8 files changed, 0 insertions, 1362 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
deleted file mode 100644
index 10475ac4b3..0000000000
--- a/src/lib/libcrypto/dh/dh.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/* crypto/dh/dh.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_DH_H
-#define HEADER_DH_H
-#include <openssl/e_os2.h>
-#ifdef OPENSSL_NO_DH
-#error DH is disabled.
-#endif
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-        
-#ifndef OPENSSL_DH_MAX_MODULUS_BITS
-# define OPENSSL_DH_MAX_MODULUS_BITS    10000
-#endif
-#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
-#define DH_FLAG_CACHE_MONT_P     0x01
-#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
-                                       * implementation now uses constant time
-                                       * modular exponentiation for secret exponents
-                                       * by default. This flag causes the
-                                       * faster variable sliding window method to
-                                       * be used for all exponents.
-                                       */
-#ifdef  __cplusplus
-extern "C" {
-#endif
-/* Already defined in ossl_typ.h */
-/* typedef struct dh_st DH; */
-/* typedef struct dh_method DH_METHOD; */
-struct dh_method
-        {
-        const char *name;
-        /* Methods here */
-        int (*generate_key)(DH *dh);
-        int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-        int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
-                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                                BN_MONT_CTX *m_ctx); /* Can be null */
-        int (*init)(DH *dh);
-        int (*finish)(DH *dh);
-        int flags;
-        char *app_data;
-        /* If this is non-NULL, it will be used to generate parameters */
-        int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
-        };
-struct dh_st
-        {
-        /* This first argument is used to pick up errors when
-         * a DH is passed instead of a EVP_PKEY */
-        int pad;
-        int version;
-        BIGNUM *p;
-        BIGNUM *g;
-        long length; /* optional */
-        BIGNUM *pub_key;        /* g^x */
-        BIGNUM *priv_key;       /* x */
-        int flags;
-        BN_MONT_CTX *method_mont_p;
-        /* Place holders if we want to do X9.42 DH */
-        BIGNUM *q;
-        BIGNUM *j;
-        unsigned char *seed;
-        int seedlen;
-        BIGNUM *counter;
-        int references;
-        CRYPTO_EX_DATA ex_data;
-        const DH_METHOD *meth;
-        ENGINE *engine;
-        };
-#define DH_GENERATOR_2          2
-/* #define DH_GENERATOR_3       3 */
-#define DH_GENERATOR_5          5
-/* DH_check error codes */
-#define DH_CHECK_P_NOT_PRIME            0x01
-#define DH_CHECK_P_NOT_SAFE_PRIME       0x02
-#define DH_UNABLE_TO_CHECK_GENERATOR    0x04
-#define DH_NOT_SUITABLE_GENERATOR       0x08
-/* DH_check_pub_key error codes */
-#define DH_CHECK_PUBKEY_TOO_SMALL       0x01
-#define DH_CHECK_PUBKEY_TOO_LARGE       0x02
-/* primes p where (p-1)/2 is prime too are called "safe"; we define
-   this for backward compatibility: */
-#define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
-#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
-#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-                (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-                (unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
-const DH_METHOD *DH_OpenSSL(void);
-#ifdef OPENSSL_FIPS
-DH *    FIPS_dh_new(void);
-void    FIPS_dh_free(DH *dh);
-#endif
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
-DH *    DH_new(void);
-void    DH_free(DH *dh);
-int     DH_up_ref(DH *dh);
-int     DH_size(const DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DH *    DH_generate_parameters(int prime_len,int generator,
-                void (*callback)(int,int,void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-/* New version */
-int     DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
-int     DH_check(const DH *dh,int *codes);
-int     DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
-int     DH_generate_key(DH *dh);
-int     DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-DH *    d2i_DHparams(DH **a,const unsigned char **pp, long length);
-int     i2d_DHparams(const DH *a,unsigned char **pp);
-#ifndef OPENSSL_NO_FP_API
-int     DHparams_print_fp(FILE *fp, const DH *x);
-#endif
-#ifndef OPENSSL_NO_BIO
-int     DHparams_print(BIO *bp, const DH *x);
-#else
-int     DHparams_print(char *bp, const DH *x);
-#endif
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DH_strings(void);
-/* Error codes for the DH functions. */
-/* Function codes. */
-#define DH_F_COMPUTE_KEY                                 102
-#define DH_F_DHPARAMS_PRINT                              100
-#define DH_F_DHPARAMS_PRINT_FP                           101
-#define DH_F_DH_BUILTIN_GENPARAMS                        106
-#define DH_F_DH_COMPUTE_KEY                              107
-#define DH_F_DH_GENERATE_KEY                             108
-#define DH_F_DH_GENERATE_PARAMETERS                      109
-#define DH_F_DH_NEW_METHOD                               105
-#define DH_F_GENERATE_KEY                                103
-#define DH_F_GENERATE_PARAMETERS                         104
-/* Reason codes. */
-#define DH_R_BAD_GENERATOR                               101
-#define DH_R_INVALID_PUBKEY                              102
-#define DH_R_KEY_SIZE_TOO_SMALL                          104
-#define DH_R_MODULUS_TOO_LARGE                           103
-#define DH_R_NO_PRIVATE_VALUE                            100
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c
deleted file mode 100644
index 76740af2bd..0000000000
--- a/src/lib/libcrypto/dh/dh_asn1.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* dh_asn1.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/asn1t.h>
-/* Override the default free and new methods */
-static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-        if(operation == ASN1_OP_NEW_PRE) {
-                *pval = (ASN1_VALUE *)DH_new();
-                if(*pval) return 2;
-                return 0;
-        } else if(operation == ASN1_OP_FREE_PRE) {
-                DH_free((DH *)*pval);
-                *pval = NULL;
-                return 2;
-        }
-        return 1;
-}
-ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
-        ASN1_SIMPLE(DH, p, BIGNUM),
-        ASN1_SIMPLE(DH, g, BIGNUM),
-        ASN1_OPT(DH, length, ZLONG),
-} ASN1_SEQUENCE_END_cb(DH, DHparams)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
deleted file mode 100644
index 316cb9221d..0000000000
--- a/src/lib/libcrypto/dh/dh_check.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/* crypto/dh/dh_check.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-/* Check that p is a safe prime and
- * if g is 2, 3 or 5, check that it is a suitable generator
- * where
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5
- * for 5, p mod 10 == 3 or 7
- * should hold.
- */
-#ifndef OPENSSL_FIPS
-int DH_check(const DH *dh, int *ret)
-        {
-        int ok=0;
-        BN_CTX *ctx=NULL;
-        BN_ULONG l;
-        BIGNUM *q=NULL;
-        *ret=0;
-        ctx=BN_CTX_new();
-        if (ctx == NULL) goto err;
-        q=BN_new();
-        if (q == NULL) goto err;
-        if (BN_is_word(dh->g,DH_GENERATOR_2))
-                {
-                l=BN_mod_word(dh->p,24);
-                if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
-                }
-#if 0
-        else if (BN_is_word(dh->g,DH_GENERATOR_3))
-                {
-                l=BN_mod_word(dh->p,12);
-                if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
-                }
-#endif
-        else if (BN_is_word(dh->g,DH_GENERATOR_5))
-                {
-                l=BN_mod_word(dh->p,10);
-                if ((l != 3) && (l != 7))
-                        *ret|=DH_NOT_SUITABLE_GENERATOR;
-                }
-        else
-                *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
-        if (!BN_is_prime_ex(dh->p,BN_prime_checks,ctx,NULL))
-                *ret|=DH_CHECK_P_NOT_PRIME;
-        else
-                {
-                if (!BN_rshift1(q,dh->p)) goto err;
-                if (!BN_is_prime_ex(q,BN_prime_checks,ctx,NULL))
-                        *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
-                }
-        ok=1;
-err:
-        if (ctx != NULL) BN_CTX_free(ctx);
-        if (q != NULL) BN_free(q);
-        return(ok);
-        }
-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
-        {
-        int ok=0;
-        BIGNUM *q=NULL;
-        *ret=0;
-        q=BN_new();
-        if (q == NULL) goto err;
-        BN_set_word(q,1);
-        if (BN_cmp(pub_key,q) <= 0)
-                *ret|=DH_CHECK_PUBKEY_TOO_SMALL;
-        BN_copy(q,dh->p);
-        BN_sub_word(q,1);
-        if (BN_cmp(pub_key,q) >= 0)
-                *ret|=DH_CHECK_PUBKEY_TOO_LARGE;
-        ok = 1;
-err:
-        if (q != NULL) BN_free(q);
-        return(ok);
-        }
-#endif
diff --git a/src/lib/libcrypto/dh/dh_depr.c b/src/lib/libcrypto/dh/dh_depr.c
deleted file mode 100644
index acc05f252c..0000000000
--- a/src/lib/libcrypto/dh/dh_depr.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/dh/dh_depr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* This file contains deprecated functions as wrappers to the new ones */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-static void *dummy=&dummy;
-#ifndef OPENSSL_NO_DEPRECATED
-DH *DH_generate_parameters(int prime_len, int generator,
-             void (*callback)(int,int,void *), void *cb_arg)
-        {
-        BN_GENCB cb;
-        DH *ret=NULL;
-        if((ret=DH_new()) == NULL)
-                return NULL;
-        BN_GENCB_set_old(&cb, callback, cb_arg);
-        if(DH_generate_parameters_ex(ret, prime_len, generator, &cb))
-                return ret;
-        DH_free(ret);
-        return NULL;
-        }
-#endif
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
deleted file mode 100644
index 13263c81c1..0000000000
--- a/src/lib/libcrypto/dh/dh_err.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/dh/dh_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dh.h>
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
-static ERR_STRING_DATA DH_str_functs[]=
-        {
-{ERR_FUNC(DH_F_COMPUTE_KEY),    "COMPUTE_KEY"},
-{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
-{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),      "DHparams_print_fp"},
-{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS),   "DH_BUILTIN_GENPARAMS"},
-{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
-{ERR_FUNC(DH_F_DH_GENERATE_KEY),        "DH_generate_key"},
-{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
-{ERR_FUNC(DH_F_DH_NEW_METHOD),  "DH_new_method"},
-{ERR_FUNC(DH_F_GENERATE_KEY),   "GENERATE_KEY"},
-{ERR_FUNC(DH_F_GENERATE_PARAMETERS),    "GENERATE_PARAMETERS"},
-{0,NULL}
-        };
-static ERR_STRING_DATA DH_str_reasons[]=
-        {
-{ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
-{ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
-{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL)     ,"key size too small"},
-{ERR_REASON(DH_R_MODULUS_TOO_LARGE)      ,"modulus too large"},
-{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
-{0,NULL}
-        };
-#endif
-void ERR_load_DH_strings(void)
-        {
-#ifndef OPENSSL_NO_ERR
-        if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
-                {
-                ERR_load_strings(0,DH_str_functs);
-                ERR_load_strings(0,DH_str_reasons);
-                }
-#endif
-        }
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
deleted file mode 100644
index 999e1deb40..0000000000
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* crypto/dh/dh_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* NB: These functions have been upgraded - the previous prototypes are in
- * dh_depr.c as wrappers to these ones.
- *  - Geoff
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_FIPS
-static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
-int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
-        {
-        if(ret->meth->generate_params)
-                return ret->meth->generate_params(ret, prime_len, generator, cb);
-        return dh_builtin_genparams(ret, prime_len, generator, cb);
-        }
-/* We generate DH parameters as follows
- * find a prime q which is prime_len/2 bits long.
- * p=(2*q)+1 or (p-1)/2 = q
- * For this case, g is a generator if
- * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
- * Since the factors of p-1 are q and 2, we just need to check
- * g^2 mod p != 1 and g^q mod p != 1.
- *
- * Having said all that,
- * there is another special case method for the generators 2, 3 and 5.
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5  <<<<< does not work for safe primes.
- * for 5, p mod 10 == 3 or 7
- *
- * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
- * special generators and for answering some of my questions.
- *
- * I've implemented the second simple method :-).
- * Since DH should be using a safe prime (both p and q are prime),
- * this generator function can take a very very long time to run.
- */
-/* Actually there is no reason to insist that 'generator' be a generator.
- * It's just as OK (and in some sense better) to use a generator of the
- * order-q subgroup.
- */
-static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
-        {
-        BIGNUM *t1,*t2;
-        int g,ok= -1;
-        BN_CTX *ctx=NULL;
-        ctx=BN_CTX_new();
-        if (ctx == NULL) goto err;
-        BN_CTX_start(ctx);
-        t1 = BN_CTX_get(ctx);
-        t2 = BN_CTX_get(ctx);
-        if (t1 == NULL || t2 == NULL) goto err;
-        /* Make sure 'ret' has the necessary elements */
-        if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err;
-        if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err;
-        
-        if (generator <= 1)
-                {
-                DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR);
-                goto err;
-                }
-        if (generator == DH_GENERATOR_2)
-                {
-                if (!BN_set_word(t1,24)) goto err;
-                if (!BN_set_word(t2,11)) goto err;
-                g=2;
-                }
-#if 0 /* does not work for safe primes */
-        else if (generator == DH_GENERATOR_3)
-                {
-                if (!BN_set_word(t1,12)) goto err;
-                if (!BN_set_word(t2,5)) goto err;
-                g=3;
-                }
-#endif
-        else if (generator == DH_GENERATOR_5)
-                {
-                if (!BN_set_word(t1,10)) goto err;
-                if (!BN_set_word(t2,3)) goto err;
-                /* BN_set_word(t3,7); just have to miss
-                 * out on these ones :-( */
-                g=5;
-                }
-        else
-                {
-                /* in the general case, don't worry if 'generator' is a
-                 * generator or not: since we are using safe primes,
-                 * it will generate either an order-q or an order-2q group,
-                 * which both is OK */
-                if (!BN_set_word(t1,2)) goto err;
-                if (!BN_set_word(t2,1)) goto err;
-                g=generator;
-                }
-        
-        if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err;
-        if(!BN_GENCB_call(cb, 3, 0)) goto err;
-        if (!BN_set_word(ret->g,g)) goto err;
-        ok=1;
-err:
-        if (ok == -1)
-                {
-                DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB);
-                ok=0;
-                }
-        if (ctx != NULL)
-                {
-                BN_CTX_end(ctx);
-                BN_CTX_free(ctx);
-                }
-        return ok;
-        }
-#endif
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
deleted file mode 100644
index 79dd331863..0000000000
--- a/src/lib/libcrypto/dh/dh_key.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* crypto/dh/dh_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_FIPS
-static int generate_key(DH *dh);
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
-                        const BIGNUM *a, const BIGNUM *p,
-                        const BIGNUM *m, BN_CTX *ctx,
-                        BN_MONT_CTX *m_ctx);
-static int dh_init(DH *dh);
-static int dh_finish(DH *dh);
-int DH_generate_key(DH *dh)
-        {
-        return dh->meth->generate_key(dh);
-        }
-int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-        {
-        return dh->meth->compute_key(key, pub_key, dh);
-        }
-static DH_METHOD dh_ossl = {
-"OpenSSL DH Method",
-generate_key,
-compute_key,
-dh_bn_mod_exp,
-dh_init,
-dh_finish,
-0,
-NULL,
-NULL
-};
-const DH_METHOD *DH_OpenSSL(void)
-{
-        return &dh_ossl;
-}
-static int generate_key(DH *dh)
-        {
-        int ok=0;
-        int generate_new_key=0;
-        unsigned l;
-        BN_CTX *ctx;
-        BN_MONT_CTX *mont=NULL;
-        BIGNUM *pub_key=NULL,*priv_key=NULL;
-        ctx = BN_CTX_new();
-        if (ctx == NULL) goto err;
-        if (dh->priv_key == NULL)
-                {
-                priv_key=BN_new();
-                if (priv_key == NULL) goto err;
-                generate_new_key=1;
-                }
-        else
-                priv_key=dh->priv_key;
-        if (dh->pub_key == NULL)
-                {
-                pub_key=BN_new();
-                if (pub_key == NULL) goto err;
-                }
-        else
-                pub_key=dh->pub_key;
-        if (dh->flags & DH_FLAG_CACHE_MONT_P)
-                {
-                mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-                                CRYPTO_LOCK_DH, dh->p, ctx);
-                if (!mont)
-                        goto err;
-                }
-        if (generate_new_key)
-                {
-                l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
-                if (!BN_rand(priv_key, l, 0, 0)) goto err;
-                }
-        {
-                BIGNUM local_prk;
-                BIGNUM *prk;
-                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
-                        {
-                        BN_init(&local_prk);
-                        prk = &local_prk;
-                        BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
-                        }
-                else
-                        prk = priv_key;
-                if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
-        }
-                
-        dh->pub_key=pub_key;
-        dh->priv_key=priv_key;
-        ok=1;
-err:
-        if (ok != 1)
-                DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB);
-        if ((pub_key != NULL)  && (dh->pub_key == NULL))  BN_free(pub_key);
-        if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
-        BN_CTX_free(ctx);
-        return(ok);
-        }
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-        {
-        BN_CTX *ctx=NULL;
-        BN_MONT_CTX *mont=NULL;
-        BIGNUM *tmp;
-        int ret= -1;
-        int check_result;
-        if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
-                {
-                DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
-                goto err;
-                }
-        ctx = BN_CTX_new();
-        if (ctx == NULL) goto err;
-        BN_CTX_start(ctx);
-        tmp = BN_CTX_get(ctx);
-        
-        if (dh->priv_key == NULL)
-                {
-                DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
-                goto err;
-                }
-        if (dh->flags & DH_FLAG_CACHE_MONT_P)
-                {
-                mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-                                CRYPTO_LOCK_DH, dh->p, ctx);
-                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
-                        {
-                        /* XXX */
-                        BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
-                        }
-                if (!mont)
-                        goto err;
-                }
-        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
-                {
-                DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
-                goto err;
-                }
-        if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
-                {
-                DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
-                goto err;
-                }
-        ret=BN_bn2bin(tmp,key);
-err:
-        if (ctx != NULL)
-                {
-                BN_CTX_end(ctx);
-                BN_CTX_free(ctx);
-                }
-        return(ret);
-        }
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
-                        const BIGNUM *a, const BIGNUM *p,
-                        const BIGNUM *m, BN_CTX *ctx,
-                        BN_MONT_CTX *m_ctx)
-        {
-        /* If a is only one word long and constant time is false, use the faster
-         * exponenentiation function.
-         */
-        if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
-                {
-                BN_ULONG A = a->d[0];
-                return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
-                }
-        else
-                return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
-        }
-static int dh_init(DH *dh)
-        {
-        dh->flags |= DH_FLAG_CACHE_MONT_P;
-        return(1);
-        }
-static int dh_finish(DH *dh)
-        {
-        if(dh->method_mont_p)
-                BN_MONT_CTX_free(dh->method_mont_p);
-        return(1);
-        }
-#endif
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
deleted file mode 100644
index 7aef080e7a..0000000000
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* crypto/dh/dh_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
-static const DH_METHOD *default_DH_method = NULL;
-void DH_set_default_method(const DH_METHOD *meth)
-        {
-        default_DH_method = meth;
-        }
-const DH_METHOD *DH_get_default_method(void)
-        {
-        if(!default_DH_method)
-                default_DH_method = DH_OpenSSL();
-        return default_DH_method;
-        }
-int DH_set_method(DH *dh, const DH_METHOD *meth)
-        {
-        /* NB: The caller is specifically setting a method, so it's not up to us
-         * to deal with which ENGINE it comes from. */
-        const DH_METHOD *mtmp;
-        mtmp = dh->meth;
-        if (mtmp->finish) mtmp->finish(dh);
-#ifndef OPENSSL_NO_ENGINE
-        if (dh->engine)
-                {
-                ENGINE_finish(dh->engine);
-                dh->engine = NULL;
-                }
-#endif
-        dh->meth = meth;
-        if (meth->init) meth->init(dh);
-        return 1;
-        }
-DH *DH_new(void)
-        {
-        return DH_new_method(NULL);
-        }
-DH *DH_new_method(ENGINE *engine)
-        {
-        DH *ret;
-        ret=(DH *)OPENSSL_malloc(sizeof(DH));
-        if (ret == NULL)
-                {
-                DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-                return(NULL);
-                }
-        ret->meth = DH_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-        if (engine)
-                {
-                if (!ENGINE_init(engine))
-                        {
-                        DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
-                        OPENSSL_free(ret);
-                        return NULL;
-                        }
-                ret->engine = engine;
-                }
-        else
-                ret->engine = ENGINE_get_default_DH();
-        if(ret->engine)
-                {
-                ret->meth = ENGINE_get_DH(ret->engine);
-                if(!ret->meth)
-                        {
-                        DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB);
-                        ENGINE_finish(ret->engine);
-                        OPENSSL_free(ret);
-                        return NULL;
-                        }
-                }
-#endif
-        ret->pad=0;
-        ret->version=0;
-        ret->p=NULL;
-        ret->g=NULL;
-        ret->length=0;
-        ret->pub_key=NULL;
-        ret->priv_key=NULL;
-        ret->q=NULL;
-        ret->j=NULL;
-        ret->seed = NULL;
-        ret->seedlen = 0;
-        ret->counter = NULL;
-        ret->method_mont_p=NULL;
-        ret->references = 1;
-        ret->flags=ret->meth->flags;
-        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
-                {
-#ifndef OPENSSL_NO_ENGINE
-                if (ret->engine)
-                        ENGINE_finish(ret->engine);
-#endif
-                CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-                OPENSSL_free(ret);
-                ret=NULL;
-                }
-        return(ret);
-        }
-void DH_free(DH *r)
-        {
-        int i;
-        if(r == NULL) return;
-        i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-        REF_PRINT("DH",r);
-#endif
-        if (i > 0) return;
-#ifdef REF_CHECK
-        if (i < 0)
-                {
-                fprintf(stderr,"DH_free, bad reference count\n");
-                abort();
-        }
-#endif
-        if (r->meth->finish)
-                r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-        if (r->engine)
-                ENGINE_finish(r->engine);
-#endif
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
-        if (r->p != NULL) BN_clear_free(r->p);
-        if (r->g != NULL) BN_clear_free(r->g);
-        if (r->q != NULL) BN_clear_free(r->q);
-        if (r->j != NULL) BN_clear_free(r->j);
-        if (r->seed) OPENSSL_free(r->seed);
-        if (r->counter != NULL) BN_clear_free(r->counter);
-        if (r->pub_key != NULL) BN_clear_free(r->pub_key);
-        if (r->priv_key != NULL) BN_clear_free(r->priv_key);
-        OPENSSL_free(r);
-        }
-int DH_up_ref(DH *r)
-        {
-        int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-        REF_PRINT("DH",r);
-#endif
-#ifdef REF_CHECK
-        if (i < 2)
-                {
-                fprintf(stderr, "DH_up, bad reference count\n");
-                abort();
-                }
-#endif
-        return ((i > 1) ? 1 : 0);
-        }
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-        {
-        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
-                                new_func, dup_func, free_func);
-        }
-int DH_set_ex_data(DH *d, int idx, void *arg)
-        {
-        return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
-        }
-void *DH_get_ex_data(DH *d, int idx)
-        {
-        return(CRYPTO_get_ex_data(&d->ex_data,idx));
-        }
-int DH_size(const DH *dh)
-        {
-        return(BN_num_bytes(dh->p));
-        }