72 files changed, 15331 insertions, 0 deletions

diff --git a/src/lib/libcrypto/des/COPYRIGHT b/src/lib/libcrypto/des/COPYRIGHT
new file mode 100644
index 0000000000..5469e1e469
--- /dev/null
+++ b/src/lib/libcrypto/des/COPYRIGHT
@@ -0,0 +1,50 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with MIT's libdes.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of that the SSL library.  This can be in the form of a textual
+message at program startup or in documentation (online or textual) provided
+with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed.  i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libcrypto/des/DES.pm b/src/lib/libcrypto/des/DES.pm
new file mode 100644
index 0000000000..6a175b6ca4
--- /dev/null
+++ b/src/lib/libcrypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here.  Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/src/lib/libcrypto/des/DES.xs b/src/lib/libcrypto/des/DES.xs
new file mode 100644
index 0000000000..b8050b9edf
--- /dev/null
+++ b/src/lib/libcrypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+    croak("%s not implemented on this architecture", s);
+    return -1;
+}
+
+MODULE = DES    PACKAGE = DES   PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+        char *  buf
+        char *  salt
+
+void
+des_set_odd_parity(key)
+        des_cblock *    key
+PPCODE:
+        {
+        SV *s;
+
+        s=sv_newmortal();
+        sv_setpvn(s,(char *)key,8);
+        des_set_odd_parity((des_cblock *)SvPV(s,na));
+        PUSHs(s);
+        }
+
+int
+des_is_weak_key(key)
+        des_cblock *    key
+
+des_key_schedule
+des_set_key(key)
+        des_cblock *    key
+CODE:
+        des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+        des_cblock *    input
+        des_key_schedule *      ks
+        int     encrypt
+CODE:
+        des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+        char *  input
+        des_key_schedule *      ks
+        des_cblock *    ivec
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+        char *c;
+
+        l=SvCUR(ST(0));
+        len=((((unsigned long)l)+7)/8)*8;
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(char *)SvPV(s,na);
+        des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+                l,*ks,ivec,encrypt);
+        sv_setpvn(ST(2),(char *)c[len-8],8);
+        PUSHs(s);
+        }
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+        char *  input
+        des_key_schedule *      ks1
+        des_key_schedule *      ks2
+        des_cblock *    ivec1
+        des_cblock *    ivec2
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+
+        l=SvCUR(ST(0));
+        len=((((unsigned long)l)+7)/8)*8;
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+                l,*ks1,*ks2,ivec1,ivec2,encrypt);
+        sv_setpvn(ST(3),(char *)ivec1,8);
+        sv_setpvn(ST(4),(char *)ivec2,8);
+        PUSHs(s);
+        }
+
+void
+des_cbc_cksum(input,ks,ivec)
+        char *  input
+        des_key_schedule *      ks
+        des_cblock *    ivec
+PPCODE:
+        {
+        SV *s1,*s2;
+        STRLEN len,l;
+        des_cblock c;
+        unsigned long i1,i2;
+
+        s1=sv_newmortal();
+        s2=sv_newmortal();
+        l=SvCUR(ST(0));
+        des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+                l,*ks,ivec);
+        i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+        i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+        sv_setiv(s1,i1);
+        sv_setiv(s2,i2);
+        sv_setpvn(ST(2),(char *)c,8);
+        PUSHs(s1);
+        PUSHs(s2);
+        }
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+        char *  input
+        int     numbits
+        des_key_schedule *      ks
+        des_cblock *    ivec
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len;
+        char *c;
+
+        len=SvCUR(ST(0));
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(char *)SvPV(s,na);
+        des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+                (int)numbits,(long)len,*ks,ivec,encrypt);
+        sv_setpvn(ST(3),(char *)ivec,8);
+        PUSHs(s);
+        }
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+        des_cblock *    input
+        des_key_schedule *      ks1
+        des_key_schedule *      ks2
+        int     encrypt
+CODE:
+        {
+        des_cblock c;
+
+        des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+                *ks1,*ks2,encrypt);
+        RETVAL= &c;
+        }
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+        unsigned char * input
+        int     numbits
+        des_key_schedule *      ks
+        des_cblock *    ivec
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+        unsigned char *c;
+
+        len=SvCUR(ST(0));
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(unsigned char *)SvPV(s,na);
+        des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+                numbits,len,*ks,ivec);
+        sv_setpvn(ST(3),(char *)ivec,8);
+        PUSHs(s);
+        }
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+        char *  input
+        des_key_schedule *      ks
+        des_cblock *    ivec
+        int     encrypt
+PPCODE:
+        {
+        SV *s;
+        STRLEN len,l;
+        char *c;
+
+        l=SvCUR(ST(0));
+        len=((((unsigned long)l)+7)/8)*8;
+        s=sv_newmortal();
+        sv_setpvn(s,"",0);
+        SvGROW(s,len);
+        SvCUR_set(s,len);
+        c=(char *)SvPV(s,na);
+        des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+                l,*ks,ivec,encrypt);
+        sv_setpvn(ST(2),(char *)c[len-8],8);
+        PUSHs(s);
+        }
+
+des_cblock *
+des_random_key()
+CODE:
+        {
+        des_cblock c;
+
+        des_random_key(c);
+        RETVAL=&c;
+        }
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char *  str
+CODE:
+        {
+        des_cblock c;
+
+        des_string_to_key(str,&c);
+        RETVAL=&c;
+        }
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char *  str
+PPCODE:
+        {
+        des_cblock c1,c2;
+        SV *s1,*s2;
+
+        des_string_to_2keys(str,&c1,&c2);
+        EXTEND(sp,2);
+        s1=sv_newmortal();
+        sv_setpvn(s1,(char *)c1,8);
+        s2=sv_newmortal();
+        sv_setpvn(s2,(char *)c2,8);
+        PUSHs(s1);
+        PUSHs(s2);
+        }
diff --git a/src/lib/libcrypto/des/FILES b/src/lib/libcrypto/des/FILES0
index 4c7ea2de7a..4c7ea2de7a 100644
--- a/src/lib/libcrypto/des/FILES
+++ b/src/lib/libcrypto/des/FILES0
diff --git a/src/lib/libcrypto/des/INSTALL b/src/lib/libcrypto/des/INSTALL
new file mode 100644
index 0000000000..8aebdfe110
--- /dev/null
+++ b/src/lib/libcrypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt.  For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevant option in the Makefile.
+
+There are some special Makefile targets that make life easier.
+make cc         - standard cc build
+make gcc        - standard gcc build
+make x86-elf    - x86 assembler (elf), linux-elf.
+make x86-out    - x86 assembler (a.out), FreeBSD
+make x86-solaris- x86 assembler
+make x86-bsdi   - x86 assembler (a.out with primative assembler).
+
+If at all possible use the assembler (for Windows NT/95, use
+asm/win32.obj to link with).  The x86 assembler is very very fast.
+
+A make install will by default install
+libdes.a      in /usr/local/lib/libdes.a
+des           in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man       in /usr/local/man/man1/des.1
+des.h         in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace.  Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order.  It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/src/lib/libcrypto/des/Imakefile b/src/lib/libcrypto/des/Imakefile
new file mode 100644
index 0000000000..1b9b5629e1
--- /dev/null
+++ b/src/lib/libcrypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS=   cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+        qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+        enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+        ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS=   cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+        qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+        enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+        ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+        vms.com KERBEROS
+DES=    des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL=   des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE=    $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/src/lib/libcrypto/des/KERBEROS b/src/lib/libcrypto/des/KERBEROS
new file mode 100644
index 0000000000..f401b10014
--- /dev/null
+++ b/src/lib/libcrypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+   but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones.  It can be found on
+   gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+   and
+   nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+   3.00 or greater (libdes.tar.93-10-07.Z).  This versions differences
+   from the version in comp.sources.misc volume 29 patchlevel2.
+   The primarily difference is that it should compile under kerberos :-).
+   It can be found at.
+   ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig        Fri Jul  3 04:18:35 1987
+--- make_commands.c     Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+       if (!rename(o_file, z_file)) {
+          if (!vfork()) {
+               chdir("/tmp");
+!              execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+                     z_file+5, 0);
+               perror("/bin/ld");
+               _exit(1);
+--- 98,104 ----
+       if (!rename(o_file, z_file)) {
+          if (!vfork()) {
+               chdir("/tmp");
+!              execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+                     z_file+5, 0);
+               perror("/bin/ld");
+               _exit(1);
diff --git a/src/lib/libcrypto/des/Makefile b/src/lib/libcrypto/des/Makefile
new file mode 100644
index 0000000000..523dfe38f2
--- /dev/null
+++ b/src/lib/libcrypto/des/Makefile
@@ -0,0 +1,292 @@
+#
+# OpenSSL/crypto/des/Makefile
+#
+
+DIR=    des
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+RANLIB=         ranlib
+DES_ENC=        des_enc.o fcrypt_b.o
+# or use
+#DES_ENC=       dx86-elf.o yx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+        ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+        fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+        qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+        des_enc.c fcrypt_b.c \
+        xcbc_enc.c \
+        str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+        read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+        ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+        enc_read.o enc_writ.o ofb64enc.o \
+        ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+        ${DES_ENC} \
+        fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+        ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER= des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+        $(AR) $(LIB) $(LIBOBJ)
+        $(RANLIB) $(LIB) || echo Never mind.
+        @touch lib
+
+des: des.o cbc3_enc.o lib
+        $(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+des_enc-sparc.S:        asm/des_enc.m4
+        m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
+
+# ELF
+dx86-elf.s:     asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl elf $(CFLAGS) > ../$@)
+yx86-elf.s:     asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) crypt586.pl elf $(CFLAGS) > ../$@)
+# COFF
+dx86-cof.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl coff $(CFLAGS) > ../$@)
+yx86-cof.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) crypt586.pl coff $(CFLAGS) > ../$@)
+# a.out
+dx86-out.s: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) des-586.pl a.out $(CFLAGS) > ../$@)
+yx86-out.s: asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+        (cd asm; $(PERL) crypt586.pl a.out $(CFLAGS) > ../$@)
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+        @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+        @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+        @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+        do  \
+        (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+        chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+        done;
+
+tags:
+        ctags $(SRC)
+
+tests:
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+        $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../e_os.h ../../include/openssl/des.h
+cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/des.h
+cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h
+cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_enc.o: des_enc.c des_locl.h ncbc_enc.c
+des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old2.o: ../../include/openssl/ui_compat.h des_old2.c
+ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
+ecb_enc.o: spr.h
+ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ede_cbcm_enc.o: ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h
+enc_read.o: enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt.o: des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb_enc.o: des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rand_key.o: ../../include/openssl/ui_compat.h rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c
+rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
+set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+set_key.o: des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+str2key.o: des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/src/lib/libcrypto/des/README b/src/lib/libcrypto/des/README
new file mode 100644
index 0000000000..621a5ab467
--- /dev/null
+++ b/src/lib/libcrypto/des/README
@@ -0,0 +1,54 @@
+
+                libdes, Version 4.01 10-Jan-97
+
+                Copyright (c) 1997, Eric Young
+                          All rights reserved.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms specified in COPYRIGHT.
+    
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay.  Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command.  I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336).  It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+  ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/src/lib/libcrypto/des/VERSION b/src/lib/libcrypto/des/VERSION
new file mode 100644
index 0000000000..c7d01542bc
--- /dev/null
+++ b/src/lib/libcrypto/des/VERSION
@@ -0,0 +1,412 @@
+        Fixed the weak key values which were wrong :-(
+        Defining SIGACTION causes sigaction() to be used instead of signal().
+        SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
+        can cause problems.  This should hopefully not affect normal
+        applications.
+
+Version 4.04
+        Fixed a few tests in destest.  Also added x86 assember for
+        des_ncbc_encrypt() which is the standard cbc mode function.
+        This makes a very very large performace difference.
+        Ariel Glenn ariel@columbia.edu reports that the terminal
+        'turn echo off' can return (errno == EINVAL) under solaris
+        when redirection is used.  So I now catch that as well as ENOTTY.
+
+
+Version 4.03
+        Left a static out of enc_write.c, which caused to buffer to be
+        continiously malloc()ed.  Does anyone use these functions?  I keep
+        on feeling like removing them since I only had these in there
+        for a version of kerberised login.  Anyway, this was pointed out
+        by Theo de Raadt <deraadt@cvs.openbsd.org>
+        The 'n' bit ofb code was wrong, it was not shifting the shift
+        register. It worked correctly for n == 64.  Thanks to
+        Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
+
+Version 4.02
+        I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
+        when checking for weak keys which is wrong :-(, pointed out by
+        Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+        Even faster inner loop in the DES assembler for x86 and a modification
+        for IP/FP which is faster on x86.  Both of these changes are
+        from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
+        changes make the assembler run %40 faster on a pentium.  This is just
+        a case of getting the instruction sequence 'just right'.
+        All credit to 'Svend' :-)
+        Quite a few special x86 'make' targets.
+        A libdes-l (lite) distribution.
+
+Version 4.00
+        After a bit of a pause, I'll up the major version number since this
+        is mostly a performace release.  I've added x86 assembler and
+        added more options for performance.  A %28 speedup for gcc 
+        on a pentium and the assembler is a %50 speedup.
+        MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+        Run des_opts to work out which options should be used.
+        DES_RISC1/DES_RISC2 use alternative inner loops which use
+        more registers but should give speedups on any CPU that does
+        dual issue (pentium).  DES_UNROLL unrolls the inner loop,
+        which costs in code size.
+
+Version 3.26
+        I've finally removed one of the shifts in D_ENCRYPT.  This
+        meant I've changed the des_SPtrans table (spr.h), the set_key()
+        function and some things in des_enc.c.  This has definitly
+        made things faster :-).  I've known about this one for some
+        time but I've been too lazy to follow it up :-).
+        Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+        instead of L^=((..)|(..)|(..)..  This should save a register at
+        least.
+        Assember for x86.  The file to replace is des_enc.c, which is replaced
+        by one of the assembler files found in asm.  Look at des/asm/readme
+        for more info.
+
+        /* Modification to fcrypt so it can be compiled to support
+        HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+        Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+        SIGWINCH case put in des_read_passwd() so the function does not
+        'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+        Modified read_pwd.c so that stdin can be read if not a tty.
+        Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+        des_init_random_number_generator() shortened due to VMS linker
+        limits.
+        Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
+        8 byte quantites xored before and after encryption.
+        des_xcbc_encryption() - the name is funny to preserve the des_
+        prefix on all functions.
+
+Version 3.24 20/04/96
+        The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+        Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
+        it gives a %20 speedup :-)
+        Fixed the problem with des.pl under perl5.  The patches were
+        sent by Ed Kubaitis (ejk@uiuc.edu).
+        if fcrypt.c, changed values to handle illegal salt values the way
+        normal crypt() implementations do.  Some programs apparently use
+        them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+        Bug in des(1), an error with the uuencoding stuff when the
+        'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+        for the patch.
+
+Version 3.21 22/11/95
+        After some emailing back and forth with 
+        Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+        and in a future version I will probably put in some of the
+        optimisation he suggested for use with the DES_USE_PTR option.
+        Extra routines from Mark Murray <mark@grondar.za> for use in
+        freeBSD.  They mostly involve random number generation for use
+        with kerberos.  They involve evil machine specific system calls
+        etc so I would normally suggest pushing this stuff into the
+        application and/or using RAND_seed()/RAND_bytes() if you are
+        using this DES library as part of SSLeay.
+        Redone the read_pw() function so that it is cleaner and
+        supports termios, thanks to Sameer Parekh <sameer@c2.org>
+        for the initial patches for this.
+        Renamed 3ecb_encrypt() to ecb3_encrypt().  This has been
+         done just to make things more consistent.
+        I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+        Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+        my des_random_seed() function was only copying 4 bytes of the
+        passed seed into the init structure.  It is now fixed to copy 8.
+        My own suggestion is to used something like MD5 :-)
+
+Version 3.19 
+        While looking at my code one day, I though, why do I keep on
+        calling des_encrypt(in,out,ks,enc) when every function that
+        calls it has in and out the same.  So I dropped the 'out'
+        parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+        Fixed a few bit with the distribution and the filenames.
+        3.17 had been munged via a move to DOS and back again.
+        NO CODE CHANGES
+
+Version 3.17 14/07/95
+        Fixed ede3 cbc which I had broken in 3.16.  I have also
+        removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+        Added des_encrypt2() which does not use IP/FP, used by triple
+        des routines.  Tweaked things a bit elsewhere. %13 speedup on
+        sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+        Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+        'normal' and copies the new iv value back over the top of the
+        passed parameter.
+        CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+        the iv.  THIS WILL BREAK EXISTING CODE, but since this function
+        only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+        I need to update the documentation.
+
+Version 3.14 31/05/95
+        New release upon the world, as part of my SSL implementation.
+        New copyright and usage stuff.  Basically free for all to use
+        as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+        A fix in speed.c, if HZ is not defined, I set it to 100.0
+        which is reasonable for most unixes except SunOS 4.x.
+        I now have a #ifdef sun but timing for SunOS 4.x looked very
+        good :-(.  At my last job where I used SunOS 4.x, it was
+        defined to be 60.0 (look at the old INSTALL documentation), at
+        the last release had it changed to 100.0 since I now work with
+        Solaris2 and SVR4 boxes.
+        Thanks to  Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+        one out.
+
+Version 3.12 08/05/95
+        As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+        my D_ENCRYPT macro in crypt() had an un-necessary variable.
+        It has been removed.
+
+Version 3.11 03/05/95
+        Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+        and one iv.  It is a standard and I needed it for my SSL code.
+        It makes more sense to use this for triple DES than
+        3cbc_encrypt().  I have also added (or should I say tested :-)
+        cfb64_encrypt() which is cfb64 but it will encrypt a partial
+        number of bytes - 3 bytes in 3 bytes out.  Again this is for
+        my SSL library, as a form of encryption to use with SSL
+        telnet.
+
+Version 3.10 22/03/95
+        Fixed a bug in 3cbc_encrypt() :-(.  When making repeated calls
+        to cbc3_encrypt, the 2 iv values that were being returned to
+        be used in the next call were reversed :-(.
+        Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+        this error.
+
+Version 3.09 01/02/95
+        Fixed des_random_key to far more random, it was rather feeble
+        with regards to picking the initial seed.  The problem was
+        pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+        Added Makefile.PL so libdes can be built into perl5.
+        Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+        Added GNUmake and stuff so the library can be build with
+        glibc.
+
+Version 3.06 30/08/94
+        Added rpc_enc.c which contains _des_crypt.  This is for use in
+        secure_rpc v 4.0
+        Finally fixed the cfb_enc problems.
+        Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+        to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+        for unsigned long l; gcc does not produce ((l>>34) == 0)
+        This causes bugs in cfb_enc.
+        Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+        Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+        Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+        I now work in a place where there are 6+ architectures and 14+
+        OS versions :-).
+        Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+        Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+        Fixed up documentation.
+        quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+        Triple DES now defaults to triple cbc but can do triple ecb
+         with the -b flag.
+        Fixed some MSDOS uuen/uudecoding problems, thanks to
+        Added prototypes.
+        
+Version 2.22 29/06/93
+        Fixed a bug in des_is_weak_key() which stopped it working :-(
+        thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+        des(1) with no arguments gives quite a bit of help.
+        Added -c (generate ckecksum) flag to des(1).
+        Added -3 (triple DES) flag to des(1).
+        Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+        Added -u (uuencode) flag to des(1).
+        I have been playing with byte order in quad_cksum to make it
+         compatible with MIT's version.  All I can say is avid this
+         function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+        Added MSDOS specific macro in ecb_encrypt which gives a %70
+         speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+        Speedup in set_key (recoding of PC-1)
+         I now do it in 47 simple operations, down from 60.
+         Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+         for motivating me to look for a faster system :-)
+         The speedup is probably less that 1% but it is still 13
+         instructions less :-).
+
+Version 2.10 06/10/92
+        The code now works on the 64bit ETA10 and CRAY without modifications or
+         #defines.  I believe the code should work on any machine that
+         defines long, int or short to be 8 bytes long.
+        Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+         for helping me fix the code to run on 64bit machines (he had
+         access to an ETA10).
+        Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+         for testing the routines on a CRAY.
+        read_password.c has been renamed to read_passwd.c
+        string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+        Made mods so that the library should work on 64bit CPU's.
+        Removed all my uchar and ulong defs.  To many different
+         versions of unix define them in their header files in too many
+         different combinations :-)
+        IRIX - Sillicon Graphics mods (mostly in read_password.c).
+         Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+        Fixed a bug or 2 in enc_read.c
+        Fixed a bug in enc_write.c
+        Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+        Support for the ETA10.  This is a strange machine that defines
+        longs and ints as 8 bytes and shorts as 4 bytes.
+        Since I do evil things with long * that assume that they are 4
+        bytes.  Look in the Makefile for the option to compile for
+        this machine.  quad_cksum appears to have problems but I
+        will don't have the time to fix it right now, and this is not
+        a function that uses DES and so will not effect the main uses
+        of the library.
+
+Version 1.97 20/05/92 eay
+        Fixed the Imakefile and made some changes to des.h to fix some
+        problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+        Fixed a small bug in string_to_key() where problems could
+        occur if des_check_key was set to true and the string
+        generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+        Added an alternative version of the D_ENCRYPT macro in
+        ecb_encrypt and fcrypt.  Depending on the compiler, one version or the
+        other will be faster.  This was inspired by 
+        Dana How <how@isl.stanford.edu>, and her pointers about doing the
+        *(ulong *)((uchar *)ptr+(value&0xfc))
+        vs
+        ptr[value&0x3f]
+        to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+        Fixed an incompatibility between my string_to_key and the MIT
+         version.  When the key is longer than 8 chars, I was wrapping
+         with a different method.  To use the old version, define
+         OLD_STR_TO_KEY in the makefile.  Thanks to
+         viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+        Fixed the VMS mods so that echo is now turned off in
+         read_password.  Thanks again to brennan@coco.cchs.su.oz.AU.
+        MSDOS support added.  The routines can be compiled with
+         Turbo C (v2.0) and MSC (v5.1).  Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+        Changed D_ENCRYPT so that the rotation of R occurs outside of
+         the loop.  This required rotating all the longs in sp.h (now
+         called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+        speed.c has been changed so it will work without SIGALRM.  If
+         times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+        Added -E/-D options to des(1) so it can use string_to_key.
+        Added SVR4 mods suggested by witr@rwwa.COM
+        Added VMS mods suggested by brennan@coco.cchs.su.oz.AU.  If
+        anyone knows how to turn of tty echo in VMS please tell me or
+        implement it yourself :-).
+        Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+        does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+        Now contains a fast small crypt replacement.
+        Added des(1) command.
+        Added des_rw_mode so people can use cbc encryption with
+        enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+        Bug in cbc_cksum.
+        Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+        one out.
+
+Version 1.7 24/09/91 eay
+        Fixed set_key :-)
+        set_key is 4 times faster and takes less space.
+        There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+        Finally go IP and FP finished.
+        Now I need to fix set_key.
+        This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+        20% speedup in ecb_encrypt by changing the E bit selection
+        to use 2 32bit words.  This also required modification of the
+        sp table.  There is still a way to speedup the IP and IP-1
+        (hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+        Faster des_encrypt by loop unrolling
+        Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+        Optimised the code a bit more for the sparc.  I have improved the
+        speed of the inner des_encrypt by speeding up the initial and
+        final permutations.
+
+Version 1.40 23/10/1990 eay
+        Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30  2/10/1990 eay
+        Have made des_quad_cksum the same as MIT's, the full package
+        should be compatible with MIT's
+        Have tested on a DECstation 3100
+        Still need to fix des_set_key (make it faster).
+        Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+        Fixed byte order dependencies.
+        Fixed (I hope) all the word alignment problems.
+        Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+        Added des_enc_read and des_enc_write.
+        Still need to fix des_quad_cksum.
+        Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl
new file mode 100644
index 0000000000..1d04ed6def
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/crypt586.pl
@@ -0,0 +1,208 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+# I've added the stuff needed for crypt() but I've not worried about making
+# things perfect.
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"crypt586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("DES_SPtrans");
+&fcrypt_body("fcrypt_body");
+&asm_finish();
+
+sub fcrypt_body
+        {
+        local($name,$do_ip)=@_;
+
+        &function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
+
+        &comment("");
+        &comment("Load the 2 words");
+        $trans="ebp";
+
+        &xor(   $L,     $L);
+        &xor(   $R,     $R);
+
+        # PIC-ification:-)
+        &picmeup("edx","DES_SPtrans");
+        #if ($cpp)      { &picmeup("edx","DES_SPtrans");   }
+        #else           { &lea("edx",&DWP("DES_SPtrans")); }
+        &push("edx");   # becomes &swtmp(1)
+        #
+        &mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT
+
+        &push(&DWC(25)); # add a variable
+
+        &set_label("start");
+        for ($i=0; $i<16; $i+=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
+
+                &comment("");
+                &comment("Round ".sprintf("%d",$i+1));
+                &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
+                }
+         &mov("ebx",    &swtmp(0));
+        &mov("eax",     $L);
+         &dec("ebx");
+        &mov($L,        $R);
+         &mov($R,       "eax");
+        &mov(&swtmp(0), "ebx");
+         &jnz(&label("start"));
+
+        &comment("");
+        &comment("FP");
+        &mov("edx",&wparam(0));
+
+        &FP_new($R,$L,"eax",3);
+        &mov(&DWP(0,"edx","",0),"eax");
+        &mov(&DWP(4,"edx","",0),$L);
+
+        &add("esp",8);  # remove variables
+
+        &function_end($name);
+        }
+
+sub D_ENCRYPT
+        {
+        local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
+
+        &mov(   $u,             &wparam(2));                    # 2
+        &mov(   $t,             $R);
+        &shr(   $t,             16);                            # 1
+        &mov(   $tmp2,          &wparam(3));                    # 2
+        &xor(   $t,             $R);                            # 1
+
+        &and(   $u,             $t);                            # 2
+        &and(   $t,             $tmp2);                         # 2
+
+        &mov(   $tmp1,          $u);
+        &shl(   $tmp1,          16);                            # 1
+        &mov(   $tmp2,          $t);
+        &shl(   $tmp2,          16);                            # 1
+        &xor(   $u,             $tmp1);                         # 2
+        &xor(   $t,             $tmp2);                         # 2
+        &mov(   $tmp1,          &DWP(&n2a($S*4),$trans,"",0));  # 2
+        &xor(   $u,             $tmp1);
+        &mov(   $tmp2,          &DWP(&n2a(($S+1)*4),$trans,"",0));      # 2
+        &xor(   $u,             $R);
+        &xor(   $t,             $R);
+        &xor(   $t,             $tmp2);
+
+        &and(   $u,             "0xfcfcfcfc"    );              # 2
+        &xor(   $tmp1,          $tmp1);                         # 1
+        &and(   $t,             "0xcfcfcfcf"    );              # 2
+        &xor(   $tmp2,          $tmp2); 
+        &movb(  &LB($tmp1),     &LB($u) );
+        &movb(  &LB($tmp2),     &HB($u) );
+        &rotr(  $t,             4               );
+        &mov(   $trans,         &swtmp(1));
+        &xor(   $L,             &DWP("     ",$trans,$tmp1,0));
+        &movb(  &LB($tmp1),     &LB($t) );
+        &xor(   $L,             &DWP("0x200",$trans,$tmp2,0));
+        &movb(  &LB($tmp2),     &HB($t) );
+        &shr(   $u,             16);
+        &xor(   $L,             &DWP("0x100",$trans,$tmp1,0));
+        &movb(  &LB($tmp1),     &HB($u) );
+        &shr(   $t,             16);
+        &xor(   $L,             &DWP("0x300",$trans,$tmp2,0));
+        &movb(  &LB($tmp2),     &HB($t) );
+        &and(   $u,             "0xff"  );
+        &and(   $t,             "0xff"  );
+        &mov(   $tmp1,          &DWP("0x600",$trans,$tmp1,0));
+        &xor(   $L,             $tmp1);
+        &mov(   $tmp1,          &DWP("0x700",$trans,$tmp2,0));
+        &xor(   $L,             $tmp1);
+        &mov(   $tmp1,          &DWP("0x400",$trans,$u,0));
+        &xor(   $L,             $tmp1);
+        &mov(   $tmp1,          &DWP("0x500",$trans,$t,0));
+        &xor(   $L,             $tmp1);
+        &mov(   $trans,         &wparam(1));
+        }
+
+sub n2a
+        {
+        sprintf("%d",$_[0]);
+        }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+        {
+        local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+        &rotl(  $a,             $shift          ) if ($shift != 0);
+        &mov(   $tt,            $a              );
+        &xor(   $a,             $b              );
+        &and(   $a,             $mask           );
+        if ($notlast eq $b)
+                {
+                &xor(   $b,             $a              );
+                &xor(   $tt,            $a              );
+                }
+        else
+                {
+                &xor(   $tt,            $a              );
+                &xor(   $b,             $a              );
+                }
+        &comment("");
+        }
+
+sub IP_new
+        {
+        local($l,$r,$tt,$lr)=@_;
+
+        &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+        &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+        &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+        &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+        &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+        
+        if ($lr != 3)
+                {
+                if (($lr-3) < 0)
+                        { &rotr($tt,    3-$lr); }
+                else    { &rotl($tt,    $lr-3); }
+                }
+        if ($lr != 2)
+                {
+                if (($lr-2) < 0)
+                        { &rotr($r,     2-$lr); }
+                else    { &rotl($r,     $lr-2); }
+                }
+        }
+
+sub FP_new
+        {
+        local($l,$r,$tt,$lr)=@_;
+
+        if ($lr != 2)
+                {
+                if (($lr-2) < 0)
+                        { &rotl($r,     2-$lr); }
+                else    { &rotr($r,     $lr-2); }
+                }
+        if ($lr != 3)
+                {
+                if (($lr-3) < 0)
+                        { &rotl($l,     3-$lr); }
+                else    { &rotr($l,     $lr-3); }
+                }
+
+        &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+        &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+        &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+        &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+        &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+        &rotr($tt       , 4);
+        }
+
diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl
new file mode 100644
index 0000000000..60d577cc8d
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/des-586.pl
@@ -0,0 +1,255 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+require "desboth.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+&asm_init($ARGV[0],"des-586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("DES_SPtrans");
+&DES_encrypt("DES_encrypt1",1);
+&DES_encrypt("DES_encrypt2",0);
+
+if (!$main'openbsd)
+        {
+        &DES_encrypt3("DES_encrypt3",1);
+        &DES_encrypt3("DES_decrypt3",0);
+        &cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
+        &cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+        }
+
+&asm_finish();
+
+sub DES_encrypt
+        {
+        local($name,$do_ip)=@_;
+
+        &function_begin_B($name,"EXTRN   _DES_SPtrans:DWORD");
+
+        &push("esi");
+        &push("edi");
+
+        &comment("");
+        &comment("Load the 2 words");
+        $trans="ebp";
+
+        if ($do_ip)
+                {
+                &mov($R,&wparam(0));
+                 &xor(  "ecx",          "ecx"           );
+
+                &push("ebx");
+                &push("ebp");
+
+                &mov("eax",&DWP(0,$R,"",0));
+                 &mov("ebx",&wparam(2));        # get encrypt flag
+                &mov($L,&DWP(4,$R,"",0));
+                &comment("");
+                &comment("IP");
+                &IP_new("eax",$L,$R,3);
+                }
+        else
+                {
+                &mov("eax",&wparam(0));
+                 &xor(  "ecx",          "ecx"           );
+
+                &push("ebx");
+                &push("ebp");
+
+                &mov($R,&DWP(0,"eax","",0));
+                 &mov("ebx",&wparam(2));        # get encrypt flag
+                &rotl($R,3);
+                &mov($L,&DWP(4,"eax","",0));
+                &rotl($L,3);
+                }
+
+        # PIC-ification:-)
+        &picmeup($trans,"DES_SPtrans");
+        #if ($cpp)      { &picmeup($trans,"DES_SPtrans");   }
+        #else           { &lea($trans,&DWP("DES_SPtrans")); }
+
+        &mov(   "ecx",  &wparam(1)      );
+        &cmp("ebx","0");
+        &je(&label("start_decrypt"));
+
+        for ($i=0; $i<16; $i+=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
+
+                &comment("");
+                &comment("Round ".sprintf("%d",$i+1));
+                &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
+                }
+        &jmp(&label("end"));
+
+        &set_label("start_decrypt");
+
+        for ($i=15; $i>0; $i-=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
+                &comment("");
+                &comment("Round ".sprintf("%d",$i-1));
+                &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx");
+                }
+
+        &set_label("end");
+
+        if ($do_ip)
+                {
+                &comment("");
+                &comment("FP");
+                &mov("edx",&wparam(0));
+                &FP_new($L,$R,"eax",3);
+
+                &mov(&DWP(0,"edx","",0),"eax");
+                &mov(&DWP(4,"edx","",0),$R);
+                }
+        else
+                {
+                &comment("");
+                &comment("Fixup");
+                &rotr($L,3);            # r
+                 &mov("eax",&wparam(0));
+                &rotr($R,3);            # l
+                 &mov(&DWP(0,"eax","",0),$L);
+                 &mov(&DWP(4,"eax","",0),$R);
+                }
+
+        &pop("ebp");
+        &pop("ebx");
+        &pop("edi");
+        &pop("esi");
+        &ret();
+
+        &function_end_B($name);
+        }
+
+sub D_ENCRYPT
+        {
+        local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
+
+         &mov(  $u,             &DWP(&n2a($S*4),$tmp2,"",0));
+        &xor(   $tmp1,          $tmp1);
+         &mov(  $t,             &DWP(&n2a(($S+1)*4),$tmp2,"",0));
+        &xor(   $u,             $R);
+        &xor(   $tmp2,          $tmp2);
+         &xor(  $t,             $R);
+        &and(   $u,             "0xfcfcfcfc"    );
+         &and(  $t,             "0xcfcfcfcf"    );
+        &movb(  &LB($tmp1),     &LB($u) );
+         &movb( &LB($tmp2),     &HB($u) );
+        &rotr(  $t,             4               );
+        &xor(   $L,             &DWP("     ",$trans,$tmp1,0));
+         &movb( &LB($tmp1),     &LB($t) );
+         &xor(  $L,             &DWP("0x200",$trans,$tmp2,0));
+         &movb( &LB($tmp2),     &HB($t) );
+        &shr(   $u,             16);
+         &xor(  $L,             &DWP("0x100",$trans,$tmp1,0));
+         &movb( &LB($tmp1),     &HB($u) );
+        &shr(   $t,             16);
+         &xor(  $L,             &DWP("0x300",$trans,$tmp2,0));
+        &movb(  &LB($tmp2),     &HB($t) );
+         &and(  $u,             "0xff"  );
+        &and(   $t,             "0xff"  );
+         &xor(  $L,             &DWP("0x600",$trans,$tmp1,0));
+         &xor(  $L,             &DWP("0x700",$trans,$tmp2,0));
+        &mov(   $tmp2,          &wparam(1)      );
+         &xor(  $L,             &DWP("0x400",$trans,$u,0));
+         &xor(  $L,             &DWP("0x500",$trans,$t,0));
+        }
+
+sub n2a
+        {
+        sprintf("%d",$_[0]);
+        }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+        {
+        local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+        &rotl(  $a,             $shift          ) if ($shift != 0);
+        &mov(   $tt,            $a              );
+        &xor(   $a,             $b              );
+        &and(   $a,             $mask           );
+        # This can never succeed, and besides it is difficult to see what the
+        # idea was - Ben 13 Feb 99
+        if (!$last eq $b)
+                {
+                &xor(   $b,             $a              );
+                &xor(   $tt,            $a              );
+                }
+        else
+                {
+                &xor(   $tt,            $a              );
+                &xor(   $b,             $a              );
+                }
+        &comment("");
+        }
+
+sub IP_new
+        {
+        local($l,$r,$tt,$lr)=@_;
+
+        &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+        &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+        &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+        &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+        &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+        
+        if ($lr != 3)
+                {
+                if (($lr-3) < 0)
+                        { &rotr($tt,    3-$lr); }
+                else    { &rotl($tt,    $lr-3); }
+                }
+        if ($lr != 2)
+                {
+                if (($lr-2) < 0)
+                        { &rotr($r,     2-$lr); }
+                else    { &rotl($r,     $lr-2); }
+                }
+        }
+
+sub FP_new
+        {
+        local($l,$r,$tt,$lr)=@_;
+
+        if ($lr != 2)
+                {
+                if (($lr-2) < 0)
+                        { &rotl($r,     2-$lr); }
+                else    { &rotr($r,     $lr-2); }
+                }
+        if ($lr != 3)
+                {
+                if (($lr-3) < 0)
+                        { &rotl($l,     3-$lr); }
+                else    { &rotr($l,     $lr-3); }
+                }
+
+        &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+        &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+        &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+        &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+        &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+        &rotr($tt       , 4);
+        }
+
diff --git a/src/lib/libcrypto/des/asm/des686.pl b/src/lib/libcrypto/des/asm/des686.pl
new file mode 100644
index 0000000000..d3ad5d5edd
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/des686.pl
@@ -0,0 +1,230 @@
+#!/usr/local/bin/perl
+
+$prog="des686.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if (    ($ARGV[0] eq "elf"))
+        { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+        { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+        { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+        { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+        { require "x86ms.pl"; }
+else
+        {
+        print STDERR <<"EOF";
+Pick one target type from
+        elf     - linux, FreeBSD etc
+        a.out   - old linux
+        sol     - x86 solaris
+        cpp     - format so x86unix.cpp can be used
+        win32   - Windows 95/Windows NT
+EOF
+        exit(1);
+        }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&DES_encrypt("DES_encrypt1",1);
+&DES_encrypt("DES_encrypt2",0);
+
+&DES_encrypt3("DES_encrypt3",1);
+&DES_encrypt3("DES_decrypt3",0);
+
+&file_end();
+
+sub DES_encrypt
+        {
+        local($name,$do_ip)=@_;
+
+        &function_begin($name,"EXTRN   _DES_SPtrans:DWORD");
+
+        &comment("");
+        &comment("Load the 2 words");
+        &mov("eax",&wparam(0));
+        &mov($L,&DWP(0,"eax","",0));
+        &mov($R,&DWP(4,"eax","",0));
+
+        $ksp=&wparam(1);
+
+        if ($do_ip)
+                {
+                &comment("");
+                &comment("IP");
+                &IP_new($L,$R,"eax");
+                }
+
+        &comment("");
+        &comment("fixup rotate");
+        &rotl($R,3);
+        &rotl($L,3);
+        &exch($L,$R);
+
+        &comment("");
+        &comment("load counter, key_schedule and enc flag");
+        &mov("eax",&wparam(2)); # get encrypt flag
+        &mov("ebp",&wparam(1)); # get ks
+        &cmp("eax","0");
+        &je(&label("start_decrypt"));
+
+        # encrypting part
+
+        for ($i=0; $i<16; $i+=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+
+                &comment("");
+                &comment("Round ".sprintf("%d",$i+1));
+                &D_ENCRYPT($R,$L,($i+1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+                }
+        &jmp(&label("end"));
+
+        &set_label("start_decrypt");
+
+        for ($i=15; $i>0; $i-=2)
+                {
+                &comment("");
+                &comment("Round $i");
+                &D_ENCRYPT($L,$R,$i*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+                &comment("");
+                &comment("Round ".sprintf("%d",$i-1));
+                &D_ENCRYPT($R,$L,($i-1)*2,"ebp","DES_SPtrans","ecx","edx","eax","ebx");
+                }
+
+        &set_label("end");
+
+        &comment("");
+        &comment("Fixup");
+        &rotr($L,3);            # r
+        &rotr($R,3);            # l
+
+        if ($do_ip)
+                {
+                &comment("");
+                &comment("FP");
+                &FP_new($R,$L,"eax");
+                }
+
+        &mov("eax",&wparam(0));
+        &mov(&DWP(0,"eax","",0),$L);
+        &mov(&DWP(4,"eax","",0),$R);
+
+        &function_end($name);
+        }
+
+
+# The logic is to load R into 2 registers and operate on both at the same time.
+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
+# while also masking the other copy and doing a lookup.  We then also accumulate the
+# L value in 2 registers then combine them at the end.
+sub D_ENCRYPT
+        {
+        local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
+
+        &mov(   $u,             &DWP(&n2a($S*4),$ks,"",0));
+        &mov(   $t,             &DWP(&n2a(($S+1)*4),$ks,"",0));
+        &xor(   $u,             $R              );
+        &xor(   $t,             $R              );
+        &rotr(  $t,             4               );
+
+        # the numbers at the end of the line are origional instruction order
+        &mov(   $tmp2,          $u              );                      # 1 2
+        &mov(   $tmp1,          $t              );                      # 1 1
+        &and(   $tmp2,          "0xfc"          );                      # 1 4
+        &and(   $tmp1,          "0xfc"          );                      # 1 3
+        &shr(   $t,             8               );                      # 1 5
+        &xor(   $L,             &DWP("0x100+$desSP",$tmp1,"",0));       # 1 7
+        &shr(   $u,             8               );                      # 1 6
+        &mov(   $tmp1,          &DWP("      $desSP",$tmp2,"",0));       # 1 8
+
+        &mov(   $tmp2,          $u              );                      # 2 2
+        &xor(   $L,             $tmp1           );                      # 1 9
+        &and(   $tmp2,          "0xfc"          );                      # 2 4
+        &mov(   $tmp1,          $t              );                      # 2 1
+        &and(   $tmp1,          "0xfc"          );                      # 2 3
+        &shr(   $t,             8               );                      # 2 5
+        &xor(   $L,             &DWP("0x300+$desSP",$tmp1,"",0));       # 2 7
+        &shr(   $u,             8               );                      # 2 6
+        &mov(   $tmp1,          &DWP("0x200+$desSP",$tmp2,"",0));       # 2 8
+        &mov(   $tmp2,          $u              );                      # 3 2
+
+        &xor(   $L,             $tmp1           );                      # 2 9
+        &and(   $tmp2,          "0xfc"          );                      # 3 4
+
+        &mov(   $tmp1,          $t              );                      # 3 1 
+        &shr(   $u,             8               );                      # 3 6
+        &and(   $tmp1,          "0xfc"          );                      # 3 3
+        &shr(   $t,             8               );                      # 3 5
+        &xor(   $L,             &DWP("0x500+$desSP",$tmp1,"",0));       # 3 7
+        &mov(   $tmp1,          &DWP("0x400+$desSP",$tmp2,"",0));       # 3 8
+
+        &and(   $t,             "0xfc"          );                      # 4 1
+        &xor(   $L,             $tmp1           );                      # 3 9
+
+        &and(   $u,             "0xfc"          );                      # 4 2
+        &xor(   $L,             &DWP("0x700+$desSP",$t,"",0));          # 4 3
+        &xor(   $L,             &DWP("0x600+$desSP",$u,"",0));          # 4 4
+        }
+
+sub PERM_OP
+        {
+        local($a,$b,$tt,$shift,$mask)=@_;
+
+        &mov(   $tt,            $a              );
+        &shr(   $tt,            $shift          );
+        &xor(   $tt,            $b              );
+        &and(   $tt,            $mask           );
+        &xor(   $b,             $tt             );
+        &shl(   $tt,            $shift          );
+        &xor(   $a,             $tt             );
+        }
+
+sub IP_new
+        {
+        local($l,$r,$tt)=@_;
+
+        &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+        &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+        &PERM_OP($r,$l,$tt, 2,"0x33333333");
+        &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+        &PERM_OP($r,$l,$tt, 1,"0x55555555");
+        }
+
+sub FP_new
+        {
+        local($l,$r,$tt)=@_;
+
+        &PERM_OP($l,$r,$tt, 1,"0x55555555");
+        &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+        &PERM_OP($l,$r,$tt, 2,"0x33333333");
+        &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+        &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+        }
+
+sub n2a
+        {
+        sprintf("%d",$_[0]);
+        }
diff --git a/src/lib/libcrypto/des/asm/des_enc.m4 b/src/lib/libcrypto/des/asm/des_enc.m4
new file mode 100644
index 0000000000..f5b1928f99
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/des_enc.m4
@@ -0,0 +1,1980 @@
+!  des_enc.m4
+!  des_enc.S  (generated from des_enc.m4)
+!
+!  UltraSPARC assembler version of the LibDES/SSLeay/OpenSSL des_enc.c file.
+!
+!  Version 1.0. 32-bit version.
+!
+!  June 8, 2000.
+!
+!  Version 2.0. 32/64-bit, PIC-ification, blended CPU adaptation
+!               by Andy Polyakov.
+!
+!  January 1, 2003.
+!
+!  Assembler version: Copyright Svend Olaf Mikkelsen.
+!
+!  Original C code: Copyright Eric A. Young.
+!
+!  This code can be freely used by LibDES/SSLeay/OpenSSL users.
+!
+!  The LibDES/SSLeay/OpenSSL copyright notices must be respected.
+!
+!  This version can be redistributed.
+!
+!  To expand the m4 macros: m4 -B 8192 des_enc.m4 > des_enc.S
+!
+!  Global registers 1 to 5 are used. This is the same as done by the
+!  cc compiler. The UltraSPARC load/store little endian feature is used.
+!
+!  Instruction grouping often refers to one CPU cycle.
+!
+!  Assemble through gcc: gcc -c -mcpu=ultrasparc -o des_enc.o des_enc.S
+!
+!  Assemble through cc:  cc -c -xarch=v8plusa -o des_enc.o des_enc.S
+!
+!  Performance improvement according to './apps/openssl speed des'
+!
+!       32-bit build:
+!               23%  faster than cc-5.2 -xarch=v8plus -xO5
+!               115% faster than gcc-3.2.1 -m32 -mcpu=ultrasparc -O5
+!       64-bit build:
+!               50%  faster than cc-5.2 -xarch=v9 -xO5
+!               100% faster than gcc-3.2.1 -m64 -mcpu=ultrasparc -O5
+!
+
+.ident "des_enc.m4 2.1"
+
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+# define ABI64  /* They've said -xarch=v9 at command line */
+#elif defined(__GNUC__) && defined(__arch64__)
+# define ABI64  /* They've said -m64 at command line */
+#endif
+
+#ifdef ABI64
+  .register     %g2,#scratch
+  .register     %g3,#scratch
+# define        FRAME   -192
+# define        BIAS    2047
+# define        LDPTR   ldx
+# define        STPTR   stx
+# define        ARG0    128
+# define        ARGSZ   8
+# ifndef OPENSSL_SYSNAME_ULTRASPARC
+# define OPENSSL_SYSNAME_ULTRASPARC
+# endif
+#else
+# define        FRAME   -96
+# define        BIAS    0
+# define        LDPTR   ld
+# define        STPTR   st
+# define        ARG0    68
+# define        ARGSZ   4
+#endif
+
+#define LOOPS 7
+
+#define global0 %g0
+#define global1 %g1
+#define global2 %g2
+#define global3 %g3
+#define global4 %g4
+#define global5 %g5
+
+#define local0 %l0
+#define local1 %l1
+#define local2 %l2
+#define local3 %l3
+#define local4 %l4
+#define local5 %l5
+#define local7 %l6
+#define local6 %l7
+
+#define in0 %i0
+#define in1 %i1
+#define in2 %i2
+#define in3 %i3
+#define in4 %i4
+#define in5 %i5
+#define in6 %i6
+#define in7 %i7
+
+#define out0 %o0
+#define out1 %o1
+#define out2 %o2
+#define out3 %o3
+#define out4 %o4
+#define out5 %o5
+#define out6 %o6
+#define out7 %o7
+
+#define stub stb
+
+changequote({,})
+
+
+! Macro definitions:
+
+
+! {ip_macro}
+!
+! The logic used in initial and final permutations is the same as in
+! the C code. The permutations are done with a clever shift, xor, and
+! technique.
+!
+! The macro also loads address sbox 1 to 5 to global 1 to 5, address
+! sbox 6 to local6, and addres sbox 8 to out3.
+!
+! Rotates the halfs 3 left to bring the sbox bits in convenient positions.
+!
+! Loads key first round from address in parameter 5 to out0, out1.
+!
+! After the the original LibDES initial permutation, the resulting left
+! is in the variable initially used for right and vice versa. The macro
+! implements the possibility to keep the halfs in the original registers.
+!
+! parameter 1  left
+! parameter 2  right
+! parameter 3  result left (modify in first round)
+! parameter 4  result right (use in first round)
+! parameter 5  key address
+! parameter 6  1/2 for include encryption/decryption
+! parameter 7  1 for move in1 to in3
+! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+define(ip_macro, {
+
+! {ip_macro}
+! $1 $2 $4 $3 $5 $6 $7 $8 $9
+
+        ld      [out2+256], local1
+        srl     $2, 4, local4
+
+        xor     local4, $1, local4
+        ifelse($7,1,{mov in1, in3},{nop})
+
+        ld      [out2+260], local2
+        and     local4, local1, local4
+        ifelse($8,1,{mov in3, in4},{})
+        ifelse($8,2,{mov in4, in3},{})
+
+        ld      [out2+280], out4          ! loop counter
+        sll     local4, 4, local1
+        xor     $1, local4, $1
+
+        ld      [out2+264], local3
+        srl     $1, 16, local4
+        xor     $2, local1, $2
+
+        ifelse($9,1,{LDPTR      KS3, in4},{})
+        xor     local4, $2, local4
+        nop     !sethi  %hi(DES_SPtrans), global1 ! sbox addr
+
+        ifelse($9,1,{LDPTR      KS2, in3},{})
+        and     local4, local2, local4
+        nop     !or     global1, %lo(DES_SPtrans), global1   ! sbox addr
+
+        sll     local4, 16, local1
+        xor     $2, local4, $2
+
+        srl     $2, 2, local4
+        xor     $1, local1, $1
+
+        sethi   %hi(16711680), local5
+        xor     local4, $1, local4
+
+        and     local4, local3, local4
+        or      local5, 255, local5
+
+        sll     local4, 2, local2
+        xor     $1, local4, $1
+
+        srl     $1, 8, local4
+        xor     $2, local2, $2
+
+        xor     local4, $2, local4
+        add     global1, 768, global4
+
+        and     local4, local5, local4
+        add     global1, 1024, global5
+
+        ld      [out2+272], local7
+        sll     local4, 8, local1
+        xor     $2, local4, $2
+
+        srl     $2, 1, local4
+        xor     $1, local1, $1
+
+        ld      [$5], out0                ! key 7531
+        xor     local4, $1, local4
+        add     global1, 256, global2
+
+        ld      [$5+4], out1              ! key 8642
+        and     local4, local7, local4
+        add     global1, 512, global3
+
+        sll     local4, 1, local1
+        xor     $1, local4, $1
+
+        sll     $1, 3, local3
+        xor     $2, local1, $2
+
+        sll     $2, 3, local2
+        add     global1, 1280, local6     ! address sbox 8
+
+        srl     $1, 29, local4
+        add     global1, 1792, out3       ! address sbox 8
+
+        srl     $2, 29, local1
+        or      local4, local3, $4
+
+        or      local2, local1, $3
+
+        ifelse($6, 1, {
+
+                ld      [out2+284], local5     ! 0x0000FC00 used in the rounds
+                or      local2, local1, $3
+                xor     $4, out0, local1
+
+                call .des_enc.1
+                and     local1, 252, local1
+
+        },{})
+
+        ifelse($6, 2, {
+
+                ld      [out2+284], local5     ! 0x0000FC00 used in the rounds
+                or      local2, local1, $3
+                xor     $4, out0, local1
+
+                call .des_dec.1
+                and     local1, 252, local1
+
+        },{})
+})
+
+
+! {rounds_macro}
+!
+! The logic used in the DES rounds is the same as in the C code,
+! except that calculations for sbox 1 and sbox 5 begin before
+! the previous round is finished.
+!
+! In each round one half (work) is modified based on key and the
+! other half (use).
+!
+! In this version we do two rounds in a loop repeated 7 times
+! and two rounds seperately.
+!
+! One half has the bits for the sboxes in the following positions:
+!
+!       777777xx555555xx333333xx111111xx
+!
+!       88xx666666xx444444xx222222xx8888
+!
+! The bits for each sbox are xor-ed with the key bits for that box.
+! The above xx bits are cleared, and the result used for lookup in
+! the sbox table. Each sbox entry contains the 4 output bits permuted
+! into 32 bits according to the P permutation.
+!
+! In the description of DES, left and right are switched after
+! each round, except after last round. In this code the original
+! left and right are kept in the same register in all rounds, meaning
+! that after the 16 rounds the result for right is in the register
+! originally used for left.
+!
+! parameter 1  first work (left in first round)
+! parameter 2  first use (right in first round)
+! parameter 3  enc/dec  1/-1
+! parameter 4  loop label
+! parameter 5  key address register
+! parameter 6  optional address for key next encryption/decryption
+! parameter 7  not empty for include retl
+!
+! also compares in2 to 8
+
+define(rounds_macro, {
+
+! {rounds_macro}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+        xor     $2, out0, local1
+
+        ld      [out2+284], local5        ! 0x0000FC00
+        ba      $4
+        and     local1, 252, local1
+
+        .align 32
+
+$4:
+        ! local6 is address sbox 6
+        ! out3   is address sbox 8
+        ! out4   is loop counter
+
+        ld      [global1+local1], local1
+        xor     $2, out1, out1            ! 8642
+        xor     $2, out0, out0            ! 7531
+        fmovs   %f0, %f0                  ! fxor used for alignment
+
+        srl     out1, 4, local0           ! rotate 4 right
+        and     out0, local5, local3      ! 3
+        fmovs   %f0, %f0
+
+        ld      [$5+$3*8], local7         ! key 7531 next round
+        srl     local3, 8, local3         ! 3
+        and     local0, 252, local2       ! 2
+        fmovs   %f0, %f0
+
+        ld      [global3+local3],local3   ! 3
+        sll     out1, 28, out1            ! rotate
+        xor     $1, local1, $1            ! 1 finished, local1 now sbox 7
+
+        ld      [global2+local2], local2  ! 2 
+        srl     out0, 24, local1          ! 7
+        or      out1, local0, out1        ! rotate
+
+        ldub    [out2+local1], local1     ! 7 (and 0xFC)
+        srl     out1, 24, local0          ! 8
+        and     out1, local5, local4      ! 4
+
+        ldub    [out2+local0], local0     ! 8 (and 0xFC)
+        srl     local4, 8, local4         ! 4
+        xor     $1, local2, $1            ! 2 finished local2 now sbox 6
+
+        ld      [global4+local4],local4   ! 4
+        srl     out1, 16, local2          ! 6
+        xor     $1, local3, $1            ! 3 finished local3 now sbox 5
+
+        ld      [out3+local0],local0      ! 8
+        and     local2, 252, local2       ! 6
+        add     global1, 1536, local5     ! address sbox 7
+
+        ld      [local6+local2], local2   ! 6
+        srl     out0, 16, local3          ! 5
+        xor     $1, local4, $1            ! 4 finished
+
+        ld      [local5+local1],local1    ! 7
+        and     local3, 252, local3       ! 5
+        xor     $1, local0, $1            ! 8 finished
+
+        ld      [global5+local3],local3   ! 5
+        xor     $1, local2, $1            ! 6 finished
+        subcc   out4, 1, out4
+
+        ld      [$5+$3*8+4], out0         ! key 8642 next round
+        xor     $1, local7, local2        ! sbox 5 next round
+        xor     $1, local1, $1            ! 7 finished
+
+        srl     local2, 16, local2        ! sbox 5 next round
+        xor     $1, local3, $1            ! 5 finished
+
+        ld      [$5+$3*16+4], out1        ! key 8642 next round again
+        and     local2, 252, local2       ! sbox5 next round
+! next round
+        xor     $1, local7, local7        ! 7531
+
+        ld      [global5+local2], local2  ! 5
+        srl     local7, 24, local3        ! 7
+        xor     $1, out0, out0            ! 8642
+
+        ldub    [out2+local3], local3     ! 7 (and 0xFC)
+        srl     out0, 4, local0           ! rotate 4 right
+        and     local7, 252, local1       ! 1
+
+        sll     out0, 28, out0            ! rotate
+        xor     $2, local2, $2            ! 5 finished local2 used
+
+        srl     local0, 8, local4         ! 4
+        and     local0, 252, local2       ! 2
+        ld      [local5+local3], local3   ! 7
+
+        srl     local0, 16, local5        ! 6
+        or      out0, local0, out0        ! rotate
+        ld      [global2+local2], local2  ! 2
+
+        srl     out0, 24, local0
+        ld      [$5+$3*16], out0          ! key 7531 next round
+        and     local4, 252, local4       ! 4
+
+        and     local5, 252, local5       ! 6
+        ld      [global4+local4], local4  ! 4
+        xor     $2, local3, $2            ! 7 finished local3 used
+
+        and     local0, 252, local0       ! 8
+        ld      [local6+local5], local5   ! 6
+        xor     $2, local2, $2            ! 2 finished local2 now sbox 3
+
+        srl     local7, 8, local2         ! 3 start
+        ld      [out3+local0], local0     ! 8
+        xor     $2, local4, $2            ! 4 finished
+
+        and     local2, 252, local2       ! 3
+        ld      [global1+local1], local1  ! 1
+        xor     $2, local5, $2            ! 6 finished local5 used
+
+        ld      [global3+local2], local2  ! 3
+        xor     $2, local0, $2            ! 8 finished
+        add     $5, $3*16, $5             ! enc add 8, dec add -8 to key pointer
+
+        ld      [out2+284], local5        ! 0x0000FC00
+        xor     $2, out0, local4          ! sbox 1 next round
+        xor     $2, local1, $2            ! 1 finished
+
+        xor     $2, local2, $2            ! 3 finished
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bne,pt  %icc, $4
+#else
+        bne     $4
+#endif
+        and     local4, 252, local1       ! sbox 1 next round
+
+! two rounds more:
+
+        ld      [global1+local1], local1
+        xor     $2, out1, out1
+        xor     $2, out0, out0
+
+        srl     out1, 4, local0           ! rotate
+        and     out0, local5, local3
+
+        ld      [$5+$3*8], local7         ! key 7531
+        srl     local3, 8, local3
+        and     local0, 252, local2
+
+        ld      [global3+local3],local3
+        sll     out1, 28, out1            ! rotate
+        xor     $1, local1, $1            ! 1 finished, local1 now sbox 7
+
+        ld      [global2+local2], local2
+        srl     out0, 24, local1
+        or      out1, local0, out1        ! rotate
+
+        ldub    [out2+local1], local1
+        srl     out1, 24, local0
+        and     out1, local5, local4
+
+        ldub    [out2+local0], local0
+        srl     local4, 8, local4
+        xor     $1, local2, $1            ! 2 finished local2 now sbox 6
+
+        ld      [global4+local4],local4
+        srl     out1, 16, local2
+        xor     $1, local3, $1            ! 3 finished local3 now sbox 5
+
+        ld      [out3+local0],local0
+        and     local2, 252, local2
+        add     global1, 1536, local5     ! address sbox 7
+
+        ld      [local6+local2], local2
+        srl     out0, 16, local3
+        xor     $1, local4, $1            ! 4 finished
+
+        ld      [local5+local1],local1
+        and     local3, 252, local3
+        xor     $1, local0, $1
+
+        ld      [global5+local3],local3
+        xor     $1, local2, $1            ! 6 finished
+        cmp     in2, 8
+
+        ifelse($6,{}, {}, {ld   [out2+280], out4})  ! loop counter
+        xor     $1, local7, local2        ! sbox 5 next round
+        xor     $1, local1, $1            ! 7 finished
+
+        ld      [$5+$3*8+4], out0
+        srl     local2, 16, local2        ! sbox 5 next round
+        xor     $1, local3, $1            ! 5 finished
+
+        and     local2, 252, local2
+! next round (two rounds more)
+        xor     $1, local7, local7        ! 7531
+
+        ld      [global5+local2], local2
+        srl     local7, 24, local3
+        xor     $1, out0, out0            ! 8642
+
+        ldub    [out2+local3], local3
+        srl     out0, 4, local0           ! rotate
+        and     local7, 252, local1
+
+        sll     out0, 28, out0            ! rotate
+        xor     $2, local2, $2            ! 5 finished local2 used
+
+        srl     local0, 8, local4
+        and     local0, 252, local2
+        ld      [local5+local3], local3
+
+        srl     local0, 16, local5
+        or      out0, local0, out0        ! rotate
+        ld      [global2+local2], local2
+
+        srl     out0, 24, local0
+        ifelse($6,{}, {}, {ld   [$6], out0})   ! key next encryption/decryption
+        and     local4, 252, local4
+
+        and     local5, 252, local5
+        ld      [global4+local4], local4
+        xor     $2, local3, $2            ! 7 finished local3 used
+
+        and     local0, 252, local0
+        ld      [local6+local5], local5
+        xor     $2, local2, $2            ! 2 finished local2 now sbox 3
+
+        srl     local7, 8, local2         ! 3 start
+        ld      [out3+local0], local0
+        xor     $2, local4, $2
+
+        and     local2, 252, local2
+        ld      [global1+local1], local1
+        xor     $2, local5, $2            ! 6 finished local5 used
+
+        ld      [global3+local2], local2
+        srl     $1, 3, local3
+        xor     $2, local0, $2
+
+        ifelse($6,{}, {}, {ld   [$6+4], out1}) ! key next encryption/decryption
+        sll     $1, 29, local4
+        xor     $2, local1, $2
+
+        ifelse($7,{}, {}, {retl})
+        xor     $2, local2, $2
+})
+
+
+! {fp_macro}
+!
+!  parameter 1   right (original left)
+!  parameter 2   left (original right)
+!  parameter 3   1 for optional store to [in0]
+!  parameter 4   1 for load input/output address to local5/7
+!
+!  The final permutation logic switches the halfes, meaning that
+!  left and right ends up the the registers originally used.
+
+define(fp_macro, {
+
+! {fp_macro}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+        ! initially undo the rotate 3 left done after initial permutation
+        ! original left is received shifted 3 right and 29 left in local3/4
+
+        sll     $2, 29, local1
+        or      local3, local4, $1
+
+        srl     $2, 3, $2
+        sethi   %hi(0x55555555), local2
+
+        or      $2, local1, $2
+        or      local2, %lo(0x55555555), local2
+
+        srl     $2, 1, local3
+        sethi   %hi(0x00ff00ff), local1
+        xor     local3, $1, local3
+        or      local1, %lo(0x00ff00ff), local1
+        and     local3, local2, local3
+        sethi   %hi(0x33333333), local4
+        sll     local3, 1, local2
+
+        xor     $1, local3, $1
+
+        srl     $1, 8, local3
+        xor     $2, local2, $2
+        xor     local3, $2, local3
+        or      local4, %lo(0x33333333), local4
+        and     local3, local1, local3
+        sethi   %hi(0x0000ffff), local1
+        sll     local3, 8, local2
+
+        xor     $2, local3, $2
+
+        srl     $2, 2, local3
+        xor     $1, local2, $1
+        xor     local3, $1, local3
+        or      local1, %lo(0x0000ffff), local1
+        and     local3, local4, local3
+        sethi   %hi(0x0f0f0f0f), local4
+        sll     local3, 2, local2
+
+        ifelse($4,1, {LDPTR INPUT, local5})
+        xor     $1, local3, $1
+
+        ifelse($4,1, {LDPTR OUTPUT, local7})
+        srl     $1, 16, local3
+        xor     $2, local2, $2
+        xor     local3, $2, local3
+        or      local4, %lo(0x0f0f0f0f), local4
+        and     local3, local1, local3
+        sll     local3, 16, local2
+
+        xor     $2, local3, local1
+
+        srl     local1, 4, local3
+        xor     $1, local2, $1
+        xor     local3, $1, local3
+        and     local3, local4, local3
+        sll     local3, 4, local2
+
+        xor     $1, local3, $1
+
+        ! optional store:
+
+        ifelse($3,1, {st $1, [in0]})
+
+        xor     local1, local2, $2
+
+        ifelse($3,1, {st $2, [in0+4]})
+
+})
+
+
+! {fp_ip_macro}
+!
+! Does initial permutation for next block mixed with
+! final permutation for current block.
+!
+! parameter 1   original left
+! parameter 2   original right
+! parameter 3   left ip
+! parameter 4   right ip
+! parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
+!                2: mov in4 to in3
+!
+! also adds -8 to length in2 and loads loop counter to out4
+
+define(fp_ip_macro, {
+
+! {fp_ip_macro}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+        define({temp1},{out4})
+        define({temp2},{local3})
+
+        define({ip1},{local1})
+        define({ip2},{local2})
+        define({ip4},{local4})
+        define({ip5},{local5})
+
+        ! $1 in local3, local4
+
+        ld      [out2+256], ip1
+        sll     out5, 29, temp1
+        or      local3, local4, $1
+
+        srl     out5, 3, $2
+        ifelse($5,2,{mov in4, in3})
+
+        ld      [out2+272], ip5
+        srl     $4, 4, local0
+        or      $2, temp1, $2
+
+        srl     $2, 1, temp1
+        xor     temp1, $1, temp1
+
+        and     temp1, ip5, temp1
+        xor     local0, $3, local0
+
+        sll     temp1, 1, temp2
+        xor     $1, temp1, $1
+
+        and     local0, ip1, local0
+        add     in2, -8, in2
+
+        sll     local0, 4, local7
+        xor     $3, local0, $3
+
+        ld      [out2+268], ip4
+        srl     $1, 8, temp1
+        xor     $2, temp2, $2
+        ld      [out2+260], ip2
+        srl     $3, 16, local0
+        xor     $4, local7, $4
+        xor     temp1, $2, temp1
+        xor     local0, $4, local0
+        and     temp1, ip4, temp1
+        and     local0, ip2, local0
+        sll     temp1, 8, temp2
+        xor     $2, temp1, $2
+        sll     local0, 16, local7
+        xor     $4, local0, $4
+
+        srl     $2, 2, temp1
+        xor     $1, temp2, $1
+
+        ld      [out2+264], temp2         ! ip3
+        srl     $4, 2, local0
+        xor     $3, local7, $3
+        xor     temp1, $1, temp1
+        xor     local0, $3, local0
+        and     temp1, temp2, temp1
+        and     local0, temp2, local0
+        sll     temp1, 2, temp2
+        xor     $1, temp1, $1
+        sll     local0, 2, local7
+        xor     $3, local0, $3
+
+        srl     $1, 16, temp1
+        xor     $2, temp2, $2
+        srl     $3, 8, local0
+        xor     $4, local7, $4
+        xor     temp1, $2, temp1
+        xor     local0, $4, local0
+        and     temp1, ip2, temp1
+        and     local0, ip4, local0
+        sll     temp1, 16, temp2
+        xor     $2, temp1, local4
+        sll     local0, 8, local7
+        xor     $4, local0, $4
+
+        srl     $4, 1, local0
+        xor     $3, local7, $3
+
+        srl     local4, 4, temp1
+        xor     local0, $3, local0
+
+        xor     $1, temp2, $1
+        and     local0, ip5, local0
+
+        sll     local0, 1, local7
+        xor     temp1, $1, temp1
+
+        xor     $3, local0, $3
+        xor     $4, local7, $4
+
+        sll     $3, 3, local5
+        and     temp1, ip1, temp1
+
+        sll     temp1, 4, temp2
+        xor     $1, temp1, $1
+
+        ifelse($5,1,{LDPTR      KS2, in4})
+        sll     $4, 3, local2
+        xor     local4, temp2, $2
+
+        ! reload since used as temporar:
+
+        ld      [out2+280], out4          ! loop counter
+
+        srl     $3, 29, local0
+        ifelse($5,1,{add in4, 120, in4})
+
+        ifelse($5,1,{LDPTR      KS1, in3})
+        srl     $4, 29, local7
+
+        or      local0, local5, $4
+        or      local2, local7, $3
+
+})
+
+
+
+! {load_little_endian}
+!
+! parameter 1  address
+! parameter 2  destination left
+! parameter 3  destination right
+! parameter 4  temporar
+! parameter 5  label
+
+define(load_little_endian, {
+
+! {load_little_endian}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+        ! first in memory to rightmost in register
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        andcc   $1, 3, global0
+        bne,pn  %icc, $5
+        nop
+
+        lda     [$1] 0x88, $2
+        add     $1, 4, $4
+
+        ba,pt   %icc, $5a
+        lda     [$4] 0x88, $3
+#endif
+
+$5:
+        ldub    [$1+3], $2
+
+        ldub    [$1+2], $4
+        sll     $2, 8, $2
+        or      $2, $4, $2
+
+        ldub    [$1+1], $4
+        sll     $2, 8, $2
+        or      $2, $4, $2
+
+        ldub    [$1+0], $4
+        sll     $2, 8, $2
+        or      $2, $4, $2
+
+
+        ldub    [$1+3+4], $3
+
+        ldub    [$1+2+4], $4
+        sll     $3, 8, $3
+        or      $3, $4, $3
+
+        ldub    [$1+1+4], $4
+        sll     $3, 8, $3
+        or      $3, $4, $3
+
+        ldub    [$1+0+4], $4
+        sll     $3, 8, $3
+        or      $3, $4, $3
+$5a:
+
+})
+
+
+! {load_little_endian_inc}
+!
+! parameter 1  address
+! parameter 2  destination left
+! parameter 3  destination right
+! parameter 4  temporar
+! parameter 4  label
+!
+! adds 8 to address
+
+define(load_little_endian_inc, {
+
+! {load_little_endian_inc}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+        ! first in memory to rightmost in register
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        andcc   $1, 3, global0
+        bne,pn  %icc, $5
+        nop
+
+        lda     [$1] 0x88, $2
+        add     $1, 4, $1
+
+        lda     [$1] 0x88, $3
+        ba,pt   %icc, $5a
+        add     $1, 4, $1
+#endif
+
+$5:
+        ldub    [$1+3], $2
+
+        ldub    [$1+2], $4
+        sll     $2, 8, $2
+        or      $2, $4, $2
+
+        ldub    [$1+1], $4
+        sll     $2, 8, $2
+        or      $2, $4, $2
+
+        ldub    [$1+0], $4
+        sll     $2, 8, $2
+        or      $2, $4, $2
+
+        ldub    [$1+3+4], $3
+        add     $1, 8, $1
+
+        ldub    [$1+2+4-8], $4
+        sll     $3, 8, $3
+        or      $3, $4, $3
+
+        ldub    [$1+1+4-8], $4
+        sll     $3, 8, $3
+        or      $3, $4, $3
+
+        ldub    [$1+0+4-8], $4
+        sll     $3, 8, $3
+        or      $3, $4, $3
+$5a:
+
+})
+
+
+! {load_n_bytes}
+!
+! Loads 1 to 7 bytes little endian
+! Remaining bytes are zeroed.
+!
+! parameter 1  address
+! parameter 2  length
+! parameter 3  destination register left
+! parameter 4  destination register right
+! parameter 5  temp
+! parameter 6  temp2
+! parameter 7  label
+! parameter 8  return label
+
+define(load_n_bytes, {
+
+! {load_n_bytes}
+! $1 $2 $5 $6 $7 $8 $7 $8 $9
+
+$7.0:   call    .+8
+        sll     $2, 2, $6
+
+        add     %o7,$7.jmp.table-$7.0,$5
+
+        add     $5, $6, $5
+        mov     0, $4
+
+        ld      [$5], $5
+
+        jmp     %o7+$5
+        mov     0, $3
+
+$7.7:
+        ldub    [$1+6], $5
+        sll     $5, 16, $5
+        or      $3, $5, $3
+$7.6:
+        ldub    [$1+5], $5
+        sll     $5, 8, $5
+        or      $3, $5, $3
+$7.5:
+        ldub    [$1+4], $5
+        or      $3, $5, $3
+$7.4:
+        ldub    [$1+3], $5
+        sll     $5, 24, $5
+        or      $4, $5, $4
+$7.3:
+        ldub    [$1+2], $5
+        sll     $5, 16, $5
+        or      $4, $5, $4
+$7.2:
+        ldub    [$1+1], $5
+        sll     $5, 8, $5
+        or      $4, $5, $4
+$7.1:
+        ldub    [$1+0], $5
+        ba      $8
+        or      $4, $5, $4
+
+        .align 4
+
+$7.jmp.table:
+        .word   0
+        .word   $7.1-$7.0
+        .word   $7.2-$7.0
+        .word   $7.3-$7.0
+        .word   $7.4-$7.0
+        .word   $7.5-$7.0
+        .word   $7.6-$7.0
+        .word   $7.7-$7.0
+})
+
+
+! {store_little_endian}
+!
+! parameter 1  address
+! parameter 2  source left
+! parameter 3  source right
+! parameter 4  temporar
+
+define(store_little_endian, {
+
+! {store_little_endian}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+        ! rightmost in register to first in memory
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        andcc   $1, 3, global0
+        bne,pn  %icc, $5
+        nop
+
+        sta     $2, [$1] 0x88
+        add     $1, 4, $4
+
+        ba,pt   %icc, $5a
+        sta     $3, [$4] 0x88
+#endif
+
+$5:
+        and     $2, 255, $4
+        stub    $4, [$1+0]
+
+        srl     $2, 8, $4
+        and     $4, 255, $4
+        stub    $4, [$1+1]
+
+        srl     $2, 16, $4
+        and     $4, 255, $4
+        stub    $4, [$1+2]
+
+        srl     $2, 24, $4
+        stub    $4, [$1+3]
+
+
+        and     $3, 255, $4
+        stub    $4, [$1+0+4]
+
+        srl     $3, 8, $4
+        and     $4, 255, $4
+        stub    $4, [$1+1+4]
+
+        srl     $3, 16, $4
+        and     $4, 255, $4
+        stub    $4, [$1+2+4]
+
+        srl     $3, 24, $4
+        stub    $4, [$1+3+4]
+
+$5a:
+
+})
+
+
+! {store_n_bytes}
+!
+! Stores 1 to 7 bytes little endian
+!
+! parameter 1  address
+! parameter 2  length
+! parameter 3  source register left
+! parameter 4  source register right
+! parameter 5  temp
+! parameter 6  temp2
+! parameter 7  label
+! parameter 8  return label
+
+define(store_n_bytes, {
+
+! {store_n_bytes}
+! $1 $2 $5 $6 $7 $8 $7 $8 $9
+
+$7.0:   call    .+8
+        sll     $2, 2, $6
+
+        add     %o7,$7.jmp.table-$7.0,$5
+
+        add     $5, $6, $5
+
+        ld      [$5], $5
+
+        jmp     %o7+$5
+        nop
+
+$7.7:
+        srl     $3, 16, $5
+        and     $5, 0xff, $5
+        stub    $5, [$1+6]
+$7.6:
+        srl     $3, 8, $5
+        and     $5, 0xff, $5
+        stub    $5, [$1+5]
+$7.5:
+        and     $3, 0xff, $5
+        stub    $5, [$1+4]
+$7.4:
+        srl     $4, 24, $5
+        stub    $5, [$1+3]
+$7.3:
+        srl     $4, 16, $5
+        and     $5, 0xff, $5
+        stub    $5, [$1+2]
+$7.2:
+        srl     $4, 8, $5
+        and     $5, 0xff, $5
+        stub    $5, [$1+1]
+$7.1:
+        and     $4, 0xff, $5
+
+
+        ba      $8
+        stub    $5, [$1]
+
+        .align 4
+
+$7.jmp.table:
+
+        .word   0
+        .word   $7.1-$7.0
+        .word   $7.2-$7.0
+        .word   $7.3-$7.0
+        .word   $7.4-$7.0
+        .word   $7.5-$7.0
+        .word   $7.6-$7.0
+        .word   $7.7-$7.0
+})
+
+
+define(testvalue,{1})
+
+define(register_init, {
+
+! For test purposes:
+
+        sethi   %hi(testvalue), local0
+        or      local0, %lo(testvalue), local0
+
+        ifelse($1,{},{}, {mov   local0, $1})
+        ifelse($2,{},{}, {mov   local0, $2})
+        ifelse($3,{},{}, {mov   local0, $3})
+        ifelse($4,{},{}, {mov   local0, $4})
+        ifelse($5,{},{}, {mov   local0, $5})
+        ifelse($6,{},{}, {mov   local0, $6})
+        ifelse($7,{},{}, {mov   local0, $7})
+        ifelse($8,{},{}, {mov   local0, $8})
+
+        mov     local0, local1
+        mov     local0, local2
+        mov     local0, local3
+        mov     local0, local4
+        mov     local0, local5
+        mov     local0, local7
+        mov     local0, local6
+        mov     local0, out0
+        mov     local0, out1
+        mov     local0, out2
+        mov     local0, out3
+        mov     local0, out4
+        mov     local0, out5
+        mov     local0, global1
+        mov     local0, global2
+        mov     local0, global3
+        mov     local0, global4
+        mov     local0, global5
+
+})
+
+.section        ".text"
+
+        .align 32
+
+.des_enc:
+
+        ! key address in3
+        ! loads key next encryption/decryption first round from [in4]
+
+        rounds_macro(in5, out5, 1, .des_enc.1, in3, in4, retl)
+
+
+        .align 32
+
+.des_dec:
+
+        ! implemented with out5 as first parameter to avoid
+        ! register exchange in ede modes
+
+        ! key address in4
+        ! loads key next encryption/decryption first round from [in3]
+
+        rounds_macro(out5, in5, -1, .des_dec.1, in4, in3, retl)
+
+
+
+! void DES_encrypt1(data, ks, enc)
+! *******************************
+
+        .align 32
+        .global DES_encrypt1
+        .type    DES_encrypt1,#function
+
+DES_encrypt1:
+
+        save    %sp, FRAME, %sp
+
+        call    .PIC.me.up
+        mov     .PIC.me.up-(.-4),out0
+
+        ld      [in0], in5                ! left
+        cmp     in2, 0                    ! enc
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        be,pn   %icc, .encrypt.dec        ! enc/dec
+#else
+        be      .encrypt.dec
+#endif
+        ld      [in0+4], out5             ! right
+
+        ! parameter 6  1/2 for include encryption/decryption
+        ! parameter 7  1 for move in1 to in3
+        ! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+
+        ip_macro(in5, out5, in5, out5, in3, 0, 1, 1)
+
+        rounds_macro(in5, out5, 1, .des_encrypt1.1, in3, in4) ! in4 not used
+
+        fp_macro(in5, out5, 1)            ! 1 for store to [in0]
+
+        ret
+        restore
+
+.encrypt.dec:
+
+        add     in1, 120, in3             ! use last subkey for first round
+
+        ! parameter 6  1/2 for include encryption/decryption
+        ! parameter 7  1 for move in1 to in3
+        ! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+
+        ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include dec,  ks in4
+
+        fp_macro(out5, in5, 1)            ! 1 for store to [in0]
+
+        ret
+        restore
+
+.DES_encrypt1.end:
+        .size    DES_encrypt1,.DES_encrypt1.end-DES_encrypt1
+
+
+! void DES_encrypt2(data, ks, enc)
+!*********************************
+
+        ! encrypts/decrypts without initial/final permutation
+
+        .align 32
+        .global DES_encrypt2
+        .type    DES_encrypt2,#function
+
+DES_encrypt2:
+
+        save    %sp, FRAME, %sp
+
+        call    .PIC.me.up
+        mov     .PIC.me.up-(.-4),out0
+
+        ! Set sbox address 1 to 6 and rotate halfs 3 left
+        ! Errors caught by destest? Yes. Still? *NO*
+
+        !sethi  %hi(DES_SPtrans), global1 ! address sbox 1
+
+        !or     global1, %lo(DES_SPtrans), global1  ! sbox 1
+
+        add     global1, 256, global2     ! sbox 2
+        add     global1, 512, global3     ! sbox 3
+
+        ld      [in0], out5               ! right
+        add     global1, 768, global4     ! sbox 4
+        add     global1, 1024, global5    ! sbox 5
+
+        ld      [in0+4], in5              ! left
+        add     global1, 1280, local6     ! sbox 6
+        add     global1, 1792, out3       ! sbox 8
+
+        ! rotate
+
+        sll     in5, 3, local5
+        mov     in1, in3                  ! key address to in3
+
+        sll     out5, 3, local7
+        srl     in5, 29, in5
+
+        srl     out5, 29, out5
+        add     in5, local5, in5
+
+        add     out5, local7, out5
+        cmp     in2, 0
+
+        ! we use our own stackframe
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        be,pn   %icc, .encrypt2.dec       ! decryption
+#else
+        be      .encrypt2.dec
+#endif
+        STPTR   in0, [%sp+BIAS+ARG0+0*ARGSZ]
+
+        ld      [in3], out0               ! key 7531 first round
+        mov     LOOPS, out4               ! loop counter
+
+        ld      [in3+4], out1             ! key 8642 first round
+        sethi   %hi(0x0000FC00), local5
+
+        call .des_enc
+        mov     in3, in4
+
+        ! rotate
+        sll     in5, 29, in0
+        srl     in5, 3, in5
+        sll     out5, 29, in1
+        add     in5, in0, in5
+        srl     out5, 3, out5
+        LDPTR   [%sp+BIAS+ARG0+0*ARGSZ], in0
+        add     out5, in1, out5
+        st      in5, [in0]
+        st      out5, [in0+4]
+
+        ret
+        restore
+
+
+.encrypt2.dec:
+
+        add in3, 120, in4
+
+        ld      [in4], out0               ! key 7531 first round
+        mov     LOOPS, out4               ! loop counter
+
+        ld      [in4+4], out1             ! key 8642 first round
+        sethi   %hi(0x0000FC00), local5
+
+        mov     in5, local1               ! left expected in out5
+        mov     out5, in5
+
+        call .des_dec
+        mov     local1, out5
+
+.encrypt2.finish:
+
+        ! rotate
+        sll     in5, 29, in0
+        srl     in5, 3, in5
+        sll     out5, 29, in1
+        add     in5, in0, in5
+        srl     out5, 3, out5
+        LDPTR   [%sp+BIAS+ARG0+0*ARGSZ], in0
+        add     out5, in1, out5
+        st      out5, [in0]
+        st      in5, [in0+4]
+
+        ret
+        restore
+
+.DES_encrypt2.end:
+        .size    DES_encrypt2, .DES_encrypt2.end-DES_encrypt2
+
+
+! void DES_encrypt3(data, ks1, ks2, ks3)
+! **************************************
+
+        .align 32
+        .global DES_encrypt3
+        .type    DES_encrypt3,#function
+
+DES_encrypt3:
+
+        save    %sp, FRAME, %sp
+        
+        call    .PIC.me.up
+        mov     .PIC.me.up-(.-4),out0
+
+        ld      [in0], in5                ! left
+        add     in2, 120, in4             ! ks2
+
+        ld      [in0+4], out5             ! right
+        mov     in3, in2                  ! save ks3
+
+        ! parameter 6  1/2 for include encryption/decryption
+        ! parameter 7  1 for mov in1 to in3
+        ! parameter 8  1 for mov in3 to in4
+        ! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+        ip_macro(in5, out5, in5, out5, in3, 1, 1, 0, 0)
+
+        call    .des_dec
+        mov     in2, in3                  ! preload ks3
+
+        call    .des_enc
+        nop
+
+        fp_macro(in5, out5, 1)
+
+        ret
+        restore
+
+.DES_encrypt3.end:
+        .size    DES_encrypt3,.DES_encrypt3.end-DES_encrypt3
+
+
+! void DES_decrypt3(data, ks1, ks2, ks3)
+! **************************************
+
+        .align 32
+        .global DES_decrypt3
+        .type    DES_decrypt3,#function
+
+DES_decrypt3:
+
+        save    %sp, FRAME, %sp
+        
+        call    .PIC.me.up
+        mov     .PIC.me.up-(.-4),out0
+
+        ld      [in0], in5                ! left
+        add     in3, 120, in4             ! ks3
+
+        ld      [in0+4], out5             ! right
+        mov     in2, in3                  ! ks2
+
+        ! parameter 6  1/2 for include encryption/decryption
+        ! parameter 7  1 for mov in1 to in3
+        ! parameter 8  1 for mov in3 to in4
+        ! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+        ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 0)
+
+        call    .des_enc
+        add     in1, 120, in4             ! preload ks1
+
+        call    .des_dec
+        nop
+
+        fp_macro(out5, in5, 1)
+
+        ret
+        restore
+
+.DES_decrypt3.end:
+        .size    DES_decrypt3,.DES_decrypt3.end-DES_decrypt3
+
+        .align  256
+        .type    .des_and,#object
+        .size    .des_and,284
+
+.des_and:
+
+! This table is used for AND 0xFC when it is known that register
+! bits 8-31 are zero. Makes it possible to do three arithmetic
+! operations in one cycle.
+
+        .byte  0, 0, 0, 0, 4, 4, 4, 4
+        .byte  8, 8, 8, 8, 12, 12, 12, 12
+        .byte  16, 16, 16, 16, 20, 20, 20, 20
+        .byte  24, 24, 24, 24, 28, 28, 28, 28
+        .byte  32, 32, 32, 32, 36, 36, 36, 36
+        .byte  40, 40, 40, 40, 44, 44, 44, 44
+        .byte  48, 48, 48, 48, 52, 52, 52, 52
+        .byte  56, 56, 56, 56, 60, 60, 60, 60
+        .byte  64, 64, 64, 64, 68, 68, 68, 68
+        .byte  72, 72, 72, 72, 76, 76, 76, 76
+        .byte  80, 80, 80, 80, 84, 84, 84, 84
+        .byte  88, 88, 88, 88, 92, 92, 92, 92
+        .byte  96, 96, 96, 96, 100, 100, 100, 100
+        .byte  104, 104, 104, 104, 108, 108, 108, 108
+        .byte  112, 112, 112, 112, 116, 116, 116, 116
+        .byte  120, 120, 120, 120, 124, 124, 124, 124
+        .byte  128, 128, 128, 128, 132, 132, 132, 132
+        .byte  136, 136, 136, 136, 140, 140, 140, 140
+        .byte  144, 144, 144, 144, 148, 148, 148, 148
+        .byte  152, 152, 152, 152, 156, 156, 156, 156
+        .byte  160, 160, 160, 160, 164, 164, 164, 164
+        .byte  168, 168, 168, 168, 172, 172, 172, 172
+        .byte  176, 176, 176, 176, 180, 180, 180, 180
+        .byte  184, 184, 184, 184, 188, 188, 188, 188
+        .byte  192, 192, 192, 192, 196, 196, 196, 196
+        .byte  200, 200, 200, 200, 204, 204, 204, 204
+        .byte  208, 208, 208, 208, 212, 212, 212, 212
+        .byte  216, 216, 216, 216, 220, 220, 220, 220
+        .byte  224, 224, 224, 224, 228, 228, 228, 228
+        .byte  232, 232, 232, 232, 236, 236, 236, 236
+        .byte  240, 240, 240, 240, 244, 244, 244, 244
+        .byte  248, 248, 248, 248, 252, 252, 252, 252
+
+        ! 5 numbers for initil/final permutation
+
+        .word   0x0f0f0f0f                ! offset 256
+        .word   0x0000ffff                ! 260
+        .word   0x33333333                ! 264
+        .word   0x00ff00ff                ! 268
+        .word   0x55555555                ! 272
+
+        .word   0                         ! 276
+        .word   LOOPS                     ! 280
+        .word   0x0000FC00                ! 284
+.PIC.DES_SPtrans:
+        .word   %r_disp32(DES_SPtrans)
+
+! input:        out0    offset between .PIC.me.up and caller
+! output:       out0    pointer to .PIC.me.up
+!               out2    pointer to .des_and
+!               global1 pointer to DES_SPtrans
+        .align  32
+.PIC.me.up:
+        add     out0,%o7,out0                   ! pointer to .PIC.me.up
+#if 1
+        ld      [out0+(.PIC.DES_SPtrans-.PIC.me.up)],global1
+        add     global1,(.PIC.DES_SPtrans-.PIC.me.up),global1
+        add     global1,out0,global1
+#else
+# ifdef OPENSSL_PIC
+        ! In case anybody wonders why this code is same for both ABI.
+        ! To start with it is not. Do note LDPTR below. But of course
+        ! you must be wondering why the rest of it does not contain
+        ! things like %hh, %hm and %lm. Well, those are needed only
+        ! if OpenSSL library *itself* will become larger than 4GB,
+        ! which is not going to happen any time soon. 
+        sethi   %hi(DES_SPtrans),global1
+        or      global1,%lo(DES_SPtrans),global1
+        sethi   %hi(_GLOBAL_OFFSET_TABLE_-(.PIC.me.up-.)),out2
+        add     global1,out0,global1
+        add     out2,%lo(_GLOBAL_OFFSET_TABLE_-(.PIC.me.up-.)),out2
+        LDPTR   [out2+global1],global1
+# elif 0
+        setn    DES_SPtrans,out2,global1        ! synthetic instruction !
+# elif defined(ABI64)
+        sethi   %hh(DES_SPtrans),out2
+        or      out2,%hm(DES_SPtrans),out2
+        sethi   %lm(DES_SPtrans),global1
+        or      global1,%lo(DES_SPtrans),global1
+        sllx    out2,32,out2
+        or      out2,global1,global1
+# else
+        sethi   %hi(DES_SPtrans),global1
+        or      global1,%lo(DES_SPtrans),global1
+# endif
+#endif
+        retl
+        add     out0,.des_and-.PIC.me.up,out2
+
+! void DES_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+! *****************************************************************
+
+
+        .align 32
+        .global DES_ncbc_encrypt
+        .type    DES_ncbc_encrypt,#function
+
+DES_ncbc_encrypt:
+
+        save    %sp, FRAME, %sp
+        
+        define({INPUT},  { [%sp+BIAS+ARG0+0*ARGSZ] })
+        define({OUTPUT}, { [%sp+BIAS+ARG0+1*ARGSZ] })
+        define({IVEC},   { [%sp+BIAS+ARG0+4*ARGSZ] })
+
+        call    .PIC.me.up
+        mov     .PIC.me.up-(.-4),out0
+
+        cmp     in5, 0                    ! enc   
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        be,pn   %icc, .ncbc.dec
+#else
+        be      .ncbc.dec
+#endif
+        STPTR   in4, IVEC
+
+        ! addr  left  right  temp  label
+        load_little_endian(in4, in5, out5, local3, .LLE1)  ! iv
+
+        addcc   in2, -8, in2              ! bytes missing when first block done
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bl,pn   %icc, .ncbc.enc.seven.or.less
+#else
+        bl      .ncbc.enc.seven.or.less
+#endif
+        mov     in3, in4                  ! schedule
+
+.ncbc.enc.next.block:
+
+        load_little_endian(in0, out4, global4, local3, .LLE2)  ! block
+
+.ncbc.enc.next.block_1:
+
+        xor     in5, out4, in5            ! iv xor
+        xor     out5, global4, out5       ! iv xor
+
+        ! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+        ip_macro(in5, out5, in5, out5, in3, 0, 0, 2)
+
+.ncbc.enc.next.block_2:
+
+!//     call .des_enc                     ! compares in2 to 8
+!       rounds inlined for alignment purposes
+
+        add     global1, 768, global4     ! address sbox 4 since register used below
+
+        rounds_macro(in5, out5, 1, .ncbc.enc.1, in3, in4) ! include encryption  ks in3
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bl,pn   %icc, .ncbc.enc.next.block_fp
+#else
+        bl      .ncbc.enc.next.block_fp
+#endif
+        add     in0, 8, in0               ! input address
+
+        ! If 8 or more bytes are to be encrypted after this block,
+        ! we combine final permutation for this block with initial
+        ! permutation for next block. Load next block:
+
+        load_little_endian(in0, global3, global4, local5, .LLE12)
+
+        !  parameter 1   original left
+        !  parameter 2   original right
+        !  parameter 3   left ip
+        !  parameter 4   right ip
+        !  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
+        !                2: mov in4 to in3
+        !
+        ! also adds -8 to length in2 and loads loop counter to out4
+
+        fp_ip_macro(out0, out1, global3, global4, 2)
+
+        store_little_endian(in1, out0, out1, local3, .SLE10)  ! block
+
+        ld      [in3], out0               ! key 7531 first round next block
+        mov     in5, local1
+        xor     global3, out5, in5        ! iv xor next block
+
+        ld      [in3+4], out1             ! key 8642
+        add     global1, 512, global3     ! address sbox 3 since register used
+        xor     global4, local1, out5     ! iv xor next block
+
+        ba      .ncbc.enc.next.block_2
+        add     in1, 8, in1               ! output adress
+
+.ncbc.enc.next.block_fp:
+
+        fp_macro(in5, out5)
+
+        store_little_endian(in1, in5, out5, local3, .SLE1)  ! block
+
+        addcc   in2, -8, in2              ! bytes missing when next block done
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bpos,pt %icc, .ncbc.enc.next.block  ! also jumps if 0
+#else
+        bpos    .ncbc.enc.next.block
+#endif
+        add     in1, 8, in1
+
+.ncbc.enc.seven.or.less:
+
+        cmp     in2, -8
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        ble,pt  %icc, .ncbc.enc.finish
+#else
+        ble     .ncbc.enc.finish
+#endif
+        nop
+
+        add     in2, 8, local1            ! bytes to load
+
+        ! addr, length, dest left, dest right, temp, temp2, label, ret label
+        load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB1, .ncbc.enc.next.block_1)
+
+        ! Loads 1 to 7 bytes little endian to global4, out4
+
+
+.ncbc.enc.finish:
+
+        LDPTR   IVEC, local4
+        store_little_endian(local4, in5, out5, local5, .SLE2)  ! ivec
+
+        ret
+        restore
+
+
+.ncbc.dec:
+
+        STPTR   in0, INPUT
+        cmp     in2, 0                    ! length
+        add     in3, 120, in3
+
+        LDPTR   IVEC, local7              ! ivec
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        ble,pn  %icc, .ncbc.dec.finish
+#else
+        ble     .ncbc.dec.finish
+#endif
+        mov     in3, in4                  ! schedule
+
+        STPTR   in1, OUTPUT
+        mov     in0, local5               ! input
+
+        load_little_endian(local7, in0, in1, local3, .LLE3)   ! ivec
+
+.ncbc.dec.next.block:
+
+        load_little_endian(local5, in5, out5, local3, .LLE4)  ! block
+
+        ! parameter 6  1/2 for include encryption/decryption
+        ! parameter 7  1 for mov in1 to in3
+        ! parameter 8  1 for mov in3 to in4
+
+        ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include decryprion  ks in4
+
+        fp_macro(out5, in5, 0, 1) ! 1 for input and output address to local5/7
+
+        ! in2 is bytes left to be stored
+        ! in2 is compared to 8 in the rounds
+
+        xor     out5, in0, out4           ! iv xor
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bl,pn   %icc, .ncbc.dec.seven.or.less
+#else
+        bl      .ncbc.dec.seven.or.less
+#endif
+        xor     in5, in1, global4         ! iv xor
+
+        ! Load ivec next block now, since input and output address might be the same.
+
+        load_little_endian_inc(local5, in0, in1, local3, .LLE5)  ! iv
+
+        store_little_endian(local7, out4, global4, local3, .SLE3)
+
+        STPTR   local5, INPUT
+        add     local7, 8, local7
+        addcc   in2, -8, in2
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bg,pt   %icc, .ncbc.dec.next.block
+#else
+        bg      .ncbc.dec.next.block
+#endif
+        STPTR   local7, OUTPUT
+
+
+.ncbc.dec.store.iv:
+
+        LDPTR   IVEC, local4              ! ivec
+        store_little_endian(local4, in0, in1, local5, .SLE4)
+
+.ncbc.dec.finish:
+
+        ret
+        restore
+
+.ncbc.dec.seven.or.less:
+
+        load_little_endian_inc(local5, in0, in1, local3, .LLE13)     ! ivec
+
+        store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB1, .ncbc.dec.store.iv)
+
+
+.DES_ncbc_encrypt.end:
+        .size    DES_ncbc_encrypt, .DES_ncbc_encrypt.end-DES_ncbc_encrypt
+
+
+! void DES_ede3_cbc_encrypt(input, output, lenght, ks1, ks2, ks3, ivec, enc)
+! **************************************************************************
+
+
+        .align 32
+        .global DES_ede3_cbc_encrypt
+        .type    DES_ede3_cbc_encrypt,#function
+
+DES_ede3_cbc_encrypt:
+
+        save    %sp, FRAME, %sp
+
+        define({KS1}, { [%sp+BIAS+ARG0+3*ARGSZ] })
+        define({KS2}, { [%sp+BIAS+ARG0+4*ARGSZ] })
+        define({KS3}, { [%sp+BIAS+ARG0+5*ARGSZ] })
+
+        call    .PIC.me.up
+        mov     .PIC.me.up-(.-4),out0
+
+        LDPTR   [%fp+BIAS+ARG0+7*ARGSZ], local3          ! enc
+        LDPTR   [%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
+        cmp     local3, 0                 ! enc
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        be,pn   %icc, .ede3.dec
+#else
+        be      .ede3.dec
+#endif
+        STPTR   in4, KS2
+
+        STPTR   in5, KS3
+
+        load_little_endian(local4, in5, out5, local3, .LLE6)  ! ivec
+
+        addcc   in2, -8, in2              ! bytes missing after next block
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bl,pn   %icc,  .ede3.enc.seven.or.less
+#else
+        bl      .ede3.enc.seven.or.less
+#endif
+        STPTR   in3, KS1
+
+.ede3.enc.next.block:
+
+        load_little_endian(in0, out4, global4, local3, .LLE7)
+
+.ede3.enc.next.block_1:
+
+        LDPTR   KS2, in4
+        xor     in5, out4, in5            ! iv xor
+        xor     out5, global4, out5       ! iv xor
+
+        LDPTR   KS1, in3
+        add     in4, 120, in4             ! for decryption we use last subkey first
+        nop
+
+        ip_macro(in5, out5, in5, out5, in3)
+
+.ede3.enc.next.block_2:
+
+        call .des_enc                     ! ks1 in3
+        nop
+
+        call .des_dec                     ! ks2 in4
+        LDPTR   KS3, in3
+
+        call .des_enc                     ! ks3 in3  compares in2 to 8
+        nop
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bl,pn   %icc, .ede3.enc.next.block_fp
+#else
+        bl      .ede3.enc.next.block_fp
+#endif
+        add     in0, 8, in0
+
+        ! If 8 or more bytes are to be encrypted after this block,
+        ! we combine final permutation for this block with initial
+        ! permutation for next block. Load next block:
+
+        load_little_endian(in0, global3, global4, local5, .LLE11)
+
+        !  parameter 1   original left
+        !  parameter 2   original right
+        !  parameter 3   left ip
+        !  parameter 4   right ip
+        !  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
+        !                2: mov in4 to in3
+        !
+        ! also adds -8 to length in2 and loads loop counter to out4
+
+        fp_ip_macro(out0, out1, global3, global4, 1)
+
+        store_little_endian(in1, out0, out1, local3, .SLE9)  ! block
+
+        mov     in5, local1
+        xor     global3, out5, in5        ! iv xor next block
+
+        ld      [in3], out0               ! key 7531
+        add     global1, 512, global3     ! address sbox 3
+        xor     global4, local1, out5     ! iv xor next block
+
+        ld      [in3+4], out1             ! key 8642
+        add     global1, 768, global4     ! address sbox 4
+        ba      .ede3.enc.next.block_2
+        add     in1, 8, in1
+
+.ede3.enc.next.block_fp:
+
+        fp_macro(in5, out5)
+
+        store_little_endian(in1, in5, out5, local3, .SLE5)  ! block
+
+        addcc   in2, -8, in2              ! bytes missing when next block done
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bpos,pt %icc, .ede3.enc.next.block
+#else
+        bpos    .ede3.enc.next.block
+#endif
+        add     in1, 8, in1
+
+.ede3.enc.seven.or.less:
+
+        cmp     in2, -8
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        ble,pt  %icc, .ede3.enc.finish
+#else
+        ble     .ede3.enc.finish
+#endif
+        nop
+
+        add     in2, 8, local1            ! bytes to load
+
+        ! addr, length, dest left, dest right, temp, temp2, label, ret label
+        load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB2, .ede3.enc.next.block_1)
+
+.ede3.enc.finish:
+
+        LDPTR   [%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
+        store_little_endian(local4, in5, out5, local5, .SLE6)  ! ivec
+
+        ret
+        restore
+
+.ede3.dec:
+
+        STPTR   in0, INPUT
+        add     in5, 120, in5
+
+        STPTR   in1, OUTPUT
+        mov     in0, local5
+        add     in3, 120, in3
+
+        STPTR   in3, KS1
+        cmp     in2, 0
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        ble     %icc, .ede3.dec.finish
+#else
+        ble     .ede3.dec.finish
+#endif
+        STPTR   in5, KS3
+
+        LDPTR   [%fp+BIAS+ARG0+6*ARGSZ], local7          ! iv
+        load_little_endian(local7, in0, in1, local3, .LLE8)
+
+.ede3.dec.next.block:
+
+        load_little_endian(local5, in5, out5, local3, .LLE9)
+
+        ! parameter 6  1/2 for include encryption/decryption
+        ! parameter 7  1 for mov in1 to in3
+        ! parameter 8  1 for mov in3 to in4
+        ! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+        ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 1) ! inc .des_dec ks3 in4
+
+        call .des_enc                     ! ks2 in3
+        LDPTR   KS1, in4
+
+        call .des_dec                     ! ks1 in4
+        nop
+
+        fp_macro(out5, in5, 0, 1)   ! 1 for input and output address local5/7
+
+        ! in2 is bytes left to be stored
+        ! in2 is compared to 8 in the rounds
+
+        xor     out5, in0, out4
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bl,pn   %icc, .ede3.dec.seven.or.less
+#else
+        bl      .ede3.dec.seven.or.less
+#endif
+        xor     in5, in1, global4
+
+        load_little_endian_inc(local5, in0, in1, local3, .LLE10)   ! iv next block
+
+        store_little_endian(local7, out4, global4, local3, .SLE7)  ! block
+
+        STPTR   local5, INPUT
+        addcc   in2, -8, in2
+        add     local7, 8, local7
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+        bg,pt   %icc, .ede3.dec.next.block
+#else
+        bg      .ede3.dec.next.block
+#endif
+        STPTR   local7, OUTPUT
+
+.ede3.dec.store.iv:
+
+        LDPTR   [%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
+        store_little_endian(local4, in0, in1, local5, .SLE8)  ! ivec
+
+.ede3.dec.finish:
+
+        ret
+        restore
+
+.ede3.dec.seven.or.less:
+
+        load_little_endian_inc(local5, in0, in1, local3, .LLE14)     ! iv
+
+        store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB2, .ede3.dec.store.iv)
+
+
+.DES_ede3_cbc_encrypt.end:
+        .size    DES_ede3_cbc_encrypt,.DES_ede3_cbc_encrypt.end-DES_ede3_cbc_encrypt
diff --git a/src/lib/libcrypto/des/asm/desboth.pl b/src/lib/libcrypto/des/asm/desboth.pl
new file mode 100644
index 0000000000..eec00886e4
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/desboth.pl
@@ -0,0 +1,79 @@
+#!/usr/local/bin/perl
+
+$L="edi";
+$R="esi";
+
+sub DES_encrypt3
+        {
+        local($name,$enc)=@_;
+
+        &function_begin_B($name,"");
+        &push("ebx");
+        &mov("ebx",&wparam(0));
+
+        &push("ebp");
+        &push("esi");
+
+        &push("edi");
+
+        &comment("");
+        &comment("Load the data words");
+        &mov($L,&DWP(0,"ebx","",0));
+        &mov($R,&DWP(4,"ebx","",0));
+        &stack_push(3);
+
+        &comment("");
+        &comment("IP");
+        &IP_new($L,$R,"edx",0);
+
+        # put them back
+        
+        if ($enc)
+                {
+                &mov(&DWP(4,"ebx","",0),$R);
+                 &mov("eax",&wparam(1));
+                &mov(&DWP(0,"ebx","",0),"edx");
+                 &mov("edi",&wparam(2));
+                 &mov("esi",&wparam(3));
+                }
+        else
+                {
+                &mov(&DWP(4,"ebx","",0),$R);
+                 &mov("esi",&wparam(1));
+                &mov(&DWP(0,"ebx","",0),"edx");
+                 &mov("edi",&wparam(2));
+                 &mov("eax",&wparam(3));
+                }
+        &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
+        &mov(&swtmp(1), "eax");
+        &mov(&swtmp(0), "ebx");
+        &call("DES_encrypt2");
+        &mov(&swtmp(2), (DWC(($enc)?"0":"1")));
+        &mov(&swtmp(1), "edi");
+        &mov(&swtmp(0), "ebx");
+        &call("DES_encrypt2");
+        &mov(&swtmp(2), (DWC(($enc)?"1":"0")));
+        &mov(&swtmp(1), "esi");
+        &mov(&swtmp(0), "ebx");
+        &call("DES_encrypt2");
+
+        &stack_pop(3);
+        &mov($L,&DWP(0,"ebx","",0));
+        &mov($R,&DWP(4,"ebx","",0));
+
+        &comment("");
+        &comment("FP");
+        &FP_new($L,$R,"eax",0);
+
+        &mov(&DWP(0,"ebx","",0),"eax");
+        &mov(&DWP(4,"ebx","",0),$R);
+
+        &pop("edi");
+        &pop("esi");
+        &pop("ebp");
+        &pop("ebx");
+        &ret();
+        &function_end_B($name);
+        }
+
+
diff --git a/src/lib/libcrypto/des/asm/readme b/src/lib/libcrypto/des/asm/readme
new file mode 100644
index 0000000000..1beafe253b
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler.  It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right.  Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for.  So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c.  Replace the following
+4 functions
+des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules.   The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des.  The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft       Windows 95/Windows NT
+Elf             Includes Linux and FreeBSD(?).
+a.out           The older Linux.
+Solaris         Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type.  This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part.  I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things.  First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup.  This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor     eax,    eax                             # clear word
+movb    al,     cl                              # get low byte
+xor     edi     DWORD PTR 0x100+des_SP[eax]     # xor in word
+movb    al,     ch                              # get next byte
+xor     edi     DWORD PTR 0x300+des_SP[eax]     # xor in word
+shr     ecx     16
+which seems ok.  For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch.  When a full register is used after a partial write, eg.
+mov     al,     cl
+xor     edi,    DWORD PTR 0x100+des_SP[eax]
+386     - 1 cycle stall
+486     - 1 cycle stall
+586     - 0 cycle stall
+686     - at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov     eax,    ecx                             # copy word 
+shr     ecx,    8                               # line up next byte
+and     eax,    0fch                            # mask byte
+xor     edi     DWORD PTR 0x100+des_SP[eax]     # xor in array lookup
+mov     eax,    ecx                             # get word
+shr     ecx     8                               # line up next byte
+and     eax,    0fch                            # mask byte
+xor     edi     DWORD PTR 0x300+des_SP[eax]     # xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good.  This is the type of output
+Visual C++ generates.
+
+There is a third option.  instead of using
+mov     al,     ch
+which is bad on the pentium pro, one may be able to use
+movzx   eax,    ch
+which may not incur the partial write penalty.  On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while.  I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong.  The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums.  It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second.  He had a previous version at 250,000 and the best
+I was able to get was 203,000.  The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/src/lib/libcrypto/des/cbc3_enc.c b/src/lib/libcrypto/des/cbc3_enc.c
new file mode 100644
index 0000000000..b5db4e14f7
--- /dev/null
+++ b/src/lib/libcrypto/des/cbc3_enc.c
@@ -0,0 +1,99 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS! DON'T USE - this is only present for use in des.c */
+void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
+             DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock *iv1,
+             DES_cblock *iv2, int enc)
+        {
+        int off=((int)length-1)/8;
+        long l8=((length+7)/8)*8;
+        DES_cblock niv1,niv2;
+
+        if (enc == DES_ENCRYPT)
+                {
+                DES_cbc_encrypt((unsigned char*)input,
+                                (unsigned char*)output,length,&ks1,iv1,enc);
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv1,output[off],sizeof(DES_cblock));
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,l8,&ks2,iv1,!enc);
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,l8,&ks1,iv2,enc);
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv2,output[off],sizeof(DES_cblock));
+                }
+        else
+                {
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv2,input[off],sizeof(DES_cblock));
+                DES_cbc_encrypt((unsigned char*)input,
+                                (unsigned char*)output,l8,&ks1,iv2,enc);
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,l8,&ks2,iv1,!enc);
+                if (length >= sizeof(DES_cblock))
+                        memcpy(niv1,output[off],sizeof(DES_cblock));
+                DES_cbc_encrypt((unsigned char*)output,
+                                (unsigned char*)output,length,&ks1,iv1,enc);
+                }
+        memcpy(*iv1,niv1,sizeof(DES_cblock));
+        memcpy(*iv2,niv2,sizeof(DES_cblock));
+        }
+
diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c
new file mode 100644
index 0000000000..09a7ba56aa
--- /dev/null
+++ b/src/lib/libcrypto/des/cbc_cksm.c
@@ -0,0 +1,106 @@
+/* crypto/des/cbc_cksm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
+                       long length, DES_key_schedule *schedule,
+                       const_DES_cblock *ivec)
+        {
+        register DES_LONG tout0,tout1,tin0,tin1;
+        register long l=length;
+        DES_LONG tin[2];
+        unsigned char *out = &(*output)[0];
+        const unsigned char *iv = &(*ivec)[0];
+
+        c2l(iv,tout0);
+        c2l(iv,tout1);
+        for (; l>0; l-=8)
+                {
+                if (l >= 8)
+                        {
+                        c2l(in,tin0);
+                        c2l(in,tin1);
+                        }
+                else
+                        c2ln(in,tin0,tin1,l);
+                        
+                tin0^=tout0; tin[0]=tin0;
+                tin1^=tout1; tin[1]=tin1;
+                DES_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
+                /* fix 15/10/91 eay - thanks to keithr@sco.COM */
+                tout0=tin[0];
+                tout1=tin[1];
+                }
+        if (out != NULL)
+                {
+                l2c(tout0,out);
+                l2c(tout1,out);
+                }
+        tout0=tin0=tin1=tin[0]=tin[1]=0;
+        /*
+          Transform the data in tout1 so that it will
+          match the return value that the MIT Kerberos
+          mit_des_cbc_cksum API returns.
+        */
+        tout1 = ((tout1 >> 24L) & 0x000000FF)
+              | ((tout1 >> 8L)  & 0x0000FF00)
+              | ((tout1 << 8L)  & 0x00FF0000)
+              | ((tout1 << 24L) & 0xFF000000);
+        return(tout1);
+        }
diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c
new file mode 100644
index 0000000000..677903ae4e
--- /dev/null
+++ b/src/lib/libcrypto/des/cbc_enc.c
@@ -0,0 +1,61 @@
+/* crypto/des/cbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define CBC_ENC_C__DONT_UPDATE_IV
+
+#include "ncbc_enc.c" /* des_cbc_encrypt */
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c
new file mode 100644
index 0000000000..de34ecceb9
--- /dev/null
+++ b/src/lib/libcrypto/des/cfb64ede.c
@@ -0,0 +1,254 @@
+/* crypto/des/cfb64ede.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "e_os.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                            long length, DES_key_schedule *ks1,
+                            DES_key_schedule *ks2, DES_key_schedule *ks3,
+                            DES_cblock *ivec, int *num, int enc)
+        {
+        register DES_LONG v0,v1;
+        register long l=length;
+        register int n= *num;
+        DES_LONG ti[2];
+        unsigned char *iv,c,cc;
+
+        iv=&(*ivec)[0];
+        if (enc)
+                {
+                while (l--)
+                        {
+                        if (n == 0)
+                                {
+                                c2l(iv,v0);
+                                c2l(iv,v1);
+
+                                ti[0]=v0;
+                                ti[1]=v1;
+                                DES_encrypt3(ti,ks1,ks2,ks3);
+                                v0=ti[0];
+                                v1=ti[1];
+
+                                iv = &(*ivec)[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                iv = &(*ivec)[0];
+                                }
+                        c= *(in++)^iv[n];
+                        *(out++)=c;
+                        iv[n]=c;
+                        n=(n+1)&0x07;
+                        }
+                }
+        else
+                {
+                while (l--)
+                        {
+                        if (n == 0)
+                                {
+                                c2l(iv,v0);
+                                c2l(iv,v1);
+
+                                ti[0]=v0;
+                                ti[1]=v1;
+                                DES_encrypt3(ti,ks1,ks2,ks3);
+                                v0=ti[0];
+                                v1=ti[1];
+
+                                iv = &(*ivec)[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                iv = &(*ivec)[0];
+                                }
+                        cc= *(in++);
+                        c=iv[n];
+                        iv[n]=cc;
+                        *(out++)=c^cc;
+                        n=(n+1)&0x07;
+                        }
+                }
+        v0=v1=ti[0]=ti[1]=c=cc=0;
+        *num=n;
+        }
+
+#ifdef undef /* MACRO */
+void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+             DES_key_schedule ks1, DES_key_schedule ks2, DES_cblock (*ivec),
+             int *num, int enc)
+        {
+        DES_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
+        }
+#endif
+
+/* This is compatible with the single key CFB-r for DES, even thought that's
+ * not what EVP needs.
+ */
+
+void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
+                          int numbits,long length,DES_key_schedule *ks1,
+                          DES_key_schedule *ks2,DES_key_schedule *ks3,
+                          DES_cblock *ivec,int enc)
+        {
+        register DES_LONG d0,d1,v0,v1;
+        register unsigned long l=length,n=((unsigned int)numbits+7)/8;
+        register int num=numbits,i;
+        DES_LONG ti[2];
+        unsigned char *iv;
+        unsigned char ovec[16];
+
+        if (num > 64) return;
+        iv = &(*ivec)[0];
+        c2l(iv,v0);
+        c2l(iv,v1);
+        if (enc)
+                {
+                while (l >= n)
+                        {
+                        l-=n;
+                        ti[0]=v0;
+                        ti[1]=v1;
+                        DES_encrypt3(ti,ks1,ks2,ks3);
+                        c2ln(in,d0,d1,n);
+                        in+=n;
+                        d0^=ti[0];
+                        d1^=ti[1];
+                        l2cn(d0,d1,out,n);
+                        out+=n;
+                        /* 30-08-94 - eay - changed because l>>32 and
+                         * l<<32 are bad under gcc :-( */
+                        if (num == 32)
+                                { v0=v1; v1=d0; }
+                        else if (num == 64)
+                                { v0=d0; v1=d1; }
+                        else
+                                {
+                                iv=&ovec[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                l2c(d0,iv);
+                                l2c(d1,iv);
+                                /* shift ovec left most of the bits... */
+                                memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+                                /* now the remaining bits */
+                                if(num%8 != 0)
+                                        for(i=0 ; i < 8 ; ++i)
+                                                {
+                                                ovec[i]<<=num%8;
+                                                ovec[i]|=ovec[i+1]>>(8-num%8);
+                                                }
+                                iv=&ovec[0];
+                                c2l(iv,v0);
+                                c2l(iv,v1);
+                                }
+                        }
+                }
+        else
+                {
+                while (l >= n)
+                        {
+                        l-=n;
+                        ti[0]=v0;
+                        ti[1]=v1;
+                        DES_encrypt3(ti,ks1,ks2,ks3);
+                        c2ln(in,d0,d1,n);
+                        in+=n;
+                        /* 30-08-94 - eay - changed because l>>32 and
+                         * l<<32 are bad under gcc :-( */
+                        if (num == 32)
+                                { v0=v1; v1=d0; }
+                        else if (num == 64)
+                                { v0=d0; v1=d1; }
+                        else
+                                {
+                                iv=&ovec[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                l2c(d0,iv);
+                                l2c(d1,iv);
+                                /* shift ovec left most of the bits... */
+                                memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+                                /* now the remaining bits */
+                                if(num%8 != 0)
+                                        for(i=0 ; i < 8 ; ++i)
+                                                {
+                                                ovec[i]<<=num%8;
+                                                ovec[i]|=ovec[i+1]>>(8-num%8);
+                                                }
+                                iv=&ovec[0];
+                                c2l(iv,v0);
+                                c2l(iv,v1);
+                                }
+                        d0^=ti[0];
+                        d1^=ti[1];
+                        l2cn(d0,d1,out,n);
+                        out+=n;
+                        }
+                }
+        iv = &(*ivec)[0];
+        l2c(v0,iv);
+        l2c(v1,iv);
+        v0=v1=d0=d1=ti[0]=ti[1]=0;
+        }
+
diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c
new file mode 100644
index 0000000000..5ec8683e40
--- /dev/null
+++ b/src/lib/libcrypto/des/cfb64enc.c
@@ -0,0 +1,121 @@
+/* crypto/des/cfb64enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, DES_key_schedule *schedule,
+                       DES_cblock *ivec, int *num, int enc)
+        {
+        register DES_LONG v0,v1;
+        register long l=length;
+        register int n= *num;
+        DES_LONG ti[2];
+        unsigned char *iv,c,cc;
+
+        iv = &(*ivec)[0];
+        if (enc)
+                {
+                while (l--)
+                        {
+                        if (n == 0)
+                                {
+                                c2l(iv,v0); ti[0]=v0;
+                                c2l(iv,v1); ti[1]=v1;
+                                DES_encrypt1(ti,schedule,DES_ENCRYPT);
+                                iv = &(*ivec)[0];
+                                v0=ti[0]; l2c(v0,iv);
+                                v0=ti[1]; l2c(v0,iv);
+                                iv = &(*ivec)[0];
+                                }
+                        c= *(in++)^iv[n];
+                        *(out++)=c;
+                        iv[n]=c;
+                        n=(n+1)&0x07;
+                        }
+                }
+        else
+                {
+                while (l--)
+                        {
+                        if (n == 0)
+                                {
+                                c2l(iv,v0); ti[0]=v0;
+                                c2l(iv,v1); ti[1]=v1;
+                                DES_encrypt1(ti,schedule,DES_ENCRYPT);
+                                iv = &(*ivec)[0];
+                                v0=ti[0]; l2c(v0,iv);
+                                v0=ti[1]; l2c(v0,iv);
+                                iv = &(*ivec)[0];
+                                }
+                        cc= *(in++);
+                        c=iv[n];
+                        iv[n]=cc;
+                        *(out++)=c^cc;
+                        n=(n+1)&0x07;
+                        }
+                }
+        v0=v1=ti[0]=ti[1]=c=cc=0;
+        *num=n;
+        }
+
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
new file mode 100644
index 0000000000..720f29a28e
--- /dev/null
+++ b/src/lib/libcrypto/des/cfb_enc.c
@@ -0,0 +1,195 @@
+/* crypto/des/cfb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "e_os.h"
+#include "des_locl.h"
+#include <assert.h>
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second.  The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
+ * will not be compatible with any encryption prior to that date. Ben. */
+void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+                     long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                     int enc)
+        {
+        register DES_LONG d0,d1,v0,v1;
+        register unsigned long l=length;
+        register int num=numbits/8,n=(numbits+7)/8,i,rem=numbits%8;
+        DES_LONG ti[2];
+        unsigned char *iv;
+#ifndef L_ENDIAN
+        unsigned char ovec[16];
+#else
+        unsigned int  sh[4];
+        unsigned char *ovec=(unsigned char *)sh;
+
+        /* I kind of count that compiler optimizes away this assertioni,*/
+        assert (sizeof(sh[0])==4);      /* as this holds true for all,  */
+                                        /* but 16-bit platforms...      */
+                                        
+#endif
+
+        if (numbits<=0 || numbits > 64) return;
+        iv = &(*ivec)[0];
+        c2l(iv,v0);
+        c2l(iv,v1);
+        if (enc)
+                {
+                while (l >= (unsigned long)n)
+                        {
+                        l-=n;
+                        ti[0]=v0;
+                        ti[1]=v1;
+                        DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
+                        c2ln(in,d0,d1,n);
+                        in+=n;
+                        d0^=ti[0];
+                        d1^=ti[1];
+                        l2cn(d0,d1,out,n);
+                        out+=n;
+                        /* 30-08-94 - eay - changed because l>>32 and
+                         * l<<32 are bad under gcc :-( */
+                        if (numbits == 32)
+                                { v0=v1; v1=d0; }
+                        else if (numbits == 64)
+                                { v0=d0; v1=d1; }
+                        else
+                                {
+#ifndef L_ENDIAN
+                                iv=&ovec[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                l2c(d0,iv);
+                                l2c(d1,iv);
+#else
+                                sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1;
+#endif
+                                if (rem==0)
+                                        memmove(ovec,ovec+num,8);
+                                else
+                                        for(i=0 ; i < 8 ; ++i)
+                                                ovec[i]=ovec[i+num]<<rem |
+                                                        ovec[i+num+1]>>(8-rem);
+#ifdef L_ENDIAN
+                                v0=sh[0], v1=sh[1];
+#else
+                                iv=&ovec[0];
+                                c2l(iv,v0);
+                                c2l(iv,v1);
+#endif
+                                }
+                        }
+                }
+        else
+                {
+                while (l >= (unsigned long)n)
+                        {
+                        l-=n;
+                        ti[0]=v0;
+                        ti[1]=v1;
+                        DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
+                        c2ln(in,d0,d1,n);
+                        in+=n;
+                        /* 30-08-94 - eay - changed because l>>32 and
+                         * l<<32 are bad under gcc :-( */
+                        if (numbits == 32)
+                                { v0=v1; v1=d0; }
+                        else if (numbits == 64)
+                                { v0=d0; v1=d1; }
+                        else
+                                {
+#ifndef L_ENDIAN
+                                iv=&ovec[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                l2c(d0,iv);
+                                l2c(d1,iv);
+#else
+                                sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1;
+#endif
+                                if (rem==0)
+                                        memmove(ovec,ovec+num,8);
+                                else
+                                        for(i=0 ; i < 8 ; ++i)
+                                                ovec[i]=ovec[i+num]<<rem |
+                                                        ovec[i+num+1]>>(8-rem);
+#ifdef L_ENDIAN
+                                v0=sh[0], v1=sh[1];
+#else
+                                iv=&ovec[0];
+                                c2l(iv,v0);
+                                c2l(iv,v1);
+#endif
+                                }
+                        d0^=ti[0];
+                        d1^=ti[1];
+                        l2cn(d0,d1,out,n);
+                        out+=n;
+                        }
+                }
+        iv = &(*ivec)[0];
+        l2c(v0,iv);
+        l2c(v1,iv);
+        v0=v1=d0=d1=ti[0]=ti[1]=0;
+        }
+
diff --git a/src/lib/libcrypto/des/des-lib.com b/src/lib/libcrypto/des/des-lib.com
new file mode 100644
index 0000000000..fc2c35a1ce
--- /dev/null
+++ b/src/lib/libcrypto/des/des-lib.com
@@ -0,0 +1,1003 @@
+$!
+$!  DES-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command files compiles and creates the 
+$!  "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" library.  The "xxx" denotes the machine 
+$!  architecture of AXP or VAX.
+$!
+$!  It was re-written to try to determine which "C" compiler to try to use
+$!  or the user can specify a compiler in P3.
+$!
+$!  Specify one of the following to build just that part, specify "ALL" to
+$!  just build everything.
+$!
+$!         ALL       To Just Build "Everything".
+$!         LIBRARY   To Just Build The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library.
+$!         DESTEST   To Just Build The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program.
+$!         SPEED     To Just Build The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program.
+$!         RPW       To Just Build The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program.
+$!         DES       To Just Build The [.xxx.EXE.CRYPTO.DES]DES.EXE Program.
+$!         DES_OPTS  To Just Build The [.xxx.EXE.CRYPTO.DES]DES_OPTS.EXE Program.
+$!
+$!  Specify either DEBUG or NODEBUG as P2 to compile with or without
+$!  debugging information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!         VAXC  For VAX C.
+$!         DECC  For DEC C.
+$!         GNUC  For GNU C.
+$!
+$!  If you don't speficy a compiler, it will try to determine which
+$!  "C" compiler to try to use.
+$!
+$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$! Make sure we know what architecture we run on.
+$!
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").GE.128)
+$ THEN
+$!
+$!  The Architecture Is AXP.
+$!
+$   ARCH := AXP
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH := VAX
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
+$! Define The OBJ Directory Name.
+$!
+$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The EXE Directory Name.
+$!
+$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ LIB_NAME := 'EXE_DIR'LIBDES.OLB
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDALL.EQS."TRUE")
+$ THEN
+$!
+$!  Since Nothing Special Was Specified, Do Everything.
+$!
+$   GOSUB LIBRARY
+$   GOSUB DESTEST
+$   GOSUB SPEED
+$   GOSUB RPW
+$   GOSUB DES
+$   GOSUB DES_OPTS
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!    Build Just What The User Wants Us To Build.
+$!
+$     GOSUB 'BUILDALL'
+$!
+$! End The BUILDALL Check.
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$ LIBRARY:
+$!
+$! Tell The User That We Are Compiling.
+$!
+$ WRITE SYS$OUTPUT "Compiling The ",LIB_NAME," Files."
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" Library...
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'LIB_NAME'
+$!
+$! End The Library Exist Check.
+$!
+$ ENDIF
+$!
+$! Define The DES Library Files.
+$!
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
+                "ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
+                "enc_read,enc_writ,ofb64enc,"+ -
+                "ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
+                "des_enc,fcrypt_b,read2pwd,"+ -
+                "fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp"
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",LIB_DES)
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$!  Tell The User We Are Compiling The Source File.
+$!
+$ WRITE SYS$OUTPUT "    ",FILE_NAME,".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + "." + ARCH + "OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The File Exists Check.
+$!
+$ ENDIF
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$!
+$! Add It To The Library.
+$!
+$ LIBRARY/REPLACE/OBJECT 'LIB_NAME' 'OBJECT_FILE'
+$!
+$! Time To Clean Up The Object File.
+$!
+$ DELETE 'OBJECT_FILE';*
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "Library ",LIB_NAME," Built."
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DESTEST Program.
+$!
+$ DESTEST:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DESTEST.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DESTEST.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DESTEST.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DESTEST.EXE"
+$!
+$! Compile The DESTEST Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DESTEST.OBJ SYS$DISK:[]DESTEST.C
+$!
+$! Link The DESTEST Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DESTEST.EXE -
+      'OBJ_DIR'DESTEST.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The SPEED Program.
+$!
+$ SPEED:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]SPEED.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File SPEED.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The SPEED.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"SPEED.EXE"
+$!
+$! Compile The SPEED Program.
+$!
+$ CC/OBJECT='OBJ_DIR'SPEED.OBJ SYS$DISK:[]SPEED.C
+$!
+$! Link The SPEED Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'SPEED.EXE -
+      'OBJ_DIR'SPEED.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The RPW Program.
+$!
+$ RPW:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]RPW.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File RPW.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The RPW.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"RPW.EXE"
+$!
+$! Compile The RPW Program.
+$!
+$ CC/OBJECT='OBJ_DIR'RPW.OBJ SYS$DISK:[]RPW.C
+$!
+$! Link The RPW Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'RPW.EXE -
+      'OBJ_DIR'RPW.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES Program.
+$!
+$ DES:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES.EXE"
+$!
+$! Compile The DES Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]DES.C
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]CBC3_ENC.C
+$!
+$! Link The DES Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES.EXE -
+      'OBJ_DIR'DES.OBJ,'OBJ_DIR'CBC3_ENC.OBJ,-
+      'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES_OPTS Program.
+$!
+$ DES_OPTS:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES_OPTS.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES_OPTS.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES_OPTS.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES_OPTS.EXE"
+$!
+$! Compile The DES_OPTS Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES_OPTS.OBJ SYS$DISK:[]DES_OPTS.C
+$!
+$! Link The DES_OPTS Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES_OPTS.EXE -
+      'OBJ_DIR'DES_OPTS.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!
+$     IF (F$GETSYI("CPU").LT.128)
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The AXP Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For AXP To Link Agianst 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The VAX/AXP DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."     
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Library Check.
+$!
+$ LIB_CHECK:
+$!
+$!  Look For The Library LIBDES.OLB.
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$!    Tell The User We Can't Find The [.xxx.CRYPTO.DES]LIBDES.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",LIB_NAME,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!    Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If We Are To "Just Build Everything".
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is "ALL", So Build Everything.
+$!
+$    BUILDALL = "TRUE"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Arguement.
+$!
+$   IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") -
+       .OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS")
+$   THEN
+$!
+$!    A Valid Arguement.
+$!
+$     BUILDALL = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything.
+$     WRITE SYS$OUTPUT "    LIBRARY  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library."
+$     WRITE SYS$OUTPUT "    DESTEST  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program."
+$     WRITE SYS$OUTPUT "    SPEED    :  To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program."
+$     WRITE SYS$OUTPUT "    RPW      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program."
+$     WRITE SYS$OUTPUT "    DES      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DES.EXE Program."
+$     WRITE SYS$OUTPUT "    DES_OPTS :  To Compile Just The [.xxx.EXE.CRYTPO.DES]DES_OPTS.EXE Program."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For: "
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "        AXP  :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "        VAX  :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Are To Compile Without Debugger Information.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!   P2 Is Blank, So Compile Without Debugger Information.
+$!
+$    DEBUGGER  = "NODEBUG"
+$    TRACEBACK = "NOTRACEBACK" 
+$    GCC_OPTIMIZE = "OPTIMIZE"
+$    CC_OPTIMIZE = "OPTIMIZE"
+$    WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$    WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later.
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN := ""
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = ""
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = ""
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+        CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
+$!
+$!  Check To See If The User Entered A Valid Paramter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+         THEN CC = "CC/DECC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
+           "/NOLIST/PREFIX=ALL" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."AXP"
+$     THEN
+$       WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$       EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c
new file mode 100644
index 0000000000..343135ff9e
--- /dev/null
+++ b/src/lib/libcrypto/des/des.c
@@ -0,0 +1,932 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_SYS_MSDOS
+#ifndef OPENSSL_SYS_VMS
+#include OPENSSL_UNISTD
+#else /* OPENSSL_SYS_VMS */
+#ifdef __DECC
+#include <unistd.h>
+#else /* not __DECC */
+#include <math.h>
+#endif /* __DECC */
+#endif /* OPENSSL_SYS_VMS */
+#else /* OPENSSL_SYS_MSDOS */
+#include <io.h>
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef OPENSSL_SYS_VMS
+#include <types.h>
+#include <stat.h>
+#else
+#ifndef _IRIX
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+#include <openssl/des.h>
+#include <openssl/rand.h>
+#include <openssl/ui_compat.h>
+
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
+int uuencode(unsigned char *in,int num,unsigned char *out);
+int uudecode(unsigned char *in,int num,unsigned char *out);
+void DES_3cbc_encrypt(DES_cblock *input,DES_cblock *output,long length,
+        DES_key_schedule sk1,DES_key_schedule sk2,
+        DES_cblock *ivec1,DES_cblock *ivec2,int enc);
+#ifdef OPENSSL_SYS_VMS
+#define EXIT(a) exit(a&0x10000000L)
+#else
+#define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY  1
+#define KEYSIZ  8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB+1];
+int do_encrypt,longk=0;
+FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum=0;
+#define INUUBUFN        (45*100)
+#define OUTUUBUF        (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+DES_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+char cksumname[200]="";
+
+int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
+
+int main(int argc, char **argv)
+        {
+        int i;
+        struct stat ins,outs;
+        char *p;
+        char *in=NULL,*out=NULL;
+
+        vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
+        error=0;
+        memset(key,0,sizeof(key));
+
+        for (i=1; i<argc; i++)
+                {
+                p=argv[i];
+                if ((p[0] == '-') && (p[1] != '\0'))
+                        {
+                        p++;
+                        while (*p)
+                                {
+                                switch (*(p++))
+                                        {
+                                case '3':
+                                        flag3=1;
+                                        longk=1;
+                                        break;
+                                case 'c':
+                                        cflag=1;
+                                        strncpy(cksumname,p,200);
+                                        cksumname[sizeof(cksumname)-1]='\0';
+                                        p+=strlen(cksumname);
+                                        break;
+                                case 'C':
+                                        cflag=1;
+                                        longk=1;
+                                        strncpy(cksumname,p,200);
+                                        cksumname[sizeof(cksumname)-1]='\0';
+                                        p+=strlen(cksumname);
+                                        break;
+                                case 'e':
+                                        eflag=1;
+                                        break;
+                                case 'v':
+                                        vflag=1;
+                                        break;
+                                case 'E':
+                                        eflag=1;
+                                        longk=1;
+                                        break;
+                                case 'd':
+                                        dflag=1;
+                                        break;
+                                case 'D':
+                                        dflag=1;
+                                        longk=1;
+                                        break;
+                                case 'b':
+                                        bflag=1;
+                                        break;
+                                case 'f':
+                                        fflag=1;
+                                        break;
+                                case 's':
+                                        sflag=1;
+                                        break;
+                                case 'u':
+                                        uflag=1;
+                                        strncpy(uuname,p,200);
+                                        uuname[sizeof(uuname)-1]='\0';
+                                        p+=strlen(uuname);
+                                        break;
+                                case 'h':
+                                        hflag=1;
+                                        break;
+                                case 'k':
+                                        kflag=1;
+                                        if ((i+1) == argc)
+                                                {
+                                                fputs("must have a key with the -k option\n",stderr);
+                                                error=1;
+                                                }
+                                        else
+                                                {
+                                                int j;
+
+                                                i++;
+                                                strncpy(key,argv[i],KEYSIZB);
+                                                for (j=strlen(argv[i])-1; j>=0; j--)
+                                                        argv[i][j]='\0';
+                                                }
+                                        break;
+                                default:
+                                        fprintf(stderr,"'%c' unknown flag\n",p[-1]);
+                                        error=1;
+                                        break;
+                                        }
+                                }
+                        }
+                else
+                        {
+                        if (in == NULL)
+                                in=argv[i];
+                        else if (out == NULL)
+                                out=argv[i];
+                        else
+                                error=1;
+                        }
+                }
+        if (error) usage();
+        /* We either
+         * do checksum or
+         * do encrypt or
+         * do decrypt or
+         * do decrypt then ckecksum or
+         * do checksum then encrypt
+         */
+        if (((eflag+dflag) == 1) || cflag)
+                {
+                if (eflag) do_encrypt=DES_ENCRYPT;
+                if (dflag) do_encrypt=DES_DECRYPT;
+                }
+        else
+                {
+                if (vflag) 
+                        {
+#ifndef _Windows                        
+                        fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif                  
+                        EXIT(1);
+                        }
+                else usage();
+                }
+
+#ifndef _Windows                        
+        if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif                  
+        if (    (in != NULL) &&
+                (out != NULL) &&
+#ifndef OPENSSL_SYS_MSDOS
+                (stat(in,&ins) != -1) &&
+                (stat(out,&outs) != -1) &&
+                (ins.st_dev == outs.st_dev) &&
+                (ins.st_ino == outs.st_ino))
+#else /* OPENSSL_SYS_MSDOS */
+                (strcmp(in,out) == 0))
+#endif
+                        {
+                        fputs("input and output file are the same\n",stderr);
+                        EXIT(3);
+                        }
+
+        if (!kflag)
+                if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
+                        {
+                        fputs("password error\n",stderr);
+                        EXIT(2);
+                        }
+
+        if (in == NULL)
+                DES_IN=stdin;
+        else if ((DES_IN=fopen(in,"r")) == NULL)
+                {
+                perror("opening input file");
+                EXIT(4);
+                }
+
+        CKSUM_OUT=stdout;
+        if (out == NULL)
+                {
+                DES_OUT=stdout;
+                CKSUM_OUT=stderr;
+                }
+        else if ((DES_OUT=fopen(out,"w")) == NULL)
+                {
+                perror("opening output file");
+                EXIT(5);
+                }
+
+#ifdef OPENSSL_SYS_MSDOS
+        /* This should set the file to binary mode. */
+        {
+#include <fcntl.h>
+        if (!(uflag && dflag))
+                setmode(fileno(DES_IN),O_BINARY);
+        if (!(uflag && eflag))
+                setmode(fileno(DES_OUT),O_BINARY);
+        }
+#endif
+
+        doencryption();
+        fclose(DES_IN);
+        fclose(DES_OUT);
+        EXIT(0);
+        }
+
+void usage(void)
+        {
+        char **u;
+        static const char *Usage[]={
+"des <options> [input-file [output-file]]",
+"options:",
+"-v         : des(1) version number",
+"-e         : encrypt using SunOS compatible user key to DES key conversion.",
+"-E         : encrypt ",
+"-d         : decrypt using SunOS compatible user key to DES key conversion.",
+"-D         : decrypt ",
+"-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
+"             DES key conversion and output to ckname (stdout default,",
+"             stderr if data being output on stdout).  The checksum is",
+"             generated before encryption and after decryption if used",
+"             in conjunction with -[eEdD].",
+"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+"-k key     : use key 'key'",
+"-h         : the key that is entered will be a hexadecimal number",
+"             that is used directly as the des key",
+"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+"             (uuname is the filename to put in the uuencode header).",
+"-b         : encrypt using DES in ecb encryption mode, the default is cbc mode.",
+"-3         : encrypt using triple DES encryption.  This uses 2 keys",
+"             generated from the input key.  If the input key is less",
+"             than 8 characters long, this is equivalent to normal",
+"             encryption.  Default is triple cbc, -b makes it triple ecb.",
+NULL
+};
+        for (u=(char **)Usage; *u; u++)
+                {
+                fputs(*u,stderr);
+                fputc('\n',stderr);
+                }
+
+        EXIT(1);
+        }
+
+void doencryption(void)
+        {
+#ifdef _LIBC
+        extern unsigned long time();
+#endif
+
+        register int i;
+        DES_key_schedule ks,ks2;
+        DES_cblock iv,iv2;
+        char *p;
+        int num=0,j,k,l,rem,ll,len,last,ex=0;
+        DES_cblock kk,k2;
+        FILE *O;
+        int Exit=0;
+#ifndef OPENSSL_SYS_MSDOS
+        static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
+#else
+        static unsigned char *buf=NULL,*obuf=NULL;
+
+        if (buf == NULL)
+                {
+                if (    (( buf=OPENSSL_malloc(BUFSIZE+8)) == NULL) ||
+                        ((obuf=OPENSSL_malloc(BUFSIZE+8)) == NULL))
+                        {
+                        fputs("Not enough memory\n",stderr);
+                        Exit=10;
+                        goto problems;
+                        }
+                }
+#endif
+
+        if (hflag)
+                {
+                j=(flag3?16:8);
+                p=key;
+                for (i=0; i<j; i++)
+                        {
+                        k=0;
+                        if ((*p <= '9') && (*p >= '0'))
+                                k=(*p-'0')<<4;
+                        else if ((*p <= 'f') && (*p >= 'a'))
+                                k=(*p-'a'+10)<<4;
+                        else if ((*p <= 'F') && (*p >= 'A'))
+                                k=(*p-'A'+10)<<4;
+                        else
+                                {
+                                fputs("Bad hex key\n",stderr);
+                                Exit=9;
+                                goto problems;
+                                }
+                        p++;
+                        if ((*p <= '9') && (*p >= '0'))
+                                k|=(*p-'0');
+                        else if ((*p <= 'f') && (*p >= 'a'))
+                                k|=(*p-'a'+10);
+                        else if ((*p <= 'F') && (*p >= 'A'))
+                                k|=(*p-'A'+10);
+                        else
+                                {
+                                fputs("Bad hex key\n",stderr);
+                                Exit=9;
+                                goto problems;
+                                }
+                        p++;
+                        if (i < 8)
+                                kk[i]=k;
+                        else
+                                k2[i-8]=k;
+                        }
+                DES_set_key_unchecked(&k2,&ks2);
+                OPENSSL_cleanse(k2,sizeof(k2));
+                }
+        else if (longk || flag3)
+                {
+                if (flag3)
+                        {
+                        DES_string_to_2keys(key,&kk,&k2);
+                        DES_set_key_unchecked(&k2,&ks2);
+                        OPENSSL_cleanse(k2,sizeof(k2));
+                        }
+                else
+                        DES_string_to_key(key,&kk);
+                }
+        else
+                for (i=0; i<KEYSIZ; i++)
+                        {
+                        l=0;
+                        k=key[i];
+                        for (j=0; j<8; j++)
+                                {
+                                if (k&1) l++;
+                                k>>=1;
+                                }
+                        if (l & 1)
+                                kk[i]=key[i]&0x7f;
+                        else
+                                kk[i]=key[i]|0x80;
+                        }
+
+        DES_set_key_unchecked(&kk,&ks);
+        OPENSSL_cleanse(key,sizeof(key));
+        OPENSSL_cleanse(kk,sizeof(kk));
+        /* woops - A bug that does not showup under unix :-( */
+        memset(iv,0,sizeof(iv));
+        memset(iv2,0,sizeof(iv2));
+
+        l=1;
+        rem=0;
+        /* first read */
+        if (eflag || (!dflag && cflag))
+                {
+                for (;;)
+                        {
+                        num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+                        l+=rem;
+                        num+=rem;
+                        if (l < 0)
+                                {
+                                perror("read error");
+                                Exit=6;
+                                goto problems;
+                                }
+
+                        rem=l%8;
+                        len=l-rem;
+                        if (feof(DES_IN))
+                                {
+                                for (i=7-rem; i>0; i--)
+                                        RAND_pseudo_bytes(buf + l++, 1);
+                                buf[l++]=rem;
+                                ex=1;
+                                len+=rem;
+                                }
+                        else
+                                l-=rem;
+
+                        if (cflag)
+                                {
+                                DES_cbc_cksum(buf,&cksum,
+                                        (long)len,&ks,&cksum);
+                                if (!eflag)
+                                        {
+                                        if (feof(DES_IN)) break;
+                                        else continue;
+                                        }
+                                }
+
+                        if (bflag && !flag3)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,do_encrypt);
+                        else if (flag3 && bflag)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb2_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,&ks2,do_encrypt);
+                        else if (flag3 && !bflag)
+                                {
+                                char tmpbuf[8];
+
+                                if (rem) memcpy(tmpbuf,&(buf[l]),
+                                        (unsigned int)rem);
+                                DES_3cbc_encrypt(
+                                        (DES_cblock *)buf,(DES_cblock *)obuf,
+                                        (long)l,ks,ks2,&iv,
+                                        &iv2,do_encrypt);
+                                if (rem) memcpy(&(buf[l]),tmpbuf,
+                                        (unsigned int)rem);
+                                }
+                        else
+                                {
+                                DES_cbc_encrypt(
+                                        buf,obuf,
+                                        (long)l,&ks,&iv,do_encrypt);
+                                if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
+                                }
+                        if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
+
+                        i=0;
+                        while (i < l)
+                                {
+                                if (uflag)
+                                        j=uufwrite(obuf,1,(unsigned int)l-i,
+                                                DES_OUT);
+                                else
+                                        j=fwrite(obuf,1,(unsigned int)l-i,
+                                                DES_OUT);
+                                if (j == -1)
+                                        {
+                                        perror("Write error");
+                                        Exit=7;
+                                        goto problems;
+                                        }
+                                i+=j;
+                                }
+                        if (feof(DES_IN))
+                                {
+                                if (uflag) uufwriteEnd(DES_OUT);
+                                break;
+                                }
+                        }
+                }
+        else /* decrypt */
+                {
+                ex=1;
+                for (;;)
+                        {
+                        if (ex) {
+                                if (uflag)
+                                        l=uufread(buf,1,BUFSIZE,DES_IN);
+                                else
+                                        l=fread(buf,1,BUFSIZE,DES_IN);
+                                ex=0;
+                                rem=l%8;
+                                l-=rem;
+                                }
+                        if (l < 0)
+                                {
+                                perror("read error");
+                                Exit=6;
+                                goto problems;
+                                }
+
+                        if (bflag && !flag3)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,do_encrypt);
+                        else if (flag3 && bflag)
+                                for (i=0; i<l; i+=8)
+                                        DES_ecb2_encrypt(
+                                                (DES_cblock *)&(buf[i]),
+                                                (DES_cblock *)&(obuf[i]),
+                                                &ks,&ks2,do_encrypt);
+                        else if (flag3 && !bflag)
+                                {
+                                DES_3cbc_encrypt(
+                                        (DES_cblock *)buf,(DES_cblock *)obuf,
+                                        (long)l,ks,ks2,&iv,
+                                        &iv2,do_encrypt);
+                                }
+                        else
+                                {
+                                DES_cbc_encrypt(
+                                        buf,obuf,
+                                        (long)l,&ks,&iv,do_encrypt);
+                                if (l >= 8) memcpy(iv,&(buf[l-8]),8);
+                                }
+
+                        if (uflag)
+                                ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
+                        else
+                                ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+                        ll+=rem;
+                        rem=ll%8;
+                        ll-=rem;
+                        if (feof(DES_IN) && (ll == 0))
+                                {
+                                last=obuf[l-1];
+
+                                if ((last > 7) || (last < 0))
+                                        {
+                                        fputs("The file was not decrypted correctly.\n",
+                                                stderr);
+                                        Exit=8;
+                                        last=0;
+                                        }
+                                l=l-8+last;
+                                }
+                        i=0;
+                        if (cflag) DES_cbc_cksum(obuf,
+                                (DES_cblock *)cksum,(long)l/8*8,&ks,
+                                (DES_cblock *)cksum);
+                        while (i != l)
+                                {
+                                j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
+                                if (j == -1)
+                                        {
+                                        perror("Write error");
+                                        Exit=7;
+                                        goto problems;
+                                        }
+                                i+=j;
+                                }
+                        l=ll;
+                        if ((l == 0) && feof(DES_IN)) break;
+                        }
+                }
+        if (cflag)
+                {
+                l=0;
+                if (cksumname[0] != '\0')
+                        {
+                        if ((O=fopen(cksumname,"w")) != NULL)
+                                {
+                                CKSUM_OUT=O;
+                                l=1;
+                                }
+                        }
+                for (i=0; i<8; i++)
+                        fprintf(CKSUM_OUT,"%02X",cksum[i]);
+                fprintf(CKSUM_OUT,"\n");
+                if (l) fclose(CKSUM_OUT);
+                }
+problems:
+        OPENSSL_cleanse(buf,sizeof(buf));
+        OPENSSL_cleanse(obuf,sizeof(obuf));
+        OPENSSL_cleanse(&ks,sizeof(ks));
+        OPENSSL_cleanse(&ks2,sizeof(ks2));
+        OPENSSL_cleanse(iv,sizeof(iv));
+        OPENSSL_cleanse(iv2,sizeof(iv2));
+        OPENSSL_cleanse(kk,sizeof(kk));
+        OPENSSL_cleanse(k2,sizeof(k2));
+        OPENSSL_cleanse(uubuf,sizeof(uubuf));
+        OPENSSL_cleanse(b,sizeof(b));
+        OPENSSL_cleanse(bb,sizeof(bb));
+        OPENSSL_cleanse(cksum,sizeof(cksum));
+        if (Exit) EXIT(Exit);
+        }
+
+/*    We ignore this parameter but it should be > ~50 I believe    */
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
+        {
+        int i,j,left,rem,ret=num;
+        static int start=1;
+
+        if (start)
+                {
+                fprintf(fp,"begin 600 %s\n",
+                        (uuname[0] == '\0')?"text.d":uuname);
+                start=0;
+                }
+
+        if (uubufnum)
+                {
+                if (uubufnum+num < 45)
+                        {
+                        memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
+                        uubufnum+=num;
+                        return(num);
+                        }
+                else
+                        {
+                        i=45-uubufnum;
+                        memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
+                        j=uuencode((unsigned char *)uubuf,45,b);
+                        fwrite(b,1,(unsigned int)j,fp);
+                        uubufnum=0;
+                        data+=i;
+                        num-=i;
+                        }
+                }
+
+        for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
+                {
+                j=uuencode(&(data[i]),INUUBUFN,b);
+                fwrite(b,1,(unsigned int)j,fp);
+                }
+        rem=(num-i)%45;
+        left=(num-i-rem);
+        if (left)
+                {
+                j=uuencode(&(data[i]),left,b);
+                fwrite(b,1,(unsigned int)j,fp);
+                i+=left;
+                }
+        if (i != num)
+                {
+                memcpy(uubuf,&(data[i]),(unsigned int)rem);
+                uubufnum=rem;
+                }
+        return(ret);
+        }
+
+void uufwriteEnd(FILE *fp)
+        {
+        int j;
+        static const char *end=" \nend\n";
+
+        if (uubufnum != 0)
+                {
+                uubuf[uubufnum]='\0';
+                uubuf[uubufnum+1]='\0';
+                uubuf[uubufnum+2]='\0';
+                j=uuencode(uubuf,uubufnum,b);
+                fwrite(b,1,(unsigned int)j,fp);
+                }
+        fwrite(end,1,strlen(end),fp);
+        }
+
+/* int size:  should always be > ~ 60; I actually ignore this parameter :-)    */
+int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
+        {
+        int i,j,tot;
+        static int done=0;
+        static int valid=0;
+        static int start=1;
+
+        if (start)
+                {
+                for (;;)
+                        {
+                        b[0]='\0';
+                        fgets((char *)b,300,fp);
+                        if (b[0] == '\0')
+                                {
+                                fprintf(stderr,"no 'begin' found in uuencoded input\n");
+                                return(-1);
+                                }
+                        if (strncmp((char *)b,"begin ",6) == 0) break;
+                        }
+                start=0;
+                }
+        if (done) return(0);
+        tot=0;
+        if (valid)
+                {
+                memcpy(out,bb,(unsigned int)valid);
+                tot=valid;
+                valid=0;
+                }
+        for (;;)
+                {
+                b[0]='\0';
+                fgets((char *)b,300,fp);
+                if (b[0] == '\0') break;
+                i=strlen((char *)b);
+                if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
+                        {
+                        done=1;
+                        while (!feof(fp))
+                                {
+                                fgets((char *)b,300,fp);
+                                }
+                        break;
+                        }
+                i=uudecode(b,i,bb);
+                if (i < 0) break;
+                if ((i+tot+8) > num)
+                        {
+                        /* num to copy to make it a multiple of 8 */
+                        j=(num/8*8)-tot-8;
+                        memcpy(&(out[tot]),bb,(unsigned int)j);
+                        tot+=j;
+                        memcpy(bb,&(bb[j]),(unsigned int)i-j);
+                        valid=i-j;
+                        break;
+                        }
+                memcpy(&(out[tot]),bb,(unsigned int)i);
+                tot+=i;
+                }
+        return(tot);
+        }
+
+#define ccc2l(c,l)      (l =((DES_LONG)(*((c)++)))<<16, \
+                         l|=((DES_LONG)(*((c)++)))<< 8, \
+                         l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c)      (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                    *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                    *((c)++)=(unsigned char)(((l)    )&0xff))
+
+
+int uuencode(unsigned char *in, int num, unsigned char *out)
+        {
+        int j,i,n,tot=0;
+        DES_LONG l;
+        register unsigned char *p;
+        p=out;
+
+        for (j=0; j<num; j+=45)
+                {
+                if (j+45 > num)
+                        i=(num-j);
+                else    i=45;
+                *(p++)=i+' ';
+                for (n=0; n<i; n+=3)
+                        {
+                        ccc2l(in,l);
+                        *(p++)=((l>>18)&0x3f)+' ';
+                        *(p++)=((l>>12)&0x3f)+' ';
+                        *(p++)=((l>> 6)&0x3f)+' ';
+                        *(p++)=((l    )&0x3f)+' ';
+                        tot+=4;
+                        }
+                *(p++)='\n';
+                tot+=2;
+                }
+        *p='\0';
+        l=0;
+        return(tot);
+        }
+
+int uudecode(unsigned char *in, int num, unsigned char *out)
+        {
+        int j,i,k;
+        unsigned int n=0,space=0;
+        DES_LONG l;
+        DES_LONG w,x,y,z;
+        unsigned int blank=(unsigned int)'\n'-' ';
+
+        for (j=0; j<num; )
+                {
+                n= *(in++)-' ';
+                if (n == blank)
+                        {
+                        n=0;
+                        in--;
+                        }
+                if (n > 60)
+                        {
+                        fprintf(stderr,"uuencoded line length too long\n");
+                        return(-1);
+                        }
+                j++;
+
+                for (i=0; i<n; j+=4,i+=3)
+                        {
+                        /* the following is for cases where spaces are
+                         * removed from lines.
+                         */
+                        if (space)
+                                {
+                                w=x=y=z=0;
+                                }
+                        else
+                                {
+                                w= *(in++)-' ';
+                                x= *(in++)-' ';
+                                y= *(in++)-' ';
+                                z= *(in++)-' ';
+                                }
+                        if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
+                                {
+                                k=0;
+                                if (w == blank) k=1;
+                                if (x == blank) k=2;
+                                if (y == blank) k=3;
+                                if (z == blank) k=4;
+                                space=1;
+                                switch (k) {
+                                case 1: w=0; in--;
+                                case 2: x=0; in--;
+                                case 3: y=0; in--;
+                                case 4: z=0; in--;
+                                        break;
+                                case 0:
+                                        space=0;
+                                        fprintf(stderr,"bad uuencoded data values\n");
+                                        w=x=y=z=0;
+                                        return(-1);
+                                        break;
+                                        }
+                                }
+                        l=(w<<18)|(x<<12)|(y<< 6)|(z    );
+                        l2ccc(l,out);
+                        }
+                if (*(in++) != '\n')
+                        {
+                        fprintf(stderr,"missing nl in uuencoded line\n");
+                        w=x=y=z=0;
+                        return(-1);
+                        }
+                j++;
+                }
+        *out='\0';
+        w=x=y=z=0;
+        return(n);
+        }
diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h
new file mode 100644
index 0000000000..7318593699
--- /dev/null
+++ b/src/lib/libcrypto/des/des.h
@@ -0,0 +1,247 @@
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#include <openssl/e_os2.h>      /* OPENSSL_EXTERN, OPENSSL_NO_DES,
+                                   DES_LONG (via openssl/opensslconf.h */
+
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
+#endif
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#define des_SPtrans DES_SPtrans
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef unsigned char DES_cblock[8];
+typedef /* const */ unsigned char const_DES_cblock[8];
+/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
+ * and const_DES_cblock * are incompatible pointer types. */
+
+typedef struct DES_ks
+    {
+    union
+        {
+        DES_cblock cblock;
+        /* make sure things are correct size on machines with
+         * 8 byte longs */
+        DES_LONG deslong[2];
+        } ks[16];
+    } DES_key_schedule;
+
+#ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
+# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
+#  define OPENSSL_ENABLE_OLD_DES_SUPPORT
+# endif
+#endif
+
+#ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
+# include <openssl/des_old.h>
+#endif
+
+#define DES_KEY_SZ      (sizeof(DES_cblock))
+#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+
+#define DES_ENCRYPT     1
+#define DES_DECRYPT     0
+
+#define DES_CBC_MODE    0
+#define DES_PCBC_MODE   1
+
+#define DES_ecb2_encrypt(i,o,k1,k2,e) \
+        DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+OPENSSL_DECLARE_GLOBAL(int,DES_check_key);      /* defaults to false */
+#define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
+OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode);        /* defaults to DES_PCBC_MODE */
+#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
+
+const char *DES_options(void);
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks1,DES_key_schedule *ks2,
+                      DES_key_schedule *ks3, int enc);
+DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
+                       long length,DES_key_schedule *schedule,
+                       const_DES_cblock *ivec);
+/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
+void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
+                     long length,DES_key_schedule *schedule,DES_cblock *ivec,
+                     int enc);
+void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
+                      long length,DES_key_schedule *schedule,DES_cblock *ivec,
+                      int enc);
+void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
+                      long length,DES_key_schedule *schedule,DES_cblock *ivec,
+                      const_DES_cblock *inw,const_DES_cblock *outw,int enc);
+void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
+                     long length,DES_key_schedule *schedule,DES_cblock *ivec,
+                     int enc);
+void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
+                     DES_key_schedule *ks,int enc);
+
+/*      This is the DES encryption function that gets called by just about
+        every other DES routine in the library.  You should not use this
+        function except to implement 'modes' of DES.  I say this because the
+        functions that call this routine do the conversion from 'char *' to
+        long, and this needs to be done to make sure 'non-aligned' memory
+        access do not occur.  The characters are loaded 'little endian'.
+        Data is a pointer to 2 unsigned long's and ks is the
+        DES_key_schedule to use.  enc, is non zero specifies encryption,
+        zero if decryption. */
+void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);
+
+/*      This functions is the same as DES_encrypt1() except that the DES
+        initial permutation (IP) and final permutation (FP) have been left
+        out.  As for DES_encrypt1(), you should not use this function.
+        It is used by the routines in the library that implement triple DES.
+        IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
+        as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
+void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, 
+                          long length,
+                          DES_key_schedule *ks1,DES_key_schedule *ks2,
+                          DES_key_schedule *ks3,DES_cblock *ivec,int enc);
+void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
+                           long length,
+                           DES_key_schedule *ks1,DES_key_schedule *ks2,
+                           DES_key_schedule *ks3,
+                           DES_cblock *ivec1,DES_cblock *ivec2,
+                           int enc);
+void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
+                            long length,DES_key_schedule *ks1,
+                            DES_key_schedule *ks2,DES_key_schedule *ks3,
+                            DES_cblock *ivec,int *num,int enc);
+void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
+                          int numbits,long length,DES_key_schedule *ks1,
+                          DES_key_schedule *ks2,DES_key_schedule *ks3,
+                          DES_cblock *ivec,int enc);
+void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
+                            long length,DES_key_schedule *ks1,
+                            DES_key_schedule *ks2,DES_key_schedule *ks3,
+                            DES_cblock *ivec,int *num);
+#if 0
+void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
+                       DES_cblock *out_white);
+#endif
+
+int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
+                 DES_cblock *iv);
+int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
+                  DES_cblock *iv);
+char *DES_fcrypt(const char *buf,const char *salt, char *ret);
+char *DES_crypt(const char *buf,const char *salt);
+void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
+                     long length,DES_key_schedule *schedule,DES_cblock *ivec);
+void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
+                      long length,DES_key_schedule *schedule,DES_cblock *ivec,
+                      int enc);
+DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
+                        long length,int out_count,DES_cblock *seed);
+int DES_random_key(DES_cblock *ret);
+void DES_set_odd_parity(DES_cblock *key);
+int DES_check_key_parity(const_DES_cblock *key);
+int DES_is_weak_key(const_DES_cblock *key);
+/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
+ * DES_set_key_checked if global variable DES_check_key is set,
+ * DES_set_key_unchecked otherwise. */
+int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
+int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
+int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
+void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
+void DES_string_to_key(const char *str,DES_cblock *key);
+void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
+void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
+                       DES_key_schedule *schedule,DES_cblock *ivec,int *num,
+                       int enc);
+void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
+                       DES_key_schedule *schedule,DES_cblock *ivec,int *num);
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify);
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
+        int verify);
+
+#define DES_fixup_key_parity DES_set_odd_parity
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libcrypto/des/des.pod b/src/lib/libcrypto/des/des.pod
new file mode 100644
index 0000000000..bf479e83d2
--- /dev/null
+++ b/src/lib/libcrypto/des/des.pod
@@ -0,0 +1,217 @@
+=pod
+
+=head1 NAME
+
+des - encrypt or decrypt data using Data Encryption Standard
+
+=head1 SYNOPSIS
+
+B<des>
+(
+B<-e>
+|
+B<-E>
+) | (
+B<-d>
+|
+B<-D>
+) | (
+B<->[B<cC>][B<ckname>]
+) |
+[
+B<-b3hfs>
+] [
+B<-k>
+I<key>
+]
+] [
+B<-u>[I<uuname>]
+[
+I<input-file>
+[
+I<output-file>
+] ]
+
+=head1 NOTE
+
+This page describes the B<des> stand-alone program, not the B<openssl des>
+command.
+
+=head1 DESCRIPTION
+
+B<des>
+encrypts and decrypts data using the
+Data Encryption Standard algorithm.
+One of
+B<-e>, B<-E>
+(for encrypt) or
+B<-d>, B<-D>
+(for decrypt) must be specified.
+It is also possible to use
+B<-c>
+or
+B<-C>
+in conjunction or instead of the a encrypt/decrypt option to generate
+a 16 character hexadecimal checksum, generated via the
+I<des_cbc_cksum>.
+
+Two standard encryption modes are supported by the
+B<des>
+program, Cipher Block Chaining (the default) and Electronic Code Book
+(specified with
+B<-b>).
+
+The key used for the DES
+algorithm is obtained by prompting the user unless the
+B<-k>
+I<key>
+option is given.
+If the key is an argument to the
+B<des>
+command, it is potentially visible to users executing
+ps(1)
+or a derivative.  To minimise this possibility,
+B<des>
+takes care to destroy the key argument immediately upon entry.
+If your shell keeps a history file be careful to make sure it is not
+world readable.
+
+Since this program attempts to maintain compatibility with sunOS's
+des(1) command, there are 2 different methods used to convert the user
+supplied key to a des key.
+Whenever and one or more of
+B<-E>, B<-D>, B<-C>
+or
+B<-3>
+options are used, the key conversion procedure will not be compatible
+with the sunOS des(1) version but will use all the user supplied
+character to generate the des key.
+B<des>
+command reads from standard input unless
+I<input-file>
+is specified and writes to standard output unless
+I<output-file>
+is given.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-b>
+
+Select ECB
+(eight bytes at a time) encryption mode.
+
+=item B<-3>
+
+Encrypt using triple encryption.
+By default triple cbc encryption is used but if the
+B<-b>
+option is used then triple ECB encryption is performed.
+If the key is less than 8 characters long, the flag has no effect.
+
+=item B<-e>
+
+Encrypt data using an 8 byte key in a manner compatible with sunOS
+des(1).
+
+=item B<-E>
+
+Encrypt data using a key of nearly unlimited length (1024 bytes).
+This will product a more secure encryption.
+
+=item B<-d>
+
+Decrypt data that was encrypted with the B<-e> option.
+
+=item B<-D>
+
+Decrypt data that was encrypted with the B<-E> option.
+
+=item B<-c>
+
+Generate a 16 character hexadecimal cbc checksum and output this to
+stderr.
+If a filename was specified after the
+B<-c>
+option, the checksum is output to that file.
+The checksum is generated using a key generated in a sunOS compatible
+manner.
+
+=item B<-C>
+
+A cbc checksum is generated in the same manner as described for the
+B<-c>
+option but the DES key is generated in the same manner as used for the
+B<-E>
+and
+B<-D>
+options
+
+=item B<-f>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-s>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-k> I<key>
+
+Use the encryption 
+I<key>
+specified.
+
+=item B<-h>
+
+The
+I<key>
+is assumed to be a 16 character hexadecimal number.
+If the
+B<-3>
+option is used the key is assumed to be a 32 character hexadecimal
+number.
+
+=item B<-u>
+
+This flag is used to read and write uuencoded files.  If decrypting,
+the input file is assumed to contain uuencoded, DES encrypted data.
+If encrypting, the characters following the B<-u> are used as the name of
+the uuencoded file to embed in the begin line of the uuencoded
+output.  If there is no name specified after the B<-u>, the name text.des
+will be embedded in the header.
+
+=head1 SEE ALSO
+
+ps(1),
+L<des_crypt(3)|des_crypt(3)>
+
+=head1 BUGS
+
+The problem with using the
+B<-e>
+option is the short key length.
+It would be better to use a real 56-bit key rather than an
+ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
+radically reduces the time necessary for a brute-force cryptographic attack.
+My attempt to remove this problem is to add an alternative text-key to
+DES-key function.  This alternative function (accessed via
+B<-E>, B<-D>, B<-S>
+and
+B<-3>)
+uses DES to help generate the key.
+
+Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
+not decrypt filename (the B<-u> option will gobble the B<-d> option).
+
+The VMS operating system operates in a world where files are always a
+multiple of 512 bytes.  This causes problems when encrypted data is
+send from Unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the B<-u> option
+to uuencode the data before it is send to the VMS system.
+
+=head1 AUTHOR
+
+Eric Young (eay@cryptsoft.com)
+
+=cut
diff --git a/src/lib/libcrypto/des/des3s.cpp b/src/lib/libcrypto/des/des3s.cpp
new file mode 100644
index 0000000000..02d527c057
--- /dev/null
+++ b/src/lib/libcrypto/des/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+               : "=eax" (tsc)
+               :
+               : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+        {
+        des_key_schedule key1,key2,key3;
+        unsigned long s1,s2,e1,e2;
+        unsigned long data[2];
+        int i,j;
+
+        for (j=0; j<6; j++)
+                {
+                for (i=0; i<1000; i++) /**/
+                        {
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        GetTSC(s1);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        GetTSC(e1);
+                        GetTSC(s2);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        GetTSC(e2);
+                        des_encrypt3(&data[0],key1,key2,key3);
+                        }
+
+                printf("des %d %d (%d)\n",
+                        e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+                }
+        }
+
diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c
new file mode 100644
index 0000000000..0fe4e0b2ad
--- /dev/null
+++ b/src/lib/libcrypto/des/des_enc.c
@@ -0,0 +1,411 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+#ifndef OPENBSD_DES_ASM
+
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
+        {
+        register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+        register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+        register int i;
+#endif
+        register DES_LONG *s;
+
+        r=data[0];
+        l=data[1];
+
+        IP(r,l);
+        /* Things have been modified so that the initial rotate is
+         * done outside the loop.  This required the
+         * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
+         * One perl script later and things have a 5% speed up on a sparc2.
+         * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+         * for pointing this out. */
+        /* clear the top bits on machines with 8byte longs */
+        /* shift left by 2 */
+        r=ROTATE(r,29)&0xffffffffL;
+        l=ROTATE(l,29)&0xffffffffL;
+
+        s=ks->ks->deslong;
+        /* I don't know if it is worth the effort of loop unrolling the
+         * inner loop */
+        if (enc)
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r, 0); /*  1 */
+                D_ENCRYPT(r,l, 2); /*  2 */
+                D_ENCRYPT(l,r, 4); /*  3 */
+                D_ENCRYPT(r,l, 6); /*  4 */
+                D_ENCRYPT(l,r, 8); /*  5 */
+                D_ENCRYPT(r,l,10); /*  6 */
+                D_ENCRYPT(l,r,12); /*  7 */
+                D_ENCRYPT(r,l,14); /*  8 */
+                D_ENCRYPT(l,r,16); /*  9 */
+                D_ENCRYPT(r,l,18); /*  10 */
+                D_ENCRYPT(l,r,20); /*  11 */
+                D_ENCRYPT(r,l,22); /*  12 */
+                D_ENCRYPT(l,r,24); /*  13 */
+                D_ENCRYPT(r,l,26); /*  14 */
+                D_ENCRYPT(l,r,28); /*  15 */
+                D_ENCRYPT(r,l,30); /*  16 */
+#else
+                for (i=0; i<32; i+=8)
+                        {
+                        D_ENCRYPT(l,r,i+0); /*  1 */
+                        D_ENCRYPT(r,l,i+2); /*  2 */
+                        D_ENCRYPT(l,r,i+4); /*  3 */
+                        D_ENCRYPT(r,l,i+6); /*  4 */
+                        }
+#endif
+                }
+        else
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r,30); /* 16 */
+                D_ENCRYPT(r,l,28); /* 15 */
+                D_ENCRYPT(l,r,26); /* 14 */
+                D_ENCRYPT(r,l,24); /* 13 */
+                D_ENCRYPT(l,r,22); /* 12 */
+                D_ENCRYPT(r,l,20); /* 11 */
+                D_ENCRYPT(l,r,18); /* 10 */
+                D_ENCRYPT(r,l,16); /*  9 */
+                D_ENCRYPT(l,r,14); /*  8 */
+                D_ENCRYPT(r,l,12); /*  7 */
+                D_ENCRYPT(l,r,10); /*  6 */
+                D_ENCRYPT(r,l, 8); /*  5 */
+                D_ENCRYPT(l,r, 6); /*  4 */
+                D_ENCRYPT(r,l, 4); /*  3 */
+                D_ENCRYPT(l,r, 2); /*  2 */
+                D_ENCRYPT(r,l, 0); /*  1 */
+#else
+                for (i=30; i>0; i-=8)
+                        {
+                        D_ENCRYPT(l,r,i-0); /* 16 */
+                        D_ENCRYPT(r,l,i-2); /* 15 */
+                        D_ENCRYPT(l,r,i-4); /* 14 */
+                        D_ENCRYPT(r,l,i-6); /* 13 */
+                        }
+#endif
+                }
+
+        /* rotate and clear the top bits on machines with 8byte longs */
+        l=ROTATE(l,3)&0xffffffffL;
+        r=ROTATE(r,3)&0xffffffffL;
+
+        FP(r,l);
+        data[0]=l;
+        data[1]=r;
+        l=r=t=u=0;
+        }
+
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
+        {
+        register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+        register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+        register int i;
+#endif
+        register DES_LONG *s;
+
+        r=data[0];
+        l=data[1];
+
+        /* Things have been modified so that the initial rotate is
+         * done outside the loop.  This required the
+         * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
+         * One perl script later and things have a 5% speed up on a sparc2.
+         * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+         * for pointing this out. */
+        /* clear the top bits on machines with 8byte longs */
+        r=ROTATE(r,29)&0xffffffffL;
+        l=ROTATE(l,29)&0xffffffffL;
+
+        s=ks->ks->deslong;
+        /* I don't know if it is worth the effort of loop unrolling the
+         * inner loop */
+        if (enc)
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r, 0); /*  1 */
+                D_ENCRYPT(r,l, 2); /*  2 */
+                D_ENCRYPT(l,r, 4); /*  3 */
+                D_ENCRYPT(r,l, 6); /*  4 */
+                D_ENCRYPT(l,r, 8); /*  5 */
+                D_ENCRYPT(r,l,10); /*  6 */
+                D_ENCRYPT(l,r,12); /*  7 */
+                D_ENCRYPT(r,l,14); /*  8 */
+                D_ENCRYPT(l,r,16); /*  9 */
+                D_ENCRYPT(r,l,18); /*  10 */
+                D_ENCRYPT(l,r,20); /*  11 */
+                D_ENCRYPT(r,l,22); /*  12 */
+                D_ENCRYPT(l,r,24); /*  13 */
+                D_ENCRYPT(r,l,26); /*  14 */
+                D_ENCRYPT(l,r,28); /*  15 */
+                D_ENCRYPT(r,l,30); /*  16 */
+#else
+                for (i=0; i<32; i+=8)
+                        {
+                        D_ENCRYPT(l,r,i+0); /*  1 */
+                        D_ENCRYPT(r,l,i+2); /*  2 */
+                        D_ENCRYPT(l,r,i+4); /*  3 */
+                        D_ENCRYPT(r,l,i+6); /*  4 */
+                        }
+#endif
+                }
+        else
+                {
+#ifdef DES_UNROLL
+                D_ENCRYPT(l,r,30); /* 16 */
+                D_ENCRYPT(r,l,28); /* 15 */
+                D_ENCRYPT(l,r,26); /* 14 */
+                D_ENCRYPT(r,l,24); /* 13 */
+                D_ENCRYPT(l,r,22); /* 12 */
+                D_ENCRYPT(r,l,20); /* 11 */
+                D_ENCRYPT(l,r,18); /* 10 */
+                D_ENCRYPT(r,l,16); /*  9 */
+                D_ENCRYPT(l,r,14); /*  8 */
+                D_ENCRYPT(r,l,12); /*  7 */
+                D_ENCRYPT(l,r,10); /*  6 */
+                D_ENCRYPT(r,l, 8); /*  5 */
+                D_ENCRYPT(l,r, 6); /*  4 */
+                D_ENCRYPT(r,l, 4); /*  3 */
+                D_ENCRYPT(l,r, 2); /*  2 */
+                D_ENCRYPT(r,l, 0); /*  1 */
+#else
+                for (i=30; i>0; i-=8)
+                        {
+                        D_ENCRYPT(l,r,i-0); /* 16 */
+                        D_ENCRYPT(r,l,i-2); /* 15 */
+                        D_ENCRYPT(l,r,i-4); /* 14 */
+                        D_ENCRYPT(r,l,i-6); /* 13 */
+                        }
+#endif
+                }
+        /* rotate and clear the top bits on machines with 8byte longs */
+        data[0]=ROTATE(l,3)&0xffffffffL;
+        data[1]=ROTATE(r,3)&0xffffffffL;
+        l=r=t=u=0;
+        }
+
+#endif /* OPENBSD_DES_ASM */
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3)
+        {
+        register DES_LONG l,r;
+
+        l=data[0];
+        r=data[1];
+        IP(l,r);
+        data[0]=l;
+        data[1]=r;
+        DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+        DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+        DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+        l=data[0];
+        r=data[1];
+        FP(r,l);
+        data[0]=l;
+        data[1]=r;
+        }
+
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3)
+        {
+        register DES_LONG l,r;
+
+        l=data[0];
+        r=data[1];
+        IP(l,r);
+        data[0]=l;
+        data[1]=r;
+        DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+        DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+        DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+        l=data[0];
+        r=data[1];
+        FP(r,l);
+        data[0]=l;
+        data[1]=r;
+        }
+
+#ifndef DES_DEFAULT_OPTIONS
+
+#undef CBC_ENC_C__DONT_UPDATE_IV
+#include "ncbc_enc.c" /* DES_ncbc_encrypt */
+
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                          long length, DES_key_schedule *ks1,
+                          DES_key_schedule *ks2, DES_key_schedule *ks3,
+                          DES_cblock *ivec, int enc)
+        {
+        register DES_LONG tin0,tin1;
+        register DES_LONG tout0,tout1,xor0,xor1;
+        register const unsigned char *in;
+        unsigned char *out;
+        register long l=length;
+        DES_LONG tin[2];
+        unsigned char *iv;
+
+        in=input;
+        out=output;
+        iv = &(*ivec)[0];
+
+        if (enc)
+                {
+                c2l(iv,tout0);
+                c2l(iv,tout1);
+                for (l-=8; l>=0; l-=8)
+                        {
+                        c2l(in,tin0);
+                        c2l(in,tin1);
+                        tin0^=tout0;
+                        tin1^=tout1;
+
+                        tin[0]=tin0;
+                        tin[1]=tin1;
+                        DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+                        tout0=tin[0];
+                        tout1=tin[1];
+
+                        l2c(tout0,out);
+                        l2c(tout1,out);
+                        }
+                if (l != -8)
+                        {
+                        c2ln(in,tin0,tin1,l+8);
+                        tin0^=tout0;
+                        tin1^=tout1;
+
+                        tin[0]=tin0;
+                        tin[1]=tin1;
+                        DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+                        tout0=tin[0];
+                        tout1=tin[1];
+
+                        l2c(tout0,out);
+                        l2c(tout1,out);
+                        }
+                iv = &(*ivec)[0];
+                l2c(tout0,iv);
+                l2c(tout1,iv);
+                }
+        else
+                {
+                register DES_LONG t0,t1;
+
+                c2l(iv,xor0);
+                c2l(iv,xor1);
+                for (l-=8; l>=0; l-=8)
+                        {
+                        c2l(in,tin0);
+                        c2l(in,tin1);
+
+                        t0=tin0;
+                        t1=tin1;
+
+                        tin[0]=tin0;
+                        tin[1]=tin1;
+                        DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+                        tout0=tin[0];
+                        tout1=tin[1];
+
+                        tout0^=xor0;
+                        tout1^=xor1;
+                        l2c(tout0,out);
+                        l2c(tout1,out);
+                        xor0=t0;
+                        xor1=t1;
+                        }
+                if (l != -8)
+                        {
+                        c2l(in,tin0);
+                        c2l(in,tin1);
+                        
+                        t0=tin0;
+                        t1=tin1;
+
+                        tin[0]=tin0;
+                        tin[1]=tin1;
+                        DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+                        tout0=tin[0];
+                        tout1=tin[1];
+                
+                        tout0^=xor0;
+                        tout1^=xor1;
+                        l2cn(tout0,tout1,out,l+8);
+                        xor0=t0;
+                        xor1=t1;
+                        }
+
+                iv = &(*ivec)[0];
+                l2c(xor0,iv);
+                l2c(xor1,iv);
+                }
+        tin0=tin1=tout0=tout1=xor0=xor1=0;
+        tin[0]=tin[1]=0;
+        }
+
+#endif /* DES_DEFAULT_OPTIONS */
diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h
new file mode 100644
index 0000000000..4b9ecff233
--- /dev/null
+++ b/src/lib/libcrypto/des/des_locl.h
@@ -0,0 +1,428 @@
+/* crypto/des/des_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#include <openssl/e_os2.h>
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+#ifndef OPENSSL_SYS_MSDOS
+#define OPENSSL_SYS_MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef OPENSSL_SYS_MSDOS
+#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
+#ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+#else
+# include <unistd.h>
+#endif
+#include <math.h>
+#endif
+#endif
+#include <openssl/des.h>
+
+#ifdef OPENSSL_SYS_MSDOS                /* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#endif
+
+#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
+#include <string.h>
+#endif
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE        (1024*16)
+#define BSIZE           (MAXWRITE+4)
+
+#define c2l(c,l)        (l =((DES_LONG)(*((c)++)))    , \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+                        case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+                        case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+                        case 5: l2|=((DES_LONG)(*(--(c))));     \
+                        case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+                        case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+                        case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+                        case 1: l1|=((DES_LONG)(*(--(c))));     \
+                                } \
+                        }
+
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l)        (l =((DES_LONG)(*((c)++)))<<24L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+#if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)) || defined(__ICC)
+#define ROTATE(a,n)     (_lrotr(a,n))
+#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#  define ROTATE(a,n)   ({ register unsigned int ret;   \
+                                asm ("rorl %1,%0"       \
+                                        : "=r"(ret)     \
+                                        : "I"(n),"0"(a) \
+                                        : "cc");        \
+                           ret;                         \
+                        })
+# endif
+#endif
+#ifndef ROTATE
+#define ROTATE(a,n)     (((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+        { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+        t=R^(R>>16L); \
+        u=t&E0; t&=E1; \
+        tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
+        tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+        u=R^s[S  ]; \
+        t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the architecture.  gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together.  This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+        unsigned int u1,u2,u3; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0xfc; \
+        u2&=0xfc; \
+        t=ROTATE(t,4); \
+        u>>=16L; \
+        LL^= *(const DES_LONG *)(des_SP      +u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+        u3=(int)(u>>8L); \
+        u1=(int)u&0xfc; \
+        u3&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
+        u2=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u2&=0xfc; \
+        t>>=16L; \
+        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+        u3=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u3&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+        unsigned int u1,u2,s1,s2; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0xfc; \
+        u2&=0xfc; \
+        t=ROTATE(t,4); \
+        LL^= *(const DES_LONG *)(des_SP      +u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+        s1=(int)(u>>16L); \
+        s2=(int)(u>>24L); \
+        s1&=0xfc; \
+        s2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
+        LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
+        u2=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+        s1=(int)(t>>16L); \
+        s2=(int)(t>>24L); \
+        s1&=0xfc; \
+        s2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
+        LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+        t=ROTATE(t,4); \
+        LL^= \
+        *(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+        unsigned int u1,u2,u3; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u>>=2L; \
+        t=ROTATE(t,6); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u2&=0x3f; \
+        u>>=16L; \
+        LL^=DES_SPtrans[0][u1]; \
+        LL^=DES_SPtrans[2][u2]; \
+        u3=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u3&=0x3f; \
+        LL^=DES_SPtrans[4][u1]; \
+        LL^=DES_SPtrans[6][u3]; \
+        u2=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u2&=0x3f; \
+        t>>=16L; \
+        LL^=DES_SPtrans[1][u1]; \
+        LL^=DES_SPtrans[3][u2]; \
+        u3=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u3&=0x3f; \
+        LL^=DES_SPtrans[5][u1]; \
+        LL^=DES_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+        unsigned int u1,u2,s1,s2; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u>>=2L; \
+        t=ROTATE(t,6); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u2&=0x3f; \
+        LL^=DES_SPtrans[0][u1]; \
+        LL^=DES_SPtrans[2][u2]; \
+        s1=(int)u>>16L; \
+        s2=(int)u>>24L; \
+        s1&=0x3f; \
+        s2&=0x3f; \
+        LL^=DES_SPtrans[4][s1]; \
+        LL^=DES_SPtrans[6][s2]; \
+        u2=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u2&=0x3f; \
+        LL^=DES_SPtrans[1][u1]; \
+        LL^=DES_SPtrans[3][u2]; \
+        s1=(int)t>>16; \
+        s2=(int)t>>24L; \
+        s1&=0x3f; \
+        s2&=0x3f; \
+        LL^=DES_SPtrans[5][s1]; \
+        LL^=DES_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+        t=ROTATE(t,4); \
+        LL^=\
+                DES_SPtrans[0][(u>> 2L)&0x3f]^ \
+                DES_SPtrans[2][(u>>10L)&0x3f]^ \
+                DES_SPtrans[4][(u>>18L)&0x3f]^ \
+                DES_SPtrans[6][(u>>26L)&0x3f]^ \
+                DES_SPtrans[1][(t>> 2L)&0x3f]^ \
+                DES_SPtrans[3][(t>>10L)&0x3f]^ \
+                DES_SPtrans[5][(t>>18L)&0x3f]^ \
+                DES_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+        /* IP and FP
+         * The problem is more of a geometric problem that random bit fiddling.
+         0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+         8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+        16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+        24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+        32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+        40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+        48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+        56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+        The output has been subject to swaps of the form
+        0 1 -> 3 1 but the odd and even bits have been put into
+        2 3    2 0
+        different words.  The main trick is to remember that
+        t=((l>>size)^r)&(mask);
+        r^=t;
+        l^=(t<<size);
+        can be used to swap and move bits between words.
+
+        So l =  0  1  2  3  r = 16 17 18 19
+                4  5  6  7      20 21 22 23
+                8  9 10 11      24 25 26 27
+               12 13 14 15      28 29 30 31
+        becomes (for size == 2 and mask == 0x3333)
+           t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+                 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+                10^24 11^25 -- --        8  9 24 25      10 11 24 25
+                14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+        Thanks for hints from Richard Outerbridge - he told me IP&FP
+        could be done in 15 xor, 10 shifts and 5 ands.
+        When I finally started to think of the problem in 2D
+        I first got ~42 operations without xors.  When I remembered
+        how to use xors :-) I got it to its final state.
+        */
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+        (b)^=(t),\
+        (a)^=((t)<<(n)))
+
+#define IP(l,r) \
+        { \
+        register DES_LONG tt; \
+        PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+        PERM_OP(l,r,tt,16,0x0000ffffL); \
+        PERM_OP(r,l,tt, 2,0x33333333L); \
+        PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+        PERM_OP(r,l,tt, 1,0x55555555L); \
+        }
+
+#define FP(l,r) \
+        { \
+        register DES_LONG tt; \
+        PERM_OP(l,r,tt, 1,0x55555555L); \
+        PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+        PERM_OP(l,r,tt, 2,0x33333333L); \
+        PERM_OP(r,l,tt,16,0x0000ffffL); \
+        PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+        }
+
+extern const DES_LONG DES_SPtrans[8][64];
+
+void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
+                 DES_LONG Eswap0, DES_LONG Eswap1);
+#endif
diff --git a/src/lib/libcrypto/des/des_old.c b/src/lib/libcrypto/des/des_old.c
new file mode 100644
index 0000000000..7c33ed7a93
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old.c
@@ -0,0 +1,273 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with libdes.  OpenSSL now provides
+ * functions where "des_" has been replaced with "DES_" in the names,
+ * to make it possible to make incompatible changes that are needed
+ * for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+const char *_ossl_old_des_options(void)
+        {
+        return DES_options();
+        }
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        des_key_schedule ks1,des_key_schedule ks2,
+        des_key_schedule ks3, int enc)
+        {
+        DES_ecb3_encrypt((const_DES_cblock *)input, output,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, enc);
+        }
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
+        {
+        return DES_cbc_cksum((unsigned char *)input, output, length,
+                (DES_key_schedule *)schedule, ivec);
+        }
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,
+        _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc)
+        {
+        DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, inw, outw, enc);
+        }
+void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+        long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_cfb_encrypt(in, out, numbits, length,
+                (DES_key_schedule *)schedule, ivec, enc);
+        }
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        des_key_schedule ks,int enc)
+        {
+        DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt(DES_LONG *data,des_key_schedule ks, int enc)
+        {
+        DES_encrypt1(data, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc)
+        {
+        DES_encrypt2(data, (DES_key_schedule *)ks, enc);
+        }
+void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+        des_key_schedule ks2, des_key_schedule ks3)
+        {
+        DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3);
+        }
+void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+        des_key_schedule ks2, des_key_schedule ks3)
+        {
+        DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3);
+        }
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
+        long length, des_key_schedule ks1, des_key_schedule ks2, 
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc)
+        {
+        DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, enc);
+        }
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, des_key_schedule ks1, des_key_schedule ks2,
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc)
+        {
+        DES_ede3_cfb64_encrypt(in, out, length,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, num, enc);
+        }
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, des_key_schedule ks1, des_key_schedule ks2,
+        des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num)
+        {
+        DES_ede3_ofb64_encrypt(in, out, length,
+                (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                (DES_key_schedule *)ks3, ivec, num);
+        }
+
+#if 0 /* broken code, preserved just in case anyone specifically looks for this */
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
+        _ossl_old_des_cblock (*out_white))
+        {
+        DES_xwhite_in2out(des_key, in_white, out_white);
+        }
+#endif
+
+int _ossl_old_des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+        _ossl_old_des_cblock *iv)
+        {
+        return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
+        }
+int _ossl_old_des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+        _ossl_old_des_cblock *iv)
+        {
+        return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
+        }
+char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret)
+        {
+        return DES_fcrypt(buf, salt, ret);
+        }
+char *_ossl_old_des_crypt(const char *buf,const char *salt)
+        {
+        return DES_crypt(buf, salt);
+        }
+char *_ossl_old_crypt(const char *buf,const char *salt)
+        {
+        return DES_crypt(buf, salt);
+        }
+void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
+        int numbits,long length,des_key_schedule schedule,_ossl_old_des_cblock *ivec)
+        {
+        DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
+                ivec);
+        }
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
+        {
+        DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                length, (DES_key_schedule *)schedule, ivec, enc);
+        }
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,int out_count,_ossl_old_des_cblock *seed)
+        {
+        return DES_quad_cksum((unsigned char *)input, output, length,
+                out_count, seed);
+        }
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
+        {
+        RAND_seed(key, sizeof(_ossl_old_des_cblock));
+        }
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
+        {
+        DES_random_key((DES_cblock *)ret);
+        }
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+                                int verify)
+        {
+        return DES_read_password(key, prompt, verify);
+        }
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1, _ossl_old_des_cblock *key2,
+        const char *prompt, int verify)
+        {
+        return DES_read_2passwords(key1, key2, prompt, verify);
+        }
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
+        {
+        DES_set_odd_parity(key);
+        }
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
+        {
+        return DES_is_weak_key(key);
+        }
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,des_key_schedule schedule)
+        {
+        return DES_set_key(key, (DES_key_schedule *)schedule);
+        }
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,des_key_schedule schedule)
+        {
+        return DES_key_sched(key, (DES_key_schedule *)schedule);
+        }
+void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key)
+        {
+        DES_string_to_key(str, key);
+        }
+void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2)
+        {
+        DES_string_to_2keys(str, key1, key2);
+        }
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc)
+        {
+        DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                ivec, num, enc);
+        }
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num)
+        {
+        DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                ivec, num);
+        }
diff --git a/src/lib/libcrypto/des/des_old.h b/src/lib/libcrypto/des/des_old.h
new file mode 100644
index 0000000000..8665ba4e7e
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old.h
@@ -0,0 +1,446 @@
+/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with openssl 0.9.6 and older as
+ * well as libdes.  OpenSSL now provides functions where "des_" has
+ * been replaced with "DES_" in the names, to make it possible to
+ * make incompatible changes that are needed for C type security and
+ * other stuff.
+ *
+ * This include files has two compatibility modes:
+ *
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
+ *     that is compatible with libdes and SSLeay.
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
+ *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
+ *
+ * Note that these modes break earlier snapshots of OpenSSL, where
+ * libdes compatibility was the only available mode or (later on) the
+ * prefered compatibility mode.  However, after much consideration
+ * (and more or less violent discussions with external parties), it
+ * was concluded that OpenSSL should be compatible with earlier versions
+ * of itself before anything else.  Also, in all honesty, libdes is
+ * an old beast that shouldn't really be used any more.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will disappear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DES_OLD_H
+#define HEADER_DES_OLD_H
+
+#include <openssl/e_os2.h>      /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
+
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
+#endif
+
+#ifndef HEADER_DES_H
+#error You must include des.h, not des_old.h directly.
+#endif
+
+#ifdef _KERBEROS_DES_H
+#error <openssl/des_old.h> replaces <kerberos/des.h>.
+#endif
+
+#include <openssl/symhacks.h>
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifdef _
+#undef _
+#endif
+
+typedef unsigned char _ossl_old_des_cblock[8];
+typedef struct _ossl_old_des_ks_struct
+        {
+        union   {
+                _ossl_old_des_cblock _;
+                /* make sure things are correct size on machines with
+                 * 8 byte longs */
+                DES_LONG pad[2];
+                } ks;
+        } _ossl_old_des_key_schedule[16];
+
+#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
+#define des_cblock DES_cblock
+#define const_des_cblock const_DES_cblock
+#define des_key_schedule DES_key_schedule
+#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
+#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
+#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
+        DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
+#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
+#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
+#define des_options()\
+        DES_options()
+#define des_cbc_cksum(i,o,l,k,iv)\
+        DES_cbc_cksum((i),(o),(l),&(k),(iv))
+#define des_cbc_encrypt(i,o,l,k,iv,e)\
+        DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
+#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
+#define des_ecb_encrypt(i,o,k,e)\
+        DES_ecb_encrypt((i),(o),&(k),(e))
+#define des_encrypt1(d,k,e)\
+        DES_encrypt1((d),&(k),(e))
+#define des_encrypt2(d,k,e)\
+        DES_encrypt2((d),&(k),(e))
+#define des_encrypt3(d,k1,k2,k3)\
+        DES_encrypt3((d),&(k1),&(k2),&(k3))
+#define des_decrypt3(d,k1,k2,k3)\
+        DES_decrypt3((d),&(k1),&(k2),&(k3))
+#define des_xwhite_in2out(k,i,o)\
+        DES_xwhite_in2out((k),(i),(o))
+#define des_enc_read(f,b,l,k,iv)\
+        DES_enc_read((f),(b),(l),&(k),(iv))
+#define des_enc_write(f,b,l,k,iv)\
+        DES_enc_write((f),(b),(l),&(k),(iv))
+#define des_fcrypt(b,s,r)\
+        DES_fcrypt((b),(s),(r))
+#if 0
+#define des_crypt(b,s)\
+        DES_crypt((b),(s))
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
+#define crypt(b,s)\
+        DES_crypt((b),(s))
+#endif
+#endif
+#define des_ofb_encrypt(i,o,n,l,k,iv)\
+        DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
+#define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#define des_quad_cksum(i,o,l,c,s)\
+        DES_quad_cksum((i),(o),(l),(c),(s))
+#define des_random_seed(k)\
+        _ossl_096_des_random_seed((k))
+#define des_random_key(r)\
+        DES_random_key((r))
+#define des_read_password(k,p,v) \
+        DES_read_password((k),(p),(v))
+#define des_read_2passwords(k1,k2,p,v) \
+        DES_read_2passwords((k1),(k2),(p),(v))
+#define des_set_odd_parity(k)\
+        DES_set_odd_parity((k))
+#define des_check_key_parity(k)\
+        DES_check_key_parity((k))
+#define des_is_weak_key(k)\
+        DES_is_weak_key((k))
+#define des_set_key(k,ks)\
+        DES_set_key((k),&(ks))
+#define des_key_sched(k,ks)\
+        DES_key_sched((k),&(ks))
+#define des_set_key_checked(k,ks)\
+        DES_set_key_checked((k),&(ks))
+#define des_set_key_unchecked(k,ks)\
+        DES_set_key_unchecked((k),&(ks))
+#define des_string_to_key(s,k)\
+        DES_string_to_key((s),(k))
+#define des_string_to_2keys(s,k1,k2)\
+        DES_string_to_2keys((s),(k1),(k2))
+#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
+#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
+                
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define des_check_key DES_check_key
+#define des_rw_mode DES_rw_mode
+#else /* libdes compatibility */
+/* Map all symbol names to _ossl_old_des_* form, so we avoid all
+   clashes with libdes */
+#define des_cblock _ossl_old_des_cblock
+#define des_key_schedule _ossl_old_des_key_schedule
+#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
+#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
+#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
+#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
+#define des_options()\
+        _ossl_old_des_options()
+#define des_cbc_cksum(i,o,l,k,iv)\
+        _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
+#define des_cbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
+#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
+#define des_ecb_encrypt(i,o,k,e)\
+        _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
+#define des_encrypt(d,k,e)\
+        _ossl_old_des_encrypt((d),(k),(e))
+#define des_encrypt2(d,k,e)\
+        _ossl_old_des_encrypt2((d),(k),(e))
+#define des_encrypt3(d,k1,k2,k3)\
+        _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
+#define des_decrypt3(d,k1,k2,k3)\
+        _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
+#define des_xwhite_in2out(k,i,o)\
+        _ossl_old_des_xwhite_in2out((k),(i),(o))
+#define des_enc_read(f,b,l,k,iv)\
+        _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
+#define des_enc_write(f,b,l,k,iv)\
+        _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
+#define des_fcrypt(b,s,r)\
+        _ossl_old_des_fcrypt((b),(s),(r))
+#define des_crypt(b,s)\
+        _ossl_old_des_crypt((b),(s))
+#if 0
+#define crypt(b,s)\
+        _ossl_old_crypt((b),(s))
+#endif
+#define des_ofb_encrypt(i,o,n,l,k,iv)\
+        _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
+#define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
+#define des_quad_cksum(i,o,l,c,s)\
+        _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
+#define des_random_seed(k)\
+        _ossl_old_des_random_seed((k))
+#define des_random_key(r)\
+        _ossl_old_des_random_key((r))
+#define des_read_password(k,p,v) \
+        _ossl_old_des_read_password((k),(p),(v))
+#define des_read_2passwords(k1,k2,p,v) \
+        _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
+#define des_set_odd_parity(k)\
+        _ossl_old_des_set_odd_parity((k))
+#define des_is_weak_key(k)\
+        _ossl_old_des_is_weak_key((k))
+#define des_set_key(k,ks)\
+        _ossl_old_des_set_key((k),(ks))
+#define des_key_sched(k,ks)\
+        _ossl_old_des_key_sched((k),(ks))
+#define des_string_to_key(s,k)\
+        _ossl_old_des_string_to_key((s),(k))
+#define des_string_to_2keys(s,k1,k2)\
+        _ossl_old_des_string_to_2keys((s),(k1),(k2))
+#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
+#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
+                
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define des_check_key DES_check_key
+#define des_rw_mode DES_rw_mode
+#endif
+
+const char *_ossl_old_des_options(void);
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        _ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, int enc);
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
+        _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
+void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+        long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        _ossl_old_des_key_schedule ks,int enc);
+void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+        _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+        _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, 
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+        long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
+        _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
+#if 0
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
+        _ossl_old_des_cblock (*out_white));
+#endif
+
+int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
+        _ossl_old_des_cblock *iv);
+int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
+        _ossl_old_des_cblock *iv);
+char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
+char *_ossl_old_des_crypt(const char *buf,const char *salt);
+#if !defined(PERL5) && !defined(NeXT)
+char *_ossl_old_crypt(const char *buf,const char *salt);
+#endif
+void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
+        int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
+        _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
+        long length,int out_count,_ossl_old_des_cblock *seed);
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
+        const char *prompt,int verify);
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
+void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key);
+void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+        _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_096_des_random_seed(des_cblock *key);
+
+/* The following definitions provide compatibility with the MIT Kerberos
+ * library. The _ossl_old_des_key_schedule structure is not binary compatible. */
+
+#define _KERBEROS_DES_H
+
+#define KRBDES_ENCRYPT DES_ENCRYPT
+#define KRBDES_DECRYPT DES_DECRYPT
+
+#ifdef KERBEROS
+#  define ENCRYPT DES_ENCRYPT
+#  define DECRYPT DES_DECRYPT
+#endif
+
+#ifndef NCOMPAT
+#  define C_Block des_cblock
+#  define Key_schedule des_key_schedule
+#  define KEY_SZ DES_KEY_SZ
+#  define string_to_key des_string_to_key
+#  define read_pw_string des_read_pw_string
+#  define random_key des_random_key
+#  define pcbc_encrypt des_pcbc_encrypt
+#  define set_key des_set_key
+#  define key_sched des_key_sched
+#  define ecb_encrypt des_ecb_encrypt
+#  define cbc_encrypt des_cbc_encrypt
+#  define ncbc_encrypt des_ncbc_encrypt
+#  define xcbc_encrypt des_xcbc_encrypt
+#  define cbc_cksum des_cbc_cksum
+#  define quad_cksum des_quad_cksum
+#  define check_parity des_check_key_parity
+#endif
+
+#define des_fixup_key_parity DES_fixup_key_parity
+
+#ifdef  __cplusplus
+}
+#endif
+
+/* for DES_read_pw_string et al */
+#include <openssl/ui_compat.h>
+
+#endif
diff --git a/src/lib/libcrypto/des/des_old2.c b/src/lib/libcrypto/des/des_old2.c
new file mode 100644
index 0000000000..c8fa3ee135
--- /dev/null
+++ b/src/lib/libcrypto/des/des_old2.c
@@ -0,0 +1,82 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with OpenSSL 0.9.6c.  OpenSSL now
+ * provides functions where "des_" has been replaced with "DES_" in
+ * the names, to make it possible to make incompatible changes that
+ * are needed for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#undef OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+void _ossl_096_des_random_seed(DES_cblock *key)
+        {
+        RAND_seed(key, sizeof(DES_cblock));
+        }
diff --git a/src/lib/libcrypto/des/des_opts.c b/src/lib/libcrypto/des/des_opts.c
new file mode 100644
index 0000000000..2df82962c5
--- /dev/null
+++ b/src/lib/libcrypto/des/des_opts.c
@@ -0,0 +1,608 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef OPENSSL_SYS_MSDOS
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD
+#else
+#include <io.h>
+extern void exit();
+#endif
+
+#ifndef OPENSSL_SYS_NETWARE
+#include <signal.h>
+#endif
+
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+
+/* Depending on the VMS version, the tms structure is perhaps defined.
+   The __TMS macro will show if it was.  If it wasn't defined, we should
+   undefine TIMES, since that tells the rest of the program how things
+   should be handled.                           -- Richard Levitte */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+#undef TIMES
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include <openssl/des.h>
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+#define PART1
+#define PART2
+#define PART3
+#define PART4
+#endif
+
+#ifdef PART1
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#define DES_encrypt1 des_encrypt_u4_cisc_idx
+#define DES_encrypt2 des_encrypt2_u4_cisc_idx
+#define DES_encrypt3 des_encrypt3_u4_cisc_idx
+#define DES_decrypt3 des_decrypt3_u4_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_cisc_idx
+#define DES_encrypt2 des_encrypt2_u16_cisc_idx
+#define DES_encrypt3 des_encrypt3_u16_cisc_idx
+#define DES_decrypt3 des_decrypt3_u16_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc1_idx
+#define DES_encrypt2 des_encrypt2_u4_risc1_idx
+#define DES_encrypt3 des_encrypt3_u4_risc1_idx
+#define DES_decrypt3 des_decrypt3_u4_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc2_idx
+#define DES_encrypt2 des_encrypt2_u4_risc2_idx
+#define DES_encrypt3 des_encrypt3_u4_risc2_idx
+#define DES_decrypt3 des_decrypt3_u4_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc1_idx
+#define DES_encrypt2 des_encrypt2_u16_risc1_idx
+#define DES_encrypt3 des_encrypt3_u16_risc1_idx
+#define DES_decrypt3 des_decrypt3_u16_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc2_idx
+#define DES_encrypt2 des_encrypt2_u16_risc2_idx
+#define DES_encrypt3 des_encrypt3_u16_risc2_idx
+#define DES_decrypt3 des_decrypt3_u16_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_cisc_ptr
+#define DES_encrypt2 des_encrypt2_u4_cisc_ptr
+#define DES_encrypt3 des_encrypt3_u4_cisc_ptr
+#define DES_decrypt3 des_decrypt3_u4_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_cisc_ptr
+#define DES_encrypt2 des_encrypt2_u16_cisc_ptr
+#define DES_encrypt3 des_encrypt3_u16_cisc_ptr
+#define DES_decrypt3 des_decrypt3_u16_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc1_ptr
+#define DES_encrypt2 des_encrypt2_u4_risc1_ptr
+#define DES_encrypt3 des_encrypt3_u4_risc1_ptr
+#define DES_decrypt3 des_decrypt3_u4_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u4_risc2_ptr
+#define DES_encrypt2 des_encrypt2_u4_risc2_ptr
+#define DES_encrypt3 des_encrypt3_u4_risc2_ptr
+#define DES_decrypt3 des_decrypt3_u4_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc1_ptr
+#define DES_encrypt2 des_encrypt2_u16_risc1_ptr
+#define DES_encrypt3 des_encrypt3_u16_risc1_ptr
+#define DES_decrypt3 des_decrypt3_u16_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef DES_encrypt1
+#undef DES_encrypt2
+#undef DES_encrypt3
+#undef DES_decrypt3
+#define DES_encrypt1 des_encrypt_u16_risc2_ptr
+#define DES_encrypt2 des_encrypt2_u16_risc2_ptr
+#define DES_encrypt3 des_encrypt3_u16_risc2_ptr
+#define DES_decrypt3 des_decrypt3_u16_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   define HZ   100.0
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+        {
+        signal(SIGALRM,sig_done);
+        run=0;
+#ifdef LINT
+        sig=sig;
+#endif
+        }
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+        {
+        double ret;
+#ifdef TIMES
+        static struct tms tstart,tend;
+
+        if (s == START)
+                {
+                times(&tstart);
+                return(0);
+                }
+        else
+                {
+                times(&tend);
+                ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#else /* !times() */
+        static struct timeb tstart,tend;
+        long i;
+
+        if (s == START)
+                {
+                ftime(&tstart);
+                return(0);
+                }
+        else
+                {
+                ftime(&tend);
+                i=(long)tend.millitm-(long)tstart.millitm;
+                ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#endif
+        }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+        
+#define time_it(func,name,index) \
+        print_name(name); \
+        Time_F(START); \
+        for (count=0,run=1; COND(cb); count++) \
+                { \
+                unsigned long d[2]; \
+                func(d,&sch,DES_ENCRYPT); \
+                } \
+        tm[index]=Time_F(STOP); \
+        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+        tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+                tm[index]*8,1.0e6/tm[index]);
+
+int main(int argc, char **argv)
+        {
+        long count;
+        static unsigned char buf[BUFSIZE];
+        static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+        static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+        static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+        DES_key_schedule sch,sch2,sch3;
+        double d,tm[16],max=0;
+        int rank[16];
+        char *str[16];
+        int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+        long ca,cb,cc,cd,ce;
+#endif
+
+        for (i=0; i<12; i++)
+                {
+                tm[i]=0.0;
+                rank[i]=0;
+                }
+
+#ifndef TIMES
+        fprintf(stderr,"To get the most accurate results, try to run this\n");
+        fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+        DES_set_key_unchecked(&key,&sch);
+        DES_set_key_unchecked(&key2,&sch2);
+        DES_set_key_unchecked(&key3,&sch3);
+
+#ifndef SIGALRM
+        fprintf(stderr,"First we calculate the approximate speed ...\n");
+        DES_set_key_unchecked(&key,sch);
+        count=10;
+        do      {
+                long i;
+                unsigned long data[2];
+
+                count*=2;
+                Time_F(START);
+                for (i=count; i; i--)
+                        DES_encrypt1(data,&(sch[0]),DES_ENCRYPT);
+                d=Time_F(STOP);
+                } while (d < 3.0);
+        ca=count;
+        cb=count*3;
+        cc=count*3*8/BUFSIZE+1;
+        cd=count*8/BUFSIZE+1;
+
+        ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        alarm(10);
+#endif
+
+#ifdef PART1
+        time_it(des_encrypt_u4_cisc_idx,  "des_encrypt_u4_cisc_idx  ", 0);
+        time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+        time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+        num+=3;
+#endif
+#ifdef PART2
+        time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
+        time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+        time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
+        num+=3;
+#endif
+#ifdef PART3
+        time_it(des_encrypt_u4_cisc_ptr,  "des_encrypt_u4_cisc_ptr  ", 6);
+        time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+        time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+        num+=3;
+#endif
+#ifdef PART4
+        time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
+        time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
+        time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
+        num+=3;
+#endif
+
+#ifdef PART1
+        str[0]=" 4  c i";
+        print_it("des_encrypt_u4_cisc_idx  ",0);
+        max=tm[0];
+        max_idx=0;
+        str[1]="16  c i";
+        print_it("des_encrypt_u16_cisc_idx ",1);
+        if (max < tm[1]) { max=tm[1]; max_idx=1; }
+        str[2]=" 4 r1 i";
+        print_it("des_encrypt_u4_risc1_idx ",2);
+        if (max < tm[2]) { max=tm[2]; max_idx=2; }
+#endif
+#ifdef PART2
+        str[3]="16 r1 i";
+        print_it("des_encrypt_u16_risc1_idx",3);
+        if (max < tm[3]) { max=tm[3]; max_idx=3; }
+        str[4]=" 4 r2 i";
+        print_it("des_encrypt_u4_risc2_idx ",4);
+        if (max < tm[4]) { max=tm[4]; max_idx=4; }
+        str[5]="16 r2 i";
+        print_it("des_encrypt_u16_risc2_idx",5);
+        if (max < tm[5]) { max=tm[5]; max_idx=5; }
+#endif
+#ifdef PART3
+        str[6]=" 4  c p";
+        print_it("des_encrypt_u4_cisc_ptr  ",6);
+        if (max < tm[6]) { max=tm[6]; max_idx=6; }
+        str[7]="16  c p";
+        print_it("des_encrypt_u16_cisc_ptr ",7);
+        if (max < tm[7]) { max=tm[7]; max_idx=7; }
+        str[8]=" 4 r1 p";
+        print_it("des_encrypt_u4_risc1_ptr ",8);
+        if (max < tm[8]) { max=tm[8]; max_idx=8; }
+#endif
+#ifdef PART4
+        str[9]="16 r1 p";
+        print_it("des_encrypt_u16_risc1_ptr",9);
+        if (max < tm[9]) { max=tm[9]; max_idx=9; }
+        str[10]=" 4 r2 p";
+        print_it("des_encrypt_u4_risc2_ptr ",10);
+        if (max < tm[10]) { max=tm[10]; max_idx=10; }
+        str[11]="16 r2 p";
+        print_it("des_encrypt_u16_risc2_ptr",11);
+        if (max < tm[11]) { max=tm[11]; max_idx=11; }
+#endif
+        printf("options    des ecb/s\n");
+        printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+        d=tm[max_idx];
+        tm[max_idx]= -2.0;
+        max= -1.0;
+        for (;;)
+                {
+                for (i=0; i<12; i++)
+                        {
+                        if (max < tm[i]) { max=tm[i]; j=i; }
+                        }
+                if (max < 0.0) break;
+                printf("%s %12.2f  %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+                tm[j]= -2.0;
+                max= -1.0;
+                }
+
+        switch (max_idx)
+                {
+        case 0:
+                printf("-DDES_DEFAULT_OPTIONS\n");
+                break;
+        case 1:
+                printf("-DDES_UNROLL\n");
+                break;
+        case 2:
+                printf("-DDES_RISC1\n");
+                break;
+        case 3:
+                printf("-DDES_UNROLL -DDES_RISC1\n");
+                break;
+        case 4:
+                printf("-DDES_RISC2\n");
+                break;
+        case 5:
+                printf("-DDES_UNROLL -DDES_RISC2\n");
+                break;
+        case 6:
+                printf("-DDES_PTR\n");
+                break;
+        case 7:
+                printf("-DDES_UNROLL -DDES_PTR\n");
+                break;
+        case 8:
+                printf("-DDES_RISC1 -DDES_PTR\n");
+                break;
+        case 9:
+                printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+                break;
+        case 10:
+                printf("-DDES_RISC2 -DDES_PTR\n");
+                break;
+        case 11:
+                printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+                break;
+                }
+        exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+        return(0);
+#endif
+        }
diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h
new file mode 100644
index 0000000000..d1ada258a6
--- /dev/null
+++ b/src/lib/libcrypto/des/des_ver.h
@@ -0,0 +1,71 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+/* The following macros make sure the names are different from libdes names */
+#define DES_version OSSL_DES_version
+#define libdes_version OSSL_libdes_version
+
+OPENSSL_EXTERN const char OSSL_DES_version[];   /* SSLeay version string */
+OPENSSL_EXTERN const char OSSL_libdes_version[];        /* old libdes version string */
diff --git a/src/lib/libcrypto/des/dess.cpp b/src/lib/libcrypto/des/dess.cpp
new file mode 100644
index 0000000000..5549bab90a
--- /dev/null
+++ b/src/lib/libcrypto/des/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+               : "=eax" (tsc)
+               :
+               : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+        {
+        des_key_schedule key;
+        unsigned long s1,s2,e1,e2;
+        unsigned long data[2];
+        int i,j;
+
+        for (j=0; j<6; j++)
+                {
+                for (i=0; i<1000; i++) /**/
+                        {
+                        des_encrypt1(&data[0],key,1);
+                        GetTSC(s1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        GetTSC(e1);
+                        GetTSC(s2);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        des_encrypt1(&data[0],key,1);
+                        GetTSC(e2);
+                        des_encrypt1(&data[0],key,1);
+                        }
+
+                printf("des %d %d (%d)\n",
+                        e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+                }
+        }
+
diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c
new file mode 100644
index 0000000000..64b92a34fe
--- /dev/null
+++ b/src/lib/libcrypto/des/destest.c
@@ -0,0 +1,952 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/e_os2.h>
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WINDOWS)
+#ifndef OPENSSL_SYS_MSDOS
+#define OPENSSL_SYS_MSDOS
+#endif
+#endif
+
+#ifndef OPENSSL_SYS_MSDOS
+#if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC)
+#include OPENSSL_UNISTD
+#endif
+#else
+#include <io.h>
+#endif
+#include <string.h>
+
+#ifdef OPENSSL_NO_DES
+int main(int argc, char *argv[])
+{
+    printf("No DES support\n");
+    return(0);
+}
+#else
+#include <openssl/des.h>
+
+#define crypt(c,s) (DES_crypt((c),(s)))
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+#define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8]={
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+        {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+        {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+        {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+        {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+        {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+        {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+        {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+        {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+        {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+        {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+        {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+        {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+        {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+        {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+        {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+        {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+        {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+        {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+        {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+        {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+        {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+        {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+        {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+        {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+        {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+        {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+        {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+        {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+        {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+        {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+        {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+        {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+        {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+        {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+        {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+        {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+        {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+        {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+        {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+        {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+        {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+        {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+        {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
+        {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
+        {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
+        {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
+        {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
+        {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+        {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
+        {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
+        {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
+        {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
+        {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
+        {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
+        {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
+        {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
+        {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
+        {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
+        {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
+        {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
+        {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
+        {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
+        {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
+        {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
+        {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
+        {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
+        {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
+        {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
+        {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
+        {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
+        {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
+        {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
+        {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
+        {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
+        {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
+
+static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
+        {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
+        {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
+        {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
+        {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
+        {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
+        {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
+        {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
+        {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
+        {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
+        {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
+        {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
+        {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
+        {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
+        {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
+        {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
+        {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
+        {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
+        {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
+        {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
+        {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
+        {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
+        {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
+        {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
+        {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
+        {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
+        {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
+        {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
+        {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
+        {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
+        {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
+        {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
+        {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
+        {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
+
+static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cbc2_key[8]={0xf1,0xe0,0xd3,0xc2,0xb5,0xa4,0x97,0x86};
+static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static unsigned char cbc_iv  [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+/* Changed the following text constant to binary so it will work on ebcdic
+ * machines :-) */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static unsigned char cbc_data[40]={
+        0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20,
+        0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20,
+        0x66,0x6F,0x72,0x20,0x00,0x31,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        };
+
+static unsigned char cbc_ok[32]={
+        0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+        0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
+        0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
+        0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+#ifdef SCREW_THE_PARITY
+#error "SCREW_THE_PARITY is not ment to be defined."
+#error "Original vectors are preserved for reference only."
+static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char xcbc_ok[32]={
+        0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+        0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+        0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+        0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+        };
+#else
+static unsigned char xcbc_ok[32]={
+        0x84,0x6B,0x29,0x14,0x85,0x1E,0x9A,0x29,
+        0x54,0x73,0x2F,0x8A,0xA0,0xA6,0x11,0xC1,
+        0x15,0xCD,0xC2,0xD7,0x95,0x1B,0x10,0x53,
+        0xA6,0x3C,0x5E,0x03,0xB2,0x1A,0xA3,0xC4,
+        };
+#endif
+
+static unsigned char cbc3_ok[32]={
+        0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
+        0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
+        0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
+        0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
+
+static unsigned char pcbc_ok[32]={
+        0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+        0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
+        0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
+        0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
+
+static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+static unsigned char plain[24]=
+        {
+        0x4e,0x6f,0x77,0x20,0x69,0x73,
+        0x20,0x74,0x68,0x65,0x20,0x74,
+        0x69,0x6d,0x65,0x20,0x66,0x6f,
+        0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+static unsigned char cfb_cipher8[24]= {
+        0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
+        0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
+static unsigned char cfb_cipher16[24]={
+        0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
+        0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
+static unsigned char cfb_cipher32[24]={
+        0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
+        0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
+static unsigned char cfb_cipher48[24]={
+        0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
+        0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
+static unsigned char cfb_cipher64[24]={
+        0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
+        0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
+
+static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
+static unsigned char ofb_cipher[24]=
+        {
+        0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
+        0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
+        0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
+        };
+
+#if 0
+static DES_LONG cbc_cksum_ret=0xB462FEF7L;
+#else
+static DES_LONG cbc_cksum_ret=0xF7FE62B4L;
+#endif
+static unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+int main(int argc, char *argv[])
+        {
+        int j,err=0;
+        unsigned int i;
+        des_cblock in,out,outin,iv3,iv2;
+        des_key_schedule ks,ks2,ks3;
+        unsigned char cbc_in[40];
+        unsigned char cbc_out[40];
+        DES_LONG cs;
+        unsigned char cret[8];
+#ifdef _CRAY
+        struct {
+            int a:32;
+            int b:32;
+        } lqret[2];
+#else
+        DES_LONG lqret[4];
+#endif
+        int num;
+        char *str;
+
+#ifndef OPENSSL_NO_DESCBCM
+        printf("Doing cbcm\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        i=strlen((char *)cbc_data)+1;
+        /* i=((i+7)/8)*8; */
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        memset(iv2,'\0',sizeof iv2);
+
+        DES_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,&ks,&ks2,&ks3,&iv3,&iv2,
+                              DES_ENCRYPT);
+        DES_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3,
+                              &iv3,&iv2,DES_ENCRYPT);
+        /*      if (memcmp(cbc_out,cbc3_ok,
+                (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+                {
+                printf("des_ede3_cbc_encrypt encrypt error\n");
+                err=1;
+                }
+        */
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        memset(iv2,'\0',sizeof iv2);
+        DES_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                unsigned int n;
+
+                printf("des_ede3_cbcm_encrypt decrypt error\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_data[n]);
+                printf("\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_in[n]);
+                printf("\n");
+                err=1;
+                }
+#endif
+
+        printf("Doing ecb\n");
+        for (i=0; i<NUM_TESTS; i++)
+                {
+                DES_set_key_unchecked(&key_data[i],&ks);
+                memcpy(in,plain_data[i],8);
+                memset(out,0,8);
+                memset(outin,0,8);
+                des_ecb_encrypt(&in,&out,ks,DES_ENCRYPT);
+                des_ecb_encrypt(&out,&outin,ks,DES_DECRYPT);
+
+                if (memcmp(out,cipher_data[i],8) != 0)
+                        {
+                        printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
+                                pt(out));
+                        err=1;
+                        }
+                if (memcmp(in,outin,8) != 0)
+                        {
+                        printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+                        err=1;
+                        }
+                }
+
+#ifndef LIBDES_LIT
+        printf("Doing ede ecb\n");
+        for (i=0; i<(NUM_TESTS-2); i++)
+                {
+                DES_set_key_unchecked(&key_data[i],&ks);
+                DES_set_key_unchecked(&key_data[i+1],&ks2);
+                DES_set_key_unchecked(&key_data[i+2],&ks3);
+                memcpy(in,plain_data[i],8);
+                memset(out,0,8);
+                memset(outin,0,8);
+                des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT);
+                des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT);
+
+                if (memcmp(out,cipher_ecb2[i],8) != 0)
+                        {
+                        printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
+                                pt(out));
+                        err=1;
+                        }
+                if (memcmp(in,outin,8) != 0)
+                        {
+                        printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                                i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+                        err=1;
+                        }
+                }
+#endif
+
+        printf("Doing cbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_ncbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
+                         &iv3,DES_ENCRYPT);
+        if (memcmp(cbc_out,cbc_ok,32) != 0)
+                {
+                printf("cbc_encrypt encrypt error\n");
+                err=1;
+                }
+
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_ncbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
+                         &iv3,DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
+                {
+                printf("cbc_encrypt decrypt error\n");
+                err=1;
+                }
+
+#ifndef LIBDES_LIT
+        printf("Doing desx cbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_xcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
+                         &iv3,&cbc2_key,&cbc3_key, DES_ENCRYPT);
+        if (memcmp(cbc_out,xcbc_ok,32) != 0)
+                {
+                printf("des_xcbc_encrypt encrypt error\n");
+                err=1;
+                }
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_xcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
+                         &iv3,&cbc2_key,&cbc3_key, DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                printf("des_xcbc_encrypt decrypt error\n");
+                err=1;
+                }
+#endif
+
+        printf("Doing ede cbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc2_key,&ks2)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        if ((j=DES_set_key_checked(&cbc3_key,&ks3)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        i=strlen((char *)cbc_data)+1;
+        /* i=((i+7)/8)*8; */
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+
+        des_ede3_cbc_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,&iv3,
+                             DES_ENCRYPT);
+        des_ede3_cbc_encrypt(&(cbc_data[16]),&(cbc_out[16]),i-16,ks,ks2,ks3,
+                             &iv3,DES_ENCRYPT);
+        if (memcmp(cbc_out,cbc3_ok,
+                (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+                {
+                unsigned int n;
+
+                printf("des_ede3_cbc_encrypt encrypt error\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_out[n]);
+                printf("\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc3_ok[n]);
+                printf("\n");
+                err=1;
+                }
+
+        memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+        des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                unsigned int n;
+
+                printf("des_ede3_cbc_encrypt decrypt error\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_data[n]);
+                printf("\n");
+                for(n=0 ; n < i ; ++n)
+                    printf(" %02x",cbc_in[n]);
+                printf("\n");
+                err=1;
+                }
+
+#ifndef LIBDES_LIT
+        printf("Doing pcbc\n");
+        if ((j=DES_set_key_checked(&cbc_key,&ks)) != 0)
+                {
+                printf("Key error %d\n",j);
+                err=1;
+                }
+        memset(cbc_out,0,40);
+        memset(cbc_in,0,40);
+        des_pcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
+                         &cbc_iv,DES_ENCRYPT);
+        if (memcmp(cbc_out,pcbc_ok,32) != 0)
+                {
+                printf("pcbc_encrypt encrypt error\n");
+                err=1;
+                }
+        des_pcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,&cbc_iv,
+                         DES_DECRYPT);
+        if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+                {
+                printf("pcbc_encrypt decrypt error\n");
+                err=1;
+                }
+
+        printf("Doing ");
+        printf("cfb8 ");
+        err+=cfb_test(8,cfb_cipher8);
+        printf("cfb16 ");
+        err+=cfb_test(16,cfb_cipher16);
+        printf("cfb32 ");
+        err+=cfb_test(32,cfb_cipher32);
+        printf("cfb48 ");
+        err+=cfb_test(48,cfb_cipher48);
+        printf("cfb64 ");
+        err+=cfb_test(64,cfb_cipher64);
+
+        printf("cfb64() ");
+        err+=cfb64_test(cfb_cipher64);
+
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        for (i=0; i<sizeof(plain); i++)
+                des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
+                        8,1,ks,&cfb_tmp,DES_ENCRYPT);
+        if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
+                {
+                printf("cfb_encrypt small encrypt error\n");
+                err=1;
+                }
+
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        for (i=0; i<sizeof(plain); i++)
+                des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
+                        8,1,ks,&cfb_tmp,DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                printf("cfb_encrypt small decrypt error\n");
+                err=1;
+                }
+
+        printf("ede_cfb64() ");
+        err+=ede_cfb64_test(cfb_cipher64);
+
+        printf("done\n");
+
+        printf("Doing ofb\n");
+        DES_set_key_checked(&ofb_key,&ks);
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        des_ofb_encrypt(plain,ofb_buf1,64,sizeof(plain)/8,ks,&ofb_tmp);
+        if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+                {
+                printf("ofb_encrypt encrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
+ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
+ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
+                err=1;
+                }
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        des_ofb_encrypt(ofb_buf1,ofb_buf2,64,sizeof(ofb_buf1)/8,ks,&ofb_tmp);
+        if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+                {
+                printf("ofb_encrypt decrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
+ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+plain[8+0], plain[8+1], plain[8+2], plain[8+3],
+plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
+                err=1;
+                }
+
+        printf("Doing ofb64\n");
+        DES_set_key_checked(&ofb_key,&ks);
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        memset(ofb_buf1,0,sizeof(ofb_buf1));
+        memset(ofb_buf2,0,sizeof(ofb_buf1));
+        num=0;
+        for (i=0; i<sizeof(plain); i++)
+                {
+                des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,&ofb_tmp,
+                                  &num);
+                }
+        if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+                {
+                printf("ofb64_encrypt encrypt error\n");
+                err=1;
+                }
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        num=0;
+        des_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,&ofb_tmp,
+                          &num);
+        if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+                {
+                printf("ofb64_encrypt decrypt error\n");
+                err=1;
+                }
+
+        printf("Doing ede_ofb64\n");
+        DES_set_key_checked(&ofb_key,&ks);
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        memset(ofb_buf1,0,sizeof(ofb_buf1));
+        memset(ofb_buf2,0,sizeof(ofb_buf1));
+        num=0;
+        for (i=0; i<sizeof(plain); i++)
+                {
+                des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,
+                                       ks,&ofb_tmp,&num);
+                }
+        if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+                {
+                printf("ede_ofb64_encrypt encrypt error\n");
+                err=1;
+                }
+        memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+        num=0;
+        des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,ks,ks,
+                               &ofb_tmp,&num);
+        if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+                {
+                printf("ede_ofb64_encrypt decrypt error\n");
+                err=1;
+                }
+
+        printf("Doing cbc_cksum\n");
+        DES_set_key_checked(&cbc_key,&ks);
+        cs=des_cbc_cksum(cbc_data,&cret,strlen((char *)cbc_data),ks,&cbc_iv);
+        if (cs != cbc_cksum_ret)
+                {
+                printf("bad return value (%08lX), should be %08lX\n",
+                        (unsigned long)cs,(unsigned long)cbc_cksum_ret);
+                err=1;
+                }
+        if (memcmp(cret,cbc_cksum_data,8) != 0)
+                {
+                printf("bad cbc_cksum block returned\n");
+                err=1;
+                }
+
+        printf("Doing quad_cksum\n");
+        cs=des_quad_cksum(cbc_data,(des_cblock *)lqret,
+                (long)strlen((char *)cbc_data),2,(des_cblock *)cbc_iv);
+        if (cs != 0x70d7a63aL)
+                {
+                printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+                        (unsigned long)cs);
+                err=1;
+                }
+#ifdef _CRAY
+        if (lqret[0].a != 0x327eba8dL)
+                {
+                printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+                        (unsigned long)lqret[0].a,0x327eba8dUL);
+                err=1;
+                }
+        if (lqret[0].b != 0x201a49ccL)
+                {
+                printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+                        (unsigned long)lqret[0].b,0x201a49ccUL);
+                err=1;
+                }
+        if (lqret[1].a != 0x70d7a63aL)
+                {
+                printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+                        (unsigned long)lqret[1].a,0x70d7a63aUL);
+                err=1;
+                }
+        if (lqret[1].b != 0x501c2c26L)
+                {
+                printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+                        (unsigned long)lqret[1].b,0x501c2c26UL);
+                err=1;
+                }
+#else
+        if (lqret[0] != 0x327eba8dL)
+                {
+                printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+                        (unsigned long)lqret[0],0x327eba8dUL);
+                err=1;
+                }
+        if (lqret[1] != 0x201a49ccL)
+                {
+                printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+                        (unsigned long)lqret[1],0x201a49ccUL);
+                err=1;
+                }
+        if (lqret[2] != 0x70d7a63aL)
+                {
+                printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+                        (unsigned long)lqret[2],0x70d7a63aUL);
+                err=1;
+                }
+        if (lqret[3] != 0x501c2c26L)
+                {
+                printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+                        (unsigned long)lqret[3],0x501c2c26UL);
+                err=1;
+                }
+#endif
+#endif
+
+        printf("input word alignment test");
+        for (i=0; i<4; i++)
+                {
+                printf(" %d",i);
+                des_ncbc_encrypt(&(cbc_out[i]),cbc_in,
+                                 strlen((char *)cbc_data)+1,ks,
+                                 &cbc_iv,DES_ENCRYPT);
+                }
+        printf("\noutput word alignment test");
+        for (i=0; i<4; i++)
+                {
+                printf(" %d",i);
+                des_ncbc_encrypt(cbc_out,&(cbc_in[i]),
+                                 strlen((char *)cbc_data)+1,ks,
+                                 &cbc_iv,DES_ENCRYPT);
+                }
+        printf("\n");
+        printf("fast crypt test ");
+        str=crypt("testing","ef");
+        if (strcmp("efGnQx2725bI2",str) != 0)
+                {
+                printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
+                err=1;
+                }
+        str=crypt("bca76;23","yA");
+        if (strcmp("yA1Rp/1hZXIJk",str) != 0)
+                {
+                printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
+                err=1;
+                }
+#ifdef OPENSSL_SYS_NETWARE
+    if (err) printf("ERROR: %d\n", err);
+#endif
+        printf("\n");
+        return(err);
+        }
+
+static char *pt(unsigned char *p)
+        {
+        static char bufs[10][20];
+        static int bnum=0;
+        char *ret;
+        int i;
+        static char *f="0123456789ABCDEF";
+
+        ret= &(bufs[bnum++][0]);
+        bnum%=10;
+        for (i=0; i<8; i++)
+                {
+                ret[i*2]=f[(p[i]>>4)&0xf];
+                ret[i*2+1]=f[p[i]&0xf];
+                }
+        ret[16]='\0';
+        return(ret);
+        }
+
+#ifndef LIBDES_LIT
+
+static int cfb_test(int bits, unsigned char *cfb_cipher)
+        {
+        des_key_schedule ks;
+        int i,err=0;
+
+        DES_set_key_checked(&cfb_key,&ks);
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        des_cfb_encrypt(plain,cfb_buf1,bits,sizeof(plain),ks,&cfb_tmp,
+                        DES_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt encrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,sizeof(plain),ks,&cfb_tmp,
+                        DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        return(err);
+        }
+
+static int cfb64_test(unsigned char *cfb_cipher)
+        {
+        des_key_schedule ks;
+        int err=0,i,n;
+
+        DES_set_key_checked(&cfb_key,&ks);
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_cfb64_encrypt(plain,cfb_buf1,12,ks,&cfb_tmp,&n,DES_ENCRYPT);
+        des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),sizeof(plain)-12,ks,
+                          &cfb_tmp,&n,DES_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt encrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_cfb64_encrypt(cfb_buf1,cfb_buf2,17,ks,&cfb_tmp,&n,DES_DECRYPT);
+        des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                          sizeof(plain)-17,ks,&cfb_tmp,&n,DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+static int ede_cfb64_test(unsigned char *cfb_cipher)
+        {
+        des_key_schedule ks;
+        int err=0,i,n;
+
+        DES_set_key_checked(&cfb_key,&ks);
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_ede3_cfb64_encrypt(plain,cfb_buf1,12,ks,ks,ks,&cfb_tmp,&n,
+                               DES_ENCRYPT);
+        des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+                               sizeof(plain)-12,ks,ks,ks,
+                               &cfb_tmp,&n,DES_ENCRYPT);
+        if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("ede_cfb_encrypt encrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf1[i])));
+                }
+        memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+        n=0;
+        des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
+                               &cfb_tmp,&n,DES_DECRYPT);
+        des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+                               sizeof(plain)-17,ks,ks,ks,
+                               &cfb_tmp,&n,DES_DECRYPT);
+        if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+                {
+                err=1;
+                printf("ede_cfb_encrypt decrypt error\n");
+                for (i=0; i<24; i+=8)
+                        printf("%s\n",pt(&(cfb_buf2[i])));
+                }
+        return(err);
+        }
+
+#endif
+#endif
diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c
new file mode 100644
index 0000000000..c3437bc606
--- /dev/null
+++ b/src/lib/libcrypto/des/ecb3_enc.c
@@ -0,0 +1,83 @@
+/* crypto/des/ecb3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks1, DES_key_schedule *ks2,
+                      DES_key_schedule *ks3,
+             int enc)
+        {
+        register DES_LONG l0,l1;
+        DES_LONG ll[2];
+        const unsigned char *in = &(*input)[0];
+        unsigned char *out = &(*output)[0];
+
+        c2l(in,l0);
+        c2l(in,l1);
+        ll[0]=l0;
+        ll[1]=l1;
+        if (enc)
+                DES_encrypt3(ll,ks1,ks2,ks3);
+        else
+                DES_decrypt3(ll,ks1,ks2,ks3);
+        l0=ll[0];
+        l1=ll[1];
+        l2c(l0,out);
+        l2c(l1,out);
+        }
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c
new file mode 100644
index 0000000000..00d5b91e8c
--- /dev/null
+++ b/src/lib/libcrypto/des/ecb_enc.c
@@ -0,0 +1,123 @@
+/* crypto/des/ecb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "des_ver.h"
+#include "spr.h"
+#include <openssl/opensslv.h>
+#include <openssl/bio.h>
+
+OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT;
+
+const char *DES_options(void)
+        {
+        static int init=1;
+        static char buf[32];
+
+        if (init)
+                {
+                const char *ptr,*unroll,*risc,*size;
+
+#ifdef DES_PTR
+                ptr="ptr";
+#else
+                ptr="idx";
+#endif
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+                risc="risc1";
+#endif
+#ifdef DES_RISC2
+                risc="risc2";
+#endif
+#else
+                risc="cisc";
+#endif
+#ifdef DES_UNROLL
+                unroll="16";
+#else
+                unroll="4";
+#endif
+                if (sizeof(DES_LONG) != sizeof(long))
+                        size="int";
+                else
+                        size="long";
+                BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
+                             size);
+                init=0;
+                }
+        return(buf);
+        }
+                
+
+void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                     DES_key_schedule *ks, int enc)
+        {
+        register DES_LONG l;
+        DES_LONG ll[2];
+        const unsigned char *in = &(*input)[0];
+        unsigned char *out = &(*output)[0];
+
+        c2l(in,l); ll[0]=l;
+        c2l(in,l); ll[1]=l;
+        DES_encrypt1(ll,ks,enc);
+        l=ll[0]; l2c(l,out);
+        l=ll[1]; l2c(l,out);
+        l=ll[0]=ll[1]=0;
+        }
diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c
new file mode 100644
index 0000000000..adfcb75cf3
--- /dev/null
+++ b/src/lib/libcrypto/des/ede_cbcm_enc.c
@@ -0,0 +1,199 @@
+/* ede_cbcm_enc.c */
+/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
+ * project 13 Feb 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+
+This is an implementation of Triple DES Cipher Block Chaining with Output
+Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
+
+Note that there is a known attack on this by Biham and Knudsen but it takes
+a lot of work:
+
+http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
+
+*/
+
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
+
+#ifndef OPENSSL_NO_DESCBCM
+#include "des_locl.h"
+
+void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+             long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
+             DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
+             int enc)
+    {
+    register DES_LONG tin0,tin1;
+    register DES_LONG tout0,tout1,xor0,xor1,m0,m1;
+    register long l=length;
+    DES_LONG tin[2];
+    unsigned char *iv1,*iv2;
+
+    iv1 = &(*ivec1)[0];
+    iv2 = &(*ivec2)[0];
+
+    if (enc)
+        {
+        c2l(iv1,m0);
+        c2l(iv1,m1);
+        c2l(iv2,tout0);
+        c2l(iv2,tout1);
+        for (l-=8; l>=-7; l-=8)
+            {
+            tin[0]=m0;
+            tin[1]=m1;
+            DES_encrypt1(tin,ks3,1);
+            m0=tin[0];
+            m1=tin[1];
+
+            if(l < 0)
+                {
+                c2ln(in,tin0,tin1,l+8);
+                }
+            else
+                {
+                c2l(in,tin0);
+                c2l(in,tin1);
+                }
+            tin0^=tout0;
+            tin1^=tout1;
+
+            tin[0]=tin0;
+            tin[1]=tin1;
+            DES_encrypt1(tin,ks1,1);
+            tin[0]^=m0;
+            tin[1]^=m1;
+            DES_encrypt1(tin,ks2,0);
+            tin[0]^=m0;
+            tin[1]^=m1;
+            DES_encrypt1(tin,ks1,1);
+            tout0=tin[0];
+            tout1=tin[1];
+
+            l2c(tout0,out);
+            l2c(tout1,out);
+            }
+        iv1=&(*ivec1)[0];
+        l2c(m0,iv1);
+        l2c(m1,iv1);
+
+        iv2=&(*ivec2)[0];
+        l2c(tout0,iv2);
+        l2c(tout1,iv2);
+        }
+    else
+        {
+        register DES_LONG t0,t1;
+
+        c2l(iv1,m0);
+        c2l(iv1,m1);
+        c2l(iv2,xor0);
+        c2l(iv2,xor1);
+        for (l-=8; l>=-7; l-=8)
+            {
+            tin[0]=m0;
+            tin[1]=m1;
+            DES_encrypt1(tin,ks3,1);
+            m0=tin[0];
+            m1=tin[1];
+
+            c2l(in,tin0);
+            c2l(in,tin1);
+
+            t0=tin0;
+            t1=tin1;
+
+            tin[0]=tin0;
+            tin[1]=tin1;
+            DES_encrypt1(tin,ks1,0);
+            tin[0]^=m0;
+            tin[1]^=m1;
+            DES_encrypt1(tin,ks2,1);
+            tin[0]^=m0;
+            tin[1]^=m1;
+            DES_encrypt1(tin,ks1,0);
+            tout0=tin[0];
+            tout1=tin[1];
+
+            tout0^=xor0;
+            tout1^=xor1;
+            if(l < 0)
+                {
+                l2cn(tout0,tout1,out,l+8);
+                }
+            else
+                {
+                l2c(tout0,out);
+                l2c(tout1,out);
+                }
+            xor0=t0;
+            xor1=t1;
+            }
+
+        iv1=&(*ivec1)[0];
+        l2c(m0,iv1);
+        l2c(m1,iv1);
+
+        iv2=&(*ivec2)[0];
+        l2c(xor0,iv2);
+        l2c(xor1,iv2);
+        }
+    tin0=tin1=tout0=tout1=xor0=xor1=0;
+    tin[0]=tin[1]=0;
+    }
+#endif
diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c
new file mode 100644
index 0000000000..c70fb686b8
--- /dev/null
+++ b/src/lib/libcrypto/des/enc_read.c
@@ -0,0 +1,228 @@
+/* crypto/des/enc_read.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "des_locl.h"
+
+/* This has some uglies in it but it works - even over sockets. */
+/*extern int errno;*/
+OPENSSL_IMPLEMENT_GLOBAL(int,DES_rw_mode)=DES_PCBC_MODE;
+
+
+/*
+ * WARNINGS:
+ *
+ *  -  The data format used by DES_enc_write() and DES_enc_read()
+ *     has a cryptographic weakness: When asked to write more
+ *     than MAXWRITE bytes, DES_enc_write will split the data
+ *     into several chunks that are all encrypted
+ *     using the same IV.  So don't use these functions unless you
+ *     are sure you know what you do (in which case you might
+ *     not want to use them anyway).
+ *
+ *  -  This code cannot handle non-blocking sockets.
+ *
+ *  -  This function uses an internal state and thus cannot be
+ *     used on multiple files.
+ */
+
+
+int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+                 DES_cblock *iv)
+        {
+        /* data to be unencrypted */
+        int net_num=0;
+        static unsigned char *net=NULL;
+        /* extra unencrypted data 
+         * for when a block of 100 comes in but is des_read one byte at
+         * a time. */
+        static unsigned char *unnet=NULL;
+        static int unnet_start=0;
+        static int unnet_left=0;
+        static unsigned char *tmpbuf=NULL;
+        int i;
+        long num=0,rnum;
+        unsigned char *p;
+
+        if (tmpbuf == NULL)
+                {
+                tmpbuf=OPENSSL_malloc(BSIZE);
+                if (tmpbuf == NULL) return(-1);
+                }
+        if (net == NULL)
+                {
+                net=OPENSSL_malloc(BSIZE);
+                if (net == NULL) return(-1);
+                }
+        if (unnet == NULL)
+                {
+                unnet=OPENSSL_malloc(BSIZE);
+                if (unnet == NULL) return(-1);
+                }
+        /* left over data from last decrypt */
+        if (unnet_left != 0)
+                {
+                if (unnet_left < len)
+                        {
+                        /* we still still need more data but will return
+                         * with the number of bytes we have - should always
+                         * check the return value */
+                        memcpy(buf,&(unnet[unnet_start]),
+                               unnet_left);
+                        /* eay 26/08/92 I had the next 2 lines
+                         * reversed :-( */
+                        i=unnet_left;
+                        unnet_start=unnet_left=0;
+                        }
+                else
+                        {
+                        memcpy(buf,&(unnet[unnet_start]),len);
+                        unnet_start+=len;
+                        unnet_left-=len;
+                        i=len;
+                        }
+                return(i);
+                }
+
+        /* We need to get more data. */
+        if (len > MAXWRITE) len=MAXWRITE;
+
+        /* first - get the length */
+        while (net_num < HDRSIZE) 
+                {
+                i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
+#ifdef EINTR
+                if ((i == -1) && (errno == EINTR)) continue;
+#endif
+                if (i <= 0) return(0);
+                net_num+=i;
+                }
+
+        /* we now have at net_num bytes in net */
+        p=net;
+        /* num=0;  */
+        n2l(p,num);
+        /* num should be rounded up to the next group of eight
+         * we make sure that we have read a multiple of 8 bytes from the net.
+         */
+        if ((num > MAXWRITE) || (num < 0)) /* error */
+                return(-1);
+        rnum=(num < 8)?8:((num+7)/8*8);
+
+        net_num=0;
+        while (net_num < rnum)
+                {
+                i=read(fd,(void *)&(net[net_num]),rnum-net_num);
+#ifdef EINTR
+                if ((i == -1) && (errno == EINTR)) continue;
+#endif
+                if (i <= 0) return(0);
+                net_num+=i;
+                }
+
+        /* Check if there will be data left over. */
+        if (len < num)
+                {
+                if (DES_rw_mode & DES_PCBC_MODE)
+                        DES_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
+                else
+                        DES_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
+                memcpy(buf,unnet,len);
+                unnet_start=len;
+                unnet_left=num-len;
+
+                /* The following line is done because we return num
+                 * as the number of bytes read. */
+                num=len;
+                }
+        else
+                {
+                /* >output is a multiple of 8 byes, if len < rnum
+                 * >we must be careful.  The user must be aware that this
+                 * >routine will write more bytes than he asked for.
+                 * >The length of the buffer must be correct.
+                 * FIXED - Should be ok now 18-9-90 - eay */
+                if (len < rnum)
+                        {
+
+                        if (DES_rw_mode & DES_PCBC_MODE)
+                                DES_pcbc_encrypt(net,tmpbuf,num,sched,iv,
+                                                 DES_DECRYPT);
+                        else
+                                DES_cbc_encrypt(net,tmpbuf,num,sched,iv,
+                                                DES_DECRYPT);
+
+                        /* eay 26/08/92 fix a bug that returned more
+                         * bytes than you asked for (returned len bytes :-( */
+                        memcpy(buf,tmpbuf,num);
+                        }
+                else
+                        {
+                        if (DES_rw_mode & DES_PCBC_MODE)
+                                DES_pcbc_encrypt(net,buf,num,sched,iv,
+                                                 DES_DECRYPT);
+                        else
+                                DES_cbc_encrypt(net,buf,num,sched,iv,
+                                                DES_DECRYPT);
+                        }
+                }
+        return num;
+        }
+
diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c
new file mode 100644
index 0000000000..af5b8c2349
--- /dev/null
+++ b/src/lib/libcrypto/des/enc_writ.c
@@ -0,0 +1,171 @@
+/* crypto/des/enc_writ.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <errno.h>
+#include <time.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include "des_locl.h"
+#include <openssl/rand.h>
+
+/*
+ * WARNINGS:
+ *
+ *  -  The data format used by DES_enc_write() and DES_enc_read()
+ *     has a cryptographic weakness: When asked to write more
+ *     than MAXWRITE bytes, DES_enc_write will split the data
+ *     into several chunks that are all encrypted
+ *     using the same IV.  So don't use these functions unless you
+ *     are sure you know what you do (in which case you might
+ *     not want to use them anyway).
+ *
+ *  -  This code cannot handle non-blocking sockets.
+ */
+
+int DES_enc_write(int fd, const void *_buf, int len,
+                  DES_key_schedule *sched, DES_cblock *iv)
+        {
+#ifdef _LIBC
+        extern unsigned long time();
+        extern int write();
+#endif
+        const unsigned char *buf=_buf;
+        long rnum;
+        int i,j,k,outnum;
+        static unsigned char *outbuf=NULL;
+        unsigned char shortbuf[8];
+        unsigned char *p;
+        const unsigned char *cp;
+        static int start=1;
+
+        if (outbuf == NULL)
+                {
+                outbuf=OPENSSL_malloc(BSIZE+HDRSIZE);
+                if (outbuf == NULL) return(-1);
+                }
+        /* If we are sending less than 8 bytes, the same char will look
+         * the same if we don't pad it out with random bytes */
+        if (start)
+                {
+                start=0;
+                }
+
+        /* lets recurse if we want to send the data in small chunks */
+        if (len > MAXWRITE)
+                {
+                j=0;
+                for (i=0; i<len; i+=k)
+                        {
+                        k=DES_enc_write(fd,&(buf[i]),
+                                ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
+                        if (k < 0)
+                                return(k);
+                        else
+                                j+=k;
+                        }
+                return(j);
+                }
+
+        /* write length first */
+        p=outbuf;
+        l2n(len,p);
+
+        /* pad short strings */
+        if (len < 8)
+                {
+                cp=shortbuf;
+                memcpy(shortbuf,buf,len);
+                RAND_pseudo_bytes(shortbuf+len, 8-len);
+                rnum=8;
+                }
+        else
+                {
+                cp=buf;
+                rnum=((len+7)/8*8); /* round up to nearest eight */
+                }
+
+        if (DES_rw_mode & DES_PCBC_MODE)
+                DES_pcbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
+                                 DES_ENCRYPT); 
+        else
+                DES_cbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
+                                DES_ENCRYPT); 
+
+        /* output */
+        outnum=rnum+HDRSIZE;
+
+        for (j=0; j<outnum; j+=i)
+                {
+                /* eay 26/08/92 I was not doing writing from where we
+                 * got up to. */
+                i=write(fd,(void *)&(outbuf[j]),outnum-j);
+                if (i == -1)
+                        {
+#ifdef EINTR
+                        if (errno == EINTR)
+                                i=0;
+                        else
+#endif
+                                /* This is really a bad error - very bad
+                                 * It will stuff-up both ends. */
+                                return(-1);
+                        }
+                }
+
+        return(len);
+        }
diff --git a/src/lib/libcrypto/des/fcrypt.c b/src/lib/libcrypto/des/fcrypt.c
new file mode 100644
index 0000000000..ccbdff250f
--- /dev/null
+++ b/src/lib/libcrypto/des/fcrypt.c
@@ -0,0 +1,170 @@
+/* NOCW */
+#include <stdio.h>
+#ifdef _OSD_POSIX
+#ifndef CHARSET_EBCDIC
+#define CHARSET_EBCDIC 1
+#endif
+#endif
+#ifdef CHARSET_EBCDIC
+#include <openssl/ebcdic.h>
+#endif
+
+/* This version of crypt has been developed from my MIT compatible
+ * DES library.
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+/* Modification by Jens Kupferschmidt (Cu)
+ * I have included directive PARA for shared memory computers.
+ * I have included a directive LONGCRYPT to using this routine to cipher
+ * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
+ * definition is the maximum of length of password and can changed. I have
+ * defined 24.
+ */
+
+#include "des_locl.h"
+
+/* Added more values to handle illegal salt values the way normal
+ * crypt() implementations do.  The patch was sent by 
+ * Bjorn Gronvall <bg@sics.se>
+ */
+static unsigned const char con_salt[128]={
+0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
+0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
+0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
+0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
+0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
+0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
+0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
+0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
+0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
+0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
+0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
+0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
+0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
+0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
+0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
+0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
+};
+
+static unsigned const char cov_2char[64]={
+0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
+0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
+0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
+0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
+0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
+0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
+0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
+0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
+};
+
+char *DES_crypt(const char *buf, const char *salt)
+        {
+        static char buff[14];
+
+#ifndef CHARSET_EBCDIC
+        return(DES_fcrypt(buf,salt,buff));
+#else
+        char e_salt[2+1];
+        char e_buf[32+1];       /* replace 32 by 8 ? */
+        char *ret;
+
+        /* Copy at most 2 chars of salt */
+        if ((e_salt[0] = salt[0]) != '\0')
+            e_salt[1] = salt[1];
+
+        /* Copy at most 32 chars of password */
+        strncpy (e_buf, buf, sizeof(e_buf));
+
+        /* Make sure we have a delimiter */
+        e_salt[sizeof(e_salt)-1] = e_buf[sizeof(e_buf)-1] = '\0';
+
+        /* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
+        ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
+
+        /* Convert the cleartext password to ASCII */
+        ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
+
+        /* Encrypt it (from/to ASCII) */
+        ret = DES_fcrypt(e_buf,e_salt,buff);
+
+        /* Convert the result back to EBCDIC */
+        ascii2ebcdic(ret, ret, strlen(ret));
+        
+        return ret;
+#endif
+        }
+
+
+char *DES_fcrypt(const char *buf, const char *salt, char *ret)
+        {
+        unsigned int i,j,x,y;
+        DES_LONG Eswap0,Eswap1;
+        DES_LONG out[2],ll;
+        DES_cblock key;
+        DES_key_schedule ks;
+        unsigned char bb[9];
+        unsigned char *b=bb;
+        unsigned char c,u;
+
+        /* eay 25/08/92
+         * If you call crypt("pwd","*") as often happens when you
+         * have * as the pwd field in /etc/passwd, the function
+         * returns *\0XXXXXXXXX
+         * The \0 makes the string look like * so the pwd "*" would
+         * crypt to "*".  This was found when replacing the crypt in
+         * our shared libraries.  People found that the disabled
+         * accounts effectively had no passwd :-(. */
+#ifndef CHARSET_EBCDIC
+        x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
+        Eswap0=con_salt[x]<<2;
+        x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
+        Eswap1=con_salt[x]<<6;
+#else
+        x=ret[0]=((salt[0] == '\0')?os_toascii['A']:salt[0]);
+        Eswap0=con_salt[x]<<2;
+        x=ret[1]=((salt[1] == '\0')?os_toascii['A']:salt[1]);
+        Eswap1=con_salt[x]<<6;
+#endif
+
+/* EAY
+r=strlen(buf);
+r=(r+7)/8;
+*/
+        for (i=0; i<8; i++)
+                {
+                c= *(buf++);
+                if (!c) break;
+                key[i]=(c<<1);
+                }
+        for (; i<8; i++)
+                key[i]=0;
+
+        DES_set_key_unchecked(&key,&ks);
+        fcrypt_body(&(out[0]),&ks,Eswap0,Eswap1);
+
+        ll=out[0]; l2c(ll,b);
+        ll=out[1]; l2c(ll,b);
+        y=0;
+        u=0x80;
+        bb[8]=0;
+        for (i=2; i<13; i++)
+                {
+                c=0;
+                for (j=0; j<6; j++)
+                        {
+                        c<<=1;
+                        if (bb[y] & u) c|=1;
+                        u>>=1;
+                        if (!u)
+                                {
+                                y++;
+                                u=0x80;
+                                }
+                        }
+                ret[i]=cov_2char[c];
+                }
+        ret[13]='\0';
+        return(ret);
+        }
+
diff --git a/src/lib/libcrypto/des/fcrypt_b.c b/src/lib/libcrypto/des/fcrypt_b.c
new file mode 100644
index 0000000000..c56b461e91
--- /dev/null
+++ b/src/lib/libcrypto/des/fcrypt_b.c
@@ -0,0 +1,148 @@
+/* crypto/des/fcrypt_b.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatible
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+#define DES_FCRYPT
+#include "des_locl.h"
+#undef DES_FCRYPT
+
+#ifndef OPENBSD_DES_ASM
+
+#undef PERM_OP
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+        (b)^=(t),\
+        (a)^=((t)<<(n)))
+
+#undef HPERM_OP
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+        (a)=(a)^(t)^(t>>(16-(n))))\
+
+void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
+                 DES_LONG Eswap1)
+        {
+        register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+        register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+        register DES_LONG *s;
+        register int j;
+        register DES_LONG E0,E1;
+
+        l=0;
+        r=0;
+
+        s=(DES_LONG *)ks;
+        E0=Eswap0;
+        E1=Eswap1;
+
+        for (j=0; j<25; j++)
+                {
+#ifndef DES_UNROLL
+                register int i;
+
+                for (i=0; i<32; i+=8)
+                        {
+                        D_ENCRYPT(l,r,i+0); /*  1 */
+                        D_ENCRYPT(r,l,i+2); /*  2 */
+                        D_ENCRYPT(l,r,i+4); /*  1 */
+                        D_ENCRYPT(r,l,i+6); /*  2 */
+                        }
+#else
+                D_ENCRYPT(l,r, 0); /*  1 */
+                D_ENCRYPT(r,l, 2); /*  2 */
+                D_ENCRYPT(l,r, 4); /*  3 */
+                D_ENCRYPT(r,l, 6); /*  4 */
+                D_ENCRYPT(l,r, 8); /*  5 */
+                D_ENCRYPT(r,l,10); /*  6 */
+                D_ENCRYPT(l,r,12); /*  7 */
+                D_ENCRYPT(r,l,14); /*  8 */
+                D_ENCRYPT(l,r,16); /*  9 */
+                D_ENCRYPT(r,l,18); /*  10 */
+                D_ENCRYPT(l,r,20); /*  11 */
+                D_ENCRYPT(r,l,22); /*  12 */
+                D_ENCRYPT(l,r,24); /*  13 */
+                D_ENCRYPT(r,l,26); /*  14 */
+                D_ENCRYPT(l,r,28); /*  15 */
+                D_ENCRYPT(r,l,30); /*  16 */
+#endif
+
+                t=l;
+                l=r;
+                r=t;
+                }
+        l=ROTATE(l,3)&0xffffffffL;
+        r=ROTATE(r,3)&0xffffffffL;
+
+        PERM_OP(l,r,t, 1,0x55555555L);
+        PERM_OP(r,l,t, 8,0x00ff00ffL);
+        PERM_OP(l,r,t, 2,0x33333333L);
+        PERM_OP(r,l,t,16,0x0000ffffL);
+        PERM_OP(l,r,t, 4,0x0f0f0f0fL);
+
+        out[0]=r;
+        out[1]=l;
+        }
+
+#endif /* OPENBSD_DES_ASM */
diff --git a/src/lib/libcrypto/des/makefile.bc b/src/lib/libcrypto/des/makefile.bc
new file mode 100644
index 0000000000..1fe6d4915a
--- /dev/null
+++ b/src/lib/libcrypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC      = bcc
+TLIB    = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS  = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS  = -ml $(WINDOWS)
+
+.c.obj:
+        $(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+        $(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib  
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+        del *.exe
+        del *.obj
+        del libdes.lib
+        del libdes.rsp
+
+OBJS=   cbc_cksm.obj cbc_enc.obj  ecb_enc.obj  pcbc_enc.obj \
+        qud_cksm.obj rand_key.obj set_key.obj  str2key.obj \
+        enc_read.obj enc_writ.obj fcrypt.obj   cfb_enc.obj \
+        ecb3_enc.obj ofb_enc.obj  cbc3_enc.obj read_pwd.obj\
+        cfb64enc.obj ofb64enc.obj ede_enc.obj  cfb64ede.obj\
+        ofb64ede.obj supp.obj
+
+LIB=    libdes.lib
+
+$(LIB): $(OBJS)
+        del $(LIB)
+        makersp "+%s &\n" &&|
+        $(OBJS)
+|       >libdes.rsp
+        $(TLIB) libdes.lib @libdes.rsp,nul
+        del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe:     rpw.obj libdes.lib
+speed.exe:   speed.obj libdes.lib
+des.exe:     des.obj libdes.lib
+
+
diff --git a/src/lib/libcrypto/des/ncbc_enc.c b/src/lib/libcrypto/des/ncbc_enc.c
new file mode 100644
index 0000000000..fda23d522f
--- /dev/null
+++ b/src/lib/libcrypto/des/ncbc_enc.c
@@ -0,0 +1,148 @@
+/* crypto/des/ncbc_enc.c */
+/*
+ * #included by:
+ *    cbc_enc.c  (DES_cbc_encrypt)
+ *    des_enc.c  (DES_ncbc_encrypt)
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+#ifdef CBC_ENC_C__DONT_UPDATE_IV
+void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
+#else
+void DES_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
+#endif
+        {
+        register DES_LONG tin0,tin1;
+        register DES_LONG tout0,tout1,xor0,xor1;
+        register long l=length;
+        DES_LONG tin[2];
+        unsigned char *iv;
+
+        iv = &(*ivec)[0];
+
+        if (enc)
+                {
+                c2l(iv,tout0);
+                c2l(iv,tout1);
+                for (l-=8; l>=0; l-=8)
+                        {
+                        c2l(in,tin0);
+                        c2l(in,tin1);
+                        tin0^=tout0; tin[0]=tin0;
+                        tin1^=tout1; tin[1]=tin1;
+                        DES_encrypt1((DES_LONG *)tin,_schedule,DES_ENCRYPT);
+                        tout0=tin[0]; l2c(tout0,out);
+                        tout1=tin[1]; l2c(tout1,out);
+                        }
+                if (l != -8)
+                        {
+                        c2ln(in,tin0,tin1,l+8);
+                        tin0^=tout0; tin[0]=tin0;
+                        tin1^=tout1; tin[1]=tin1;
+                        DES_encrypt1((DES_LONG *)tin,_schedule,DES_ENCRYPT);
+                        tout0=tin[0]; l2c(tout0,out);
+                        tout1=tin[1]; l2c(tout1,out);
+                        }
+#ifndef CBC_ENC_C__DONT_UPDATE_IV
+                iv = &(*ivec)[0];
+                l2c(tout0,iv);
+                l2c(tout1,iv);
+#endif
+                }
+        else
+                {
+                c2l(iv,xor0);
+                c2l(iv,xor1);
+                for (l-=8; l>=0; l-=8)
+                        {
+                        c2l(in,tin0); tin[0]=tin0;
+                        c2l(in,tin1); tin[1]=tin1;
+                        DES_encrypt1((DES_LONG *)tin,_schedule,DES_DECRYPT);
+                        tout0=tin[0]^xor0;
+                        tout1=tin[1]^xor1;
+                        l2c(tout0,out);
+                        l2c(tout1,out);
+                        xor0=tin0;
+                        xor1=tin1;
+                        }
+                if (l != -8)
+                        {
+                        c2l(in,tin0); tin[0]=tin0;
+                        c2l(in,tin1); tin[1]=tin1;
+                        DES_encrypt1((DES_LONG *)tin,_schedule,DES_DECRYPT);
+                        tout0=tin[0]^xor0;
+                        tout1=tin[1]^xor1;
+                        l2cn(tout0,tout1,out,l+8);
+#ifndef CBC_ENC_C__DONT_UPDATE_IV
+                        xor0=tin0;
+                        xor1=tin1;
+#endif
+                        }
+#ifndef CBC_ENC_C__DONT_UPDATE_IV 
+                iv = &(*ivec)[0];
+                l2c(xor0,iv);
+                l2c(xor1,iv);
+#endif
+                }
+        tin0=tin1=tout0=tout1=xor0=xor1=0;
+        tin[0]=tin[1]=0;
+        }
diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c
new file mode 100644
index 0000000000..26bbf9a6a7
--- /dev/null
+++ b/src/lib/libcrypto/des/ofb64ede.c
@@ -0,0 +1,125 @@
+/* crypto/des/ofb64ede.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void DES_ede3_ofb64_encrypt(register const unsigned char *in,
+                            register unsigned char *out, long length,
+                            DES_key_schedule *k1, DES_key_schedule *k2,
+                            DES_key_schedule *k3, DES_cblock *ivec,
+                            int *num)
+        {
+        register DES_LONG v0,v1;
+        register int n= *num;
+        register long l=length;
+        DES_cblock d;
+        register char *dp;
+        DES_LONG ti[2];
+        unsigned char *iv;
+        int save=0;
+
+        iv = &(*ivec)[0];
+        c2l(iv,v0);
+        c2l(iv,v1);
+        ti[0]=v0;
+        ti[1]=v1;
+        dp=(char *)d;
+        l2c(v0,dp);
+        l2c(v1,dp);
+        while (l--)
+                {
+                if (n == 0)
+                        {
+                        /* ti[0]=v0; */
+                        /* ti[1]=v1; */
+                        DES_encrypt3(ti,k1,k2,k3);
+                        v0=ti[0];
+                        v1=ti[1];
+
+                        dp=(char *)d;
+                        l2c(v0,dp);
+                        l2c(v1,dp);
+                        save++;
+                        }
+                *(out++)= *(in++)^d[n];
+                n=(n+1)&0x07;
+                }
+        if (save)
+                {
+/*              v0=ti[0];
+                v1=ti[1];*/
+                iv = &(*ivec)[0];
+                l2c(v0,iv);
+                l2c(v1,iv);
+                }
+        v0=v1=ti[0]=ti[1]=0;
+        *num=n;
+        }
+
+#ifdef undef /* MACRO */
+void DES_ede2_ofb64_encrypt(register unsigned char *in,
+             register unsigned char *out, long length, DES_key_schedule k1,
+             DES_key_schedule k2, DES_cblock (*ivec), int *num)
+        {
+        DES_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
+        }
+#endif
diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c
new file mode 100644
index 0000000000..8ca3d49dea
--- /dev/null
+++ b/src/lib/libcrypto/des/ofb64enc.c
@@ -0,0 +1,110 @@
+/* crypto/des/ofb64enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void DES_ofb64_encrypt(register const unsigned char *in,
+                       register unsigned char *out, long length,
+                       DES_key_schedule *schedule, DES_cblock *ivec, int *num)
+        {
+        register DES_LONG v0,v1,t;
+        register int n= *num;
+        register long l=length;
+        DES_cblock d;
+        register unsigned char *dp;
+        DES_LONG ti[2];
+        unsigned char *iv;
+        int save=0;
+
+        iv = &(*ivec)[0];
+        c2l(iv,v0);
+        c2l(iv,v1);
+        ti[0]=v0;
+        ti[1]=v1;
+        dp=d;
+        l2c(v0,dp);
+        l2c(v1,dp);
+        while (l--)
+                {
+                if (n == 0)
+                        {
+                        DES_encrypt1(ti,schedule,DES_ENCRYPT);
+                        dp=d;
+                        t=ti[0]; l2c(t,dp);
+                        t=ti[1]; l2c(t,dp);
+                        save++;
+                        }
+                *(out++)= *(in++)^d[n];
+                n=(n+1)&0x07;
+                }
+        if (save)
+                {
+                v0=ti[0];
+                v1=ti[1];
+                iv = &(*ivec)[0];
+                l2c(v0,iv);
+                l2c(v1,iv);
+                }
+        t=v0=v1=ti[0]=ti[1]=0;
+        *num=n;
+        }
+
diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c
new file mode 100644
index 0000000000..e887a3c6f4
--- /dev/null
+++ b/src/lib/libcrypto/des/ofb_enc.c
@@ -0,0 +1,135 @@
+/* crypto/des/ofb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second.  The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+                     long length, DES_key_schedule *schedule,
+                     DES_cblock *ivec)
+        {
+        register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
+        register DES_LONG mask0,mask1;
+        register long l=length;
+        register int num=numbits;
+        DES_LONG ti[2];
+        unsigned char *iv;
+
+        if (num > 64) return;
+        if (num > 32)
+                {
+                mask0=0xffffffffL;
+                if (num >= 64)
+                        mask1=mask0;
+                else
+                        mask1=(1L<<(num-32))-1;
+                }
+        else
+                {
+                if (num == 32)
+                        mask0=0xffffffffL;
+                else
+                        mask0=(1L<<num)-1;
+                mask1=0x00000000L;
+                }
+
+        iv = &(*ivec)[0];
+        c2l(iv,v0);
+        c2l(iv,v1);
+        ti[0]=v0;
+        ti[1]=v1;
+        while (l-- > 0)
+                {
+                ti[0]=v0;
+                ti[1]=v1;
+                DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
+                vv0=ti[0];
+                vv1=ti[1];
+                c2ln(in,d0,d1,n);
+                in+=n;
+                d0=(d0^vv0)&mask0;
+                d1=(d1^vv1)&mask1;
+                l2cn(d0,d1,out,n);
+                out+=n;
+
+                if (num == 32)
+                        { v0=v1; v1=vv0; }
+                else if (num == 64)
+                                { v0=vv0; v1=vv1; }
+                else if (num > 32) /* && num != 64 */
+                        {
+                        v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
+                        v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
+                        }
+                else /* num < 32 */
+                        {
+                        v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+                        v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
+                        }
+                }
+        iv = &(*ivec)[0];
+        l2c(v0,iv);
+        l2c(v1,iv);
+        v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
+        }
+
diff --git a/src/lib/libcrypto/des/options.txt b/src/lib/libcrypto/des/options.txt
new file mode 100644
index 0000000000..6e2b50f765
--- /dev/null
+++ b/src/lib/libcrypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler          577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR     496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]    459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1       433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL              380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assembler                  281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assembler                    281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL                          275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR          235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR                 233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR             191,000 1528k/s
+DEC Alpha 165mhz??  - cc - RISC2 PTR [2]                        181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR           158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3]                            148,000 1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL             123,600  989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR                 101,000  808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL                       81,000  648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assembler                    65,000  522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR      76,000  608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2                 43,500  344k/s
+AIX - old slow one :-) - cc -                                    39,000  312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0 
+    cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+    gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+    I'll record the higher since it is coming from the library but it
+    is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+    As such, my timing program was never able to get more that %30 of the CPU.
+    This would cause the program to give much lower speed numbers because
+    it would be 'fighting' to stay in the cache with the other CPU burning
+    processes.
diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c
new file mode 100644
index 0000000000..17a40f9520
--- /dev/null
+++ b/src/lib/libcrypto/des/pcbc_enc.c
@@ -0,0 +1,123 @@
+/* crypto/des/pcbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc)
+        {
+        register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
+        DES_LONG tin[2];
+        const unsigned char *in;
+        unsigned char *out,*iv;
+
+        in=input;
+        out=output;
+        iv = &(*ivec)[0];
+
+        if (enc)
+                {
+                c2l(iv,xor0);
+                c2l(iv,xor1);
+                for (; length>0; length-=8)
+                        {
+                        if (length >= 8)
+                                {
+                                c2l(in,sin0);
+                                c2l(in,sin1);
+                                }
+                        else
+                                c2ln(in,sin0,sin1,length);
+                        tin[0]=sin0^xor0;
+                        tin[1]=sin1^xor1;
+                        DES_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
+                        tout0=tin[0];
+                        tout1=tin[1];
+                        xor0=sin0^tout0;
+                        xor1=sin1^tout1;
+                        l2c(tout0,out);
+                        l2c(tout1,out);
+                        }
+                }
+        else
+                {
+                c2l(iv,xor0); c2l(iv,xor1);
+                for (; length>0; length-=8)
+                        {
+                        c2l(in,sin0);
+                        c2l(in,sin1);
+                        tin[0]=sin0;
+                        tin[1]=sin1;
+                        DES_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
+                        tout0=tin[0]^xor0;
+                        tout1=tin[1]^xor1;
+                        if (length >= 8)
+                                {
+                                l2c(tout0,out);
+                                l2c(tout1,out);
+                                }
+                        else
+                                l2cn(tout0,tout1,out,length);
+                        xor0=tout0^sin0;
+                        xor1=tout1^sin1;
+                        }
+                }
+        tin[0]=tin[1]=0;
+        sin0=sin1=xor0=xor1=tout0=tout1=0;
+        }
diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/qud_cksm.c
new file mode 100644
index 0000000000..dac201227e
--- /dev/null
+++ b/src/lib/libcrypto/des/qud_cksm.c
@@ -0,0 +1,139 @@
+/* crypto/des/qud_cksm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* From "Message Authentication"  R.R. Jueneman, S.M. Matyas, C.H. Meyer
+ * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
+ * This module in only based on the code in this paper and is
+ * almost definitely not the same as the MIT implementation.
+ */
+#include "des_locl.h"
+
+/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
+#define Q_B0(a) (((DES_LONG)(a)))
+#define Q_B1(a) (((DES_LONG)(a))<<8)
+#define Q_B2(a) (((DES_LONG)(a))<<16)
+#define Q_B3(a) (((DES_LONG)(a))<<24)
+
+/* used to scramble things a bit */
+/* Got the value MIT uses via brute force :-) 2/10/90 eay */
+#define NOISE   ((DES_LONG)83653421L)
+
+DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+             long length, int out_count, DES_cblock *seed)
+        {
+        DES_LONG z0,z1,t0,t1;
+        int i;
+        long l;
+        const unsigned char *cp;
+#ifdef _CRAY
+        struct lp_st { int a:32; int b:32; } *lp;
+#else
+        DES_LONG *lp;
+#endif
+
+        if (out_count < 1) out_count=1;
+#ifdef _CRAY
+        lp = (struct lp_st *) &(output[0])[0];
+#else
+        lp = (DES_LONG *) &(output[0])[0];
+#endif
+
+        z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
+        z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
+
+        for (i=0; ((i<4)&&(i<out_count)); i++)
+                {
+                cp=input;
+                l=length;
+                while (l > 0)
+                        {
+                        if (l > 1)
+                                {
+                                t0= (DES_LONG)(*(cp++));
+                                t0|=(DES_LONG)Q_B1(*(cp++));
+                                l--;
+                                }
+                        else
+                                t0= (DES_LONG)(*(cp++));
+                        l--;
+                        /* add */
+                        t0+=z0;
+                        t0&=0xffffffffL;
+                        t1=z1;
+                        /* square, well sort of square */
+                        z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
+                                &0xffffffffL)%0x7fffffffL; 
+                        z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
+                        }
+                if (lp != NULL)
+                        {
+                        /* The MIT library assumes that the checksum is
+                         * composed of 2*out_count 32 bit ints */
+#ifdef _CRAY
+                        (*lp).a = z0;
+                        (*lp).b = z1;
+                        lp++;
+#else
+                        *lp++ = z0;
+                        *lp++ = z1;
+#endif
+                        }
+                }
+        return(z0);
+        }
+
diff --git a/src/lib/libcrypto/des/rand_key.c b/src/lib/libcrypto/des/rand_key.c
new file mode 100644
index 0000000000..2398165568
--- /dev/null
+++ b/src/lib/libcrypto/des/rand_key.c
@@ -0,0 +1,68 @@
+/* crypto/des/rand_key.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+int DES_random_key(DES_cblock *ret)
+        {
+        do
+                {
+                if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1)
+                        return (0);
+                } while (DES_is_weak_key(ret));
+        DES_set_odd_parity(ret);
+        return (1);
+        }
diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c
new file mode 100644
index 0000000000..ee6969f76e
--- /dev/null
+++ b/src/lib/libcrypto/des/read2pwd.c
@@ -0,0 +1,140 @@
+/* crypto/des/read2pwd.c */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <string.h>
+#include <openssl/des.h>
+#include <openssl/ui.h>
+#include <openssl/crypto.h>
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify)
+        {
+        int ok;
+        char buf[BUFSIZ],buff[BUFSIZ];
+
+        if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+                DES_string_to_key(buf,key);
+        OPENSSL_cleanse(buf,BUFSIZ);
+        OPENSSL_cleanse(buff,BUFSIZ);
+        return(ok);
+        }
+
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
+             int verify)
+        {
+        int ok;
+        char buf[BUFSIZ],buff[BUFSIZ];
+
+        if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+                DES_string_to_2keys(buf,key1,key2);
+        OPENSSL_cleanse(buf,BUFSIZ);
+        OPENSSL_cleanse(buff,BUFSIZ);
+        return(ok);
+        }
diff --git a/src/lib/libcrypto/des/read_pwd.c b/src/lib/libcrypto/des/read_pwd.c
new file mode 100644
index 0000000000..ce5fa00a37
--- /dev/null
+++ b/src/lib/libcrypto/des/read_pwd.c
@@ -0,0 +1,521 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WIN32)
+#ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+#else
+# include <unistd.h>
+#endif
+/* If unistd.h defines _POSIX_VERSION, we conclude that we
+ * are on a POSIX system and have sigaction and termios. */
+#if defined(_POSIX_VERSION)
+
+# define SIGACTION
+# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+# define TERMIOS
+# endif
+
+#endif
+#endif
+
+/* #define SIGACTION */ /* Define this if you have sigaction() */
+
+#ifdef WIN16TTY
+#undef OPENSSL_SYS_WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan    Support for VMS */
+#include "des_locl.h"
+#include "cryptlib.h"
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+#ifdef OPENSSL_SYS_VMS                  /* prototypes for sys$whatever */
+#include <starlet.h>
+#ifdef __DECC
+#pragma message disable DOLLARID
+#endif
+#endif
+
+#ifdef WIN_CONSOLE_BUG
+#include <windows.h>
+#ifndef OPENSSL_SYS_WINCE
+#include <wincon.h>
+#endif
+#endif
+
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef  TERMIO
+#undef  SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#ifdef _LIBC
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE)
+#undef  TERMIOS
+#undef  TERMIO
+#define SGTTY
+#endif
+
+#if defined(OPENSSL_SYS_VXWORKS)
+#undef TERMIOS
+#undef TERMIO
+#undef SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT              struct termios
+#define TTY_FLAGS               c_lflag
+#define TTY_get(tty,data)       tcgetattr(tty,data)
+#define TTY_set(tty,data)       tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT              struct termio
+#define TTY_FLAGS               c_lflag
+#define TTY_get(tty,data)       ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data)       ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT              struct sgttyb
+#define TTY_FLAGS               sg_flags
+#define TTY_get(tty,data)       ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data)       ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(MAC_OS_pre_X)
+#include <sys/ioctl.h>
+#endif
+
+#if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) && !defined(OPENSSL_SYS_WINCE)
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+        short iosb$w_value;
+        short iosb$w_count;
+        long  iosb$l_info;
+        };
+#endif
+
+#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE)
+/*
+ * This one needs work. As a matter of fact the code is unoperational
+ * and this is only a trick to get it compiled.
+ *                                      <appro@fy.chalmers.se>
+ */
+#define TTY_STRUCT int
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#ifdef SIGACTION
+ static struct sigaction savsig[NX509_SIG];
+#else
+  static void (*savsig[NX509_SIG])(int );
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(char *buf, int length, const char *prompt,
+             int verify)
+        {
+        char buff[BUFSIZ];
+        int ret;
+
+        ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+        OPENSSL_cleanse(buff,BUFSIZ);
+        return(ret);
+        }
+
+#ifdef OPENSSL_SYS_WINCE
+
+int des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
+        { 
+        memset(buf,0,size);
+        memset(buff,0,size);
+        return(0);
+        }
+
+#elif defined(OPENSSL_SYS_WIN16)
+
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
+        { 
+        memset(buf,0,size);
+        memset(buff,0,size);
+        return(0);
+        }
+
+#else /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */
+
+static void read_till_nl(FILE *in)
+        {
+#define SIZE 4
+        char buf[SIZE+1];
+
+        do      {
+                fgets(buf,SIZE,in);
+                } while (strchr(buf,'\n') == NULL);
+        }
+
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(char *buf, char *buff, int size, const char *prompt,
+             int verify)
+        {
+#ifdef OPENSSL_SYS_VMS
+        struct IOSB iosb;
+        $DESCRIPTOR(terminal,"TT");
+        long tty_orig[3], tty_new[3];
+        long status;
+        unsigned short channel = 0;
+#else
+#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+        TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+        int number;
+        int ok;
+        /* statics are simply to avoid warnings about longjmp clobbering
+           things */
+        static int ps;
+        int is_a_tty;
+        static FILE *tty;
+        char *p;
+
+        if (setjmp(save))
+                {
+                ok=0;
+                goto error;
+                }
+
+        number=5;
+        ok=0;
+        ps=0;
+        is_a_tty=1;
+        tty=NULL;
+
+#ifdef OPENSSL_SYS_MSDOS
+        if ((tty=fopen("con","r")) == NULL)
+                tty=stdin;
+#elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS)
+        tty=stdin;
+#else
+#ifndef OPENSSL_SYS_MPE
+        if ((tty=fopen("/dev/tty","r")) == NULL)
+#endif
+                tty=stdin;
+#endif
+
+#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
+        if (TTY_get(fileno(tty),&tty_orig) == -1)
+                {
+#ifdef ENOTTY
+                if (errno == ENOTTY)
+                        is_a_tty=0;
+                else
+#endif
+#ifdef EINVAL
+                /* Ariel Glenn ariel@columbia.edu reports that solaris
+                 * can return EINVAL instead.  This should be ok */
+                if (errno == EINVAL)
+                        is_a_tty=0;
+                else
+#endif
+                        return(-1);
+                }
+        memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+#endif
+#ifdef OPENSSL_SYS_VMS
+        status = sys$assign(&terminal,&channel,0,0);
+        if (status != SS$_NORMAL)
+                return(-1);
+        status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+        if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+                return(-1);
+#endif
+
+        pushsig();
+        ps=1;
+
+#ifdef TTY_FLAGS
+        tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+        if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+#ifdef OPENSSL_SYS_MPE 
+                ; /* MPE lies -- echo really has been disabled */
+#else
+                return(-1);
+#endif
+#endif
+#ifdef OPENSSL_SYS_VMS
+        tty_new[0] = tty_orig[0];
+        tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+        tty_new[2] = tty_orig[2];
+        status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+        if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+                return(-1);
+#endif
+        ps=2;
+
+        while ((!ok) && (number--))
+                {
+                fputs(prompt,stderr);
+                fflush(stderr);
+
+                buf[0]='\0';
+                fgets(buf,size,tty);
+                if (feof(tty)) goto error;
+                if (ferror(tty)) goto error;
+                if ((p=(char *)strchr(buf,'\n')) != NULL)
+                        *p='\0';
+                else    read_till_nl(tty);
+                if (verify)
+                        {
+                        fprintf(stderr,"\nVerifying password - %s",prompt);
+                        fflush(stderr);
+                        buff[0]='\0';
+                        fgets(buff,size,tty);
+                        if (feof(tty)) goto error;
+                        if ((p=(char *)strchr(buff,'\n')) != NULL)
+                                *p='\0';
+                        else    read_till_nl(tty);
+                                
+                        if (strcmp(buf,buff) != 0)
+                                {
+                                fprintf(stderr,"\nVerify failure");
+                                fflush(stderr);
+                                break;
+                                /* continue; */
+                                }
+                        }
+                ok=1;
+                }
+
+error:
+        fprintf(stderr,"\n");
+#if 0
+        perror("fgets(tty)");
+#endif
+        /* What can we do if there is an error? */
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+        if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
+#endif
+#ifdef OPENSSL_SYS_VMS
+        if (ps >= 2)
+                status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0
+                        ,tty_orig,12,0,0,0,0);
+#endif
+        
+        if (ps >= 1) popsig();
+        if (stdin != tty) fclose(tty);
+#ifdef OPENSSL_SYS_VMS
+        status = sys$dassgn(channel);
+#endif
+        return(!ok);
+        }
+
+static void pushsig(void)
+        {
+        int i;
+#ifdef SIGACTION
+        struct sigaction sa;
+
+        memset(&sa,0,sizeof sa);
+        sa.sa_handler=recsig;
+#endif
+
+        for (i=1; i<NX509_SIG; i++)
+                {
+#ifdef SIGUSR1
+                if (i == SIGUSR1)
+                        continue;
+#endif
+#ifdef SIGUSR2
+                if (i == SIGUSR2)
+                        continue;
+#endif
+#ifdef SIGACTION
+                sigaction(i,&sa,&savsig[i]);
+#else
+                savsig[i]=signal(i,recsig);
+#endif
+                }
+
+#ifdef SIGWINCH
+        signal(SIGWINCH,SIG_DFL);
+#endif
+        }
+
+static void popsig(void)
+        {
+        int i;
+
+        for (i=1; i<NX509_SIG; i++)
+                {
+#ifdef SIGUSR1
+                if (i == SIGUSR1)
+                        continue;
+#endif
+#ifdef SIGUSR2
+                if (i == SIGUSR2)
+                        continue;
+#endif
+#ifdef SIGACTION
+                sigaction(i,&savsig[i],NULL);
+#else
+                signal(i,savsig[i]);
+#endif
+                }
+        }
+
+static void recsig(int i)
+        {
+        longjmp(save,1);
+#ifdef LINT
+        i=i;
+#endif
+        }
+
+#ifdef OPENSSL_SYS_MSDOS
+static int noecho_fgets(char *buf, int size, FILE *tty)
+        {
+        int i;
+        char *p;
+
+        p=buf;
+        for (;;)
+                {
+                if (size == 0)
+                        {
+                        *p='\0';
+                        break;
+                        }
+                size--;
+#ifdef WIN16TTY
+                i=_inchar();
+#else
+                i=getch();
+#endif
+                if (i == '\r') i='\n';
+                *(p++)=i;
+                if (i == '\n')
+                        {
+                        *p='\0';
+                        break;
+                        }
+                }
+#ifdef WIN_CONSOLE_BUG
+/* Win95 has several evil console bugs: one of these is that the
+ * last character read using getch() is passed to the next read: this is
+ * usually a CR so this can be trouble. No STDIO fix seems to work but
+ * flushing the console appears to do the trick.
+ */
+                {
+                        HANDLE inh;
+                        inh = GetStdHandle(STD_INPUT_HANDLE);
+                        FlushConsoleInputBuffer(inh);
+                }
+#endif
+        return(strlen(buf));
+        }
+#endif
+#endif /* !OPENSSL_SYS_WINCE && !WIN16 */
diff --git a/src/lib/libcrypto/des/rpc_des.h b/src/lib/libcrypto/des/rpc_des.h
new file mode 100644
index 0000000000..4cbb4d2dcd
--- /dev/null
+++ b/src/lib/libcrypto/des/rpc_des.h
@@ -0,0 +1,131 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*  @(#)des.h   2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI  */
+/*
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part.  Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ * 
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ * 
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ * 
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ * 
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ * 
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California  94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN      65536   /* maximum # of bytes to encrypt  */
+#define DES_QUICKLEN    16      /* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+#undef ENCRYPT
+#undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+        unsigned char des_key[8];       /* key (with low bit parity) */
+        enum desdir des_dir;    /* direction */
+        enum desmode des_mode;  /* mode */
+        unsigned char des_ivec[8];      /* input vector */
+        unsigned des_len;       /* number of bytes to crypt */
+        union {
+                unsigned char UDES_data[DES_QUICKLEN];
+                unsigned char *UDES_buf;
+        } UDES;
+#       define des_data UDES.UDES_data  /* direct data here if quick */
+#       define des_buf  UDES.UDES_buf   /* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define DESIOCBLOCK     _IOWR(d, 6, struct desparams)
+
+/* 
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK     _IOWR(d, 7, struct desparams) 
+
diff --git a/src/lib/libcrypto/des/rpc_enc.c b/src/lib/libcrypto/des/rpc_enc.c
new file mode 100644
index 0000000000..d937d08da5
--- /dev/null
+++ b/src/lib/libcrypto/des/rpc_enc.c
@@ -0,0 +1,98 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+int _des_crypt(char *buf,int len,struct desparams *desp);
+int _des_crypt(char *buf, int len, struct desparams *desp)
+        {
+        DES_key_schedule ks;
+        int enc;
+
+        DES_set_key_unchecked(&desp->des_key,&ks);
+        enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
+
+        if (desp->des_mode == CBC)
+                DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
+                                (DES_cblock *)desp->UDES.UDES_buf,&ks,
+                                enc);
+        else
+                {
+                DES_ncbc_encrypt(desp->UDES.UDES_buf,desp->UDES.UDES_buf,
+                                len,&ks,&desp->des_ivec,enc);
+#ifdef undef
+                /* len will always be %8 if called from common_crypt
+                 * in secure_rpc.
+                 * Libdes's cbc encrypt does not copy back the iv,
+                 * so we have to do it here. */
+                /* It does now :-) eay 20/09/95 */
+
+                a=(char *)&(desp->UDES.UDES_buf[len-8]);
+                b=(char *)&(desp->des_ivec[0]);
+
+                *(a++)= *(b++); *(a++)= *(b++);
+                *(a++)= *(b++); *(a++)= *(b++);
+                *(a++)= *(b++); *(a++)= *(b++);
+                *(a++)= *(b++); *(a++)= *(b++);
+#endif
+                }
+        return(1);      
+        }
+
diff --git a/src/lib/libcrypto/des/rpw.c b/src/lib/libcrypto/des/rpw.c
new file mode 100644
index 0000000000..8a9473c4f9
--- /dev/null
+++ b/src/lib/libcrypto/des/rpw.c
@@ -0,0 +1,99 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/des.h>
+
+int main(int argc, char *argv[])
+        {
+        DES_cblock k,k1;
+        int i;
+
+        printf("read passwd\n");
+        if ((i=des_read_password(&k,"Enter password:",0)) == 0)
+                {
+                printf("password = ");
+                for (i=0; i<8; i++)
+                        printf("%02x ",k[i]);
+                }
+        else
+                printf("error %d\n",i);
+        printf("\n");
+        printf("read 2passwds and verify\n");
+        if ((i=des_read_2passwords(&k,&k1,
+                "Enter verified password:",1)) == 0)
+                {
+                printf("password1 = ");
+                for (i=0; i<8; i++)
+                        printf("%02x ",k[i]);
+                printf("\n");
+                printf("password2 = ");
+                for (i=0; i<8; i++)
+                        printf("%02x ",k1[i]);
+                printf("\n");
+                exit(1);
+                }
+        else
+                {
+                printf("error %d\n",i);
+                exit(0);
+                }
+#ifdef LINT
+        return(0);
+#endif
+        }
diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c
new file mode 100644
index 0000000000..a43ef3c881
--- /dev/null
+++ b/src/lib/libcrypto/des/set_key.c
@@ -0,0 +1,407 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include "des_locl.h"
+
+OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key);    /* defaults to false */
+
+static const unsigned char odd_parity[256]={
+  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
+
+void DES_set_odd_parity(DES_cblock *key)
+        {
+        unsigned int i;
+
+        for (i=0; i<DES_KEY_SZ; i++)
+                (*key)[i]=odd_parity[(*key)[i]];
+        }
+
+int DES_check_key_parity(const_DES_cblock *key)
+        {
+        unsigned int i;
+
+        for (i=0; i<DES_KEY_SZ; i++)
+                {
+                if ((*key)[i] != odd_parity[(*key)[i]])
+                        return(0);
+                }
+        return(1);
+        }
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY    16
+static const DES_cblock weak_keys[NUM_WEAK_KEY]={
+        /* weak keys */
+        {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+        {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+        {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+        {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
+        /* semi-weak keys */
+        {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+        {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+        {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+        {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+        {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+        {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+        {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+        {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+        {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+        {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+        {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+        {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int DES_is_weak_key(const_DES_cblock *key)
+        {
+        int i;
+
+        for (i=0; i<NUM_WEAK_KEY; i++)
+                /* Added == 0 to comparison, I obviously don't run
+                 * this section very often :-(, thanks to
+                 * engineering@MorningStar.Com for the fix
+                 * eay 93/06/29
+                 * Another problem, I was comparing only the first 4
+                 * bytes, 97/03/18 */
+                if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
+        return(0);
+        }
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros. 
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ *      (b)^=(t),\
+ *      (a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+        (a)=(a)^(t)^(t>>(16-(n))))
+
+static const DES_LONG des_skb[8][64]={
+        {
+        /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+        0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+        0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+        0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+        0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+        0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+        0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+        0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+        0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+        0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+        0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+        0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+        0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+        0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+        0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+        0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+        0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+        },{
+        /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+        0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+        0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+        0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+        0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+        0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+        0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+        0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+        0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+        0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+        0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+        0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+        0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+        0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+        0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+        0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+        0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+        },{
+        /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+        0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+        0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+        0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+        0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+        0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+        0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+        0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+        0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+        0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+        0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+        0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+        0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+        0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+        0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+        0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+        0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+        },{
+        /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+        0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+        0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+        0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+        0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+        0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+        0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+        0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+        0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+        0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+        0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+        0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+        0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+        0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+        0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+        0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+        0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+        0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+        0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+        0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+        0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+        0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+        0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+        0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+        0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+        0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+        0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+        0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+        0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+        0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+        0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+        0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+        0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+        0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+        0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+        0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+        0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+        0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+        0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+        0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+        0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+        0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+        0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+        0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+        0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+        0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+        0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+        0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+        0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+        0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+        0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+        0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+        0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+        0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+        0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+        0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+        0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+        0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+        0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+        0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+        0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+        0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+        0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+        0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+        0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+        },{
+        /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+        0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+        0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+        0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+        0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+        0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+        0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+        0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+        0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+        0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+        0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+        0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+        0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+        0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+        0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+        0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+        0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+        }};
+
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        if (DES_check_key)
+                {
+                return DES_set_key_checked(key, schedule);
+                }
+        else
+                {
+                DES_set_key_unchecked(key, schedule);
+                return 0;
+                }
+        }
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        if (!DES_check_key_parity(key))
+                return(-1);
+        if (DES_is_weak_key(key))
+                return(-2);
+        DES_set_key_unchecked(key, schedule);
+        return 0;
+        }
+
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+        register DES_LONG c,d,t,s,t2;
+        register const unsigned char *in;
+        register DES_LONG *k;
+        register int i;
+
+#ifdef OPENBSD_DEV_CRYPTO
+        memcpy(schedule->key,key,sizeof schedule->key);
+        schedule->session=NULL;
+#endif
+        k = &schedule->ks->deslong[0];
+        in = &(*key)[0];
+
+        c2l(in,c);
+        c2l(in,d);
+
+        /* do PC1 in 47 simple operations :-)
+         * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+         * for the inspiration. :-) */
+        PERM_OP (d,c,t,4,0x0f0f0f0fL);
+        HPERM_OP(c,t,-2,0xcccc0000L);
+        HPERM_OP(d,t,-2,0xcccc0000L);
+        PERM_OP (d,c,t,1,0x55555555L);
+        PERM_OP (c,d,t,8,0x00ff00ffL);
+        PERM_OP (d,c,t,1,0x55555555L);
+        d=      (((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
+                 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+        c&=0x0fffffffL;
+
+        for (i=0; i<ITERATIONS; i++)
+                {
+                if (shifts2[i])
+                        { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+                else
+                        { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+                c&=0x0fffffffL;
+                d&=0x0fffffffL;
+                /* could be a few less shifts but I am to lazy at this
+                 * point in time to investigate */
+                s=      des_skb[0][ (c    )&0x3f                ]|
+                        des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
+                        des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
+                        des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
+                                                  ((c>>22L)&0x38)];
+                t=      des_skb[4][ (d    )&0x3f                ]|
+                        des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+                        des_skb[6][ (d>>15L)&0x3f                ]|
+                        des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+                /* table contained 0213 4657 */
+                t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+                *(k++)=ROTATE(t2,30)&0xffffffffL;
+
+                t2=((s>>16L)|(t&0xffff0000L));
+                *(k++)=ROTATE(t2,26)&0xffffffffL;
+                }
+        }
+
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
+        {
+        return(DES_set_key(key,schedule));
+        }
+/*
+#undef des_fixup_key_parity
+void des_fixup_key_parity(des_cblock *key)
+        {
+        des_set_odd_parity(key);
+        }
+*/
diff --git a/src/lib/libcrypto/des/speed.c b/src/lib/libcrypto/des/speed.c
new file mode 100644
index 0000000000..1616f4b7c9
--- /dev/null
+++ b/src/lib/libcrypto/des/speed.c
@@ -0,0 +1,314 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+#define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+
+#ifndef OPENSSL_SYS_NETWARE
+#include <signal.h>
+#define crypt(c,s) (des_crypt((c),(s)))
+#endif
+
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+
+/* Depending on the VMS version, the tms structure is perhaps defined.
+   The __TMS macro will show if it was.  If it wasn't defined, we should
+   undefine TIMES, since that tells the rest of the program how things
+   should be handled.                           -- Richard Levitte */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+#undef TIMES
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#if defined(sun) || defined(__ultrix)
+#define _POSIX_SOURCE
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include <openssl/des.h>
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+#   define HZ   100.0
+#  else /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+        {
+        signal(SIGALRM,sig_done);
+        run=0;
+#ifdef LINT
+        sig=sig;
+#endif
+        }
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+        {
+        double ret;
+#ifdef TIMES
+        static struct tms tstart,tend;
+
+        if (s == START)
+                {
+                times(&tstart);
+                return(0);
+                }
+        else
+                {
+                times(&tend);
+                ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#else /* !times() */
+        static struct timeb tstart,tend;
+        long i;
+
+        if (s == START)
+                {
+                ftime(&tstart);
+                return(0);
+                }
+        else
+                {
+                ftime(&tend);
+                i=(long)tend.millitm-(long)tstart.millitm;
+                ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+                return((ret == 0.0)?1e-6:ret);
+                }
+#endif
+        }
+
+int main(int argc, char **argv)
+        {
+        long count;
+        static unsigned char buf[BUFSIZE];
+        static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+        static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+        static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+        DES_key_schedule sch,sch2,sch3;
+        double a,b,c,d,e;
+#ifndef SIGALRM
+        long ca,cb,cc,cd,ce;
+#endif
+
+#ifndef TIMES
+        printf("To get the most accurate results, try to run this\n");
+        printf("program when this computer is idle.\n");
+#endif
+
+        DES_set_key_unchecked(&key2,&sch2);
+        DES_set_key_unchecked(&key3,&sch3);
+
+#ifndef SIGALRM
+        printf("First we calculate the approximate speed ...\n");
+        DES_set_key_unchecked(&key,&sch);
+        count=10;
+        do      {
+                long i;
+                DES_LONG data[2];
+
+                count*=2;
+                Time_F(START);
+                for (i=count; i; i--)
+                        DES_encrypt1(data,&sch,DES_ENCRYPT);
+                d=Time_F(STOP);
+                } while (d < 3.0);
+        ca=count;
+        cb=count*3;
+        cc=count*3*8/BUFSIZE+1;
+        cd=count*8/BUFSIZE+1;
+        ce=count/20+1;
+        printf("Doing set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+        signal(SIGALRM,sig_done);
+        printf("Doing set_key for 10 seconds\n");
+        alarm(10);
+#endif
+
+        Time_F(START);
+        for (count=0,run=1; COND(ca); count++)
+                DES_set_key_unchecked(&key,&sch);
+        d=Time_F(STOP);
+        printf("%ld set_key's in %.2f seconds\n",count,d);
+        a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+        printf("Doing DES_encrypt's for 10 seconds\n");
+        alarm(10);
+#else
+        printf("Doing DES_encrypt %ld times\n",cb);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(cb); count++)
+                {
+                DES_LONG data[2];
+
+                DES_encrypt1(data,&sch,DES_ENCRYPT);
+                }
+        d=Time_F(STOP);
+        printf("%ld DES_encrypt's in %.2f second\n",count,d);
+        b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+        printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+                BUFSIZE);
+        alarm(10);
+#else
+        printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+                BUFSIZE);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(cc); count++)
+                DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch,
+                        &key,DES_ENCRYPT);
+        d=Time_F(STOP);
+        printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+                count,BUFSIZE,d);
+        c=((double)COUNT(cc)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+        printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+                BUFSIZE);
+        alarm(10);
+#else
+        printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
+                BUFSIZE);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(cd); count++)
+                DES_ede3_cbc_encrypt(buf,buf,BUFSIZE,
+                        &sch,
+                        &sch2,
+                        &sch3,
+                        &key,
+                        DES_ENCRYPT);
+        d=Time_F(STOP);
+        printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+                count,BUFSIZE,d);
+        d=((double)COUNT(cd)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+        printf("Doing crypt for 10 seconds\n");
+        alarm(10);
+#else
+        printf("Doing crypt %ld times\n",ce);
+#endif
+        Time_F(START);
+        for (count=0,run=1; COND(ce); count++)
+                crypt("testing1","ef");
+        e=Time_F(STOP);
+        printf("%ld crypts in %.2f second\n",count,e);
+        e=((double)COUNT(ce))/e;
+
+        printf("set_key            per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+        printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+        printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+        printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
+        printf("crypt              per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
+        exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+        return(0);
+#endif
+        }
diff --git a/src/lib/libcrypto/des/spr.h b/src/lib/libcrypto/des/spr.h
new file mode 100644
index 0000000000..b91936a5a5
--- /dev/null
+++ b/src/lib/libcrypto/des/spr.h
@@ -0,0 +1,204 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+OPENSSL_GLOBAL const DES_LONG DES_SPtrans[8][64]={
+{
+/* nibble 0 */
+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+},{
+/* nibble 1 */
+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+},{
+/* nibble 2 */
+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+},{
+/* nibble 3 */
+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+},{
+/* nibble 4 */
+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+},{
+/* nibble 5 */
+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+},{
+/* nibble 6 */
+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+},{
+/* nibble 7 */
+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+}};
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c
new file mode 100644
index 0000000000..9c2054bda6
--- /dev/null
+++ b/src/lib/libcrypto/des/str2key.c
@@ -0,0 +1,174 @@
+/* crypto/des/str2key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include <openssl/crypto.h>
+
+void DES_string_to_key(const char *str, DES_cblock *key)
+        {
+        DES_key_schedule ks;
+        int i,length;
+        register unsigned char j;
+
+        memset(key,0,8);
+        length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+        for (i=0; i<length; i++)
+                (*key)[i%8]^=(str[i]<<1);
+#else /* MIT COMPATIBLE */
+        for (i=0; i<length; i++)
+                {
+                j=str[i];
+                if ((i%16) < 8)
+                        (*key)[i%8]^=(j<<1);
+                else
+                        {
+                        /* Reverse the bit order 05/05/92 eay */
+                        j=((j<<4)&0xf0)|((j>>4)&0x0f);
+                        j=((j<<2)&0xcc)|((j>>2)&0x33);
+                        j=((j<<1)&0xaa)|((j>>1)&0x55);
+                        (*key)[7-(i%8)]^=j;
+                        }
+                }
+#endif
+        DES_set_odd_parity(key);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+        if(DES_is_weak_key(key))
+            (*key)[7] ^= 0xF0;
+        DES_set_key(key,&ks);
+#else
+        DES_set_key_unchecked(key,&ks);
+#endif
+        DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
+        OPENSSL_cleanse(&ks,sizeof(ks));
+        DES_set_odd_parity(key);
+        }
+
+void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
+        {
+        DES_key_schedule ks;
+        int i,length;
+        register unsigned char j;
+
+        memset(key1,0,8);
+        memset(key2,0,8);
+        length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+        if (length <= 8)
+                {
+                for (i=0; i<length; i++)
+                        {
+                        (*key2)[i]=(*key1)[i]=(str[i]<<1);
+                        }
+                }
+        else
+                {
+                for (i=0; i<length; i++)
+                        {
+                        if ((i/8)&1)
+                                (*key2)[i%8]^=(str[i]<<1);
+                        else
+                                (*key1)[i%8]^=(str[i]<<1);
+                        }
+                }
+#else /* MIT COMPATIBLE */
+        for (i=0; i<length; i++)
+                {
+                j=str[i];
+                if ((i%32) < 16)
+                        {
+                        if ((i%16) < 8)
+                                (*key1)[i%8]^=(j<<1);
+                        else
+                                (*key2)[i%8]^=(j<<1);
+                        }
+                else
+                        {
+                        j=((j<<4)&0xf0)|((j>>4)&0x0f);
+                        j=((j<<2)&0xcc)|((j>>2)&0x33);
+                        j=((j<<1)&0xaa)|((j>>1)&0x55);
+                        if ((i%16) < 8)
+                                (*key1)[7-(i%8)]^=j;
+                        else
+                                (*key2)[7-(i%8)]^=j;
+                        }
+                }
+        if (length <= 8) memcpy(key2,key1,8);
+#endif
+        DES_set_odd_parity(key1);
+        DES_set_odd_parity(key2);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+        if(DES_is_weak_key(key1))
+            (*key1)[7] ^= 0xF0;
+        DES_set_key(key1,&ks);
+#else
+        DES_set_key_unchecked(key1,&ks);
+#endif
+        DES_cbc_cksum((const unsigned char*)str,key1,length,&ks,key1);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+        if(DES_is_weak_key(key2))
+            (*key2)[7] ^= 0xF0;
+        DES_set_key(key2,&ks);
+#else
+        DES_set_key_unchecked(key2,&ks);
+#endif
+        DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2);
+        OPENSSL_cleanse(&ks,sizeof(ks));
+        DES_set_odd_parity(key1);
+        DES_set_odd_parity(key2);
+        }
diff --git a/src/lib/libcrypto/des/t/test b/src/lib/libcrypto/des/t/test
new file mode 100644
index 0000000000..97acd0552e
--- /dev/null
+++ b/src/lib/libcrypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/src/lib/libcrypto/des/times/486-50.sol b/src/lib/libcrypto/des/times/486-50.sol
new file mode 100644
index 0000000000..0de62d6db3
--- /dev/null
+++ b/src/lib/libcrypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options    des ecb/s
+16 r2 i     43552.51 100.0%
+16 r1 i     43487.45  99.9%
+16  c p     43003.23  98.7%
+16 r2 p     42339.00  97.2%
+16  c i     41900.91  96.2%
+16 r1 p     41360.64  95.0%
+ 4  c i     38728.48  88.9%
+ 4  c p     38225.63  87.8%
+ 4 r1 i     38085.79  87.4%
+ 4 r2 i     37825.64  86.9%
+ 4 r2 p     34611.00  79.5%
+ 4 r1 p     31802.00  73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/src/lib/libcrypto/des/times/586-100.lnx b/src/lib/libcrypto/des/times/586-100.lnx
new file mode 100644
index 0000000000..4323914a11
--- /dev/null
+++ b/src/lib/libcrypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options    des ecb/s
+assember   281000.00 177.1%
+16 r1 p    158667.40 100.0%
+16 r1 i    148471.70  93.6%
+16 r2 p    143961.80  90.7%
+16 r2 i    141689.20  89.3%
+ 4 r1 i    140100.00  88.3%
+ 4 r2 i    134049.40  84.5%
+16  c i    124145.20  78.2%
+16  c p    121584.20  76.6%
+ 4  c i    118116.00  74.4%
+ 4 r2 p    117977.90  74.4%
+ 4  c p    114971.40  72.5%
+ 4 r1 p    114578.40  72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/src/lib/libcrypto/des/times/686-200.fre b/src/lib/libcrypto/des/times/686-200.fre
new file mode 100644
index 0000000000..7d83f6adee
--- /dev/null
+++ b/src/lib/libcrypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options    des ecb/s
+assember   578000.00 133.1%
+16 r2 i    434454.80 100.0%
+16 r1 i    433621.43  99.8%
+16 r2 p    431375.69  99.3%
+ 4 r1 i    423722.30  97.5%
+ 4 r2 i    422399.40  97.2%
+16 r1 p    421739.40  97.1%
+16  c i    399027.94  91.8%
+16  c p    372251.70  85.7%
+ 4  c i    365118.35  84.0%
+ 4  c p    352880.51  81.2%
+ 4 r2 p    255104.90  58.7%
+ 4 r1 p    251289.18  57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/src/lib/libcrypto/des/times/aix.cc b/src/lib/libcrypto/des/times/aix.cc
new file mode 100644
index 0000000000..d96b74e2ce
--- /dev/null
+++ b/src/lib/libcrypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella  Minitower Model MT604-100
+Processor        : PPC604 
+P.Speed          : 100Mhz 
+Data/Instr Cache :    16 K
+L2 Cache         :   256 K
+PCI BUS Speed    :    33 Mhz
+TransfRate PCI   :   132 MB/s
+Memory           :    96 MB
+
+options    des ecb/s       
+ 4  c p    275118.61 100.0%
+ 4  c i    273545.07  99.4%
+ 4 r2 p    270441.02  98.3%
+ 4 r1 p    253052.15  92.0%
+ 4 r2 i    240842.97  87.5%
+ 4 r1 i    240556.66  87.4%
+16  c i    224603.99  81.6%
+16  c p    224483.98  81.6%
+16 r2 p    215691.19  78.4%
+16 r1 p    208332.83  75.7%
+16 r1 i    199206.50  72.4%
+16 r2 i    198963.70  72.3%
+-DDES_PTR
+
diff --git a/src/lib/libcrypto/des/times/alpha.cc b/src/lib/libcrypto/des/times/alpha.cc
new file mode 100644
index 0000000000..95c17efae7
--- /dev/null
+++ b/src/lib/libcrypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options    des ecb/s
+ 4 r2 p    181146.14 100.0%
+16 r2 p    172102.94  95.0%
+ 4 r2 i    165424.11  91.3%
+16  c p    160468.64  88.6%
+ 4  c p    156653.59  86.5%
+ 4  c i    155245.18  85.7%
+ 4 r1 p    154729.68  85.4%
+16 r2 i    154137.69  85.1%
+16 r1 p    152357.96  84.1%
+16  c i    148743.91  82.1%
+ 4 r1 i    146695.59  81.0%
+16 r1 i    144961.00  80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/src/lib/libcrypto/des/times/hpux.cc b/src/lib/libcrypto/des/times/hpux.cc
new file mode 100644
index 0000000000..3de856ddac
--- /dev/null
+++ b/src/lib/libcrypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options    des ecb/s
+16  c i    149448.90 100.0%
+ 4  c i    145861.79  97.6%
+16 r2 i    141710.96  94.8%
+16 r1 i    139455.33  93.3%
+ 4 r2 i    138800.00  92.9%
+ 4 r1 i    136692.65  91.5%
+16 r2 p    110228.17  73.8%
+16 r1 p    109397.07  73.2%
+16  c p    109209.89  73.1%
+ 4  c p    108014.71  72.3%
+ 4 r2 p    107873.88  72.2%
+ 4 r1 p    107685.83  72.1%
+-DDES_UNROLL
+
diff --git a/src/lib/libcrypto/des/times/sparc.gcc b/src/lib/libcrypto/des/times/sparc.gcc
new file mode 100644
index 0000000000..8eaa042104
--- /dev/null
+++ b/src/lib/libcrypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options    des ecb/s
+16  c i    124382.70 100.0%
+ 4  c i    118884.68  95.6%
+16  c p    112261.20  90.3%
+16 r2 i    111777.10  89.9%
+16 r2 p    108896.30  87.5%
+16 r1 p    108791.59  87.5%
+ 4  c p    107290.10  86.3%
+ 4 r1 p    104583.80  84.1%
+16 r1 i    104206.20  83.8%
+ 4 r2 p    103709.80  83.4%
+ 4 r2 i     98306.43  79.0%
+ 4 r1 i     91525.80  73.6%
+-DDES_UNROLL
+      
diff --git a/src/lib/libcrypto/des/times/usparc.cc b/src/lib/libcrypto/des/times/usparc.cc
new file mode 100644
index 0000000000..0864285ef6
--- /dev/null
+++ b/src/lib/libcrypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I believe the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'.  For 'speed', the DES
+routines are being linked from a library.  I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+  '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+  and while it makes the des_opts numbers much slower, it makes the
+  actual 'speed' numbers look better which is a realistic version of
+  using the libraries. ]
+
+options    des ecb/s
+16 r1 p    475516.90 100.0%
+16 r2 p    439388.10  92.4%
+16  c i    427001.40  89.8%
+16  c p    419516.50  88.2%
+ 4 r2 p    409491.70  86.1%
+ 4 r1 p    404266.90  85.0%
+ 4  c p    398121.00  83.7%
+ 4  c i    370588.40  77.9%
+ 4 r1 i    362742.20  76.3%
+16 r2 i    331275.50  69.7%
+16 r1 i    324730.60  68.3%
+ 4 r2 i     63535.10  13.4%     <-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/src/lib/libcrypto/des/typemap b/src/lib/libcrypto/des/typemap
new file mode 100644
index 0000000000..a524f53634
--- /dev/null
+++ b/src/lib/libcrypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar *       T_DESCHARP
+des_cblock *    T_CBLOCK
+des_cblock      T_CBLOCK
+des_key_schedule        T_SCHEDULE
+des_key_schedule *      T_SCHEDULE
+
+INPUT
+T_CBLOCK
+        $var=(des_cblock *)SvPV($arg,len);
+        if (len < DES_KEY_SZ)
+                {
+                croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+                }
+
+T_SCHEDULE
+        $var=(des_key_schedule *)SvPV($arg,len);
+        if (len < DES_SCHEDULE_SZ)
+                {
+                croak(\"$var needs to be at least %u bytes long\",
+                        DES_SCHEDULE_SZ);
+                }
+
+OUTPUT
+T_CBLOCK
+        sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+        sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+        sv_setpvn($arg,(char *)$var,len);
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c
new file mode 100644
index 0000000000..dc0c761b71
--- /dev/null
+++ b/src/lib/libcrypto/des/xcbc_enc.c
@@ -0,0 +1,197 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+
+#if 0 /* broken code, preserved just in case anyone specifically looks for this */
+static unsigned char desx_white_in2out[256]={
+0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
+0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
+0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
+0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
+0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
+0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
+0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
+0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
+0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
+0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
+0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
+0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
+0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
+0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
+0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
+0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
+        };
+
+void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
+             DES_cblock *out_white)
+        {
+        int out0,out1;
+        int i;
+        const unsigned char *key = &(*des_key)[0];
+        const unsigned char *in = &(*in_white)[0];
+        unsigned char *out = &(*out_white)[0];
+
+        out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
+        out0=out1=0;
+        for (i=0; i<8; i++)
+                {
+                out[i]=key[i]^desx_white_in2out[out0^out1];
+                out0=out1;
+                out1=(int)out[i&0x07];
+                }
+
+        out0=out[0];
+        out1=out[i]; /* BUG: out-of-bounds read */
+        for (i=0; i<8; i++)
+                {
+                out[i]=in[i]^desx_white_in2out[out0^out1];
+                out0=out1;
+                out1=(int)out[i&0x07];
+                }
+        }
+#endif
+
+void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, const_DES_cblock *inw,
+                      const_DES_cblock *outw, int enc)
+        {
+        register DES_LONG tin0,tin1;
+        register DES_LONG tout0,tout1,xor0,xor1;
+        register DES_LONG inW0,inW1,outW0,outW1;
+        register const unsigned char *in2;
+        register long l=length;
+        DES_LONG tin[2];
+        unsigned char *iv;
+
+        in2 = &(*inw)[0];
+        c2l(in2,inW0);
+        c2l(in2,inW1);
+        in2 = &(*outw)[0];
+        c2l(in2,outW0);
+        c2l(in2,outW1);
+
+        iv = &(*ivec)[0];
+
+        if (enc)
+                {
+                c2l(iv,tout0);
+                c2l(iv,tout1);
+                for (l-=8; l>=0; l-=8)
+                        {
+                        c2l(in,tin0);
+                        c2l(in,tin1);
+                        tin0^=tout0^inW0; tin[0]=tin0;
+                        tin1^=tout1^inW1; tin[1]=tin1;
+                        DES_encrypt1(tin,schedule,DES_ENCRYPT);
+                        tout0=tin[0]^outW0; l2c(tout0,out);
+                        tout1=tin[1]^outW1; l2c(tout1,out);
+                        }
+                if (l != -8)
+                        {
+                        c2ln(in,tin0,tin1,l+8);
+                        tin0^=tout0^inW0; tin[0]=tin0;
+                        tin1^=tout1^inW1; tin[1]=tin1;
+                        DES_encrypt1(tin,schedule,DES_ENCRYPT);
+                        tout0=tin[0]^outW0; l2c(tout0,out);
+                        tout1=tin[1]^outW1; l2c(tout1,out);
+                        }
+                iv = &(*ivec)[0];
+                l2c(tout0,iv);
+                l2c(tout1,iv);
+                }
+        else
+                {
+                c2l(iv,xor0);
+                c2l(iv,xor1);
+                for (l-=8; l>0; l-=8)
+                        {
+                        c2l(in,tin0); tin[0]=tin0^outW0;
+                        c2l(in,tin1); tin[1]=tin1^outW1;
+                        DES_encrypt1(tin,schedule,DES_DECRYPT);
+                        tout0=tin[0]^xor0^inW0;
+                        tout1=tin[1]^xor1^inW1;
+                        l2c(tout0,out);
+                        l2c(tout1,out);
+                        xor0=tin0;
+                        xor1=tin1;
+                        }
+                if (l != -8)
+                        {
+                        c2l(in,tin0); tin[0]=tin0^outW0;
+                        c2l(in,tin1); tin[1]=tin1^outW1;
+                        DES_encrypt1(tin,schedule,DES_DECRYPT);
+                        tout0=tin[0]^xor0^inW0;
+                        tout1=tin[1]^xor1^inW1;
+                        l2cn(tout0,tout1,out,l+8);
+                        xor0=tin0;
+                        xor1=tin1;
+                        }
+
+                iv = &(*ivec)[0];
+                l2c(xor0,iv);
+                l2c(xor1,iv);
+                }
+        tin0=tin1=tout0=tout1=xor0=xor1=0;
+        inW0=inW1=outW0=outW1=0;
+        tin[0]=tin[1]=0;
+        }
+