx ",1);
+        if (max < tm[1]) { max=tm[1]; max_idx=1; }
+        str[2]=" 4 r1 i";
+        print_it("des_encrypt_u4_risc1_idx ",2);
+        if (max < tm[2]) { max=tm[2]; max_idx=2; }
+#endif
+#ifdef PART2
+        str[3]="16 r1 i";
+        print_it("des_encrypt_u16_risc1_idx",3);
+        if (max < tm[3]) { max=tm[3]; max_idx=3; }
+        str[4]=" 4 r2 i";
+        print_it("des_encrypt_u4_risc2_idx ",4);
+        if (max < tm[4]) { max=tm[4]; max_idx=4; }
+        str[5]="16 r2 i";
+        print_it("des_encrypt_u16_risc2_idx",5);
+        if (max < tm[5]) { max=tm[5]; max_idx=5; }
+#endif
+#ifdef PART3
+        str[6]=" 4  c p";
+        print_it("des_encrypt_u4_cisc_ptr  ",6);
+        if (max < tm[6]) { max=tm[6]; max_idx=6; }
+        str[7]="16  c p";
+        print_it("des_encrypt_u16_cisc_ptr ",7);
+        if (max < tm[7]) { max=tm[7]; max_idx=7; }
+        str[8]=" 4 r1 p";
+        print_it("des_encrypt_u4_risc1_ptr ",8);
+        if (max < tm[8]) { max=tm[8]; max_idx=8; }
+#endif
+#ifdef PART4
+        str[9]="16 r1 p";
+        print_it("des_encrypt_u16_risc1_ptr",9);
+        if (max < tm[9]) { max=tm[9]; max_idx=9; }
+        str[10]=" 4 r2 p";
+        print_it("des_encrypt_u4_risc2_ptr ",10);
+        if (max < tm[10]) { max=tm[10]; max_idx=10; }
+        str[11]="16 r2 p";
+        print_it("des_encrypt_u16_risc2_ptr",11);
+        if (max < tm[11]) { max=tm[11]; max_idx=11; }
+#endif
+        printf("options    des ecb/s\n");
+        printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+        d=tm[max_idx];
+        tm[max_idx]= -2.0;
+        max= -1.0;
+        for (;;)
+                {
+                for (i=0; i<12; i++)
+                        {
+                        if (max < tm[i]) { max=tm[i]; j=i; }
+                        }
+                if (max < 0.0) break;
+                printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+                tm[j]= -2.0;
+                max= -1.0;
+                }
+
+        switch (max_idx)
+                {
+        case 0:
+                printf("-DDES_DEFAULT_OPTIONS\n");
+                break;
+        case 1:
+                printf("-DDES_UNROLL\n");
+                break;
+        case 2:
+                printf("-DDES_RISC1\n");
+                break;
+        case 3:
+                printf("-DDES_UNROLL -DDES_RISC1\n");
+                break;
+        case 4:
+                printf("-DDES_RISC2\n");
+                break;
+        case 5:
+                printf("-DDES_UNROLL -DDES_RISC2\n");
+                break;
+        case 6:
+                printf("-DDES_PTR\n");
+                break;
+        case 7:
+                printf("-DDES_UNROLL -DDES_PTR\n");
+                break;
+        case 8:
+                printf("-DDES_RISC1 -DDES_PTR\n");
+                break;
+        case 9:
+                printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+                break;
+        case 10:
+                printf("-DDES_RISC2 -DDES_PTR\n");
+                break;
+        case 11:
+                printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+                break;
+                }
+        exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+        return(0);
+#endif
+        }
diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h
new file mode 100644
index 0000000000..379bbadda2
--- /dev/null
+++ b/src/lib/libcrypto/des/des_ver.h
@@ -0,0 +1,71 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+/* The following macros make sure the names are different from libdes names */
+#define DES_version OSSL_DES_version
+#define libdes_version OSSL_libdes_version
+
+OPENSSL_EXTERN const char *OSSL_DES_version;    /* SSLeay version string */
+OPENSSL_EXTERN const char *OSSL_libdes_version; /* old libdes version string */
diff --git a/src/lib/libcrypto/des/dess.cpp b/src/lib/libcrypto/des/dess.cpp
new file mode 100644
index 0000000000..5549bab90a
--- /dev/null
+++ b/src/lib/libcrypto/des/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+               : "=eax" (tsc)
+               :
+               : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+        {
+        des_key_schedule key;
+        unsigned long s1,s2,e1,e2;
+        unsigned long data[2];
+        int i,j;
+
+        for (j=0; j<6; j++)
+                {
+                for (i=0; i<1000; i++) /**/
+                        {
+                        des_encrypt1(&data[0],key,1);
+                        GetTSC(s1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        GetTSC(e1);
+                        GetTSC(s2);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        GetTSC(e2);
+                        des_encrypt1(&data[0],key,1);
+                        }
+
+                printf("des %d %d (%d)\n",
+                        e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+                }
+        }
+
diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c
new file mode 100644
index 0000000000..e3e9d77f14
--- /dev/null
+++ b/src/lib/libcrypto/des/destest.c
@@ -0,0 +1,948 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/e_os2.h>
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WINDOWS)
+#ifndef OPENSSL_SYS_MSDOS
+#define OPENSSL_SYS_MSDOS
+#endif
+#endif
+
+#ifndef OPENSSL_SYS_MSDOS
+#if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC)
+#include OPENSSL_UNISTD
+#endif
+#else
+#include <io.h>
+#endif
+#include <string.h>
+
+#ifdef OPENSSL_NO_DES
+int main(int argc, char *argv[])
+{
+    printf("No DES support\n");
+    return(0);
+}
+#else
+#include <openssl/des.h>
+
+#define crypt(c,s) (des_crypt((c),(s)))
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+#define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8]={
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+        {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+        {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+        {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+        {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+        {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+        {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+        {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+        {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+        {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+        {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+        {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+        {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+        {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+        {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+        {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+        {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+        {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+        {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+        {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+        {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+        {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+        {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+        {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+        {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+        {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+        {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+        {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+        {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+        {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+        {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+        {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+        {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+        {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+        {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+        {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+        {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+        {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+        {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+        {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+        {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+        {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+        {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
+        {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
+        {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
+        {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
+        {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
+        {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+        {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
+        {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
+        {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
+        {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
+        {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
+        {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
+        {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
+        {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
+        {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
+        {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
+        {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
+        {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
+        {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
+        {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
+        {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
+        {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
+        {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
+        {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
+        {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
+        {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
+        {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
+        {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
+        {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
+        {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
+        {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
+        {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
+        {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
+
+static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
+        {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
+        {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
+        {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
+        {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
+        {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
+        {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
+        {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
+        {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
+        {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
+        {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
+        {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
+        {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
+        {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
+        {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
+        {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
+        {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
+        {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
+        {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
+        {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
+        {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
+        {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
+        {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
+        {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
+        {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
+        {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
+        {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
+        {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
+        {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
+        {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
+        {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
+        {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
+        {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
+        {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
+
+static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cbc2_key[8]={0xf1,0xe0,0xd3,0xc2,0xb5,0xa4,0x97,0x86};
+static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static unsigned char cbc_iv  [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+/* Changed the following text constant to binary so it will work on ebcdic
+ * machines :-) */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static unsigned char cbc_data[40]={
+        0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20,
+        0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20,
+        0x66,0x6F,0x72,0x20,0x00,0x31,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        };
+
+static unsigned char cbc_ok[32]={
+        0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+        0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
+        0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
+        0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+#ifdef SCREW_THE_PARITY
+#error "SCREW_THE_PARITY is not ment to be defined."
+#error "Original vectors are preserved for reference only."
+static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char xcbc_ok[32]={
+        0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+        0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+        0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+        0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+        };
+#else
+static unsigned char xcbc_ok[32]={
+        0x84,0x6B,0x29,0x14,0x85,0x1E,0x9A,0x29,
+        0x54,0x73,0x2F,0x8A,0xA0,0xA6,0x11,0xC1,
+        0x15,0xCD,0xC2,0xD7,0x95,0x1B,0x10,0x53,
+        0xA6,0x3C,0x5E,0x03,0xB2,0x1A,0xA3,0xC4,
+        };
+#endif
+
+static unsigned char cbc3_ok[32]={
+        0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
+        0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
+        0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
+        0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
+
+static unsigned char pcbc_ok[32]={
+        0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+        0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
+        0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
+        0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
+
+static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+static unsigned char plain[24]=
+        {
+        0x4e,0x6f,0x77,0x20,0x69,0x73,
+        0x20,0x74,0x68,0x65,0x20,0x74,
+        0x69,0x6d,0x65,0x20,0x66,0x6f,
+        0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+static unsigned char cfb_cipher8[24]= {
+        0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
+        0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
+static unsigned char cfb_cipher16[24]={
+        0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
+        0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
+static unsigned char cfb_cipher32[24]={
+        0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
+        0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
+static unsigned char cfb_cipher48[24]={
+        0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
+        0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
+static unsigned char cfb_cipher64[24]={
+        0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
+        0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
+
+static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
+static unsigned char ofb_cipher[24]=
+        {
+        0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
+        0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
+        0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
+        };
+
+#if 0
+static DES_LONG cbc_cksum_ret=0xB462FEF7L;
+#else
+static DES_LONG cbc_cksum_ret=0xF7FE62B4L;
+#endif
+static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+int main(int argc, char *argv[])
+        {
+        int i,j,err=0;
+        des_cblock in,out,outin,iv3,iv2;
+        des_key_schedule ks,ks2,ks3;
+        unsigned char cbc_in[40];
+        unsigned char cbc_out[40];
+        DES_LONG cs;
+        unsigned char cret[8];
+#ifdef _CRAY
+        struct {
+            int a:32;
+            int b:32;
+        } lqret[2];
+#else
+        DES_LONG lqret[4];
+#endif
+        int num;
+        char *str;
+
+#ifndef OPENSSL_NO_DESCBCM
+        printf("Doing cbcm\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        i=strlen((char *)cbc_data)+1;
+        /* i=((i+7)/8)*8; */
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        memset(iv2,'\0',sizeof iv2);
+
+        DES_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,&ks,&ks2,&ks3,&iv3,&iv2,
+                              DES_ENCRYPT);
+        DES_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3,
+                              &iv3,&iv2,DES_ENCRYPT);
+        /*      if (memcmp(cbc_out,cbc3_ok,
+                (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+                {
+                printf("des_ede3_cbc_encrypt encrypt error\n");
+                err=1;
+                }
+        */
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        memset(iv2,'\0',sizeof iv2);
+        DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                int n;
+
+                printf("des_ede3_cbcm_encrypt decrypt error\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_data[n]);
+                printf("\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_in[n]);
+                printf("\n");
+                err=1;
+                }
+#endif
+
+        printf("Doing ecb\n");
+        for (i=0; i<NUM_TESTS; i++)
+                {
+                DES_set_key_unchecked(&key_data[i],&ks);
+                memcpy(in,plain_data[i],8);
+                memset(out,0,8);
+                memset(outin,0,8);
+                des_ecb_encrypt(&in,&out,ks,DES_ENCRYPT);
+                des_ecb_encrypt(&out,&outin,ks,DES_DECRYPT);
+
+                if (memcmp(out,cipher_data[i],8) != 0)
+                        {
+                        printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
+                                pt(out));
+                        err=1;
+                        }
+                if (memcmp(in,outin,8) != 0)
+                        {
+                        printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+                        err=1;
+                        }
+                }
+
+#ifndef LIBDES_LIT
+        printf("Doing ede ecb\n");
+        for (i=0; i<(NUM_TESTS-2); i++)
+                {
+                DES_set_key_unchecked(&key_data[i],&ks);
+                DES_set_key_unchecked(&key_data[i+1],&ks2);
+                DES_set_key_unchecked(&key_data[i+2],&ks3);
+                memcpy(in,plain_data[i],8);
+                memset(out,0,8);
+                memset(outin,0,8);
+                des_ecb2_encrypt(in,out,ks,ks2,DES_ENCRYPT);
+                des_ecb2_encrypt(out,outin,ks,ks2,DES_DECRYPT);
+
+                if (memcmp(out,cipher_ecb2[i],8) != 0)
+                        {
+                        printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
+                                pt(out));
+                        err=1;
+                        }
+                if (memcmp(in,outin,8) != 0)
+                        {
+                        printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+                        err=1;
+                        }
+                }
+#endif
+
+        printf("Doing cbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_ncbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
+                         &iv3,DES_ENCRYPT);
+        if (memcmp(cbc_out,cbc_ok,32) != 0)
+                {
+                printf("cbc_encrypt encrypt error\n");
+                err=1;
+                }
+
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_ncbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
+                         &iv3,DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
+                {
+                printf("cbc_encrypt decrypt error\n");
+                err=1;
+                }
+
+#ifndef LIBDES_LIT
+        printf("Doing desx cbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_xcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
+                         &iv3,&cbc2_key,&cbc3_key, DES_ENCRYPT);
+        if (memcmp(cbc_out,xcbc_ok,32) != 0)
+                {
+                printf("des_xcbc_encrypt encrypt error\n");
+                err=1;
+                }
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_xcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
+                         &iv3,&cbc2_key,&cbc3_key, DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                printf("des_xcbc_encrypt decrypt error\n");
+                err=1;
+                }
+#endif
+
+        printf("Doing ede cbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        i=strlen((char *)cbc_data)+1;
+        /* i=((i+7)/8)*8; */
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+
+        des_ede3_cbc_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,&iv3,
+                             DES_ENCRYPT);
+        des_ede3_cbc_encrypt(&(cbc_data[16]),&(cbc_out[16]),i-16,ks,ks2,ks3,
+                             &iv3,DES_ENCRYPT);
+        if (memcmp(cbc_out,cbc3_ok,
+                (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+                {
+                int n;
+
+                printf("des_ede3_cbc_encrypt encrypt error\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_out[n]);
+                printf("\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc3_ok[n]);
+                printf("\n");
+                err=1;
+                }
+
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                int n;
+
+                printf("des_ede3_cbc_encrypt decrypt error\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_data[n]);
+                printf("\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_in[n]);
+                printf("\n");
+                err=1;
+                }
+
+#ifndef LIBDES_LIT
+        printf("Doing pcbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        des_pcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
+                         &cbc_iv,DES_ENCRYPT);
+        if (memcmp(cbc_out,pcbc_ok,32) != 0)
+                {
+                printf("pcbc_encrypt encrypt error\n");
+                err=1;
+                }
+        des_pcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,&cbc_iv,
+                         DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                printf("pcbc_encrypt decrypt error\n");
+                err=1;
+                }
+
+        printf("Doing ");
+        printf("cfb8 ");
+        err+=cfb_test(8,cfb_cipher8);
+        printf("cfb16 ");
+        err+=cfb_test(16,cfb_cipher16);
+        printf("cfb32 ");
+        err+=cfb_test(32,cfb_cipher32);
+        printf("cfb48 ");
+        err+=cfb_test(48,cfb_cipher48);
+        printf("cfb64 ");
+        err+=cfb_test(64,cfb_cipher64);
+
+        printf("cfb64() ");
+        err+=cfb64_test(cfb_cipher64);
+
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        for (i=0; i<sizeof(plain); i++)
+                des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
+                        8,1,ks,&cfb_tmp,DES_ENCRYPT);
+        if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
+                {
+                printf("cfb_encrypt small encrypt error\n");
+                err=1;
+                }
+
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        for (i=0; i<sizeof(plain); i++)
+                des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
+                        8,1,ks,&cfb_tmp,DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                printf("cfb_encrypt small decrypt error\n");
+                err=1;
+                }
+
+        printf("ede_cfb64() ");
+        err+=ede_cfb64_test(cfb_cipher64);
+
+        printf("done\n");
+
+        printf("Doing ofb\n");
+        DES_set_key_checked(&ofb_key,&ks);
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        des_ofb_encrypt(plain,ofb_buf1,64,sizeof(plain)/8,ks,&ofb_tmp);
+        if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+                {
+                printf("ofb_encrypt encrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
+ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
+ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
+                err=1;
+                }
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        des_ofb_encrypt(ofb_buf1,ofb_buf2,64,sizeof(ofb_buf1)/8,ks,&ofb_tmp);
+        if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+                {
+                printf("ofb_encrypt decrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
+ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+plain[8+0], plain[8+1], plain[8+2], plain[8+3],
+plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
+                err=1;
+                }
+
+        printf("Doing ofb64\n");
+        DES_set_key_checked(&ofb_key,&ks);
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        memset(ofb_buf1,0,sizeof(ofb_buf1));
+        memset(ofb_buf2,0,sizeof(ofb_buf1));
+        num=0;
+        for (i=0; i<sizeof(plain); i++)
+                {
+                des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,&ofb_tmp,
+                                  &num);
+                }
+        if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+                {
+                printf("ofb64_encrypt encrypt error\n");
+                err=1;
+                }
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        num=0;
+        des_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,&ofb_tmp,
+                          &num);
+        if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+                {
+                printf("ofb64_encrypt decrypt error\n");
+                err=1;
+                }
+
+        printf("Doing ede_ofb64\n");
+        DES_set_key_checked(&ofb_key,&ks);
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        memset(ofb_buf1,0,sizeof(ofb_buf1));
+        memset(ofb_buf2,0,sizeof(ofb_buf1));
+        num=0;
+        for (i=0; i<sizeof(plain); i++)
+                {
+                des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,
+                                       ks,&ofb_tmp,&num);
+                }
+        if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+                {
+                printf("ede_ofb64_encrypt encrypt error\n");
+                err=1;
+                }
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        num=0;
+        des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,ks,ks,
+                               &ofb_tmp,&num);
+        if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+                {
+                printf("ede_ofb64_encrypt decrypt error\n");
+                err=1;
+                }
+
+        printf("Doing cbc_cksum\n");
+        DES_set_key_checked(&cbc_key,&ks);
+        cs=des_cbc_cksum(cbc_data,&cret,strlen((char *)cbc_data),ks,&cbc_iv);
+        if (cs != cbc_cksum_ret)
+                {
+                printf("bad return value (%08lX), should be %08lX\n",
+                        (unsigned long)cs,(unsigned long)cbc_cksum_ret);
+                err=1;
+                }
+        if (memcmp(cret,cbc_cksum_data,8) != 0)
+                {
+                printf("bad cbc_cksum block returned\n");
+                err=1;
+                }
+
+        printf("Doing quad_cksum\n");
+        cs=des_quad_cksum(cbc_data,(des_cblock *)lqret,
+                (long)strlen((char *)cbc_data),2,(des_cblock *)cbc_iv);
+        if (cs != 0x70d7a63aL)
+                {
+                printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+                        (unsigned long)cs);
+                err=1;
+                }
+#ifdef _CRAY
+        if (lqret[0].a != 0x327eba8dL)
+                {
+                printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+                        (unsigned long)lqret[0].a,0x327eba8dUL);
+                err=1;
+                }
+        if (lqret[0].b != 0x201a49ccL)
+                {
+                printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+                        (unsigned long)lqret[0].b,0x201a49ccUL);
+                err=1;
+                }
+        if (lqret[1].a != 0x70d7a63aL)
+                {
+                printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+                        (unsigned long)lqret[1].a,0x70d7a63aUL);
+                err=1;
+                }
+        if (lqret[1].b != 0x501c2c26L)
+                {
+                printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+                        (unsigned long)lqret[1].b,0x501c2c26UL);
+                err=1;
+                }
+#else
+        if (lqret[0] != 0x327eba8dL)
+                {
+                printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+                        (unsigned long)lqret[0],0x327eba8dUL);
+                err=1;
+                }
+        if (lqret[1] != 0x201a49ccL)
+                {
+                printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+                        (unsigned long)lqret[1],0x201a49ccUL);
+                err=1;
+                }
+        if (lqret[2] != 0x70d7a63aL)
+                {
+                printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+                        (unsigned long)lqret[2],0x70d7a63aUL);
+                err=1;
+                }
+        if (lqret[3] != 0x501c2c26L)
+                {
+                printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+                        (unsigned long)lqret[3],0x501c2c26UL);
+                err=1;
+                }
+#endif
+#endif
+
+        printf("input word alignment test");
+        for (i=0; i<4; i++)
+                {
+                printf(" %d",i);
+                des_ncbc_encrypt(&(cbc_out[i]),cbc_in,
+                                 strlen((char *)cbc_data)+1,ks,
+                                 &cbc_iv,DES_ENCRYPT);
+                }
+        printf("\noutput word alignment test");
+        for (i=0; i<4; i++)
+                {
+                printf(" %d",i);
+                des_ncbc_encrypt(cbc_out,&(cbc_in[i]),
+                                 strlen((char *)cbc_data)+1,ks,
+                                 &cbc_iv,DES_ENCRYPT);
+                }
+        printf("\n");
+        printf("fast crypt test ");
+        str=crypt("testing","ef");
+        if (strcmp("efGnQx2725bI2",str) != 0)
+                {
+                printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
+                err=1;
+                }
+        str=crypt("bca76;23","yA");
+        if (strcmp("yA1Rp/1hZXIJk",str) != 0)
+                {
+                printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
+                err=1;
+                }
+        printf("\n");
+        return(err);
+        }
+
+static char *pt(unsigned char *p)
+        {
+        static char bufs[10][20];
+        static int bnum=0;
+        char *ret;
+        int i;
+        static char *f="0123456789ABCDEF";
+
+        ret= &(bufs[bnum++][0]);
+        bnum%=10;
+        for (i=0; i<8; i++)
+                {
+                ret[i*2]=f[(p[i]>>4)&0xf];
+                ret[i*2+1]=f[p[i]&0xf];
+                }
+        ret[16]='\0';
+        return(ret);
+        }
+
+#ifndef LIBDES_LIT
+
+static int cfb_test(int bits, unsigned char *cfb_cipher)
+        {
+        des_key_schedule ks;
+        int i,err=0;
+
+        DES_set_key_checked(&cfb_key,&ks);
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        des_cfb_encrypt(plain,cfb_buf1,bits,sizeof(plain),ks,&cfb_tmp,
+                        DES_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt encrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,sizeof(plain),ks,&cfb_tmp,
+                        DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        return(err);
+        }
+
+static int cfb64_test(unsigned char *cfb_cipher)
+        {
+        des_key_schedule ks;
+        int err=0,i,n;
+
+        DES_set_key_checked(&cfb_key,&ks);
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_cfb64_encrypt(plain,cfb_buf1,12,ks,&cfb_tmp,&n,DES_ENCRYPT);
+        des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),sizeof(plain)-12,ks,
+                          &cfb_tmp,&n,DES_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt encrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_cfb64_encrypt(cfb_buf1,cfb_buf2,17,ks,&cfb_tmp,&n,DES_DECRYPT);
+        des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                          sizeof(plain)-17,ks,&cfb_tmp,&n,DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+static int ede_cfb64_test(unsigned char *cfb_cipher)
+        {
+        des_key_schedule ks;
+        int err=0,i,n;
+
+        DES_set_key_checked(&cfb_key,&ks);
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_ede3_cfb64_encrypt(plain,cfb_buf1,12,ks,ks,ks,&cfb_tmp,&n,
+                               DES_ENCRYPT);
+        des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+                               sizeof(plain)-12,ks,ks,ks,
+                               &cfb_tmp,&n,DES_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("ede_cfb_encrypt encrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
+                               &cfb_tmp,&n,DES_DECRYPT);
+        des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                               sizeof(plain)-17,ks,ks,ks,
+                               &cfb_tmp,&n,DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("ede_cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+#endif
+#endif
diff --git a/src/lib/libcrypto/des/makefile.bc b/src/lib/libcrypto/des/makefile.bc
new file mode 100644
index 0000000000..1fe6d4915a
--- /dev/null
+++ b/src/lib/libcrypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC      = bcc
+TLIB    = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS  = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS  = -ml $(WINDOWS)
+
+.c.obj:
+        $(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+        $(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib  
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+        del *.exe
+        del *.obj
+        del libdes.lib
+        del libdes.rsp
+
+OBJS=   cbc_cksm.obj cbc_enc.obj  ecb_enc.obj  pcbc_enc.obj \
+        qud_cksm.obj rand_key.obj set_key.obj  str2key.obj \
+        enc_read.obj enc_writ.obj fcrypt.obj   cfb_enc.obj \
+        ecb3_enc.obj ofb_enc.obj  cbc3_enc.obj read_pwd.obj\
+        cfb64enc.obj ofb64enc.obj ede_enc.obj  cfb64ede.obj\
+        ofb64ede.obj supp.obj
+
+LIB=    libdes.lib
+
+$(LIB): $(OBJS)
+        del $(LIB)
+        makersp "+%s &\n" &&|
+        $(OBJS)
+|       >libdes.rsp
+        $(TLIB) libdes.lib @libdes.rsp,nul
+        del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe:     rpw.obj libdes.lib
+speed.exe:   speed.obj libdes.lib
+des.exe:     des.obj libdes.lib
+
+
diff --git a/src/lib/libcrypto/des/options.txt b/src/lib/libcrypto/des/options.txt
new file mode 100644
index 0000000000..6e2b50f765
--- /dev/null
+++ b/src/lib/libcrypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler          577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR     496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]    459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1       433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL              380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assembler                  281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assembler                    281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL                          275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR          235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR                 233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR             191,000 1528k/s
+DEC Alpha 165mhz??  - cc - RISC2 PTR [2]                        181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR           158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3]                            148,000 1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL             123,600  989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR                 101,000  808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL                       81,000  648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assembler                    65,000  522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR      76,000  608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2                 43,500  344k/s
+AIX - old slow one :-) - cc -                                    39,000  312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0 
+    cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+    gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+    I'll record the higher since it is coming from the library but it
+    is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+    As such, my timing program was never able to get more that %30 of the CPU.
+    This would cause the program to give much lower speed numbers because
+    it would be 'fighting' to stay in the cache with the other CPU burning
+    processes.
diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c
new file mode 100644
index 0000000000..3a63c4016c
--- /dev/null
+++ b/src/lib/libcrypto/des/read2pwd.c
@@ -0,0 +1,139 @@
+/* crypto/des/read2pwd.c */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <string.h>
+#include <openssl/des.h>
+#include <openssl/ui.h>
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify)
+        {
+        int ok;
+        char buf[BUFSIZ],buff[BUFSIZ];
+
+        if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+                DES_string_to_key(buf,key);
+        OPENSSL_cleanse(buf,BUFSIZ);
+        OPENSSL_cleanse(buff,BUFSIZ);
+        return(ok);
+        }
+
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
+             int verify)
+        {
+        int ok;
+        char buf[BUFSIZ],buff[BUFSIZ];
+
+        if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+                DES_string_to_2keys(buf,key1,key2);
+        OPENSSL_cleanse(buf,BUFSIZ);
+        OPENSSL_cleanse(buff,BUFSIZ);
+        return(ok);
+        }
diff --git a/src/lib/libcrypto/des/read_pwd.c b/src/lib/libcrypto/des/read_pwd.c
new file mode 100644
index 0000000000..ce5fa00a37
--- /dev/null
+++ b/src/lib/libcrypto/des/read_pwd.c
@@ -0,0 +1,521 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WIN32)
+#ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+#else
+# include <unistd.h>
+#endif
+/* If unistd.h defines _POSIX_VERSION, we conclude that we
+ * are on a POSIX system and have sigaction and termios. */
+#if defined(_POSIX_VERSION)
+
+# define SIGACTION
+# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+# define TERMIOS
+# endif
+
+#endif
+#endif
+
+/* #define SIGACTION */ /* Define this if you have sigaction() */
+
+#ifdef WIN16TTY
+#undef OPENSSL_SYS_WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan    Support for VMS */
+#include "des_locl.h"
+#include "cryptlib.h"
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+#ifdef OPENSSL_SYS_VMS                  /* prototypes for sys$whatever */
+#include <starlet.h>
+#ifdef __DECC
+#pragma message disable DOLLARID
+#endif
+#endif
+
+#ifdef WIN_CONSOLE_BUG
+#include <windows.h>
+#ifndef OPENSSL_SYS_WINCE
+#include <wincon.h>
+#endif
+#endif
+
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef  TERMIO
+#undef  SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#ifdef _LIBC
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE)
+#undef  TERMIOS
+#undef  TERMIO
+#define SGTTY
+#endif
+
+#if defined(OPENSSL_SYS_VXWORKS)
+#undef TERMIOS
+#undef TERMIO
+#undef SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT              struct termios
+#define TTY_FLAGS               c_lflag
+#define TTY_get(tty,data)       tcgetattr(tty,data)
+#define TTY_set(tty,data)       tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT              struct termio
+#define TTY_FLAGS               c_lflag
+#define TTY_get(tty,data)       ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data)       ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT              struct sgttyb
+#define TTY_FLAGS               sg_flags
+#define TTY_get(tty,data)       ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data)       ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(MAC_OS_pre_X)
+#include <sys/ioctl.h>
+#endif
+
+#if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) && !defined(OPENSSL_SYS_WINCE)
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+        short iosb$w_value;
+        short iosb$w_count;
+        long  iosb$l_info;
+        };
+#endif
+
+#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE)
+/*
+ * This one needs work. As a matter of fact the code is unoperational
+ * and this is only a trick to get it compiled.
+ *                                      <appro@fy.chalmers.se>
+ */
+#define TTY_STRUCT int
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#ifdef SIGACTION
+ static struct sigaction savsig[NX509_SIG];
+#else
+  static void (*savsig[NX509_SIG])(int );
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(char *buf, int length, const char *prompt,
+             int verify)
+        {
+        char buff[BUFSIZ];
+        int ret;
+
+        ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+        OPENSSL_cleanse(buff,BUFSIZ);
+        return(ret);
+        }
+
+#ifdef OPENSSL_SYS_WINCE
+
+int des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
+        { 
+        memset(buf,0,size);
+        memset(buff,0,size);
+        return(0);
+        }
+
+#elif defined(OPENSSL_SYS_WIN16)
+
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
+        { 
+        memset(buf,0,size);
+        memset(buff,0,size);
+        return(0);
+        }
+
+#else /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */
+
+static void read_till_nl(FILE *in)
+        {
+#define SIZE 4
+        char buf[SIZE+1];
+
+        do      {
+                fgets(buf,SIZE,in);
+                } while (strchr(buf,'\n') == NULL);
+        }
+
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(char *buf, char *buff, int size, const char *prompt,
+             int verify)
+        {
+#ifdef OPENSSL_SYS_VMS
+        struct IOSB iosb;
+        $DESCRIPTOR(terminal,"TT");
+        long tty_orig[3], tty_new[3];
+        long status;
+        unsigned short channel = 0;
+#else
+#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+        TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+        int number;
+        int ok;
+        /* statics are simply to avoid warnings about longjmp clobbering
+           things */
+        static int ps;
+        int is_a_tty;
+        static FILE *tty;
+        char *p;
+
+        if (setjmp(save))
+                {
+                ok=0;
+                goto error;
+                }
+
+        number=5;
+        ok=0;
+        ps=0;
+        is_a_tty=1;
+        tty=NULL;
+
+#ifdef OPENSSL_SYS_MSDOS
+        if ((tty=fopen("con","r")) == NULL)
+                tty=stdin;
+#elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS)
+        tty=stdin;
+#else
+#ifndef OPENSSL_SYS_MPE
+        if ((tty=fopen("/dev/tty","r")) == NULL)
+#endif
+                tty=stdin;
+#endif
+
+#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
+        if (TTY_get(fileno(tty),&tty_orig) == -1)
+                {
+#ifdef ENOTTY
+                if (errno == ENOTTY)
+                        is_a_tty=0;
+                else
+#endif
+#ifdef EINVAL
+                /* Ariel Glenn ariel@columbia.edu reports that solaris
+                 * can return EINVAL instead.  This should be ok */
+                if (errno == EINVAL)
+                        is_a_tty=0;
+                else
+#endif
+                        return(-1);
+                }
+        memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+#endif
+#ifdef OPENSSL_SYS_VMS
+        status = sys$assign(&terminal,&channel,0,0);
+        if (status != SS$_NORMAL)
+                return(-1);
+        status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+        if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+                return(-1);
+#endif
+
+        pushsig();
+        ps=1;
+
+#ifdef TTY_FLAGS
+        tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+        if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+#ifdef OPENSSL_SYS_MPE 
+                ; /* MPE lies -- echo really has been disabled */
+#else
+                return(-1);
+#endif
+#endif
+#ifdef OPENSSL_SYS_VMS
+        tty_new[0] = tty_orig[0];
+        tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+        tty_new[2] = tty_orig[2];
+        status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+        if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+                return(-1);
+#endif
+        ps=2;
+
+        while ((!ok) && (number--))
+                {
+                fputs(prompt,stderr);
+                fflush(stderr);
+
+                buf[0]='\0';
+                fgets(buf,size,tty);
+                if (feof(tty)) goto error;
+                if (ferror(tty)) goto error;
+                if ((p=(char *)strchr(buf,'\n')) != NULL)
+                        *p='\0';
+                else    read_till_nl(tty);
+                if (verify)
+                        {
+                        fprintf(stderr,"\nVerifying password - %s",prompt);
+                        fflush(stderr);
+                        buff[0]='\0';
+                        fgets(buff,size,tty);
+                        if (feof(tty)) goto error;
+                        if ((p=(char *)strchr(buff,'\n')) != NULL)
+                                *p='\0';
+                        else    read_till_nl(tty);
+                                
+                        if (strcmp(buf,buff) != 0)
+                                {
+                                fprintf(stderr,"\nVerify failure");
+                                fflush(stderr);
+                                break;
+                                /* continue; */
+                                }
+                        }
+                ok=1;
+                }
+
+error:
+        fprintf(stderr,"\n");
+#if 0
+        perror("fgets(tty)");
+#endif
+        /* What can we do if there is an error? */
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+        if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
+#endif
+#ifdef OPENSSL_SYS_VMS
+        if (ps >= 2)
+                status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0
+                        ,tty_orig,12,0,0,0,0);
+#endif
+        
+        if (ps >= 1) popsig();
+        if (stdin != tty) fclose(tty);
+#ifdef OPENSSL_SYS_VMS
+        status = sys$dassgn(channel);
+#endif
+        return(!ok);
+        }
+
+static void pushsig(void)
+        {
+        int i;
+#ifdef SIGACTION
+        struct sigaction sa;
+
+        memset(&sa,0,sizeof sa);
+        sa.sa_handler=recsig;
+#endif
+
+        for (i=1; i<NX509_SIG; i++)
+                {
+#ifdef SIGUSR1
+                if (i == SIGUSR1)
+                        continue;
+#endif
+#ifdef SIGUSR2
+                if (i == SIGUSR2)
+                        continue;
+#endif
+#ifdef SIGACTION
+                sigaction(i,&sa,&savsig[i]);
+#else
+                savsig[i]=signal(i,recsig);
+#endif
+                }
+
+#ifdef SIGWINCH
+        signal(SIGWINCH,SIG_DFL);
+#endif
+        }
+
+static void popsig(void)
+        {
+        int i;
+
+        for (i=1; i<NX509_SIG; i++)
+                {
+#ifdef SIGUSR1
+                if (i == SIGUSR1)
+                        continue;
+#endif
+#ifdef SIGUSR2
+                if (i == SIGUSR2)
+                        continue;
+#endif
+#ifdef SIGACTION
+                sigaction(i,&savsig[i],NULL);
+#else
+                signal(i,savsig[i]);
+#endif
+                }
+        }
+
+static void recsig(int i)
+        {
+        longjmp(save,1);
+#ifdef LINT
+        i=i;
+#endif
+        }
+
+#ifdef OPENSSL_SYS_MSDOS
+static int noecho_fgets(char *buf, int size, FILE *tty)
+        {
+        int i;
+        char *p;
+
+        p=buf;
+        for (;;)
+                {
+                if (size == 0)
+                        {
+                        *p='\0';
+                        break;
+                        }
+                size--;
+#ifdef WIN16TTY
+                i=_inchar();
+#else
+                i=getch();
+#endif
+                if (i == '\r') i='\n';
+                *(p++)=i;
+                if (i == '\n')
+                        {
+                        *p='\0';
+                        break;
+                        }
+                }
+#ifdef WIN_CONSOLE_BUG
+/* Win95 has several evil console bugs: one of these is that the
+ * last character read using getch() is passed to the next read: this is
+ * usually a CR so this can be trouble. No STDIO fix seems to work but
+ * flushing the console appears to do the trick.
+ */
+                {
+                        HANDLE inh;
+                        inh = GetStdHandle(STD_INPUT_HANDLE);
+                        FlushConsoleInputBuffer(inh);
+                }
+#endif
+        return(strlen(buf));
+        }
+#endif
+#endif /* !OPENSSL_SYS_WINCE && !WIN16 */
diff --git a/src/lib/libcrypto/des/rpc_des.h b/src/lib/libcrypto/des/rpc_des.h
new file mode 100644
index 0000000000..4cbb4d2dcd
--- /dev/null
+++ b/src/lib/libcrypto/des/rpc_des.h
@@ -0,0 +1,131 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*  @(#)des.h   2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI  */
+/*
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part.  Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ * 
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ * 
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ * 
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ * 
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ * 
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California  94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN      65536   /* maximum # of bytes to encrypt  */
+#define DES_QUICKLEN    16      /* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+#undef ENCRYPT
+#undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+        unsigned char des_key[8];       /* key (with low bit parity) */
+        enum desdir des_dir;    /* direction */
+        enum desmode des_mode;  /* mode */
+        unsigned char des_ivec[8];      /* input vector */
+        unsigned des_len;       /* number of bytes to crypt */
+        union {
+                unsigned char UDES_data[DES_QUICKLEN];
+                unsigned char *UDES_buf;
+        } UDES;
+#       define des_data UDES.UDES_data  /* direct data here if quick */
+#       define des_buf  UDES.UDES_buf   /* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define DESIOCBLOCK     _IOWR(d, 6, struct desparams)
+
+/* 
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK     _IOWR(d, 7, struct desparams) 
+
diff --git a/src/lib/libcrypto/des/rpc_enc.c b/src/lib/libcrypto/des/rpc_enc.c
new file mode 100644
index 0000000000..d937d08da5
--- /dev/null
+++ b/src/lib/libcrypto/des/rpc_enc.c
@@ -0,0 +1,98 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+int _des_crypt(char *buf,int len,struct desparams *desp);
+int _des_crypt(char *buf, int len, struct desparams *desp)
+        {
+        DES_key_schedule ks;
+        int enc;
+
+        DES_set_key_unchecked(&desp->des_key,&ks);
+        enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
+
+        if (desp->des_mode == CBC)
+                DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
+                                (DES_cblock *)desp->UDES.UDES_buf,&ks,
+                                enc);
+        else
+                {
+                DES_ncbc_encrypt(desp->UDES.UDES_buf,desp->UDES.UDES_buf,
+                                len,&ks,&desp->des_ivec,enc);
+#ifdef undef
+                /* len will always be %8 if called from common_crypt
+                 * in secure_rpc.
+                 * Libdes's cbc encrypt does not copy back the iv,
+                 * so we have to do it here. */
+                /* It does now :-) eay 20/09/95 */
+
+                a=(char *)&(desp->UDES.UDES_buf[len-8]);
+                b=(char *)&(desp->des_ivec[0]);
+
+                *(a++)= *(b++); *(a++)= *(b++);
+                *(a++)= *(b++); *(a++)= *(b++);
+                *(a++)= *(b++); *(a++)= *(b++);
+                *(a++)= *(b++); *(a++)= *(b++);
+#endif
+                }
+        return(1);      
+        }
+
diff --git a/src/lib/libcrypto/des/rpw.c b/src/lib/libcrypto/des/rpw.c
new file mode 100644
index 0000000000..8a9473c4f9
--- /dev/null
+++ b/src/lib/libcrypto/des/rpw.c
@@ -0,0 +1,99 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/des.h>
+
+int main(int argc, char *argv[])
+        {
+        DES_cblock k,k1;
+        int i;
+
+        printf("read passwd\n");
+        if ((i=des_read_password(&k,"Enter password:",0)) == 0)
+                {
+                printf("password = ");
+                for (i=0; i<8; i++)
+                        printf("%02x ",k[i]);
+                }
+        else
+                printf("error %d\n",i);
+        printf("\n");
+        printf("read 2passwds and verify\n");
+        if ((i=des_read_2passwords(&k,&k1,
+                "Enter verified password:",1)) == 0)
+                {
+                printf("password1 = ");
+                for (i=0; i<8; i++)
+                        printf("%02x ",k[i]);
+                printf("\n");
+                printf("password2 = ");
+                for (i=0; i<8; i++)
+                        printf("%02x ",k1[i]);
+                printf("\n");
+                exit(1);
+                }
+        else
+                {
+                printf("error %d\n",i);
+                exit(0);
+                }
+#ifdef LINT
+        return(0);
+#endif
+        }
diff --git a/src/lib/libcrypto/des/speed.c b/src/lib/libcrypto/des/speed.c
new file mode 100644
index 0000000000..48fc1d49fc
--- /dev/null
+++ b/src/lib/libcrypto/des/speed.c
@@ -0,0 +1,310 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+#define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+
+#include <signal.h>
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+
+/* Depending on the VMS version, the tms structure is perhaps defined.
+   The __TMS macro will show if it was.  If it wasn't defined, we should
+   undefine TIMES, since that tells the rest of the program how things
+   should be handled.                           -- Richard Levitte */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+#undef TIMES
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include <openssl/des.h>
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   define HZ   100.0
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+        {
+        signal(SIGALRM,sig_done);
+        run=0;
+#ifdef LINT
+        sig=sig;
+#endif
+        }
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+        {
+        double ret;
+#ifdef TIMES
+        static struct tms tstart,tend;
+
+        if (s == START)
+                {
+                times(&tstart);
+                return(0);
+                }
+        else
+                {
+                times(&tend);
+                ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#else /* !times() */
+        static struct timeb tstart,tend;
+        long i;
+
+        if (s == START)
+                {
+                ftime(&tstart);
+                return(0);
+                }
+        else
+                {
+                ftime(&tend);
+                i=(long)tend.millitm-(long)tstart.millitm;
+                ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#endif
+        }
+
+int main(int argc, char **argv)
+        {
+        long count;
+        static unsigned char buf[BUFSIZE];
+        static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+        static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+        static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+        DES_key_schedule sch,sch2,sch3;
+        double a,b,c,d,e;
+#ifndef SIGALRM
+        long ca,cb,cc,cd,ce;
+#endif
+
+#ifndef TIMES
+        printf("To get the most accurate results, try to run this\n");
+        printf("program when this computer is idle.\n");
+#endif
+
+        DES_set_key_unchecked(&key2,&sch2);
+        DES_set_key_unchecked(&key3,&sch3);
+
+#ifndef SIGALRM
+        printf("First we calculate the approximate speed ...\n");
+        DES_set_key_unchecked(&key,&sch);
+        count=10;
+        do      {
+                long i;
+                DES_LONG data[2];
+
+                count*=2;
+                Time_F(START);
+                for (i=count; i; i--)
+                        DES_encrypt1(data,&sch,DES_ENCRYPT);
+                d=Time_F(STOP);
+                } while (d < 3.0);
+        ca=count;
+        cb=count*3;
+        cc=count*3*8/BUFSIZE+1;
+        cd=count*8/BUFSIZE+1;
+        ce=count/20+1;
+        printf("Doing set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        printf("Doing set_key for 10 seconds\n");
+        alarm(10);
+#endif
+
+        Time_F(START);
+        for (count=0,run=1; COND(ca); count++)
+                DES_set_key_unchecked(&key,&sch);
+        d=Time_F(STOP);
+        printf("%ld set_key's in %.2f seconds\n",count,d);
+        a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+        printf("Doing DES_encrypt's for 10 seconds\n");
+        alarm(10);
+#else
+        printf("Doing DES_encrypt %ld times\n",cb);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(cb); count++)
+                {
+                DES_LONG data[2];
+
+                DES_encrypt1(data,&sch,DES_ENCRYPT);
+                }
+        d=Time_F(STOP);
+        printf("%ld DES_encrypt's in %.2f second\n",count,d);
+        b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+        printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+                BUFSIZE);
+        alarm(10);
+#else
+        printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+                BUFSIZE);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(cc); count++)
+                DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch,
+                        &key,DES_ENCRYPT);
+        d=Time_F(STOP);
+        printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+                count,BUFSIZE,d);
+        c=((double)COUNT(cc)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+        printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+                BUFSIZE);
+        alarm(10);
+#else
+        printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
+                BUFSIZE);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(cd); count++)
+                DES_ede3_cbc_encrypt(buf,buf,BUFSIZE,
+                        &sch,
+                        &sch2,
+                        &sch3,
+                        &key,
+                        DES_ENCRYPT);
+        d=Time_F(STOP);
+        printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+                count,BUFSIZE,d);
+        d=((double)COUNT(cd)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+        printf("Doing crypt for 10 seconds\n");
+        alarm(10);
+#else
+        printf("Doing crypt %ld times\n",ce);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(ce); count++)
+                crypt("testing1","ef");
+        e=Time_F(STOP);
+        printf("%ld crypts in %.2f second\n",count,e);
+        e=((double)COUNT(ce))/e;
+
+        printf("set_key            per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+        printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+        printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+        printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
+        printf("crypt              per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
+        exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+        return(0);
+#endif
+        }
diff --git a/src/lib/libcrypto/des/t/test b/src/lib/libcrypto/des/t/test
new file mode 100644
index 0000000000..97acd0552e
--- /dev/null
+++ b/src/lib/libcrypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/src/lib/libcrypto/des/times/486-50.sol b/src/lib/libcrypto/des/times/486-50.sol
new file mode 100644
index 0000000000..0de62d6db3
--- /dev/null
+++ b/src/lib/libcrypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options    des ecb/s
+16 r2 i     43552.51 100.0%
+16 r1 i     43487.45  99.9%
+16  c p     43003.23  98.7%
+16 r2 p     42339.00  97.2%
+16  c i     41900.91  96.2%
+16 r1 p     41360.64  95.0%
+ 4  c i     38728.48  88.9%
+ 4  c p     38225.63  87.8%
+ 4 r1 i     38085.79  87.4%
+ 4 r2 i     37825.64  86.9%
+ 4 r2 p     34611.00  79.5%
+ 4 r1 p     31802.00  73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/src/lib/libcrypto/des/times/586-100.lnx b/src/lib/libcrypto/des/times/586-100.lnx
new file mode 100644
index 0000000000..4323914a11
--- /dev/null
+++ b/src/lib/libcrypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options    des ecb/s
+assember   281000.00 177.1%
+16 r1 p    158667.40 100.0%
+16 r1 i    148471.70  93.6%
+16 r2 p    143961.80  90.7%
+16 r2 i    141689.20  89.3%
+ 4 r1 i    140100.00  88.3%
+ 4 r2 i    134049.40  84.5%
+16  c i    124145.20  78.2%
+16  c p    121584.20  76.6%
+ 4  c i    118116.00  74.4%
+ 4 r2 p    117977.90  74.4%
+ 4  c p    114971.40  72.5%
+ 4 r1 p    114578.40  72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/src/lib/libcrypto/des/times/686-200.fre b/src/lib/libcrypto/des/times/686-200.fre
new file mode 100644
index 0000000000..7d83f6adee
--- /dev/null
+++ b/src/lib/libcrypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options    des ecb/s
+assember   578000.00 133.1%
+16 r2 i    434454.80 100.0%
+16 r1 i    433621.43  99.8%
+16 r2 p    431375.69  99.3%
+ 4 r1 i    423722.30  97.5%
+ 4 r2 i    422399.40  97.2%
+16 r1 p    421739.40  97.1%
+16  c i    399027.94  91.8%
+16  c p    372251.70  85.7%
+ 4  c i    365118.35  84.0%
+ 4  c p    352880.51  81.2%
+ 4 r2 p    255104.90  58.7%
+ 4 r1 p    251289.18  57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/src/lib/libcrypto/des/times/aix.cc b/src/lib/libcrypto/des/times/aix.cc
new file mode 100644
index 0000000000..d96b74e2ce
--- /dev/null
+++ b/src/lib/libcrypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella  Minitower Model MT604-100
+Processor        : PPC604 
+P.Speed          : 100Mhz 
+Data/Instr Cache :    16 K
+L2 Cache         :   256 K
+PCI BUS Speed    :    33 Mhz
+TransfRate PCI   :   132 MB/s
+Memory           :    96 MB
+
+options    des ecb/s       
+ 4  c p    275118.61 100.0%
+ 4  c i    273545.07  99.4%
+ 4 r2 p    270441.02  98.3%
+ 4 r1 p    253052.15  92.0%
+ 4 r2 i    240842.97  87.5%
+ 4 r1 i    240556.66  87.4%
+16  c i    224603.99  81.6%
+16  c p    224483.98  81.6%
+16 r2 p    215691.19  78.4%
+16 r1 p    208332.83  75.7%
+16 r1 i    199206.50  72.4%
+16 r2 i    198963.70  72.3%
+-DDES_PTR
+
diff --git a/src/lib/libcrypto/des/times/alpha.cc b/src/lib/libcrypto/des/times/alpha.cc
new file mode 100644
index 0000000000..95c17efae7
--- /dev/null
+++ b/src/lib/libcrypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options    des ecb/s
+ 4 r2 p    181146.14 100.0%
+16 r2 p    172102.94  95.0%
+ 4 r2 i    165424.11  91.3%
+16  c p    160468.64  88.6%
+ 4  c p    156653.59  86.5%
+ 4  c i    155245.18  85.7%
+ 4 r1 p    154729.68  85.4%
+16 r2 i    154137.69  85.1%
+16 r1 p    152357.96  84.1%
+16  c i    148743.91  82.1%
+ 4 r1 i    146695.59  81.0%
+16 r1 i    144961.00  80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/src/lib/libcrypto/des/times/hpux.cc b/src/lib/libcrypto/des/times/hpux.cc
new file mode 100644
index 0000000000..3de856ddac
--- /dev/null
+++ b/src/lib/libcrypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options    des ecb/s
+16  c i    149448.90 100.0%
+ 4  c i    145861.79  97.6%
+16 r2 i    141710.96  94.8%
+16 r1 i    139455.33  93.3%
+ 4 r2 i    138800.00  92.9%
+ 4 r1 i    136692.65  91.5%
+16 r2 p    110228.17  73.8%
+16 r1 p    109397.07  73.2%
+16  c p    109209.89  73.1%
+ 4  c p    108014.71  72.3%
+ 4 r2 p    107873.88  72.2%
+ 4 r1 p    107685.83  72.1%
+-DDES_UNROLL
+
diff --git a/src/lib/libcrypto/des/times/sparc.gcc b/src/lib/libcrypto/des/times/sparc.gcc
new file mode 100644
index 0000000000..8eaa042104
--- /dev/null
+++ b/src/lib/libcrypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options    des ecb/s
+16  c i    124382.70 100.0%
+ 4  c i    118884.68  95.6%
+16  c p    112261.20  90.3%
+16 r2 i    111777.10  89.9%
+16 r2 p    108896.30  87.5%
+16 r1 p    108791.59  87.5%
+ 4  c p    107290.10  86.3%
+ 4 r1 p    104583.80  84.1%
+16 r1 i    104206.20  83.8%
+ 4 r2 p    103709.80  83.4%
+ 4 r2 i     98306.43  79.0%
+ 4 r1 i     91525.80  73.6%
+-DDES_UNROLL
+      
diff --git a/src/lib/libcrypto/des/times/usparc.cc b/src/lib/libcrypto/des/times/usparc.cc
new file mode 100644
index 0000000000..0864285ef6
--- /dev/null
+++ b/src/lib/libcrypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I believe the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'.  For 'speed', the DES
+routines are being linked from a library.  I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+  '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+  and while it makes the des_opts numbers much slower, it makes the
+  actual 'speed' numbers look better which is a realistic version of
+  using the libraries. ]
+
+options    des ecb/s
+16 r1 p    475516.90 100.0%
+16 r2 p    439388.10  92.4%
+16  c i    427001.40  89.8%
+16  c p    419516.50  88.2%
+ 4 r2 p    409491.70  86.1%
+ 4 r1 p    404266.90  85.0%
+ 4  c p    398121.00  83.7%
+ 4  c i    370588.40  77.9%
+ 4 r1 i    362742.20  76.3%
+16 r2 i    331275.50  69.7%
+16 r1 i    324730.60  68.3%
+ 4 r2 i     63535.10  13.4%     <-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/src/lib/libcrypto/des/typemap b/src/lib/libcrypto/des/typemap
new file mode 100644
index 0000000000..a524f53634
--- /dev/null
+++ b/src/lib/libcrypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar *       T_DESCHARP
+des_cblock *    T_CBLOCK
+des_cblock      T_CBLOCK
+des_key_schedule        T_SCHEDULE
+des_key_schedule *      T_SCHEDULE
+
+INPUT
+T_CBLOCK
+        $var=(des_cblock *)SvPV($arg,len);
+        if (len < DES_KEY_SZ)
+                {
+                croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+                }
+
+T_SCHEDULE
+        $var=(des_key_schedule *)SvPV($arg,len);
+        if (len < DES_SCHEDULE_SZ)
+                {
+                croak(\"$var needs to be at least %u bytes long\",
+                        DES_SCHEDULE_SZ);
+                }
+
+OUTPUT
+T_CBLOCK
+        sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+        sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+        sv_setpvn($arg,(char *)$var,len);