52 files changed, 2962 insertions, 1441 deletions

diff --git a/src/lib/libcrypto/evp/Makefile.ssl b/src/lib/libcrypto/evp/Makefile.ssl
index 624168031d..4abe93dafe 100644
--- a/src/lib/libcrypto/evp/Makefile.ssl
+++ b/src/lib/libcrypto/evp/Makefile.ssl
@@ -5,26 +5,28 @@
 DIR=    evp
 TOP=    ../..
 CC=     cc
-INCLUDES= -I.. -I../../include
+INCLUDES= -I.. -I$(TOP) -I../../include
 CFLAG=-g
 INSTALL_PREFIX=
 OPENSSLDIR=     /usr/local/ssl
 INSTALLTOP=/usr/local/ssl
 MAKE=           make -f Makefile.ssl
-MAKEDEPEND=     $(TOP)/util/domd $(TOP)
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
 MAKEFILE=       Makefile.ssl
 AR=             ar r
 
 CFLAGS= $(INCLUDES) $(CFLAG)
 
 GENERAL=Makefile
-TEST=
+TEST=evp_test.c
+TESTDATA=evptests.txt
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
         e_des.c e_bf.c e_idea.c e_des3.c \
-        e_rc4.c names.c \
+        e_rc4.c e_aes.c names.c \
         e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
         m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \
         m_dss.c m_dss1.c m_mdc2.c m_ripemd.c \
@@ -33,9 +35,9 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
         c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
         evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
 
-LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \
+LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \
         e_des.o e_bf.o e_idea.o e_des3.o \
-        e_rc4.o names.o \
+        e_rc4.o e_aes.o names.o \
         e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
         m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \
         m_dss.o m_dss1.o m_mdc2.o m_ripemd.o \
@@ -58,8 +60,7 @@ all:	lib
 
 lib:    $(LIBOBJ)
         $(AR) $(LIB) $(LIBOBJ)
-        @echo You may get an error following this line.  Please ignore.
-        - $(RANLIB) $(LIB)
+        $(RANLIB) $(LIB) || echo Never mind.
         @touch lib
 
 files:
@@ -69,6 +70,7 @@ links:
         @$(SHELL) $(TOP)/util/point.sh Makefile.ssl Makefile
         @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
         @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+        @$(PERL) $(TOP)/util/mklink.pl ../../test $(TESTDATA)
         @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
 
 install:
@@ -98,820 +100,563 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-bio_b64.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_b64.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_b64.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_b64.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_b64.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_b64.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_b64.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bio_b64.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_b64.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_b64.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_b64.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_b64.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_b64.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_b64.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_enc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_b64.o: ../cryptlib.h bio_b64.c
+bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bio_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_md.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_md.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_md.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_md.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_md.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_enc.o: ../cryptlib.h bio_enc.c
+bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_md.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+bio_md.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 bio_md.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_md.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_md.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_md.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_md.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-bio_md.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-bio_md.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-bio_md.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h
-bio_ok.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-bio_ok.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-bio_ok.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-bio_ok.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-bio_ok.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_md.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_md.c
+bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_ok.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+bio_ok.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 bio_ok.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-bio_ok.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-bio_ok.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-bio_ok.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-bio_ok.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-bio_ok.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
 bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bio_ok.o: ../cryptlib.h
-c_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-c_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-c_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-c_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+bio_ok.o: ../cryptlib.h bio_ok.c
+c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+c_all.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_all.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-c_all.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-c_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-c_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-c_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h
-c_allc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_allc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-c_allc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_allc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h c_all.c
+c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_allc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+c_allc.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+c_allc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_allc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-c_allc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-c_allc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_allc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_allc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 c_allc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-c_alld.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-c_alld.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-c_alld.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-c_alld.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
+c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_alld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+c_alld.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+c_alld.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-c_alld.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-c_alld.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-c_alld.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
-c_alld.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-c_alld.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 c_alld.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-digest.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-digest.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-digest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-digest.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-digest.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-digest.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-digest.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
+digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+digest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-digest.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-digest.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
 digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-digest.o: ../../include/openssl/symhacks.h ../cryptlib.h
-e_bf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+digest.o: ../../include/openssl/ui.h ../cryptlib.h digest.c
+e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+e_aes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_aes.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h
+e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
 e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_bf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_bf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_bf.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_bf.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_bf.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+e_bf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_bf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_bf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_bf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_bf.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_bf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_bf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_cast.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_cast.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_cast.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_cast.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_cast.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_cast.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_cast.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+e_bf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_bf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_bf.o: ../cryptlib.h e_bf.c evp_locl.h
+e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_cast.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_cast.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+e_cast.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_cast.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_cast.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_cast.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_cast.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_cast.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_des.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_des.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_cast.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_cast.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_cast.o: ../cryptlib.h e_cast.c evp_locl.h
+e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 e_des.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_des.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_des.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_des.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
 e_des.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_des.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_des.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_des.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_des.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_des.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_des.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_des.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_des3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_des3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_des.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
+e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des3.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 e_des3.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_des3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_des3.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_des3.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
 e_des3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_des3.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_des3.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_des3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_des3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_des3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_des3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_des3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_des3.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_idea.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_idea.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_idea.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_idea.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_idea.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h
+e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_idea.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_idea.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 e_idea.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 e_idea.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_idea.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_idea.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
 e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_idea.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_idea.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_idea.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_idea.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_null.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_idea.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_idea.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_idea.o: ../cryptlib.h e_idea.c evp_locl.h
+e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 e_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_null.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_null.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_null.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_null.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h
-e_rc2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_rc2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_rc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h e_null.c
+e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_rc2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 e_rc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_rc2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_rc2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_rc2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_rc4.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc4.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_rc4.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_rc4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc4.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
+e_rc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_rc2.o: ../cryptlib.h e_rc2.c evp_locl.h
+e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_rc4.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 e_rc4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_rc4.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_rc4.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_rc4.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc4.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h
-e_rc5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_rc5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_rc5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_rc5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_rc5.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc4.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+e_rc4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_rc4.o: ../cryptlib.h e_rc4.c
+e_rc5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+e_rc5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 e_rc5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_rc5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_rc5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_rc5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-e_rc5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-e_rc5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-e_rc5.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-e_rc5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-e_rc5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-e_xcbc_d.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-e_xcbc_d.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-e_xcbc_d.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-e_xcbc_d.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-e_xcbc_d.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-e_xcbc_d.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-e_xcbc_d.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_rc5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc5.o: ../../include/openssl/rc5.h ../../include/openssl/safestack.h
+e_rc5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_rc5.o: ../cryptlib.h e_rc5.c evp_locl.h
+e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
+e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+e_xcbc_d.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_xcbc_d.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_xcbc_d.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_xcbc_d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 e_xcbc_d.o: ../../include/openssl/opensslconf.h
-e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
-e_xcbc_d.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-e_xcbc_d.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-e_xcbc_d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-e_xcbc_d.o: ../cryptlib.h
-encode.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-encode.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-encode.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-encode.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-encode.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-encode.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
+encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+encode.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+encode.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 encode.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-encode.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-encode.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-encode.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-encode.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-encode.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-encode.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-encode.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-encode.o: ../../include/openssl/symhacks.h ../cryptlib.h
-evp_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+encode.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+encode.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+encode.o: ../../include/openssl/symhacks.h ../cryptlib.h encode.c
+evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+evp_acnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+evp_acnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+evp_acnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+evp_acnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_acnf.o: ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_acnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_acnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_acnf.o: ../cryptlib.h evp_acnf.c
+evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+evp_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 evp_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_enc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+evp_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
 evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
 evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-evp_err.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-evp_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_err.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_err.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+evp_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_err.o: ../../include/openssl/symhacks.h
-evp_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_err.o: evp_err.c
+evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+evp_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 evp_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_key.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_key.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_key.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-evp_key.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_key.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_key.o: ../cryptlib.h
-evp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-evp_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_key.o: ../cryptlib.h evp_key.c
+evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+evp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+evp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-evp_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-evp_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-evp_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
-evp_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_pbe.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_lib.o: ../cryptlib.h evp_lib.c
+evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+evp_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 evp_pbe.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_pbe.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_pbe.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_pbe.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_pbe.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-evp_pbe.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_pbe.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_pbe.o: ../cryptlib.h
-evp_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-evp_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+evp_pbe.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c
+evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 evp_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-evp_pkey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-evp_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-evp_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-evp_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+evp_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 evp_pkey.o: ../../include/openssl/opensslconf.h
-evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-evp_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-evp_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-evp_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-evp_pkey.o: ../cryptlib.h
-m_dss.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_dss.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_dss.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_dss.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+evp_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+evp_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pkey.c
+m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_dss.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_dss.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_dss.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_dss.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_dss.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss.o: ../cryptlib.h
-m_dss1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_dss1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_dss1.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_dss1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_dss1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_dss.o: ../cryptlib.h m_dss.c
+m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_dss1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_dss1.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_dss1.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_dss1.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_dss1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_dss1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_dss1.o: ../cryptlib.h
-m_md2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_md2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_md2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_dss1.o: ../cryptlib.h m_dss1.c
+m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_md2.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_md2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_md2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_md2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
 m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md2.o: ../cryptlib.h
-m_md4.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md4.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_md4.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_md4.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md4.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_md2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md2.c
+m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_md4.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_md4.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md4.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_md4.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_md4.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h
 m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md4.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md4.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md4.o: ../cryptlib.h
-m_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_md5.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_md5.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_md5.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_md5.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c
+m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_md5.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_md5.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_md5.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_md5.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_md5.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h
 m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_md5.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_md5.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md5.o: ../cryptlib.h
-m_mdc2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_mdc2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 m_mdc2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_mdc2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_mdc2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_mdc2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
+m_mdc2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_mdc2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_mdc2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_mdc2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_mdc2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
 m_mdc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 m_mdc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_mdc2.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_mdc2.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_mdc2.o: ../cryptlib.h
-m_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_null.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_null.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_null.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_null.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_mdc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_mdc2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_mdc2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_mdc2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+m_mdc2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+m_mdc2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_mdc2.c
+m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_null.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_null.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_null.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_null.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_null.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_null.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_null.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_null.o: ../cryptlib.h
-m_ripemd.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_ripemd.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+m_null.o: ../cryptlib.h m_null.c
+m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+m_ripemd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 m_ripemd.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_ripemd.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_ripemd.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_ripemd.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_ripemd.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+m_ripemd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 m_ripemd.o: ../../include/openssl/opensslconf.h
-m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-m_ripemd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-m_ripemd.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
+m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
 m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-m_sha.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_sha.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_sha.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_sha.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ripemd.c
+m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_sha.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_sha.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_sha.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_sha.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_sha.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_sha.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h
-m_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-m_sha1.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-m_sha1.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-m_sha1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-m_sha1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_sha.o: ../cryptlib.h m_sha.c
+m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+m_sha1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+m_sha1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-m_sha1.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-m_sha1.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-m_sha1.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-m_sha1.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-m_sha1.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha1.o: ../cryptlib.h
-names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-names.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-names.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-names.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-names.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-names.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+names.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+names.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+names.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 names.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-names.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-names.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-names.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-names.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-names.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+names.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-names.o: ../cryptlib.h
-p5_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p5_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+names.o: ../cryptlib.h names.c
+p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+p5_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 p5_crpt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p5_crpt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_crpt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p5_crpt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p5_crpt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p5_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p5_crpt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p5_crpt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_crpt.o: ../cryptlib.h
-p5_crpt2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p5_crpt2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_crpt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
+p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+p5_crpt2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 p5_crpt2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p5_crpt2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/idea.h
-p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p5_crpt2.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p5_crpt2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p5_crpt2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p5_crpt2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p5_crpt2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p5_crpt2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_dec.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_dec.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_dec.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_dec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_dec.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p5_crpt2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_crpt2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_crpt2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_crpt2.o: ../cryptlib.h p5_crpt2.c
+p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_dec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_dec.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_dec.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_dec.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_dec.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_dec.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_dec.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_dec.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_enc.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_enc.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_enc.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c
+p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_enc.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_enc.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_enc.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_enc.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_enc.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c
+p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
 p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_open.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_open.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_open.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_open.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_open.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_open.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_lib.o: ../cryptlib.h p_lib.c
+p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_open.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_open.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_open.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_open.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_open.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_open.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_open.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_open.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_open.o: ../cryptlib.h
-p_seal.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_seal.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_seal.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_seal.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_seal.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+p_open.o: ../cryptlib.h p_open.c
+p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_seal.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_seal.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_seal.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_seal.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_seal.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_seal.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-p_seal.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_seal.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-p_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c
+p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_sign.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_sign.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p_sign.o: ../cryptlib.h
-p_verify.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-p_verify.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+p_sign.o: ../cryptlib.h p_sign.c
+p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+p_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+p_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 p_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-p_verify.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-p_verify.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-p_verify.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-p_verify.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+p_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 p_verify.o: ../../include/openssl/opensslconf.h
-p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p_verify.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p_verify.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-p_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_verify.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_verify.o: ../cryptlib.h p_verify.c
diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c
index af6fa2ae8f..f12eac1b55 100644
--- a/src/lib/libcrypto/evp/bio_b64.c
+++ b/src/lib/libcrypto/evp/bio_b64.c
@@ -465,7 +465,8 @@ static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
                 break;
         case BIO_CTRL_WPENDING: /* More to write in buffer */
                 ret=ctx->buf_len-ctx->buf_off;
-                if ((ret == 0) && (ctx->base64.num != 0))
+                if ((ret == 0) && (ctx->encode != B64_NONE)
+                        && (ctx->base64.num != 0))
                         ret=1;
                 else if (ret <= 0)
                         ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
@@ -500,7 +501,7 @@ again:
                                 goto again;
                                 }
                         }
-                else if (ctx->base64.num != 0)
+                else if (ctx->encode != B64_NONE && ctx->base64.num != 0)
                         {
                         ctx->buf_off=0;
                         EVP_EncodeFinal(&(ctx->base64),
diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
index 831c71a2b5..05f4249458 100644
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ b/src/lib/libcrypto/evp/bio_enc.c
@@ -71,6 +71,7 @@ static int enc_new(BIO *h);
 static int enc_free(BIO *data);
 static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
 #define ENC_BLOCK_SIZE  (1024*4)
+#define BUF_OFFSET      EVP_MAX_BLOCK_LENGTH
 
 typedef struct enc_struct
         {
@@ -80,7 +81,10 @@ typedef struct enc_struct
         int finished;
         int ok;                 /* bad decrypt */
         EVP_CIPHER_CTX cipher;
-        char buf[ENC_BLOCK_SIZE+10];
+        /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
+         * can return up to a block more data than is presented to it
+         */
+        char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2];
         } BIO_ENC_CTX;
 
 static BIO_METHOD methods_enc=
@@ -170,9 +174,9 @@ static int enc_read(BIO *b, char *out, int outl)
                 {
                 if (ctx->cont <= 0) break;
 
-                /* read in at offset 8, read the EVP_Cipher
+                /* read in at IV offset, read the EVP_Cipher
                  * documentation about why */
-                i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
+                i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
 
                 if (i <= 0)
                         {
@@ -180,7 +184,7 @@ static int enc_read(BIO *b, char *out, int outl)
                         if (!BIO_should_retry(b->next_bio))
                                 {
                                 ctx->cont=i;
-                                i=EVP_CipherFinal(&(ctx->cipher),
+                                i=EVP_CipherFinal_ex(&(ctx->cipher),
                                         (unsigned char *)ctx->buf,
                                         &(ctx->buf_len));
                                 ctx->ok=i;
@@ -196,7 +200,7 @@ static int enc_read(BIO *b, char *out, int outl)
                         {
                         EVP_CipherUpdate(&(ctx->cipher),
                                 (unsigned char *)ctx->buf,&ctx->buf_len,
-                                (unsigned char *)&(ctx->buf[8]),i);
+                                (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
                         ctx->cont=1;
                         /* Note: it is possible for EVP_CipherUpdate to
                          * decrypt zero bytes because this is or looks like
@@ -294,7 +298,7 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
         case BIO_CTRL_RESET:
                 ctx->ok=1;
                 ctx->finished=0;
-                EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+                EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
                         ctx->cipher.encrypt);
                 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
                 break;
@@ -331,7 +335,7 @@ again:
                         {
                         ctx->finished=1;
                         ctx->buf_off=0;
-                        ret=EVP_CipherFinal(&(ctx->cipher),
+                        ret=EVP_CipherFinal_ex(&(ctx->cipher),
                                 (unsigned char *)ctx->buf,
                                 &(ctx->buf_len));
                         ctx->ok=(int)ret;
@@ -417,7 +421,7 @@ void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
 
         b->init=1;
         ctx=(BIO_ENC_CTX *)b->ptr;
-        EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+        EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
         
         if (b->callback != NULL)
                 b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c
index 2373c247d8..c632dfb202 100644
--- a/src/lib/libcrypto/evp/bio_md.c
+++ b/src/lib/libcrypto/evp/bio_md.c
@@ -96,7 +96,7 @@ static int md_new(BIO *bi)
         {
         EVP_MD_CTX *ctx;
 
-        ctx=(EVP_MD_CTX *)OPENSSL_malloc(sizeof(EVP_MD_CTX));
+        ctx=EVP_MD_CTX_create();
         if (ctx == NULL) return(0);
 
         bi->init=0;
@@ -108,7 +108,7 @@ static int md_new(BIO *bi)
 static int md_free(BIO *a)
         {
         if (a == NULL) return(0);
-        OPENSSL_free(a->ptr);
+        EVP_MD_CTX_destroy(a->ptr);
         a->ptr=NULL;
         a->init=0;
         a->flags=0;
@@ -121,7 +121,7 @@ static int md_read(BIO *b, char *out, int outl)
         EVP_MD_CTX *ctx;
 
         if (out == NULL) return(0);
-        ctx=(EVP_MD_CTX *)b->ptr;
+        ctx=b->ptr;
 
         if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
 
@@ -145,7 +145,7 @@ static int md_write(BIO *b, const char *in, int inl)
         EVP_MD_CTX *ctx;
 
         if ((in == NULL) || (inl <= 0)) return(0);
-        ctx=(EVP_MD_CTX *)b->ptr;
+        ctx=b->ptr;
 
         if ((ctx != NULL) && (b->next_bio != NULL))
                 ret=BIO_write(b->next_bio,in,inl);
@@ -170,13 +170,13 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
         long ret=1;
         BIO *dbio;
 
-        ctx=(EVP_MD_CTX *)b->ptr;
+        ctx=b->ptr;
 
         switch (cmd)
                 {
         case BIO_CTRL_RESET:
                 if (b->init)
-                        EVP_DigestInit(ctx,ctx->digest);
+                        EVP_DigestInit_ex(ctx,ctx->digest, NULL);
                 else
                         ret=0;
                 ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
@@ -184,7 +184,7 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
         case BIO_C_GET_MD:
                 if (b->init)
                         {
-                        ppmd=(const EVP_MD **)ptr;
+                        ppmd=ptr;
                         *ppmd=ctx->digest;
                         }
                 else
@@ -193,7 +193,7 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
         case BIO_C_GET_MD_CTX:
                 if (b->init)
                         {
-                        pctx=(EVP_MD_CTX **)ptr;
+                        pctx=ptr;
                         *pctx=ctx;
                         }
                 else
@@ -206,14 +206,14 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
                 break;
 
         case BIO_C_SET_MD:
-                md=(EVP_MD *)ptr;
-                EVP_DigestInit(ctx,md);
+                md=ptr;
+                EVP_DigestInit_ex(ctx,md, NULL);
                 b->init=1;
                 break;
         case BIO_CTRL_DUP:
-                dbio=(BIO *)ptr;
-                dctx=(EVP_MD_CTX *)dbio->ptr;
-                memcpy(dctx,ctx,sizeof(ctx));
+                dbio=ptr;
+                dctx=dbio->ptr;
+                EVP_MD_CTX_copy_ex(dctx,ctx);
                 b->init=1;
                 break;
         default:
@@ -243,10 +243,10 @@ static int md_gets(BIO *bp, char *buf, int size)
         unsigned int ret;
 
 
-        ctx=(EVP_MD_CTX *)bp->ptr;
+        ctx=bp->ptr;
         if (size < ctx->digest->md_size)
                 return(0);
-        EVP_DigestFinal(ctx,(unsigned char *)buf,&ret);
+        EVP_DigestFinal_ex(ctx,(unsigned char *)buf,&ret);
         return((int)ret);
         }
 
diff --git a/src/lib/libcrypto/evp/bio_ok.c b/src/lib/libcrypto/evp/bio_ok.c
index e617ce1d43..3cbc6e7848 100644
--- a/src/lib/libcrypto/evp/bio_ok.c
+++ b/src/lib/libcrypto/evp/bio_ok.c
@@ -162,7 +162,7 @@ typedef struct ok_struct
         EVP_MD_CTX md;
         int blockout;           /* output block is ready */ 
         int sigio;              /* must process signature */
-        char buf[IOBS];
+        unsigned char buf[IOBS];
         } BIO_OK_CTX;
 
 static BIO_METHOD methods_ok=
@@ -199,6 +199,8 @@ static int ok_new(BIO *bi)
         ctx->blockout= 0;
         ctx->sigio=1;
 
+        EVP_MD_CTX_init(&ctx->md);
+
         bi->init=0;
         bi->ptr=(char *)ctx;
         bi->flags=0;
@@ -208,6 +210,7 @@ static int ok_new(BIO *bi)
 static int ok_free(BIO *a)
         {
         if (a == NULL) return(0);
+        EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
         memset(a->ptr,0,sizeof(BIO_OK_CTX));
         OPENSSL_free(a->ptr);
         a->ptr=NULL;
@@ -353,7 +356,7 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
         long ret=1;
         int i;
 
-        ctx=(BIO_OK_CTX *)b->ptr;
+        ctx=b->ptr;
 
         switch (cmd)
                 {
@@ -411,14 +414,14 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
                 ret=(long)ctx->cont;
                 break;
         case BIO_C_SET_MD:
-                md=(EVP_MD *)ptr;
-                EVP_DigestInit(&(ctx->md),md);
+                md=ptr;
+                EVP_DigestInit_ex(&ctx->md, md, NULL);
                 b->init=1;
                 break;
         case BIO_C_GET_MD:
                 if (b->init)
                         {
-                        ppmd=(const EVP_MD **)ptr;
+                        ppmd=ptr;
                         *ppmd=ctx->md.digest;
                         }
                 else
@@ -462,19 +465,22 @@ static void sig_out(BIO* b)
         BIO_OK_CTX *ctx;
         EVP_MD_CTX *md;
 
-        ctx=(BIO_OK_CTX *)b->ptr;
-        md= &(ctx->md);
+        ctx=b->ptr;
+        md=&ctx->md;
 
         if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
 
-        EVP_DigestInit(md, md->digest);
-        RAND_pseudo_bytes(&(md->md.base[0]), md->digest->md_size);
-        memcpy(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]), md->digest->md_size);
+        EVP_DigestInit_ex(md, md->digest, NULL);
+        /* FIXME: there's absolutely no guarantee this makes any sense at all,
+         * particularly now EVP_MD_CTX has been restructured.
+         */
+        RAND_pseudo_bytes(md->md_data, md->digest->md_size);
+        memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
         longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
         ctx->buf_len+= md->digest->md_size;
 
         EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
-        md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
+        EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
         ctx->buf_len+= md->digest->md_size;
         ctx->blockout= 1;
         ctx->sigio= 0;
@@ -487,18 +493,18 @@ static void sig_in(BIO* b)
         unsigned char tmp[EVP_MAX_MD_SIZE];
         int ret= 0;
 
-        ctx=(BIO_OK_CTX *)b->ptr;
-        md= &(ctx->md);
+        ctx=b->ptr;
+        md=&ctx->md;
 
         if(ctx->buf_len- ctx->buf_off < 2* md->digest->md_size) return;
 
-        EVP_DigestInit(md, md->digest);
-        memcpy(&(md->md.base[0]), &(ctx->buf[ctx->buf_off]), md->digest->md_size);
-        longswap(&(md->md.base[0]), md->digest->md_size);
+        EVP_DigestInit_ex(md, md->digest, NULL);
+        memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
+        longswap(md->md_data, md->digest->md_size);
         ctx->buf_off+= md->digest->md_size;
 
         EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
-        md->digest->final(tmp, &(md->md.base[0]));
+        EVP_DigestFinal_ex(md, tmp, NULL);
         ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
         ctx->buf_off+= md->digest->md_size;
         if(ret == 1)
@@ -523,15 +529,15 @@ static void block_out(BIO* b)
         EVP_MD_CTX *md;
         unsigned long tl;
 
-        ctx=(BIO_OK_CTX *)b->ptr;
-        md= &(ctx->md);
+        ctx=b->ptr;
+        md=&ctx->md;
 
         tl= ctx->buf_len- OK_BLOCK_BLOCK;
         tl= swapem(tl);
         memcpy(ctx->buf, &tl, OK_BLOCK_BLOCK);
         tl= swapem(tl);
         EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
-        md->digest->final(&(ctx->buf[ctx->buf_len]), &(md->md.base[0]));
+        EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
         ctx->buf_len+= md->digest->md_size;
         ctx->blockout= 1;
         }
@@ -543,15 +549,15 @@ static void block_in(BIO* b)
         long tl= 0;
         unsigned char tmp[EVP_MAX_MD_SIZE];
 
-        ctx=(BIO_OK_CTX *)b->ptr;
-        md= &(ctx->md);
+        ctx=b->ptr;
+        md=&ctx->md;
 
         memcpy(&tl, ctx->buf, OK_BLOCK_BLOCK);
         tl= swapem(tl);
         if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
  
         EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
-        md->digest->final(tmp, &(md->md.base[0]));
+        EVP_DigestFinal_ex(md, tmp, NULL);
         if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
                 {
                 /* there might be parts from next block lurking around ! */
diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c
index 1e185830a3..3d390dfbf1 100644
--- a/src/lib/libcrypto/evp/c_all.c
+++ b/src/lib/libcrypto/evp/c_all.c
@@ -60,8 +60,16 @@
 #include "cryptlib.h"
 #include <openssl/evp.h>
 
+#undef OpenSSL_add_all_algorithms
+
 void OpenSSL_add_all_algorithms(void)
-{
+        {
+        OPENSSL_add_all_algorithms_noconf();
+        }
+
+void OPENSSL_add_all_algorithms_noconf(void)
+        {
         OpenSSL_add_all_ciphers();
         OpenSSL_add_all_digests();
-}
+        ENGINE_setup_openbsd();
+        }
diff --git a/src/lib/libcrypto/evp/c_allc.c b/src/lib/libcrypto/evp/c_allc.c
index f24d3756c9..37e6ab83a5 100644
--- a/src/lib/libcrypto/evp/c_allc.c
+++ b/src/lib/libcrypto/evp/c_allc.c
@@ -64,7 +64,8 @@
 
 void OpenSSL_add_all_ciphers(void)
         {
-#ifndef NO_DES
+
+#ifndef OPENSSL_NO_DES
         EVP_add_cipher(EVP_des_cfb());
         EVP_add_cipher(EVP_des_ede_cfb());
         EVP_add_cipher(EVP_des_ede3_cfb());
@@ -90,12 +91,12 @@ void OpenSSL_add_all_ciphers(void)
         EVP_add_cipher(EVP_des_ede3());
 #endif
 
-#ifndef NO_RC4
+#ifndef OPENSSL_NO_RC4
         EVP_add_cipher(EVP_rc4());
         EVP_add_cipher(EVP_rc4_40());
 #endif
 
-#ifndef NO_IDEA
+#ifndef OPENSSL_NO_IDEA
         EVP_add_cipher(EVP_idea_ecb());
         EVP_add_cipher(EVP_idea_cfb());
         EVP_add_cipher(EVP_idea_ofb());
@@ -104,7 +105,7 @@ void OpenSSL_add_all_ciphers(void)
         EVP_add_cipher_alias(SN_idea_cbc,"idea");
 #endif
 
-#ifndef NO_RC2
+#ifndef OPENSSL_NO_RC2
         EVP_add_cipher(EVP_rc2_ecb());
         EVP_add_cipher(EVP_rc2_cfb());
         EVP_add_cipher(EVP_rc2_ofb());
@@ -115,7 +116,7 @@ void OpenSSL_add_all_ciphers(void)
         EVP_add_cipher_alias(SN_rc2_cbc,"rc2");
 #endif
 
-#ifndef NO_BF
+#ifndef OPENSSL_NO_BF
         EVP_add_cipher(EVP_bf_ecb());
         EVP_add_cipher(EVP_bf_cfb());
         EVP_add_cipher(EVP_bf_ofb());
@@ -125,7 +126,7 @@ void OpenSSL_add_all_ciphers(void)
         EVP_add_cipher_alias(SN_bf_cbc,"blowfish");
 #endif
 
-#ifndef NO_CAST
+#ifndef OPENSSL_NO_CAST
         EVP_add_cipher(EVP_cast5_ecb());
         EVP_add_cipher(EVP_cast5_cfb());
         EVP_add_cipher(EVP_cast5_ofb());
@@ -136,7 +137,7 @@ void OpenSSL_add_all_ciphers(void)
         EVP_add_cipher_alias(SN_cast5_cbc,"cast-cbc");
 #endif
 
-#ifndef NO_RC5
+#ifndef OPENSSL_NO_RC5
         EVP_add_cipher(EVP_rc5_32_12_16_ecb());
         EVP_add_cipher(EVP_rc5_32_12_16_cfb());
         EVP_add_cipher(EVP_rc5_32_12_16_ofb());
@@ -144,6 +145,21 @@ void OpenSSL_add_all_ciphers(void)
         EVP_add_cipher_alias(SN_rc5_cbc,"rc5");
         EVP_add_cipher_alias(SN_rc5_cbc,"RC5");
 #endif
+
+#ifndef OPENSSL_NO_AES
+        EVP_add_cipher(EVP_aes_128_ecb());
+        EVP_add_cipher(EVP_aes_128_cbc());
+        EVP_add_cipher_alias(SN_aes_128_cbc,"AES128");
+        EVP_add_cipher_alias(SN_aes_128_cbc,"aes128");
+        EVP_add_cipher(EVP_aes_192_ecb());
+        EVP_add_cipher(EVP_aes_192_cbc());
+        EVP_add_cipher_alias(SN_aes_192_cbc,"AES192");
+        EVP_add_cipher_alias(SN_aes_192_cbc,"aes192");
+        EVP_add_cipher(EVP_aes_256_ecb());
+        EVP_add_cipher(EVP_aes_256_cbc());
+        EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
+        EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
+#endif
         PKCS12_PBE_add();
         PKCS5_PBE_add();
         }
diff --git a/src/lib/libcrypto/evp/c_alld.c b/src/lib/libcrypto/evp/c_alld.c
index bbf059eb85..be91cdb037 100644
--- a/src/lib/libcrypto/evp/c_alld.c
+++ b/src/lib/libcrypto/evp/c_alld.c
@@ -64,38 +64,38 @@
 
 void OpenSSL_add_all_digests(void)
         {
-#ifndef NO_MD2
+#ifndef OPENSSL_NO_MD2
         EVP_add_digest(EVP_md2());
 #endif
-#ifndef NO_MD4
+#ifndef OPENSSL_NO_MD4
         EVP_add_digest(EVP_md4());
 #endif
-#ifndef NO_MD5
+#ifndef OPENSSL_NO_MD5
         EVP_add_digest(EVP_md5());
         EVP_add_digest_alias(SN_md5,"ssl2-md5");
         EVP_add_digest_alias(SN_md5,"ssl3-md5");
 #endif
-#ifndef NO_SHA
+#ifndef OPENSSL_NO_SHA
         EVP_add_digest(EVP_sha());
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         EVP_add_digest(EVP_dss());
 #endif
 #endif
-#ifndef NO_SHA
+#ifndef OPENSSL_NO_SHA
         EVP_add_digest(EVP_sha1());
         EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
         EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         EVP_add_digest(EVP_dss1());
         EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
         EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
         EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
 #endif
 #endif
-#if !defined(NO_MDC2) && !defined(NO_DES)
+#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
         EVP_add_digest(EVP_mdc2());
 #endif
-#ifndef NO_RIPEMD
+#ifndef OPENSSL_NO_RIPEMD
         EVP_add_digest(EVP_ripemd160());
         EVP_add_digest_alias(SN_ripemd160,"ripemd");
         EVP_add_digest_alias(SN_ripemd160,"rmd160");
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index c560733568..a969ac69ed 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -55,38 +55,258 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/objects.h>
 #include <openssl/evp.h>
+#include <openssl/engine.h>
+
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+        {
+        memset(ctx,'\0',sizeof *ctx);
+        }
+
+EVP_MD_CTX *EVP_MD_CTX_create(void)
+        {
+        EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx);
+
+        EVP_MD_CTX_init(ctx);
+
+        return ctx;
+        }
+
+int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+        {
+        EVP_MD_CTX_init(ctx);
+        return EVP_DigestInit_ex(ctx, type, NULL);
+        }
 
-void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
         {
-        ctx->digest=type;
-        type->init(&(ctx->md));
+        EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
+        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
+         * so this context may already have an ENGINE! Try to avoid releasing
+         * the previous handle, re-querying for an ENGINE, and having a
+         * reinitialisation, when it may all be unecessary. */
+        if (ctx->engine && ctx->digest && (!type ||
+                        (type && (type->type == ctx->digest->type))))
+                goto skip_to_init;
+        if (type)
+                {
+                /* Ensure an ENGINE left lying around from last time is cleared
+                 * (the previous check attempted to avoid this if the same
+                 * ENGINE and EVP_MD could be used). */
+                if(ctx->engine)
+                        ENGINE_finish(ctx->engine);
+                if(impl)
+                        {
+                        if (!ENGINE_init(impl))
+                                {
+                                EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
+                                return 0;
+                                }
+                        }
+                else
+                        /* Ask if an ENGINE is reserved for this job */
+                        impl = ENGINE_get_digest_engine(type->type);
+                if(impl)
+                        {
+                        /* There's an ENGINE for this job ... (apparently) */
+                        const EVP_MD *d = ENGINE_get_digest(impl, type->type);
+                        if(!d)
+                                {
+                                /* Same comment from evp_enc.c */
+                                EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_INITIALIZATION_ERROR);
+                                return 0;
+                                }
+                        /* We'll use the ENGINE's private digest definition */
+                        type = d;
+                        /* Store the ENGINE functional reference so we know
+                         * 'type' came from an ENGINE and we need to release
+                         * it when done. */
+                        ctx->engine = impl;
+                        }
+                else
+                        ctx->engine = NULL;
+                }
+        else if(!ctx->digest)
+                {
+                EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
+                return 0;
+                }
+        if (ctx->digest != type)
+                {
+                if (ctx->digest && ctx->digest->ctx_size)
+                        OPENSSL_free(ctx->md_data);
+                ctx->digest=type;
+                if (type->ctx_size)
+                        ctx->md_data=OPENSSL_malloc(type->ctx_size);
+                }
+skip_to_init:
+        return ctx->digest->init(ctx);
         }
 
-void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
              unsigned int count)
         {
-        ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
+        return ctx->digest->update(ctx,data,(unsigned long)count);
+        }
+
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+        {
+        int ret;
+        ret = EVP_DigestFinal_ex(ctx, md, size);
+        EVP_MD_CTX_cleanup(ctx);
+        return ret;
         }
 
-void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
         {
-        ctx->digest->final(md,&(ctx->md.base[0]));
+        int ret;
+        ret=ctx->digest->final(ctx,md);
         if (size != NULL)
                 *size=ctx->digest->md_size;
-        memset(&(ctx->md),0,sizeof(ctx->md));
+        if (ctx->digest->cleanup)
+                {
+                ctx->digest->cleanup(ctx);
+                EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
+                }
+        memset(ctx->md_data,0,ctx->digest->ctx_size);
+        return ret;
+        }
+
+int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+        {
+        EVP_MD_CTX_init(out);
+        return EVP_MD_CTX_copy_ex(out, in);
+        }
+
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+        {
+        if ((in == NULL) || (in->digest == NULL))
+                {
+                EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
+                return 0;
+                }
+        /* Make sure it's safe to copy a digest context using an ENGINE */
+        if (in->engine && !ENGINE_init(in->engine))
+                {
+                EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
+                return 0;
+                }
+
+        EVP_MD_CTX_cleanup(out);
+        memcpy(out,in,sizeof *out);
+
+        if (out->digest->ctx_size)
+                {
+                out->md_data=OPENSSL_malloc(out->digest->ctx_size);
+                memcpy(out->md_data,in->md_data,out->digest->ctx_size);
+                }
+        
+        if (out->digest->copy)
+                return out->digest->copy(out,in);
+        
+        return 1;
+        }
+
+int EVP_Digest(void *data, unsigned int count,
+                unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
+        {
+        EVP_MD_CTX ctx;
+        int ret;
+
+        EVP_MD_CTX_init(&ctx);
+        EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
+        ret=EVP_DigestInit_ex(&ctx, type, impl)
+          && EVP_DigestUpdate(&ctx, data, count)
+          && EVP_DigestFinal_ex(&ctx, md, size);
+        EVP_MD_CTX_cleanup(&ctx);
+
+        return ret;
         }
 
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in)
-{
-    if ((in == NULL) || (in->digest == NULL)) {
-        EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
-        return 0;
-    }
-    memcpy((char *)out,(char *)in,in->digest->ctx_size);
-    return 1;
-}    
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
+        {
+        EVP_MD_CTX_cleanup(ctx);
+        OPENSSL_free(ctx);
+        }
+
+/* This call frees resources associated with the context */
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+        {
+        /* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
+         * because sometimes only copies of the context are ever finalised.
+         */
+        if (ctx->digest && ctx->digest->cleanup
+            && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
+                ctx->digest->cleanup(ctx);
+        if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
+                {
+                memset(ctx->md_data,0,ctx->digest->ctx_size);
+                OPENSSL_free(ctx->md_data);
+                }
+        if(ctx->engine)
+                /* The EVP_MD we used belongs to an ENGINE, release the
+                 * functional reference we held for this reason. */
+                ENGINE_finish(ctx->engine);
+        memset(ctx,'\0',sizeof *ctx);
+
+        return 1;
+        }
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
new file mode 100644
index 0000000000..9d03a9602f
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -0,0 +1,99 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef OPENSSL_NO_AES
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <string.h>
+#include <assert.h>
+#include <openssl/aes.h>
+#include "evp_locl.h"
+
+static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                                        const unsigned char *iv, int enc);
+
+typedef struct
+        {
+        AES_KEY ks;
+        } EVP_AES_KEY;
+
+#define data(ctx)       EVP_C_DATA(EVP_AES_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
+                       NID_aes_128, 16, 16, 16, 128,
+                       0, aes_init_key, NULL, 
+                       EVP_CIPHER_set_asn1_iv,
+                       EVP_CIPHER_get_asn1_iv,
+                       NULL)
+IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
+                       NID_aes_192, 16, 24, 16, 128,
+                       0, aes_init_key, NULL, 
+                       EVP_CIPHER_set_asn1_iv,
+                       EVP_CIPHER_get_asn1_iv,
+                       NULL)
+IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
+                       NID_aes_256, 16, 32, 16, 128,
+                       0, aes_init_key, NULL, 
+                       EVP_CIPHER_set_asn1_iv,
+                       EVP_CIPHER_get_asn1_iv,
+                       NULL)
+
+static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                   const unsigned char *iv, int enc) {
+
+        if (enc) 
+                AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+        else
+                AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+
+        return 1;
+}
+
+#endif
diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c
index 53559b0b65..e74337567b 100644
--- a/src/lib/libcrypto/evp/e_bf.c
+++ b/src/lib/libcrypto/evp/e_bf.c
@@ -56,24 +56,32 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_BF
+#ifndef OPENSSL_NO_BF
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include "evp_locl.h"
 #include <openssl/objects.h>
+#include <openssl/blowfish.h>
 
 static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                        const unsigned char *iv, int enc);
 
-IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
+typedef struct
+        {
+        BF_KEY ks;
+        } EVP_BF_KEY;
+
+#define data(ctx)       EVP_C_DATA(EVP_BF_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
                         EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL, 
                         EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
         
 static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                        const unsigned char *iv, int enc)
         {
-        BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
+        BF_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
         return 1;
         }
 
diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c
index e5af7fb4ed..3400fef187 100644
--- a/src/lib/libcrypto/evp/e_cast.c
+++ b/src/lib/libcrypto/evp/e_cast.c
@@ -56,26 +56,34 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_CAST
+#ifndef OPENSSL_NO_CAST
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
+#include <openssl/cast.h>
 
 static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                          const unsigned char *iv,int enc);
 
-IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks, 
-                        NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8,
+typedef struct
+        {
+        CAST_KEY ks;
+        } EVP_CAST_KEY;
+
+#define data(ctx)       EVP_C_DATA(EVP_CAST_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY, 
+                        NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
                         EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
                         EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
                         
 static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                          const unsigned char *iv, int enc)
         {
-        CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
+        CAST_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),key);
         return 1;
         }
 
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c
index f4e998b81c..105266a4b3 100644
--- a/src/lib/libcrypto/evp/e_des.c
+++ b/src/lib/libcrypto/evp/e_des.c
@@ -56,12 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
+#include <openssl/des.h>
 
 static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc);
@@ -72,34 +73,34 @@ static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, unsigned int inl)
 {
         BLOCK_CIPHER_ecb_loop()
-                des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt);
+                DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), ctx->cipher_data, ctx->encrypt);
         return 1;
 }
 
 static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, unsigned int inl)
 {
-        des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num);
+        DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, (DES_cblock *)ctx->iv, &ctx->num);
         return 1;
 }
 
 static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, unsigned int inl)
 {
-        des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
-                         (des_cblock *)ctx->iv, ctx->encrypt);
+        DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
+                         (DES_cblock *)ctx->iv, ctx->encrypt);
         return 1;
 }
 
 static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, unsigned int inl)
 {
-        des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks,
-                          (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+        DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+                          (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
         return 1;
 }
 
-BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
+BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
                         0, des_init_key, NULL,
                         EVP_CIPHER_set_asn1_iv,
                         EVP_CIPHER_get_asn1_iv,
@@ -109,9 +110,9 @@ BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
 static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc)
         {
-        des_cblock *deskey = (des_cblock *)key;
+        DES_cblock *deskey = (DES_cblock *)key;
 
-        des_set_key_unchecked(deskey,ctx->c.des_ks);
+        DES_set_key_unchecked(deskey,ctx->cipher_data);
         return 1;
         }
 
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c
index a9aba4ae70..077860e7b6 100644
--- a/src/lib/libcrypto/evp/e_des3.c
+++ b/src/lib/libcrypto/evp/e_des3.c
@@ -56,12 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
+#include <openssl/des.h>
 
 static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv,int enc);
@@ -69,60 +70,78 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv,int enc);
 
+typedef struct
+    {
+    DES_key_schedule ks1;/* key schedule */
+    DES_key_schedule ks2;/* key schedule (for ede) */
+    DES_key_schedule ks3;/* key schedule (for ede3) */
+    } DES_EDE_KEY;
+
+#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
+
 /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
 
 static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, unsigned int inl)
 {
         BLOCK_CIPHER_ecb_loop()
-                des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), 
-                        ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
-                         ctx->encrypt);
+                DES_ecb3_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), 
+                                 &data(ctx)->ks1, &data(ctx)->ks2,
+                                 &data(ctx)->ks3,
+                                 ctx->encrypt);
         return 1;
 }
 
 static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, unsigned int inl)
 {
-        des_ede3_ofb64_encrypt(in, out, (long)inl,
-                        ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
-                                                                (des_cblock *)ctx->iv, &ctx->num);
+        DES_ede3_ofb64_encrypt(in, out, (long)inl,
+                               &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                               (DES_cblock *)ctx->iv, &ctx->num);
         return 1;
 }
 
 static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, unsigned int inl)
 {
-        des_ede3_cbc_encrypt(in, out, (long)inl,
-                        ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
-                                                                (des_cblock *)ctx->iv, ctx->encrypt);
+#ifdef KSSL_DEBUG
+        {
+        int i;
+        char *cp;
+        printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
+        printf("\t iv= ");
+        for(i=0;i<8;i++)
+                printf("%02X",ctx->iv[i]);
+        printf("\n");
+        }
+#endif    /* KSSL_DEBUG */
+        DES_ede3_cbc_encrypt(in, out, (long)inl,
+                             &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                             (DES_cblock *)ctx->iv, ctx->encrypt);
         return 1;
 }
 
 static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                               const unsigned char *in, unsigned int inl)
 {
-        des_ede3_cfb64_encrypt(in, out, (long)inl, 
-                        ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
-                                        (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+        DES_ede3_cfb64_encrypt(in, out, (long)inl, 
+                               &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                               (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
         return 1;
 }
 
-#define NID_des_ede_ecb NID_des_ede
-
-BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8,
+BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
                         0, des_ede_init_key, NULL, 
                         EVP_CIPHER_set_asn1_iv,
                         EVP_CIPHER_get_asn1_iv,
                         NULL)
 
-#define NID_des_ede3_ecb NID_des_ede3
 #define des_ede3_cfb_cipher des_ede_cfb_cipher
 #define des_ede3_ofb_cipher des_ede_ofb_cipher
 #define des_ede3_cbc_cipher des_ede_cbc_cipher
 #define des_ede3_ecb_cipher des_ede_ecb_cipher
 
-BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
+BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
                         0, des_ede3_init_key, NULL, 
                         EVP_CIPHER_set_asn1_iv,
                         EVP_CIPHER_get_asn1_iv,
@@ -131,34 +150,43 @@ BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
 static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv, int enc)
         {
-        des_cblock *deskey = (des_cblock *)key;
+        DES_cblock *deskey = (DES_cblock *)key;
 
-        des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-        des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-        memcpy( (char *)ctx->c.des_ede.ks3,
-                        (char *)ctx->c.des_ede.ks1,
-                        sizeof(ctx->c.des_ede.ks1));
+        DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
+        DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
+        memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
+               sizeof(data(ctx)->ks1));
         return 1;
         }
 
 static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv, int enc)
         {
-        des_cblock *deskey = (des_cblock *)key;
+        DES_cblock *deskey = (DES_cblock *)key;
+#ifdef KSSL_DEBUG
+        {
+        int i;
+        printf("des_ede3_init_key(ctx=%lx)\n", ctx);
+        printf("\tKEY= ");
+        for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n");
+        printf("\t IV= ");
+        for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n");
+        }
+#endif  /* KSSL_DEBUG */
 
-        des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
-        des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
-        des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
+        DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
+        DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
+        DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
 
         return 1;
         }
 
-EVP_CIPHER *EVP_des_ede(void)
+const EVP_CIPHER *EVP_des_ede(void)
 {
         return &des_ede_ecb;
 }
 
-EVP_CIPHER *EVP_des_ede3(void)
+const EVP_CIPHER *EVP_des_ede3(void)
 {
         return &des_ede3_ecb;
 }
diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c
index 8d3c88deb7..ed838d3e62 100644
--- a/src/lib/libcrypto/evp/e_idea.c
+++ b/src/lib/libcrypto/evp/e_idea.c
@@ -56,13 +56,14 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_IDEA
+#ifndef OPENSSL_NO_IDEA
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
+#include <openssl/idea.h>
 
 static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                          const unsigned char *iv,int enc);
@@ -75,17 +76,22 @@ static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                            const unsigned char *in, unsigned int inl)
 {
         BLOCK_CIPHER_ecb_loop()
-                idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks);
+                idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
         return 1;
 }
 
 /* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
 
-BLOCK_CIPHER_func_cbc(idea, idea, idea_ks)
-BLOCK_CIPHER_func_ofb(idea, idea, idea_ks)
-BLOCK_CIPHER_func_cfb(idea, idea, idea_ks)
+typedef struct
+        {
+        IDEA_KEY_SCHEDULE ks;
+        } EVP_IDEA_KEY;
+
+BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
+BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
+BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
 
-BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8,
+BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
                         0, idea_init_key, NULL, 
                         EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
 
@@ -96,13 +102,13 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                 if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
                 else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
         }
-        if (enc) idea_set_encrypt_key(key,&(ctx->c.idea_ks));
+        if (enc) idea_set_encrypt_key(key,ctx->cipher_data);
         else
                 {
                 IDEA_KEY_SCHEDULE tmp;
 
                 idea_set_encrypt_key(key,&tmp);
-                idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
+                idea_set_decrypt_key(&tmp,ctx->cipher_data);
                 memset((unsigned char *)&tmp,0,
                                 sizeof(IDEA_KEY_SCHEDULE));
                 }
diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c
index e0702cf818..2420d7e5af 100644
--- a/src/lib/libcrypto/evp/e_null.c
+++ b/src/lib/libcrypto/evp/e_null.c
@@ -65,7 +65,7 @@ static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         const unsigned char *iv,int enc);
 static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         const unsigned char *in, unsigned int inl);
-static EVP_CIPHER n_cipher=
+static const EVP_CIPHER n_cipher=
         {
         NID_undef,
         1,0,0,
@@ -79,7 +79,7 @@ static EVP_CIPHER n_cipher=
         NULL
         };
 
-EVP_CIPHER *EVP_enc_null(void)
+const EVP_CIPHER *EVP_enc_null(void)
         {
         return(&n_cipher);
         }
@@ -87,7 +87,7 @@ EVP_CIPHER *EVP_enc_null(void)
 static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
              const unsigned char *iv, int enc)
         {
-        memset(&(ctx->c),0,sizeof(ctx->c));
+        /*      memset(&(ctx->c),0,sizeof(ctx->c));*/
         return 1;
         }
 
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
index 3955c3ef84..4685198e2e 100644
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -56,13 +56,14 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_RC2
+#ifndef OPENSSL_NO_RC2
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
+#include <openssl/rc2.h>
 
 static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv,int enc);
@@ -72,9 +73,17 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
 static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
 static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
 
-IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2,
+typedef struct
+        {
+        int key_bits;   /* effective key bits */
+        RC2_KEY ks;     /* key schedule */
+        } EVP_RC2_KEY;
+
+#define data(ctx)       ((EVP_RC2_KEY *)(ctx)->cipher_data)
+
+IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
                         8,
-                        EVP_RC2_KEY_SIZE, 8,
+                        RC2_KEY_LENGTH, 8, 64,
                         EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
                         rc2_init_key, NULL,
                         rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, 
@@ -84,7 +93,7 @@ IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2,
 #define RC2_64_MAGIC    0x78
 #define RC2_128_MAGIC   0x3a
 
-static EVP_CIPHER r2_64_cbc_cipher=
+static const EVP_CIPHER r2_64_cbc_cipher=
         {
         NID_rc2_64_cbc,
         8,8 /* 64 bit */,8,
@@ -92,15 +101,14 @@ static EVP_CIPHER r2_64_cbc_cipher=
         rc2_init_key,
         rc2_cbc_cipher,
         NULL,
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
+        sizeof(EVP_RC2_KEY),
         rc2_set_asn1_type_and_iv,
         rc2_get_asn1_type_and_iv,
         rc2_ctrl,
         NULL
         };
 
-static EVP_CIPHER r2_40_cbc_cipher=
+static const EVP_CIPHER r2_40_cbc_cipher=
         {
         NID_rc2_40_cbc,
         8,5 /* 40 bit */,8,
@@ -108,20 +116,19 @@ static EVP_CIPHER r2_40_cbc_cipher=
         rc2_init_key,
         rc2_cbc_cipher,
         NULL,
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)),
+        sizeof(EVP_RC2_KEY),
         rc2_set_asn1_type_and_iv,
         rc2_get_asn1_type_and_iv,
         rc2_ctrl,
         NULL
         };
 
-EVP_CIPHER *EVP_rc2_64_cbc(void)
+const EVP_CIPHER *EVP_rc2_64_cbc(void)
         {
         return(&r2_64_cbc_cipher);
         }
 
-EVP_CIPHER *EVP_rc2_40_cbc(void)
+const EVP_CIPHER *EVP_rc2_40_cbc(void)
         {
         return(&r2_40_cbc_cipher);
         }
@@ -129,8 +136,8 @@ EVP_CIPHER *EVP_rc2_40_cbc(void)
 static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc)
         {
-        RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx),
-                        key,ctx->c.rc2.key_bits);
+        RC2_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
+                    key,data(ctx)->key_bits);
         return 1;
         }
 
@@ -173,7 +180,7 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
                 key_bits =rc2_magic_to_meth((int)num);
                 if (!key_bits)
                         return(-1);
-                if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1);
+                if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
                 EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
                 EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
                 }
@@ -196,26 +203,26 @@ static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
 
 static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         {
-                switch(type) {
-
-                        case EVP_CTRL_INIT:
-                        c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
-                        return 1;
+        switch(type)
+                {
+        case EVP_CTRL_INIT:
+                data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
+                return 1;
 
-                        case EVP_CTRL_GET_RC2_KEY_BITS:
-                        *(int *)ptr = c->c.rc2.key_bits;
-                        return 1;
+        case EVP_CTRL_GET_RC2_KEY_BITS:
+                *(int *)ptr = data(c)->key_bits;
+                return 1;
                         
-                        
-                        case EVP_CTRL_SET_RC2_KEY_BITS:
-                        if(arg > 0) {
-                                c->c.rc2.key_bits = arg;
-                                return 1;
+        case EVP_CTRL_SET_RC2_KEY_BITS:
+                if(arg > 0)
+                        {
+                        data(c)->key_bits = arg;
+                        return 1;
                         }
-                        return 0;
+                return 0;
 
-                        default:
-                        return -1;
+        default:
+                return -1;
                 }
         }
 
diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c
index 1c1e3b3857..4064cc5fa0 100644
--- a/src/lib/libcrypto/evp/e_rc4.c
+++ b/src/lib/libcrypto/evp/e_rc4.c
@@ -56,18 +56,31 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_RC4
+#ifndef OPENSSL_NO_RC4
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
+#include <openssl/rc4.h>
+
+/* FIXME: surely this is available elsewhere? */
+#define EVP_RC4_KEY_SIZE                16
+
+typedef struct
+    {
+    /* FIXME: what is the key for? */
+    unsigned char key[EVP_RC4_KEY_SIZE];
+    RC4_KEY ks; /* working key */
+    } EVP_RC4_KEY;
+
+#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
 
 static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv,int enc);
 static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                       const unsigned char *in, unsigned int inl);
-static EVP_CIPHER r4_cipher=
+static const EVP_CIPHER r4_cipher=
         {
         NID_rc4,
         1,EVP_RC4_KEY_SIZE,0,
@@ -75,14 +88,13 @@ static EVP_CIPHER r4_cipher=
         rc4_init_key,
         rc4_cipher,
         NULL,
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
+        sizeof(EVP_RC4_KEY),
         NULL,
         NULL,
         NULL
         };
 
-static EVP_CIPHER r4_40_cipher=
+static const EVP_CIPHER r4_40_cipher=
         {
         NID_rc4_40,
         1,5 /* 40 bit */,0,
@@ -90,19 +102,18 @@ static EVP_CIPHER r4_40_cipher=
         rc4_init_key,
         rc4_cipher,
         NULL,
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
+        sizeof(EVP_RC4_KEY),
         NULL, 
         NULL,
         NULL
         };
 
-EVP_CIPHER *EVP_rc4(void)
+const EVP_CIPHER *EVP_rc4(void)
         {
         return(&r4_cipher);
         }
 
-EVP_CIPHER *EVP_rc4_40(void)
+const EVP_CIPHER *EVP_rc4_40(void)
         {
         return(&r4_40_cipher);
         }
@@ -110,16 +121,16 @@ EVP_CIPHER *EVP_rc4_40(void)
 static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc)
         {
-        memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
-        RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
-                ctx->c.rc4.key);
+        memcpy(&data(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx));
+        RC4_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
+                data(ctx)->key);
         return 1;
         }
 
 static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                       const unsigned char *in, unsigned int inl)
         {
-        RC4(&(ctx->c.rc4.ks),inl,in,out);
+        RC4(&data(ctx)->ks,inl,in,out);
         return 1;
         }
 #endif
diff --git a/src/lib/libcrypto/evp/e_rc5.c b/src/lib/libcrypto/evp/e_rc5.c
index 5885f1826b..3c7713b181 100644
--- a/src/lib/libcrypto/evp/e_rc5.c
+++ b/src/lib/libcrypto/evp/e_rc5.c
@@ -56,62 +56,69 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_RC5
+#ifndef OPENSSL_NO_RC5
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
+#include <openssl/rc5.h>
 
 static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv,int enc);
 static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
 
-IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, rc5.ks, RC5_32, rc5, NID_rc5,
-                        8, EVP_RC5_32_12_16_KEY_SIZE, 8, 
-                        EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-                        r_32_12_16_init_key, NULL,
-                        NULL, NULL, rc5_ctrl)
+typedef struct
+        {
+        int rounds;     /* number of rounds */
+        RC5_32_KEY ks;  /* key schedule */
+        } EVP_RC5_KEY;
 
+#define data(ctx)       EVP_C_DATA(EVP_RC5_KEY,ctx)
 
+IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, ks, RC5_32, EVP_RC5_KEY, NID_rc5,
+                       8, RC5_32_KEY_LENGTH, 8, 64,
+                       EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
+                       r_32_12_16_init_key, NULL,
+                       NULL, NULL, rc5_ctrl)
 
 static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         {
-                switch(type) {
-
-                        case EVP_CTRL_INIT:
-                        c->c.rc5.rounds = RC5_12_ROUNDS;
-                        return 1;
+        switch(type)
+                {
+        case EVP_CTRL_INIT:
+                data(c)->rounds = RC5_12_ROUNDS;
+                return 1;
 
-                        case EVP_CTRL_GET_RC5_ROUNDS:
-                        *(int *)ptr = c->c.rc5.rounds;
-                        return 1;
-                        
+        case EVP_CTRL_GET_RC5_ROUNDS:
+                *(int *)ptr = data(c)->rounds;
+                return 1;
                         
-                        case EVP_CTRL_SET_RC5_ROUNDS:
-                        switch(arg) {
-                                case RC5_8_ROUNDS:
-                                case RC5_12_ROUNDS:
-                                case RC5_16_ROUNDS:
-                                c->c.rc5.rounds = arg;
-                                return 1;
+        case EVP_CTRL_SET_RC5_ROUNDS:
+                switch(arg)
+                        {
+                case RC5_8_ROUNDS:
+                case RC5_12_ROUNDS:
+                case RC5_16_ROUNDS:
+                        data(c)->rounds = arg;
+                        return 1;
 
-                                default:
-                                EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
-                                return 0;
+                default:
+                        EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
+                        return 0;
                         }
 
-                        default:
-                        return -1;
+        default:
+                return -1;
                 }
         }
 
 static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
         {
-        RC5_32_set_key(&(ctx->c.rc5.ks),EVP_CIPHER_CTX_key_length(ctx),
-                        key,ctx->c.rc5.rounds);
+        RC5_32_set_key(&data(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
+                       key,data(ctx)->rounds);
         return 1;
         }
 
diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c
index e5b15acc7d..a6f849e93d 100644
--- a/src/lib/libcrypto/evp/e_xcbc_d.c
+++ b/src/lib/libcrypto/evp/e_xcbc_d.c
@@ -56,17 +56,29 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
+#include <openssl/des.h>
 
 static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv,int enc);
 static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                            const unsigned char *in, unsigned int inl);
-static EVP_CIPHER d_xcbc_cipher=
+
+
+typedef struct
+    {
+    DES_key_schedule ks;/* key schedule */
+    DES_cblock inw;
+    DES_cblock outw;
+    } DESX_CBC_KEY;
+
+#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
+
+static const EVP_CIPHER d_xcbc_cipher=
         {
         NID_desx_cbc,
         8,24,8,
@@ -74,14 +86,13 @@ static EVP_CIPHER d_xcbc_cipher=
         desx_cbc_init_key,
         desx_cbc_cipher,
         NULL,
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
+        sizeof(DESX_CBC_KEY),
         EVP_CIPHER_set_asn1_iv,
         EVP_CIPHER_get_asn1_iv,
         NULL
         };
 
-EVP_CIPHER *EVP_desx_cbc(void)
+const EVP_CIPHER *EVP_desx_cbc(void)
         {
         return(&d_xcbc_cipher);
         }
@@ -89,11 +100,11 @@ EVP_CIPHER *EVP_desx_cbc(void)
 static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv, int enc)
         {
-        des_cblock *deskey = (des_cblock *)key;
+        DES_cblock *deskey = (DES_cblock *)key;
 
-        des_set_key_unchecked(deskey,ctx->c.desx_cbc.ks);
-        memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
-        memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
+        DES_set_key_unchecked(deskey,&data(ctx)->ks);
+        memcpy(&data(ctx)->inw[0],&key[8],8);
+        memcpy(&data(ctx)->outw[0],&key[16],8);
 
         return 1;
         }
@@ -101,11 +112,11 @@ static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                            const unsigned char *in, unsigned int inl)
         {
-        des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks,
-                (des_cblock *)&(ctx->iv[0]),
-                &ctx->c.desx_cbc.inw,
-                &ctx->c.desx_cbc.outw,
-                ctx->encrypt);
+        DES_xcbc_encrypt(in,out,inl,&data(ctx)->ks,
+                         (DES_cblock *)&(ctx->iv[0]),
+                         &data(ctx)->inw,
+                         &data(ctx)->outw,
+                         ctx->encrypt);
         return 1;
         }
 #endif
diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c
index 6ff9c1783c..12c6379df1 100644
--- a/src/lib/libcrypto/evp/encode.c
+++ b/src/lib/libcrypto/evp/encode.c
@@ -277,6 +277,13 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
                         eof++;
                         }
 
+                if (v == B64_CR)
+                        {
+                        ln = 0;
+                        if (exp_nl)
+                                continue;
+                        }
+
                 /* eoln */
                 if (v == B64_EOLN)
                         {
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index fd43127092..915fe62341 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -67,74 +67,30 @@
 # undef OPENSSL_ALGORITHM_DEFINES
 #endif
 
-#ifndef NO_BIO
+#include <openssl/ossl_typ.h>
+
+#include <openssl/symhacks.h>
+
+#ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#ifndef NO_MD2
-#include <openssl/md2.h>
-#endif
-#ifndef NO_MD4
-#include <openssl/md4.h>
-#endif
-#ifndef NO_MD5
-#include <openssl/md5.h>
-#endif
-#ifndef NO_SHA
-#include <openssl/sha.h>
-#endif
-#ifndef NO_RIPEMD
-#include <openssl/ripemd.h>
-#endif
-#ifndef NO_DES
-#include <openssl/des.h>
-#endif
-#ifndef NO_RC4
-#include <openssl/rc4.h>
-#endif
-#ifndef NO_RC2
-#include <openssl/rc2.h>
-#endif
-#ifndef NO_RC5
-#include <openssl/rc5.h>
-#endif
-#ifndef NO_BF
-#include <openssl/blowfish.h>
-#endif
-#ifndef NO_CAST
-#include <openssl/cast.h>
-#endif
-#ifndef NO_IDEA
-#include <openssl/idea.h>
-#endif
-#ifndef NO_MDC2
-#include <openssl/mdc2.h>
-#endif
 
+/*
 #define EVP_RC2_KEY_SIZE                16
 #define EVP_RC4_KEY_SIZE                16
 #define EVP_BLOWFISH_KEY_SIZE           16
 #define EVP_CAST5_KEY_SIZE              16
 #define EVP_RC5_32_12_16_KEY_SIZE       16
+*/
 #define EVP_MAX_MD_SIZE                 (16+20) /* The SSLv3 md5+sha1 type */
-#define EVP_MAX_KEY_LENGTH              24
-#define EVP_MAX_IV_LENGTH               8
+#define EVP_MAX_KEY_LENGTH              32
+#define EVP_MAX_IV_LENGTH               16
+#define EVP_MAX_BLOCK_LENGTH            32
 
 #define PKCS5_SALT_LEN                  8
 /* Default PKCS#5 iteration count */
 #define PKCS5_DEFAULT_ITER              2048
 
-#ifndef NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef NO_DH
-#include <openssl/dh.h>
-#endif
-
 #include <openssl/objects.h>
 
 #define EVP_PK_RSA      0x0001
@@ -164,26 +120,26 @@ extern "C" {
 /* Type needs to be a bit field
  * Sub-type needs to be for variations on the method, as in, can it do
  * arbitrary encryption.... */
-typedef struct evp_pkey_st
+struct evp_pkey_st
         {
         int type;
         int save_type;
         int references;
         union   {
                 char *ptr;
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
                 struct rsa_st *rsa;     /* RSA */
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                 struct dsa_st *dsa;     /* DSA */
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
                 struct dh_st *dh;       /* DH */
 #endif
                 } pkey;
         int save_parameters;
         STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-        } EVP_PKEY;
+        } /* EVP_PKEY */;
 
 #define EVP_PKEY_MO_SIGN        0x0001
 #define EVP_PKEY_MO_VERIFY      0x0002
@@ -258,27 +214,32 @@ typedef struct evp_pkey_method_st
 #endif
 
 #ifndef EVP_MD
-typedef struct env_md_st
+struct env_md_st
         {
         int type;
         int pkey_type;
         int md_size;
-        void (*init)();
-        void (*update)();
-        void (*final)();
-
+        unsigned long flags;
+        int (*init)(EVP_MD_CTX *ctx);
+        int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count);
+        int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
+        int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
+        int (*cleanup)(EVP_MD_CTX *ctx);
+
+        /* FIXME: prototype these some day */
         int (*sign)();
         int (*verify)();
         int required_pkey_type[5]; /*EVP_PKEY_xxx */
         int block_size;
-        int ctx_size; /* how big does the ctx need to be */
-        } EVP_MD;
-
+        int ctx_size; /* how big does the ctx->md_data need to be */
+        } /* EVP_MD */;
 
+#define EVP_MD_FLAG_ONESHOT     0x0001 /* digest can only handle a single
+                                        * block */
 
 #define EVP_PKEY_NULL_method    NULL,NULL,{0,0,0,0}
 
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 #define EVP_PKEY_DSA_method     DSA_sign,DSA_verify, \
                                 {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
                                         EVP_PKEY_DSA4,0}
@@ -286,7 +247,7 @@ typedef struct env_md_st
 #define EVP_PKEY_DSA_method     EVP_PKEY_NULL_method
 #endif
 
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #define EVP_PKEY_RSA_method     RSA_sign,RSA_verify, \
                                 {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
 #define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
@@ -300,34 +261,20 @@ typedef struct env_md_st
 
 #endif /* !EVP_MD */
 
-typedef struct env_md_ctx_st
+struct env_md_ctx_st
         {
         const EVP_MD *digest;
-        union   {
-                unsigned char base[4];
-#ifndef NO_MD2
-                MD2_CTX md2;
-#endif
-#ifndef NO_MD5
-                MD5_CTX md5;
-#endif
-#ifndef NO_MD4
-                MD4_CTX md4;
-#endif
-#ifndef NO_RIPEMD
-                RIPEMD160_CTX ripemd160;
-#endif
-#ifndef NO_SHA
-                SHA_CTX sha;
-#endif
-#ifndef NO_MDC2
-                MDC2_CTX mdc2;
-#endif
-                } md;
-        } EVP_MD_CTX;
+        ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
+        unsigned long flags;
+        void *md_data;
+        } /* EVP_MD_CTX */;
+
+/* values for EVP_MD_CTX flags */
 
-typedef struct evp_cipher_st EVP_CIPHER;
-typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
+#define EVP_MD_CTX_FLAG_ONESHOT         0x0001 /* digest update will be called
+                                                * once only */
+#define EVP_MD_CTX_FLAG_CLEANED         0x0002 /* context has already been
+                                                * cleaned */
 
 struct evp_cipher_st
         {
@@ -341,12 +288,12 @@ struct evp_cipher_st
         int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
                          const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
         int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
-        int ctx_size;           /* how big the ctx needs to be */
+        int ctx_size;           /* how big ctx->cipher_data needs to be */
         int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
         int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
         int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
         void *app_data;         /* Application data */
-        };
+        } /* EVP_CIPHER */;
 
 /* Values for cipher flags */
 
@@ -368,6 +315,8 @@ struct evp_cipher_st
 #define         EVP_CIPH_CTRL_INIT              0x40
 /* Don't use standard key length function */
 #define         EVP_CIPH_CUSTOM_KEY_LENGTH      0x80
+/* Don't use standard block padding */
+#define         EVP_CIPH_NO_PADDING             0x100
 
 /* ctrl() values */
 
@@ -387,62 +336,23 @@ typedef struct evp_cipher_info_st
 struct evp_cipher_ctx_st
         {
         const EVP_CIPHER *cipher;
+        ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
         int encrypt;            /* encrypt or decrypt */
         int buf_len;            /* number we have left */
 
         unsigned char  oiv[EVP_MAX_IV_LENGTH];  /* original iv */
         unsigned char  iv[EVP_MAX_IV_LENGTH];   /* working iv */
-        unsigned char buf[EVP_MAX_IV_LENGTH];   /* saved partial block */
+        unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
         int num;                                /* used by cfb/ofb mode */
 
         void *app_data;         /* application stuff */
         int key_len;            /* May change for variable length cipher */
-        union   {
-#ifndef NO_RC4
-                struct
-                        {
-                        unsigned char key[EVP_RC4_KEY_SIZE];
-                        RC4_KEY ks;     /* working key */
-                        } rc4;
-#endif
-#ifndef NO_DES
-                des_key_schedule des_ks;/* key schedule */
-                struct
-                        {
-                        des_key_schedule ks;/* key schedule */
-                        des_cblock inw;
-                        des_cblock outw;
-                        } desx_cbc;
-                struct
-                        {
-                        des_key_schedule ks1;/* key schedule */
-                        des_key_schedule ks2;/* key schedule (for ede) */
-                        des_key_schedule ks3;/* key schedule (for ede3) */
-                        } des_ede;
-#endif
-#ifndef NO_IDEA
-                IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
-#endif
-#ifndef NO_RC2
-                struct {
-                        int key_bits;   /* effective key bits */
-                        RC2_KEY ks;/* key schedule */
-                } rc2;
-#endif
-#ifndef NO_RC5
-                struct {
-                        int rounds;     /* number of rounds */
-                        RC5_32_KEY ks;/* key schedule */
-                } rc5;
-#endif
-#ifndef NO_BF
-                BF_KEY bf_ks;/* key schedule */
-#endif
-#ifndef NO_CAST
-                CAST_KEY cast_ks;/* key schedule */
-#endif
-                } c;
-        };
+        unsigned long flags;    /* Various flags */
+        void *cipher_data; /* per EVP data */
+        int final_used;
+        int block_mask;
+        unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
+        } /* EVP_CIPHER_CTX */;
 
 typedef struct evp_Encode_Ctx_st
         {
@@ -459,20 +369,20 @@ typedef struct evp_Encode_Ctx_st
 
 /* Password based encryption function */
 typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                ASN1_TYPE *param, EVP_CIPHER *cipher,
-                EVP_MD *md, int en_de);
+                ASN1_TYPE *param, const EVP_CIPHER *cipher,
+                const EVP_MD *md, int en_de);
 
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
                                         (char *)(rsa))
 #endif
 
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 #define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
                                         (char *)(dsa))
 #endif
 
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
 #define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
                                         (char *)(dh))
 #endif
@@ -484,6 +394,8 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
 
 #define EVP_MD_type(e)                  ((e)->type)
+#define EVP_MD_nid(e)                   EVP_MD_type(e)
+#define EVP_MD_name(e)                  OBJ_nid2sn(EVP_MD_nid(e))
 #define EVP_MD_pkey_type(e)             ((e)->pkey_type)
 #define EVP_MD_size(e)                  ((e)->md_size)
 #define EVP_MD_block_size(e)            ((e)->block_size)
@@ -494,11 +406,12 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define EVP_MD_CTX_type(e)              EVP_MD_type((e)->digest)
 
 #define EVP_CIPHER_nid(e)               ((e)->nid)
+#define EVP_CIPHER_name(e)              OBJ_nid2sn(EVP_CIPHER_nid(e))
 #define EVP_CIPHER_block_size(e)        ((e)->block_size)
 #define EVP_CIPHER_key_length(e)        ((e)->key_len)
 #define EVP_CIPHER_iv_length(e)         ((e)->iv_len)
 #define EVP_CIPHER_flags(e)             ((e)->flags)
-#define EVP_CIPHER_mode(e)              ((e)->flags) & EVP_CIPH_MODE)
+#define EVP_CIPHER_mode(e)              (((e)->flags) & EVP_CIPH_MODE)
 
 #define EVP_CIPHER_CTX_cipher(e)        ((e)->cipher)
 #define EVP_CIPHER_CTX_nid(e)           ((e)->cipher->nid)
@@ -514,8 +427,10 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define EVP_ENCODE_LENGTH(l)    (((l+2)/3*4)+(l/48+1)*2+80)
 #define EVP_DECODE_LENGTH(l)    ((l+3)/4*3+80)
 
+#define EVP_SignInit_ex(a,b,c)          EVP_DigestInit_ex(a,b,c)
 #define EVP_SignInit(a,b)               EVP_DigestInit(a,b)
 #define EVP_SignUpdate(a,b,c)           EVP_DigestUpdate(a,b,c)
+#define EVP_VerifyInit_ex(a,b,c)        EVP_DigestInit_ex(a,b,c)
 #define EVP_VerifyInit(a,b)             EVP_DigestInit(a,b)
 #define EVP_VerifyUpdate(a,b,c)         EVP_DigestUpdate(a,b,c)
 #define EVP_OpenUpdate(a,b,c,d,e)       EVP_DecryptUpdate(a,b,c,d,e)
@@ -542,38 +457,61 @@ void BIO_set_md(BIO *,const EVP_MD *md);
 #define EVP_delete_digest_alias(alias) \
         OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
 
-
-int     EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);  
-void    EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-void    EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
+void    EVP_MD_CTX_init(EVP_MD_CTX *ctx);
+int     EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
+EVP_MD_CTX *EVP_MD_CTX_create(void);
+void    EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
+int     EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+#define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
+#define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
+#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
+int     EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+int     EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
                          unsigned int cnt);
-void    EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+int     EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+int     EVP_Digest(void *data, unsigned int count,
+                unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
+
+int     EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);  
+int     EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+int     EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
 
 int     EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
 void    EVP_set_pw_prompt(char *prompt);
 char *  EVP_get_pw_prompt(void);
 
-int     EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
-                const unsigned char *salt, const unsigned char *data, int datal,
-                int count, unsigned char *key, unsigned char *iv);
+int     EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
+                const unsigned char *salt, const unsigned char *data,
+                int datal, int count, unsigned char *key,unsigned char *iv);
 
-int     EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
-                unsigned char *key, unsigned char *iv);
+int     EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
+                const unsigned char *key, const unsigned char *iv);
+int     EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+                const unsigned char *key, const unsigned char *iv);
 int     EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                int *outl, unsigned char *in, int inl);
+                int *outl, const unsigned char *in, int inl);
+int     EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 int     EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 
-int     EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
-                unsigned char *key, unsigned char *iv);
+int     EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
+                const unsigned char *key, const unsigned char *iv);
+int     EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+                const unsigned char *key, const unsigned char *iv);
 int     EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                int *outl, unsigned char *in, int inl);
+                int *outl, const unsigned char *in, int inl);
 int     EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int     EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
-                       unsigned char *key,unsigned char *iv,int enc);
+int     EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+int     EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
+                       const unsigned char *key,const unsigned char *iv,
+                       int enc);
+int     EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+                       const unsigned char *key,const unsigned char *iv,
+                       int enc);
 int     EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                int *outl, unsigned char *in, int inl);
+                int *outl, const unsigned char *in, int inl);
 int     EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+int     EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
 
 int     EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
                 EVP_PKEY *pkey);
@@ -581,11 +519,11 @@ int	EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
 int     EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
                 unsigned int siglen,EVP_PKEY *pkey);
 
-int     EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+int     EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,unsigned char *ek,
                 int ekl,unsigned char *iv,EVP_PKEY *priv);
 int     EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 
-int     EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+int     EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
                 int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
 void    EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
 
@@ -602,14 +540,13 @@ int	EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
                 char *out, int *outl);
 int     EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
 
-void    ERR_load_EVP_strings(void );
-
 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
 int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
 int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
 int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
 
-#ifndef NO_BIO
+#ifndef OPENSSL_NO_BIO
 BIO_METHOD *BIO_f_md(void);
 BIO_METHOD *BIO_f_base64(void);
 BIO_METHOD *BIO_f_cipher(void);
@@ -618,89 +555,117 @@ void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
         unsigned char *i, int enc);
 #endif
 
-EVP_MD *EVP_md_null(void);
-#ifndef NO_MD2
-EVP_MD *EVP_md2(void);
-#endif
-#ifndef NO_MD4
-EVP_MD *EVP_md4(void);
-#endif
-#ifndef NO_MD5
-EVP_MD *EVP_md5(void);
-#endif
-#ifndef NO_SHA
-EVP_MD *EVP_sha(void);
-EVP_MD *EVP_sha1(void);
-EVP_MD *EVP_dss(void);
-EVP_MD *EVP_dss1(void);
-#endif
-#ifndef NO_MDC2
-EVP_MD *EVP_mdc2(void);
-#endif
-#ifndef NO_RIPEMD
-EVP_MD *EVP_ripemd160(void);
-#endif
-EVP_CIPHER *EVP_enc_null(void);         /* does nothing :-) */
-#ifndef NO_DES
-EVP_CIPHER *EVP_des_ecb(void);
-EVP_CIPHER *EVP_des_ede(void);
-EVP_CIPHER *EVP_des_ede3(void);
-EVP_CIPHER *EVP_des_cfb(void);
-EVP_CIPHER *EVP_des_ede_cfb(void);
-EVP_CIPHER *EVP_des_ede3_cfb(void);
-EVP_CIPHER *EVP_des_ofb(void);
-EVP_CIPHER *EVP_des_ede_ofb(void);
-EVP_CIPHER *EVP_des_ede3_ofb(void);
-EVP_CIPHER *EVP_des_cbc(void);
-EVP_CIPHER *EVP_des_ede_cbc(void);
-EVP_CIPHER *EVP_des_ede3_cbc(void);
-EVP_CIPHER *EVP_desx_cbc(void);
-#endif
-#ifndef NO_RC4
-EVP_CIPHER *EVP_rc4(void);
-EVP_CIPHER *EVP_rc4_40(void);
-#endif
-#ifndef NO_IDEA
-EVP_CIPHER *EVP_idea_ecb(void);
-EVP_CIPHER *EVP_idea_cfb(void);
-EVP_CIPHER *EVP_idea_ofb(void);
-EVP_CIPHER *EVP_idea_cbc(void);
-#endif
-#ifndef NO_RC2
-EVP_CIPHER *EVP_rc2_ecb(void);
-EVP_CIPHER *EVP_rc2_cbc(void);
-EVP_CIPHER *EVP_rc2_40_cbc(void);
-EVP_CIPHER *EVP_rc2_64_cbc(void);
-EVP_CIPHER *EVP_rc2_cfb(void);
-EVP_CIPHER *EVP_rc2_ofb(void);
-#endif
-#ifndef NO_BF
-EVP_CIPHER *EVP_bf_ecb(void);
-EVP_CIPHER *EVP_bf_cbc(void);
-EVP_CIPHER *EVP_bf_cfb(void);
-EVP_CIPHER *EVP_bf_ofb(void);
-#endif
-#ifndef NO_CAST
-EVP_CIPHER *EVP_cast5_ecb(void);
-EVP_CIPHER *EVP_cast5_cbc(void);
-EVP_CIPHER *EVP_cast5_cfb(void);
-EVP_CIPHER *EVP_cast5_ofb(void);
-#endif
-#ifndef NO_RC5
-EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
-EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
-EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
-EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
-#endif
-void OpenSSL_add_all_algorithms(void);
+const EVP_MD *EVP_md_null(void);
+#ifndef OPENSSL_NO_MD2
+const EVP_MD *EVP_md2(void);
+#endif
+#ifndef OPENSSL_NO_MD4
+const EVP_MD *EVP_md4(void);
+#endif
+#ifndef OPENSSL_NO_MD5
+const EVP_MD *EVP_md5(void);
+#endif
+#ifndef OPENSSL_NO_SHA
+const EVP_MD *EVP_sha(void);
+const EVP_MD *EVP_sha1(void);
+const EVP_MD *EVP_dss(void);
+const EVP_MD *EVP_dss1(void);
+#endif
+#ifndef OPENSSL_NO_MDC2
+const EVP_MD *EVP_mdc2(void);
+#endif
+#ifndef OPENSSL_NO_RIPEMD
+const EVP_MD *EVP_ripemd160(void);
+#endif
+const EVP_CIPHER *EVP_enc_null(void);           /* does nothing :-) */
+#ifndef OPENSSL_NO_DES
+const EVP_CIPHER *EVP_des_ecb(void);
+const EVP_CIPHER *EVP_des_ede(void);
+const EVP_CIPHER *EVP_des_ede3(void);
+const EVP_CIPHER *EVP_des_cfb(void);
+const EVP_CIPHER *EVP_des_ede_cfb(void);
+const EVP_CIPHER *EVP_des_ede3_cfb(void);
+const EVP_CIPHER *EVP_des_ofb(void);
+const EVP_CIPHER *EVP_des_ede_ofb(void);
+const EVP_CIPHER *EVP_des_ede3_ofb(void);
+const EVP_CIPHER *EVP_des_cbc(void);
+const EVP_CIPHER *EVP_des_ede_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_cbc(void);
+const EVP_CIPHER *EVP_desx_cbc(void);
+/* This should now be supported through the dev_crypto ENGINE. But also, why are
+ * rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */
+#if 0
+# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
+const EVP_CIPHER *EVP_dev_crypto_rc4(void);
+const EVP_MD *EVP_dev_crypto_md5(void);
+# endif
+#endif
+#endif
+#ifndef OPENSSL_NO_RC4
+const EVP_CIPHER *EVP_rc4(void);
+const EVP_CIPHER *EVP_rc4_40(void);
+#endif
+#ifndef OPENSSL_NO_IDEA
+const EVP_CIPHER *EVP_idea_ecb(void);
+const EVP_CIPHER *EVP_idea_cfb(void);
+const EVP_CIPHER *EVP_idea_ofb(void);
+const EVP_CIPHER *EVP_idea_cbc(void);
+#endif
+#ifndef OPENSSL_NO_RC2
+const EVP_CIPHER *EVP_rc2_ecb(void);
+const EVP_CIPHER *EVP_rc2_cbc(void);
+const EVP_CIPHER *EVP_rc2_40_cbc(void);
+const EVP_CIPHER *EVP_rc2_64_cbc(void);
+const EVP_CIPHER *EVP_rc2_cfb(void);
+const EVP_CIPHER *EVP_rc2_ofb(void);
+#endif
+#ifndef OPENSSL_NO_BF
+const EVP_CIPHER *EVP_bf_ecb(void);
+const EVP_CIPHER *EVP_bf_cbc(void);
+const EVP_CIPHER *EVP_bf_cfb(void);
+const EVP_CIPHER *EVP_bf_ofb(void);
+#endif
+#ifndef OPENSSL_NO_CAST
+const EVP_CIPHER *EVP_cast5_ecb(void);
+const EVP_CIPHER *EVP_cast5_cbc(void);
+const EVP_CIPHER *EVP_cast5_cfb(void);
+const EVP_CIPHER *EVP_cast5_ofb(void);
+#endif
+#ifndef OPENSSL_NO_RC5
+const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
+#endif
+#ifndef OPENSSL_NO_AES
+const EVP_CIPHER *EVP_aes_128_ecb(void);
+const EVP_CIPHER *EVP_aes_128_cbc(void);
+const EVP_CIPHER *EVP_aes_192_ecb(void);
+const EVP_CIPHER *EVP_aes_192_cbc(void);
+const EVP_CIPHER *EVP_aes_256_ecb(void);
+const EVP_CIPHER *EVP_aes_256_cbc(void);
+#endif
+
+void OPENSSL_add_all_algorithms_noconf(void);
+void OPENSSL_add_all_algorithms_conf(void);
+
+#ifdef OPENSSL_LOAD_CONF
+#define OpenSSL_add_all_algorithms() \
+                OPENSSL_add_all_algorithms_conf()
+#else
+#define OpenSSL_add_all_algorithms() \
+                OPENSSL_add_all_algorithms_noconf()
+#endif
+
 void OpenSSL_add_all_ciphers(void);
 void OpenSSL_add_all_digests(void);
 #define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
 #define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
 #define SSLeay_add_all_digests() OpenSSL_add_all_digests()
 
-int EVP_add_cipher(EVP_CIPHER *cipher);
-int EVP_add_digest(EVP_MD *digest);
+int EVP_add_cipher(const EVP_CIPHER *cipher);
+int EVP_add_digest(const EVP_MD *digest);
 
 const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
 const EVP_MD *EVP_get_digestbyname(const char *name);
@@ -714,18 +679,24 @@ int		EVP_PKEY_type(int type);
 int             EVP_PKEY_bits(EVP_PKEY *pkey);
 int             EVP_PKEY_size(EVP_PKEY *pkey);
 int             EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
-#ifndef NO_RSA
-int             EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
-RSA *           EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+
+#ifndef OPENSSL_NO_RSA
+struct rsa_st;
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,struct rsa_st *key);
+struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
 #endif
-#ifndef NO_DSA
-int             EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
-DSA *           EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+#ifndef OPENSSL_NO_DSA
+struct dsa_st;
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,struct dsa_st *key);
+struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
 #endif
-#ifndef NO_DH
-int             EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
-DH *            EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+#ifndef OPENSSL_NO_DH
+struct dh_st;
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key);
+struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
 #endif
+
+
 EVP_PKEY *      EVP_PKEY_new(void);
 void            EVP_PKEY_free(EVP_PKEY *pkey);
 EVP_PKEY *      d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
@@ -755,20 +726,20 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
 
 /* PKCS5 password based encryption */
 int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                         ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
+                         ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
                          int en_de);
 int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
                            unsigned char *salt, int saltlen, int iter,
                            int keylen, unsigned char *out);
 int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                         ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
+                         ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
                          int en_de);
 
 void PKCS5_PBE_add(void);
 
 int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
              ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-int EVP_PBE_alg_add(int nid, EVP_CIPHER *cipher, EVP_MD *md,
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
                     EVP_PBE_KEYGEN *keygen);
 void EVP_PBE_cleanup(void);
 
@@ -776,6 +747,7 @@ void EVP_PBE_cleanup(void);
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+void ERR_load_EVP_strings(void);
 
 /* Error codes for the EVP functions. */
 
@@ -785,6 +757,8 @@ void EVP_PBE_cleanup(void);
 #define EVP_F_EVP_CIPHER_CTX_CTRL                        124
 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
 #define EVP_F_EVP_DECRYPTFINAL                           101
+#define EVP_F_EVP_DIGESTINIT                             128
+#define EVP_F_EVP_ENCRYPTFINAL                           127
 #define EVP_F_EVP_MD_CTX_COPY                            110
 #define EVP_F_EVP_OPENINIT                               102
 #define EVP_F_EVP_PBE_ALG_ADD                            115
@@ -799,6 +773,7 @@ void EVP_PBE_cleanup(void);
 #define EVP_F_EVP_PKEY_GET1_DSA                          120
 #define EVP_F_EVP_PKEY_GET1_RSA                          121
 #define EVP_F_EVP_PKEY_NEW                               106
+#define EVP_F_EVP_RIJNDAEL                               126
 #define EVP_F_EVP_SIGNFINAL                              107
 #define EVP_F_EVP_VERIFYFINAL                            108
 #define EVP_F_PKCS5_PBE_KEYIVGEN                         117
@@ -807,12 +782,15 @@ void EVP_PBE_cleanup(void);
 #define EVP_F_RC5_CTRL                                   125
 
 /* Reason codes. */
+#define EVP_R_BAD_BLOCK_LENGTH                           136
 #define EVP_R_BAD_DECRYPT                                100
+#define EVP_R_BAD_KEY_LENGTH                             137
 #define EVP_R_BN_DECODE_ERROR                            112
 #define EVP_R_BN_PUBKEY_ERROR                            113
 #define EVP_R_CIPHER_PARAMETER_ERROR                     122
 #define EVP_R_CTRL_NOT_IMPLEMENTED                       132
 #define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED             133
+#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH          138
 #define EVP_R_DECODE_ERROR                               114
 #define EVP_R_DIFFERENT_KEY_TYPES                        101
 #define EVP_R_ENCODE_ERROR                               115
@@ -827,6 +805,7 @@ void EVP_PBE_cleanup(void);
 #define EVP_R_KEYGEN_FAILURE                             120
 #define EVP_R_MISSING_PARAMETERS                         103
 #define EVP_R_NO_CIPHER_SET                              131
+#define EVP_R_NO_DIGEST_SET                              139
 #define EVP_R_NO_DSA_PARAMETERS                          116
 #define EVP_R_NO_SIGN_FUNCTION_CONFIGURED                104
 #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED              105
@@ -848,4 +827,3 @@ void EVP_PBE_cleanup(void);
 }
 #endif
 #endif
-
diff --git a/src/lib/libcrypto/evp/evp_acnf.c b/src/lib/libcrypto/evp/evp_acnf.c
new file mode 100644
index 0000000000..a68b979bdb
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_acnf.c
@@ -0,0 +1,74 @@
+/* evp_acnf.c */
+/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/conf.h>
+#include <openssl/engine.h>
+
+
+/* Load all algorithms and configure OpenSSL.
+ * This function is called automatically when
+ * OPENSSL_LOAD_CONF is set.
+ */
+
+void OPENSSL_add_all_algorithms_conf(void)
+        {
+        OPENSSL_add_all_algorithms_noconf();
+        OPENSSL_config(NULL);
+        }
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index e2687f9879..d28a7d266e 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -60,8 +60,11 @@
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/err.h>
+#include <openssl/engine.h>
 #include "evp_locl.h"
 
+#include <assert.h>
+
 const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
 
 void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
@@ -70,23 +73,97 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
         /* ctx->cipher=NULL; */
         }
 
+
 int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-             unsigned char *key, unsigned char *iv, int enc)
+             const unsigned char *key, const unsigned char *iv, int enc)
         {
-        if(enc && (enc != -1)) enc = 1;
-        if (cipher) {
+        if (cipher)
+                EVP_CIPHER_CTX_init(ctx);
+        return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
+        }
+
+int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
+             const unsigned char *key, const unsigned char *iv, int enc)
+        {
+        if (enc == -1)
+                enc = ctx->encrypt;
+        else
+                {
+                if (enc)
+                        enc = 1;
+                ctx->encrypt = enc;
+                }
+        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
+         * so this context may already have an ENGINE! Try to avoid releasing
+         * the previous handle, re-querying for an ENGINE, and having a
+         * reinitialisation, when it may all be unecessary. */
+        if (ctx->engine && ctx->cipher && (!cipher ||
+                        (cipher && (cipher->nid == ctx->cipher->nid))))
+                goto skip_to_init;
+        if (cipher)
+                {
+                /* Ensure an ENGINE left lying around from last time is cleared
+                 * (the previous check attempted to avoid this if the same
+                 * ENGINE and EVP_CIPHER could be used). */
+                if(ctx->engine)
+                        ENGINE_finish(ctx->engine);
+                if(impl)
+                        {
+                        if (!ENGINE_init(impl))
+                                {
+                                EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
+                                return 0;
+                                }
+                        }
+                else
+                        /* Ask if an ENGINE is reserved for this job */
+                        impl = ENGINE_get_cipher_engine(cipher->nid);
+                if(impl)
+                        {
+                        /* There's an ENGINE for this job ... (apparently) */
+                        const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
+                        if(!c)
+                                {
+                                /* One positive side-effect of US's export
+                                 * control history, is that we should at least
+                                 * be able to avoid using US mispellings of
+                                 * "initialisation"? */
+                                EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
+                                return 0;
+                                }
+                        /* We'll use the ENGINE's private cipher definition */
+                        cipher = c;
+                        /* Store the ENGINE functional reference so we know
+                         * 'cipher' came from an ENGINE and we need to release
+                         * it when done. */
+                        ctx->engine = impl;
+                        }
+                else
+                        ctx->engine = NULL;
                 ctx->cipher=cipher;
+                ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
                 ctx->key_len = cipher->key_len;
-                if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
-                        if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
+                ctx->flags = 0;
+                if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
+                        {
+                        if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
+                                {
                                 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR);
                                 return 0;
+                                }
                         }
                 }
-        } else if(!ctx->cipher) {
+        else if(!ctx->cipher)
+                {
                 EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
                 return 0;
-        }
+                }
+skip_to_init:
+        /* we assume block size is a power of 2 in *cryptUpdate */
+        assert(ctx->cipher->block_size == 1
+               || ctx->cipher->block_size == 8
+               || ctx->cipher->block_size == 16);
+
         if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
                 switch(EVP_CIPHER_CTX_mode(ctx)) {
 
@@ -114,68 +191,101 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
                 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
         }
-        if(enc != -1) ctx->encrypt=enc;
         ctx->buf_len=0;
+        ctx->final_used=0;
+        ctx->block_mask=ctx->cipher->block_size-1;
         return 1;
         }
 
 int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-             unsigned char *in, int inl)
+             const unsigned char *in, int inl)
         {
         if (ctx->encrypt)
                 return EVP_EncryptUpdate(ctx,out,outl,in,inl);
         else    return EVP_DecryptUpdate(ctx,out,outl,in,inl);
         }
 
+int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+        {
+        if (ctx->encrypt)
+                return EVP_EncryptFinal_ex(ctx,out,outl);
+        else    return EVP_DecryptFinal_ex(ctx,out,outl);
+        }
+
 int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         {
         if (ctx->encrypt)
                 return EVP_EncryptFinal(ctx,out,outl);
-        else    return(EVP_DecryptFinal(ctx,out,outl));
+        else    return EVP_DecryptFinal(ctx,out,outl);
         }
 
 int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-             unsigned char *key, unsigned char *iv)
+             const unsigned char *key, const unsigned char *iv)
         {
         return EVP_CipherInit(ctx, cipher, key, iv, 1);
         }
 
+int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
+                const unsigned char *key, const unsigned char *iv)
+        {
+        return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
+        }
+
 int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-             unsigned char *key, unsigned char *iv)
+             const unsigned char *key, const unsigned char *iv)
         {
-        return EVP_CipherInit(ctx, cipher, key, iv, 0);
+        return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0);
         }
 
+int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
+             const unsigned char *key, const unsigned char *iv)
+        {
+        return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
+        }
 
 int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-             unsigned char *in, int inl)
+             const unsigned char *in, int inl)
         {
         int i,j,bl;
 
+        if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0)
+                {
+                if(ctx->cipher->do_cipher(ctx,out,in,inl))
+                        {
+                        *outl=inl;
+                        return 1;
+                        }
+                else
+                        {
+                        *outl=0;
+                        return 0;
+                        }
+                }
         i=ctx->buf_len;
         bl=ctx->cipher->block_size;
-        *outl=0;
-        if ((inl == 0) && (i != bl)) return 1;
         if (i != 0)
                 {
                 if (i+inl < bl)
                         {
                         memcpy(&(ctx->buf[i]),in,inl);
                         ctx->buf_len+=inl;
+                        *outl=0;
                         return 1;
                         }
                 else
                         {
                         j=bl-i;
-                        if (j != 0) memcpy(&(ctx->buf[i]),in,j);
+                        memcpy(&(ctx->buf[i]),in,j);
                         if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0;
                         inl-=j;
                         in+=j;
                         out+=bl;
-                        *outl+=bl;
+                        *outl=bl;
                         }
                 }
-        i=inl%bl; /* how much is left */
+        else
+                *outl = 0;
+        i=inl&(bl-1);
         inl-=i;
         if (inl > 0)
                 {
@@ -191,107 +301,153 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
 
 int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         {
-        int i,n,b,bl;
+        int ret;
+        ret = EVP_EncryptFinal_ex(ctx, out, outl);
+        EVP_CIPHER_CTX_cleanup(ctx);
+        return ret;
+        }
+
+int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+        {
+        int i,n,b,bl,ret;
 
         b=ctx->cipher->block_size;
         if (b == 1)
                 {
+                EVP_CIPHER_CTX_cleanup(ctx);
                 *outl=0;
                 return 1;
                 }
         bl=ctx->buf_len;
+        if (ctx->flags & EVP_CIPH_NO_PADDING)
+                {
+                EVP_CIPHER_CTX_cleanup(ctx);
+                if(bl)
+                        {
+                        EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+                        return 0;
+                        }
+                *outl = 0;
+                return 1;
+                }
+
         n=b-bl;
         for (i=bl; i<b; i++)
                 ctx->buf[i]=n;
-        if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,b)) return 0;
-        *outl=b;
-        return 1;
+        ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
+
+        EVP_CIPHER_CTX_cleanup(ctx);
+
+        if(ret)
+                *outl=b;
+
+        return ret;
         }
 
 int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-             unsigned char *in, int inl)
+             const unsigned char *in, int inl)
         {
-        int b,bl,n;
-        int keep_last=0;
+        int b, fix_len;
 
-        *outl=0;
-        if (inl == 0) return 1;
+        if (inl == 0)
+                {
+                *outl=0;
+                return 1;
+                }
+
+        if (ctx->flags & EVP_CIPH_NO_PADDING)
+                return EVP_EncryptUpdate(ctx, out, outl, in, inl);
 
         b=ctx->cipher->block_size;
-        if (b > 1)
+
+        if(ctx->final_used)
                 {
-                /* Is the input a multiple of the block size? */
-                bl=ctx->buf_len;
-                n=inl+bl;
-                if (n%b == 0)
-                        {
-                        if (inl < b) /* must be 'just one' buff */
-                                {
-                                memcpy(&(ctx->buf[bl]),in,inl);
-                                ctx->buf_len=b;
-                                *outl=0;
-                                return 1;
-                                }
-                        keep_last=1;
-                        inl-=b; /* don't do the last block */
-                        }
+                memcpy(out,ctx->final,b);
+                out+=b;
+                fix_len = 1;
                 }
-        if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) return 0;
+        else
+                fix_len = 0;
+
+
+        if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
+                return 0;
 
         /* if we have 'decrypted' a multiple of block size, make sure
          * we have a copy of this last block */
-        if (keep_last)
+        if (b > 1 && !ctx->buf_len)
                 {
-                memcpy(&(ctx->buf[0]),&(in[inl]),b);
-#ifdef DEBUG
-                if (ctx->buf_len != 0)
-                        {
-                        abort();
-                        }
-#endif
-                ctx->buf_len=b;
+                *outl-=b;
+                ctx->final_used=1;
+                memcpy(ctx->final,&out[*outl],b);
                 }
+        else
+                ctx->final_used = 0;
+
+        if (fix_len)
+                *outl += b;
+                
         return 1;
         }
 
 int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         {
+        int ret;
+        ret = EVP_DecryptFinal_ex(ctx, out, outl);
+        EVP_CIPHER_CTX_cleanup(ctx);
+        return ret;
+        }
+
+int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+        {
         int i,b;
         int n;
 
         *outl=0;
         b=ctx->cipher->block_size;
+        if (ctx->flags & EVP_CIPH_NO_PADDING)
+                {
+                EVP_CIPHER_CTX_cleanup(ctx);
+                if(ctx->buf_len)
+                        {
+                        EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+                        return 0;
+                        }
+                *outl = 0;
+                return 1;
+                }
         if (b > 1)
                 {
-                if (ctx->buf_len != b)
+                if (ctx->buf_len || !ctx->final_used)
                         {
+                        EVP_CIPHER_CTX_cleanup(ctx);
                         EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
                         return(0);
                         }
-                if(!EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0)) return 0;
-                if (n != b)
-                        return(0);
-                n=ctx->buf[b-1];
+                n=ctx->final[b-1];
                 if (n > b)
                         {
+                        EVP_CIPHER_CTX_cleanup(ctx);
                         EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
                         return(0);
                         }
                 for (i=0; i<n; i++)
                         {
-                        if (ctx->buf[--b] != n)
+                        if (ctx->final[--b] != n)
                                 {
+                                EVP_CIPHER_CTX_cleanup(ctx);
                                 EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
                                 return(0);
                                 }
                         }
                 n=ctx->cipher->block_size-n;
                 for (i=0; i<n; i++)
-                        out[i]=ctx->buf[i];
+                        out[i]=ctx->final[i];
                 *outl=n;
                 }
         else
                 *outl=0;
+        EVP_CIPHER_CTX_cleanup(ctx);
         return(1);
         }
 
@@ -301,6 +457,11 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
                 {
                 if(!c->cipher->cleanup(c)) return 0;
                 }
+        OPENSSL_free(c->cipher_data);
+        if (c->engine)
+                /* The EVP_CIPHER we used belongs to an ENGINE, release the
+                 * functional reference we held for this reason. */
+                ENGINE_finish(c->engine);
         memset(c,0,sizeof(EVP_CIPHER_CTX));
         return 1;
         }
@@ -319,6 +480,13 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
         return 0;
         }
 
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
+        {
+        if (pad) ctx->flags &= ~EVP_CIPH_NO_PADDING;
+        else ctx->flags |= EVP_CIPH_NO_PADDING;
+        return 1;
+        }
+
 int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
 {
         int ret;
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
index a01412a07c..3a23d21c21 100644
--- a/src/lib/libcrypto/evp/evp_err.c
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -63,7 +63,7 @@
 #include <openssl/evp.h>
 
 /* BEGIN ERROR CODES */
-#ifndef NO_ERR
+#ifndef OPENSSL_NO_ERR
 static ERR_STRING_DATA EVP_str_functs[]=
         {
 {ERR_PACK(0,EVP_F_D2I_PKEY,0),  "D2I_PKEY"},
@@ -71,6 +71,8 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0),       "EVP_CIPHER_CTX_ctrl"},
 {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0),     "EVP_CIPHER_CTX_set_key_length"},
 {ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),  "EVP_DecryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0),    "EVP_DigestInit"},
+{ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0),  "EVP_EncryptFinal"},
 {ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0),   "EVP_MD_CTX_copy"},
 {ERR_PACK(0,EVP_F_EVP_OPENINIT,0),      "EVP_OpenInit"},
 {ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0),   "EVP_PBE_alg_add"},
@@ -85,6 +87,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
 {ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
 {ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0),      "EVP_PKEY_new"},
+{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0),      "EVP_RIJNDAEL"},
 {ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0),     "EVP_SignFinal"},
 {ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0),   "EVP_VerifyFinal"},
 {ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0),        "PKCS5_PBE_keyivgen"},
@@ -96,12 +99,15 @@ static ERR_STRING_DATA EVP_str_functs[]=
 
 static ERR_STRING_DATA EVP_str_reasons[]=
         {
+{EVP_R_BAD_BLOCK_LENGTH                  ,"bad block length"},
 {EVP_R_BAD_DECRYPT                       ,"bad decrypt"},
+{EVP_R_BAD_KEY_LENGTH                    ,"bad key length"},
 {EVP_R_BN_DECODE_ERROR                   ,"bn decode error"},
 {EVP_R_BN_PUBKEY_ERROR                   ,"bn pubkey error"},
 {EVP_R_CIPHER_PARAMETER_ERROR            ,"cipher parameter error"},
 {EVP_R_CTRL_NOT_IMPLEMENTED              ,"ctrl not implemented"},
 {EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED    ,"ctrl operation not implemented"},
+{EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"},
 {EVP_R_DECODE_ERROR                      ,"decode error"},
 {EVP_R_DIFFERENT_KEY_TYPES               ,"different key types"},
 {EVP_R_ENCODE_ERROR                      ,"encode error"},
@@ -116,6 +122,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 {EVP_R_KEYGEN_FAILURE                    ,"keygen failure"},
 {EVP_R_MISSING_PARAMETERS                ,"missing parameters"},
 {EVP_R_NO_CIPHER_SET                     ,"no cipher set"},
+{EVP_R_NO_DIGEST_SET                     ,"no digest set"},
 {EVP_R_NO_DSA_PARAMETERS                 ,"no dsa parameters"},
 {EVP_R_NO_SIGN_FUNCTION_CONFIGURED       ,"no sign function configured"},
 {EVP_R_NO_VERIFY_FUNCTION_CONFIGURED     ,"no verify function configured"},
@@ -144,7 +151,7 @@ void ERR_load_EVP_strings(void)
         if (init)
                 {
                 init=0;
-#ifndef NO_ERR
+#ifndef OPENSSL_NO_ERR
                 ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
                 ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
 #endif
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index e7434ef9b2..4271393069 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -61,6 +61,7 @@
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
+#include <openssl/ui.h>
 
 /* should be init to zeros. */
 static char prompt_string[80];
@@ -70,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt)
         if (prompt == NULL)
                 prompt_string[0]='\0';
         else
+                {
                 strncpy(prompt_string,prompt,79);
+                prompt_string[79]='\0';
+                }
         }
 
 char *EVP_get_pw_prompt(void)
@@ -86,18 +90,26 @@ char *EVP_get_pw_prompt(void)
  * this function will fail */
 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
         {
-#ifndef NO_DES
+        int ret;
+        char buff[BUFSIZ];
+        UI *ui;
+
         if ((prompt == NULL) && (prompt_string[0] != '\0'))
                 prompt=prompt_string;
-        return(des_read_pw_string(buf,len,prompt,verify));
-#else
-        return -1;
-#endif
+        ui = UI_new();
+        UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
+        if (verify)
+                UI_add_verify_string(ui,prompt,0,
+                        buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
+        ret = UI_process(ui);
+        UI_free(ui);
+        memset(buff,0,BUFSIZ);
+        return ret;
         }
 
-int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, 
-             const unsigned char *salt, const unsigned char *data, int datal, 
-             int count, unsigned char *key, unsigned char *iv)
+int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 
+             const unsigned char *salt, const unsigned char *data, int datal,
+             int count, unsigned char *key, unsigned char *iv)
         {
         EVP_MD_CTX c;
         unsigned char md_buf[EVP_MAX_MD_SIZE];
@@ -109,21 +121,22 @@ int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
 
         if (data == NULL) return(nkey);
 
+        EVP_MD_CTX_init(&c);
         for (;;)
                 {
-                EVP_DigestInit(&c,md);
+                EVP_DigestInit_ex(&c,md, NULL);
                 if (addmd++)
                         EVP_DigestUpdate(&c,&(md_buf[0]),mds);
                 EVP_DigestUpdate(&c,data,datal);
                 if (salt != NULL)
                         EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
-                EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+                EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
 
                 for (i=1; i<(unsigned int)count; i++)
                         {
-                        EVP_DigestInit(&c,md);
+                        EVP_DigestInit_ex(&c,md, NULL);
                         EVP_DigestUpdate(&c,&(md_buf[0]),mds);
-                        EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+                        EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
                         }
                 i=0;
                 if (nkey)
@@ -152,7 +165,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md,
                         }
                 if ((nkey == 0) && (niv == 0)) break;
                 }
-        memset(&c,0,sizeof(c));
+        EVP_MD_CTX_cleanup(&c);
         memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
         return(type->key_len);
         }
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
index ce49d5b7d8..7b088b4848 100644
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ b/src/lib/libcrypto/evp/evp_locl.h
@@ -61,50 +61,107 @@
 /* Wrapper functions for each cipher mode */
 
 #define BLOCK_CIPHER_ecb_loop() \
-        unsigned int i; \
-        if(inl < 8) return 1;\
-        inl -= 8; \
-        for(i=0; i <= inl; i+=8) \
+        unsigned int i, bl; \
+        bl = ctx->cipher->block_size;\
+        if(inl < bl) return 1;\
+        inl -= bl; \
+        for(i=0; i <= inl; i+=bl) \
 
-#define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
+#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
 static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
         BLOCK_CIPHER_ecb_loop() \
-                cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.kname, ctx->encrypt);\
+                cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
         return 1;\
 }
 
-#define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \
+#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
 static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
-        cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num);\
+        cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
         return 1;\
 }
 
-#define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
+#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
 static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
-        cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, ctx->encrypt);\
+        cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
         return 1;\
 }
 
-#define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
+#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
 static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
-        cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num, ctx->encrypt);\
+        cprefix##_cfb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
         return 1;\
 }
 
-#define BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
-        BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
-        BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
-        BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
-        BLOCK_CIPHER_func_ofb(cname, cprefix, kname)
+#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
+        BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
+        BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
+        BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
+        BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
 
+#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
+                          key_len, iv_len, flags, init_key, cleanup, \
+                          set_asn1, get_asn1, ctrl) \
+static const EVP_CIPHER cname##_##mode = { \
+        nid##_##nmode, block_size, key_len, iv_len, \
+        flags | EVP_CIPH_##MODE##_MODE, \
+        init_key, \
+        cname##_##mode##_cipher, \
+        cleanup, \
+        sizeof(kstruct), \
+        set_asn1, get_asn1,\
+        ctrl, \
+        NULL \
+}; \
+const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
+
+#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
+                             iv_len, flags, init_key, cleanup, set_asn1, \
+                             get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
+                  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, \
+                             iv_len, cbits, flags, init_key, cleanup, \
+                             set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, cfb##cbits, cfb, CFB, kstruct, nid, block_size, \
+                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
+                  get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, \
+                             iv_len, cbits, flags, init_key, cleanup, \
+                             set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, block_size, \
+                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
+                  get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
+                             iv_len, flags, init_key, cleanup, set_asn1, \
+                             get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
+                  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_defs(cname, kstruct, \
+                          nid, block_size, key_len, iv_len, cbits, flags, \
+                          init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+                     init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, iv_len, cbits, \
+                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, iv_len, cbits, \
+                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+                     init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+
+/*
 #define BLOCK_CIPHER_defs(cname, kstruct, \
                                 nid, block_size, key_len, iv_len, flags,\
                                  init_key, cleanup, set_asn1, get_asn1, ctrl)\
-static EVP_CIPHER cname##_cbc = {\
+static const EVP_CIPHER cname##_cbc = {\
         nid##_cbc, block_size, key_len, iv_len, \
         flags | EVP_CIPH_CBC_MODE,\
         init_key,\
@@ -116,8 +173,8 @@ static EVP_CIPHER cname##_cbc = {\
         ctrl, \
         NULL \
 };\
-EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
-static EVP_CIPHER cname##_cfb = {\
+const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
+static const EVP_CIPHER cname##_cfb = {\
         nid##_cfb64, 1, key_len, iv_len, \
         flags | EVP_CIPH_CFB_MODE,\
         init_key,\
@@ -129,8 +186,8 @@ static EVP_CIPHER cname##_cfb = {\
         ctrl,\
         NULL \
 };\
-EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
-static EVP_CIPHER cname##_ofb = {\
+const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
+static const EVP_CIPHER cname##_ofb = {\
         nid##_ofb64, 1, key_len, iv_len, \
         flags | EVP_CIPH_OFB_MODE,\
         init_key,\
@@ -142,8 +199,8 @@ static EVP_CIPHER cname##_ofb = {\
         ctrl,\
         NULL \
 };\
-EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
-static EVP_CIPHER cname##_ecb = {\
+const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
+static const EVP_CIPHER cname##_ecb = {\
         nid##_ecb, block_size, key_len, iv_len, \
         flags | EVP_CIPH_ECB_MODE,\
         init_key,\
@@ -155,14 +212,16 @@ static EVP_CIPHER cname##_ecb = {\
         ctrl,\
         NULL \
 };\
-EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-
-
+const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
+*/
 
-#define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \
-                                nid, block_size, key_len, iv_len, flags, \
-                                 init_key, cleanup, set_asn1, get_asn1, ctrl) \
-        BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \
-        BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, flags,\
-                 init_key, cleanup, set_asn1, get_asn1, ctrl) 
+#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
+                               block_size, key_len, iv_len, cbits, \
+                               flags, init_key, \
+                               cleanup, set_asn1, get_asn1, ctrl) \
+        BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
+        BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
+                          cbits, flags, init_key, cleanup, set_asn1, \
+                          get_asn1, ctrl)
 
+#define EVP_C_DATA(kstruct, ctx)        ((kstruct *)(ctx)->cipher_data)
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index 224a422b12..06afb9d152 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -69,8 +69,8 @@ static STACK *pbe_algs;
 
 typedef struct {
 int pbe_nid;
-EVP_CIPHER *cipher;
-EVP_MD *md;
+const EVP_CIPHER *cipher;
+const EVP_MD *md;
 EVP_PBE_KEYGEN *keygen;
 } EVP_PBE_CTL;
 
@@ -112,7 +112,7 @@ static int pbe_cmp(const char * const *a, const char * const *b)
 
 /* Add a PBE algorithm */
 
-int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md,
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
              EVP_PBE_KEYGEN *keygen)
 {
         EVP_PBE_CTL *pbe_tmp;
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 8df2874f3c..34b5b1d21c 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -62,17 +62,19 @@
 #include <openssl/x509.h>
 #include <openssl/rand.h>
 
+#ifndef OPENSSL_NO_DSA
 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
+#endif
 
 /* Extract a private key from a PKCS8 structure */
 
 EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 {
         EVP_PKEY *pkey = NULL;
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
         RSA *rsa = NULL;
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         DSA *dsa = NULL;
         ASN1_INTEGER *privkey;
         ASN1_TYPE *t1, *t2, *param = NULL;
@@ -82,6 +84,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 #endif
         X509_ALGOR *a;
         unsigned char *p;
+        const unsigned char *cp;
         int pkeylen;
         char obj_tmp[80];
 
@@ -101,16 +104,17 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
         a = p8->pkeyalg;
         switch (OBJ_obj2nid(a->algorithm))
         {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
                 case NID_rsaEncryption:
-                if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) {
+                cp = p;
+                if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) {
                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
                         return NULL;
                 }
                 EVP_PKEY_assign_RSA (pkey, rsa);
                 break;
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                 case NID_dsa:
                 /* PKCS#8 DSA is weird: you just get a private key integer
                  * and parameters in the AlgorithmIdentifier the pubkey must
@@ -163,9 +167,9 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
                         goto dsaerr;
                 }
-                p = param->value.sequence->data;
+                cp = p = param->value.sequence->data;
                 plen = param->value.sequence->length;
-                if (!(dsa = d2i_DSAparams (NULL, &p, plen))) {
+                if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
                         EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
                         goto dsaerr;
                 }
@@ -239,7 +243,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
         }
         p8->pkey->type = V_ASN1_OCTET_STRING;
         switch (EVP_PKEY_type(pkey->type)) {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
                 case EVP_PKEY_RSA:
 
                 if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE;
@@ -254,7 +258,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
                 }
                 break;
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                 case EVP_PKEY_DSA:
                 if(!dsa_pkey2pkcs8(p8, pkey)) {
                         PKCS8_PRIV_KEY_INFO_free (p8);
@@ -296,7 +300,7 @@ PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
         }
 }
 
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
 {
         ASN1_STRING *params;
diff --git a/src/lib/libcrypto/evp/evp_test.c b/src/lib/libcrypto/evp/evp_test.c
new file mode 100644
index 0000000000..3607fe7776
--- /dev/null
+++ b/src/lib/libcrypto/evp/evp_test.c
@@ -0,0 +1,365 @@
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/engine.h>
+#include <openssl/conf.h>
+
+static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
+    {
+    int n=0;
+
+    fprintf(f,"%s",title);
+    for( ; n < l ; ++n)
+        {
+        if((n%16) == 0)
+            fprintf(f,"\n%04x",n);
+        fprintf(f," %02x",s[n]);
+        }
+    fprintf(f,"\n");
+    }
+
+static int convert(unsigned char *s)
+    {
+    unsigned char *d;
+
+    for(d=s ; *s ; s+=2,++d)
+        {
+        unsigned int n;
+
+        if(!s[1])
+            {
+            fprintf(stderr,"Odd number of hex digits!");
+            exit(4);
+            }
+        sscanf((char *)s,"%2x",&n);
+        *d=(unsigned char)n;
+        }
+    return s-d;
+    }
+
+static char *sstrsep(char **string, const char *delim)
+    {
+    char isdelim[256];
+    char *token = *string;
+
+    if (**string == 0)
+        return NULL;
+
+    memset(isdelim, 0, 256);
+    isdelim[0] = 1;
+
+    while (*delim)
+        {
+        isdelim[(unsigned char)(*delim)] = 1;
+        delim++;
+        }
+
+    while (!isdelim[(unsigned char)(**string)])
+        {
+        (*string)++;
+        }
+
+    if (**string)
+        {
+        **string = 0;
+        (*string)++;
+        }
+
+    return token;
+    }
+
+static unsigned char *ustrsep(char **p,const char *sep)
+    { return (unsigned char *)sstrsep((char **)p,sep); }
+
+static void test1(const EVP_CIPHER *c,const unsigned char *key,int kn,
+                  const unsigned char *iv,int in,
+                  const unsigned char *plaintext,int pn,
+                  const unsigned char *ciphertext,int cn)
+    {
+    EVP_CIPHER_CTX ctx;
+    unsigned char out[4096];
+    int outl,outl2;
+
+    printf("Testing cipher %s\n",EVP_CIPHER_name(c));
+    hexdump(stdout,"Key",key,kn);
+    if(in)
+        hexdump(stdout,"IV",iv,in);
+    hexdump(stdout,"Plaintext",plaintext,pn);
+    hexdump(stdout,"Ciphertext",ciphertext,cn);
+    
+    if(kn != c->key_len)
+        {
+        fprintf(stderr,"Key length doesn't match, got %d expected %d\n",kn,
+                c->key_len);
+        exit(5);
+        }
+    EVP_CIPHER_CTX_init(&ctx);
+    if(!EVP_EncryptInit_ex(&ctx,c,NULL,key,iv))
+        {
+        fprintf(stderr,"EncryptInit failed\n");
+        exit(10);
+        }
+    EVP_CIPHER_CTX_set_padding(&ctx,0);
+
+    if(!EVP_EncryptUpdate(&ctx,out,&outl,plaintext,pn))
+        {
+        fprintf(stderr,"Encrypt failed\n");
+        exit(6);
+        }
+    if(!EVP_EncryptFinal_ex(&ctx,out+outl,&outl2))
+        {
+        fprintf(stderr,"EncryptFinal failed\n");
+        exit(7);
+        }
+
+    if(outl+outl2 != cn)
+        {
+        fprintf(stderr,"Ciphertext length mismatch got %d expected %d\n",
+                outl+outl2,cn);
+        exit(8);
+        }
+
+    if(memcmp(out,ciphertext,cn))
+        {
+        fprintf(stderr,"Ciphertext mismatch\n");
+        hexdump(stderr,"Got",out,cn);
+        hexdump(stderr,"Expected",ciphertext,cn);
+        exit(9);
+        }
+
+    if(!EVP_DecryptInit_ex(&ctx,c,NULL,key,iv))
+        {
+        fprintf(stderr,"DecryptInit failed\n");
+        exit(11);
+        }
+    EVP_CIPHER_CTX_set_padding(&ctx,0);
+
+    if(!EVP_DecryptUpdate(&ctx,out,&outl,ciphertext,pn))
+        {
+        fprintf(stderr,"Decrypt failed\n");
+        exit(6);
+        }
+    if(!EVP_DecryptFinal_ex(&ctx,out+outl,&outl2))
+        {
+        fprintf(stderr,"DecryptFinal failed\n");
+        exit(7);
+        }
+
+    if(outl+outl2 != cn)
+        {
+        fprintf(stderr,"Plaintext length mismatch got %d expected %d\n",
+                outl+outl2,cn);
+        exit(8);
+        }
+
+    if(memcmp(out,plaintext,cn))
+        {
+        fprintf(stderr,"Plaintext mismatch\n");
+        hexdump(stderr,"Got",out,cn);
+        hexdump(stderr,"Expected",plaintext,cn);
+        exit(9);
+        }
+
+    printf("\n");
+    }
+
+static int test_cipher(const char *cipher,const unsigned char *key,int kn,
+                       const unsigned char *iv,int in,
+                       const unsigned char *plaintext,int pn,
+                       const unsigned char *ciphertext,int cn)
+    {
+    const EVP_CIPHER *c;
+
+    c=EVP_get_cipherbyname(cipher);
+    if(!c)
+        return 0;
+
+    test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn);
+
+    return 1;
+    }
+
+static int test_digest(const char *digest,
+                       const unsigned char *plaintext,int pn,
+                       const unsigned char *ciphertext, unsigned int cn)
+    {
+    const EVP_MD *d;
+    EVP_MD_CTX ctx;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    unsigned int mdn;
+
+    d=EVP_get_digestbyname(digest);
+    if(!d)
+        return 0;
+
+    printf("Testing digest %s\n",EVP_MD_name(d));
+    hexdump(stdout,"Plaintext",plaintext,pn);
+    hexdump(stdout,"Digest",ciphertext,cn);
+
+    EVP_MD_CTX_init(&ctx);
+    if(!EVP_DigestInit_ex(&ctx,d, NULL))
+        {
+        fprintf(stderr,"DigestInit failed\n");
+        exit(100);
+        }
+    if(!EVP_DigestUpdate(&ctx,plaintext,pn))
+        {
+        fprintf(stderr,"DigestUpdate failed\n");
+        exit(101);
+        }
+    if(!EVP_DigestFinal_ex(&ctx,md,&mdn))
+        {
+        fprintf(stderr,"DigestFinal failed\n");
+        exit(101);
+        }
+    EVP_MD_CTX_cleanup(&ctx);
+
+    if(mdn != cn)
+        {
+        fprintf(stderr,"Digest length mismatch, got %d expected %d\n",mdn,cn);
+        exit(102);
+        }
+
+    if(memcmp(md,ciphertext,cn))
+        {
+        fprintf(stderr,"Digest mismatch\n");
+        hexdump(stderr,"Got",md,cn);
+        hexdump(stderr,"Expected",ciphertext,cn);
+        exit(103);
+        }
+
+    printf("\n");
+
+    return 1;
+    }
+
+int main(int argc,char **argv)
+    {
+    const char *szTestFile;
+    FILE *f;
+
+    if(argc != 2)
+        {
+        fprintf(stderr,"%s <test file>\n",argv[0]);
+        exit(1);
+        }
+    CRYPTO_malloc_debug_init();
+    CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    szTestFile=argv[1];
+
+    f=fopen(szTestFile,"r");
+    if(!f)
+        {
+        perror(szTestFile);
+        exit(2);
+        }
+
+    /* Load up the software EVP_CIPHER and EVP_MD definitions */
+    OpenSSL_add_all_ciphers();
+    OpenSSL_add_all_digests();
+    /* Load all compiled-in ENGINEs */
+    ENGINE_load_builtin_engines();
+#if 0
+    OPENSSL_config();
+#endif
+    /* Register all available ENGINE implementations of ciphers and digests.
+     * This could perhaps be changed to "ENGINE_register_all_complete()"? */
+    ENGINE_register_all_ciphers();
+    ENGINE_register_all_digests();
+    /* If we add command-line options, this statement should be switchable.
+     * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
+     * they weren't already initialised. */
+    /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
+
+    for( ; ; )
+        {
+        char line[4096];
+        char *p;
+        char *cipher;
+        unsigned char *iv,*key,*plaintext,*ciphertext;
+        int kn,in,pn,cn;
+
+        if(!fgets((char *)line,sizeof line,f))
+            break;
+        if(line[0] == '#' || line[0] == '\n')
+            continue;
+        p=line;
+        cipher=sstrsep(&p,":"); 
+        key=ustrsep(&p,":");
+        iv=ustrsep(&p,":");
+        plaintext=ustrsep(&p,":");
+        ciphertext=ustrsep(&p,"\n");
+
+        kn=convert(key);
+        in=convert(iv);
+        pn=convert(plaintext);
+        cn=convert(ciphertext);
+
+        if(!test_cipher(cipher,key,kn,iv,in,plaintext,pn,ciphertext,cn)
+           && !test_digest(cipher,plaintext,pn,ciphertext,cn))
+            {
+            fprintf(stderr,"Can't find %s\n",cipher);
+            exit(3);
+            }
+        }
+
+    ENGINE_cleanup();
+    EVP_cleanup();
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_state(0);
+    ERR_free_strings();
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return 0;
+    }
diff --git a/src/lib/libcrypto/evp/evptests.txt b/src/lib/libcrypto/evp/evptests.txt
new file mode 100644
index 0000000000..6c1529db37
--- /dev/null
+++ b/src/lib/libcrypto/evp/evptests.txt
@@ -0,0 +1,82 @@
+#cipher:key:iv:input:output
+#digest:::input:output
+
+# SHA(1) tests (from shatest.c)
+SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
+
+# MD5 tests (from md5test.c)
+MD5::::d41d8cd98f00b204e9800998ecf8427e
+MD5:::61:0cc175b9c0f1b6a831c399e269772661
+MD5:::616263:900150983cd24fb0d6963f7d28e17f72
+MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
+MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
+MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
+MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
+
+# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A
+
+# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191
+
+# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089
+
+# AES 128 ECB tests (from NIST test vectors, encrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F
+
+# AES 128 ECB tests (from NIST test vectors, decrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000
+
+# AES 192 ECB tests (from NIST test vectors, decrypt)
+
+#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000
+
+# AES 256 ECB tests (from NIST test vectors, decrypt)
+
+#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000
+
+# AES 128 CBC tests (from NIST test vectors, encrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D
+
+# AES 192 CBC tests (from NIST test vectors, encrypt)
+
+#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104
+
+# AES 256 CBC tests (from NIST test vectors, encrypt)
+
+#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0
+
+# AES 128 CBC tests (from NIST test vectors, decrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000
+
+# DES ECB tests (from destest)
+
+DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
+DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
+DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
+DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
+DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
+DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
+DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
+
+# DESX-CBC tests (from destest)
+DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
+
+# DES EDE3 CBC tests (from destest)
+DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
+
+# RC4 tests (from rc4test)
+RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
+RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
+RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
+RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c
index 8ea826868e..beb8d7fc5c 100644
--- a/src/lib/libcrypto/evp/m_dss.c
+++ b/src/lib/libcrypto/evp/m_dss.c
@@ -62,21 +62,33 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-#ifndef NO_SHA
-static EVP_MD dsa_md=
+#ifndef OPENSSL_NO_SHA
+static int init(EVP_MD_CTX *ctx)
+        { return SHA1_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return SHA1_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return SHA1_Final(md,ctx->md_data); }
+
+static const EVP_MD dsa_md=
         {
         NID_dsaWithSHA,
         NID_dsaWithSHA,
         SHA_DIGEST_LENGTH,
-        SHA1_Init,
-        SHA1_Update,
-        SHA1_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_DSA_method,
         SHA_CBLOCK,
         sizeof(EVP_MD *)+sizeof(SHA_CTX),
         };
 
-EVP_MD *EVP_dss(void)
+const EVP_MD *EVP_dss(void)
         {
         return(&dsa_md);
         }
diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c
index 9d8d1ce23e..f5668ebda0 100644
--- a/src/lib/libcrypto/evp/m_dss1.c
+++ b/src/lib/libcrypto/evp/m_dss1.c
@@ -56,27 +56,39 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_SHA
+#ifndef OPENSSL_NO_SHA
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-static EVP_MD dss1_md=
+static int init(EVP_MD_CTX *ctx)
+        { return SHA1_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return SHA1_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return SHA1_Final(md,ctx->md_data); }
+
+static const EVP_MD dss1_md=
         {
         NID_dsa,
         NID_dsaWithSHA1,
         SHA_DIGEST_LENGTH,
-        SHA1_Init,
-        SHA1_Update,
-        SHA1_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_DSA_method,
         SHA_CBLOCK,
         sizeof(EVP_MD *)+sizeof(SHA_CTX),
         };
 
-EVP_MD *EVP_dss1(void)
+const EVP_MD *EVP_dss1(void)
         {
         return(&dss1_md);
         }
diff --git a/src/lib/libcrypto/evp/m_md2.c b/src/lib/libcrypto/evp/m_md2.c
index 3281e91809..50914c83b3 100644
--- a/src/lib/libcrypto/evp/m_md2.c
+++ b/src/lib/libcrypto/evp/m_md2.c
@@ -56,27 +56,40 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_MD2
+#ifndef OPENSSL_NO_MD2
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/md2.h>
 
-static EVP_MD md2_md=
+static int init(EVP_MD_CTX *ctx)
+        { return MD2_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return MD2_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return MD2_Final(md,ctx->md_data); }
+
+static const EVP_MD md2_md=
         {
         NID_md2,
         NID_md2WithRSAEncryption,
         MD2_DIGEST_LENGTH,
-        MD2_Init,
-        MD2_Update,
-        MD2_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_method,
         MD2_BLOCK,
         sizeof(EVP_MD *)+sizeof(MD2_CTX),
         };
 
-EVP_MD *EVP_md2(void)
+const EVP_MD *EVP_md2(void)
         {
         return(&md2_md);
         }
diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c
index 6a24ceb86d..e19b663754 100644
--- a/src/lib/libcrypto/evp/m_md4.c
+++ b/src/lib/libcrypto/evp/m_md4.c
@@ -56,27 +56,40 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_MD4
+#ifndef OPENSSL_NO_MD4
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/md4.h>
 
-static EVP_MD md4_md=
+static int init(EVP_MD_CTX *ctx)
+        { return MD4_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return MD4_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return MD4_Final(md,ctx->md_data); }
+
+static const EVP_MD md4_md=
         {
         NID_md4,
-        0,
+        NID_md4WithRSAEncryption,
         MD4_DIGEST_LENGTH,
-        MD4_Init,
-        MD4_Update,
-        MD4_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_method,
         MD4_CBLOCK,
         sizeof(EVP_MD *)+sizeof(MD4_CTX),
         };
 
-EVP_MD *EVP_md4(void)
+const EVP_MD *EVP_md4(void)
         {
         return(&md4_md);
         }
diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c
index 9fc9530127..b00a03e048 100644
--- a/src/lib/libcrypto/evp/m_md5.c
+++ b/src/lib/libcrypto/evp/m_md5.c
@@ -56,27 +56,40 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_MD5
+#ifndef OPENSSL_NO_MD5
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/md5.h>
 
-static EVP_MD md5_md=
+static int init(EVP_MD_CTX *ctx)
+        { return MD5_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return MD5_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return MD5_Final(md,ctx->md_data); }
+
+static const EVP_MD md5_md=
         {
         NID_md5,
         NID_md5WithRSAEncryption,
         MD5_DIGEST_LENGTH,
-        MD5_Init,
-        MD5_Update,
-        MD5_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_method,
         MD5_CBLOCK,
         sizeof(EVP_MD *)+sizeof(MD5_CTX),
         };
 
-EVP_MD *EVP_md5(void)
+const EVP_MD *EVP_md5(void)
         {
         return(&md5_md);
         }
diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c
index 2c7f1ae515..9f6467c931 100644
--- a/src/lib/libcrypto/evp/m_mdc2.c
+++ b/src/lib/libcrypto/evp/m_mdc2.c
@@ -56,27 +56,40 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_MDC2
+#ifndef OPENSSL_NO_MDC2
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#include <openssl/mdc2.h>
 
-static EVP_MD mdc2_md=
+static int init(EVP_MD_CTX *ctx)
+        { return MDC2_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return MDC2_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return MDC2_Final(md,ctx->md_data); }
+
+static const EVP_MD mdc2_md=
         {
         NID_mdc2,
         NID_mdc2WithRSA,
         MDC2_DIGEST_LENGTH,
-        MDC2_Init,
-        MDC2_Update,
-        MDC2_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
         MDC2_BLOCK,
         sizeof(EVP_MD *)+sizeof(MDC2_CTX),
         };
 
-EVP_MD *EVP_mdc2(void)
+const EVP_MD *EVP_mdc2(void)
         {
         return(&mdc2_md);
         }
diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c
index e2dadf3dab..f6f0a1d2c0 100644
--- a/src/lib/libcrypto/evp/m_null.c
+++ b/src/lib/libcrypto/evp/m_null.c
@@ -62,25 +62,32 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-static void function(void)
-        {
-        }
+static int init(EVP_MD_CTX *ctx)
+        { return 1; }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return 1; }
 
-static EVP_MD null_md=
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return 1; }
+
+static const EVP_MD null_md=
         {
         NID_undef,
         NID_undef,
         0,
-        function,
-        function,
-        function,
-        
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_NULL_method,
         0,
         sizeof(EVP_MD *),
         };
 
-EVP_MD *EVP_md_null(void)
+const EVP_MD *EVP_md_null(void)
         {
         return(&null_md);
         }
diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c
index 3d781a4e8d..64725528dc 100644
--- a/src/lib/libcrypto/evp/m_ripemd.c
+++ b/src/lib/libcrypto/evp/m_ripemd.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_RIPEMD
+#ifndef OPENSSL_NO_RIPEMD
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/ripemd.h>
@@ -64,20 +64,32 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-static EVP_MD ripemd160_md=
+static int init(EVP_MD_CTX *ctx)
+        { return RIPEMD160_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return RIPEMD160_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return RIPEMD160_Final(md,ctx->md_data); }
+
+static const EVP_MD ripemd160_md=
         {
         NID_ripemd160,
         NID_ripemd160WithRSA,
         RIPEMD160_DIGEST_LENGTH,
-        RIPEMD160_Init,
-        RIPEMD160_Update,
-        RIPEMD160_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_method,
         RIPEMD160_CBLOCK,
         sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
         };
 
-EVP_MD *EVP_ripemd160(void)
+const EVP_MD *EVP_ripemd160(void)
         {
         return(&ripemd160_md);
         }
diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c
index 6d35b71b85..10697c7ed3 100644
--- a/src/lib/libcrypto/evp/m_sha.c
+++ b/src/lib/libcrypto/evp/m_sha.c
@@ -56,27 +56,39 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_SHA
+#ifndef OPENSSL_NO_SHA
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-static EVP_MD sha_md=
+static int init(EVP_MD_CTX *ctx)
+        { return SHA_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return SHA_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return SHA_Final(md,ctx->md_data); }
+
+static const EVP_MD sha_md=
         {
         NID_sha,
         NID_shaWithRSAEncryption,
         SHA_DIGEST_LENGTH,
-        SHA_Init,
-        SHA_Update,
-        SHA_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_method,
         SHA_CBLOCK,
         sizeof(EVP_MD *)+sizeof(SHA_CTX),
         };
 
-EVP_MD *EVP_sha(void)
+const EVP_MD *EVP_sha(void)
         {
         return(&sha_md);
         }
diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c
index 57a1ab0cce..d6be3502f0 100644
--- a/src/lib/libcrypto/evp/m_sha1.c
+++ b/src/lib/libcrypto/evp/m_sha1.c
@@ -56,27 +56,39 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_SHA
+#ifndef OPENSSL_NO_SHA
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-static EVP_MD sha1_md=
+static int init(EVP_MD_CTX *ctx)
+        { return SHA1_Init(ctx->md_data); }
+
+static int update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+        { return SHA1_Update(ctx->md_data,data,count); }
+
+static int final(EVP_MD_CTX *ctx,unsigned char *md)
+        { return SHA1_Final(md,ctx->md_data); }
+
+static const EVP_MD sha1_md=
         {
         NID_sha1,
         NID_sha1WithRSAEncryption,
         SHA_DIGEST_LENGTH,
-        SHA1_Init,
-        SHA1_Update,
-        SHA1_Final,
+        0,
+        init,
+        update,
+        final,
+        NULL,
+        NULL,
         EVP_PKEY_RSA_method,
         SHA_CBLOCK,
         sizeof(EVP_MD *)+sizeof(SHA_CTX),
         };
 
-EVP_MD *EVP_sha1(void)
+const EVP_MD *EVP_sha1(void)
         {
         return(&sha1_md);
         }
diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c
index 620f43feaa..eb9f4329cd 100644
--- a/src/lib/libcrypto/evp/names.c
+++ b/src/lib/libcrypto/evp/names.c
@@ -62,7 +62,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-int EVP_add_cipher(EVP_CIPHER *c)
+int EVP_add_cipher(const EVP_CIPHER *c)
         {
         int r;
 
@@ -72,7 +72,7 @@ int EVP_add_cipher(EVP_CIPHER *c)
         return(r);
         }
 
-int EVP_add_digest(EVP_MD *md)
+int EVP_add_digest(const EVP_MD *md)
         {
         int r;
         const char *name;
diff --git a/src/lib/libcrypto/evp/openbsd_hw.c b/src/lib/libcrypto/evp/openbsd_hw.c
new file mode 100644
index 0000000000..3831a5731e
--- /dev/null
+++ b/src/lib/libcrypto/evp/openbsd_hw.c
@@ -0,0 +1,446 @@
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/rsa.h>
+#include "evp_locl.h"
+
+/* This stuff should now all be supported through
+ * crypto/engine/hw_openbsd_dev_crypto.c unless I botched it up */
+static void *dummy=&dummy;
+
+#if 0
+
+/* check flag after OpenSSL headers to ensure make depend works */
+#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+
+#include <fcntl.h>
+#include <stdio.h>
+#include <errno.h>
+#include <sys/ioctl.h>
+#include <crypto/cryptodev.h>
+#include <unistd.h>
+#include <assert.h>
+
+/* longest key supported in hardware */
+#define MAX_HW_KEY      24
+#define MAX_HW_IV       8
+
+#define MD5_DIGEST_LENGTH       16
+#define MD5_CBLOCK              64
+
+static int fd;
+static int dev_failed;
+
+typedef struct session_op session_op;
+
+#define CDATA(ctx) EVP_C_DATA(session_op,ctx)
+
+static void err(const char *str)
+    {
+    fprintf(stderr,"%s: errno %d\n",str,errno);
+    }
+
+static int dev_crypto_init(session_op *ses)
+    {
+    if(dev_failed)
+        return 0;
+    if(!fd)
+        {
+        int cryptodev_fd;
+
+        if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
+            {
+            err("/dev/crypto");
+            dev_failed=1;
+            return 0;
+            }
+        if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
+            {
+            err("CRIOGET failed");
+            close(cryptodev_fd);
+            dev_failed=1;
+            return 0;
+            }
+        close(cryptodev_fd);
+        }
+    assert(ses);
+    memset(ses,'\0',sizeof *ses);
+
+    return 1;
+    }
+
+static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
+    {
+    if(ioctl(fd,CIOCFSESSION,&CDATA(ctx)->ses) == -1)
+        err("CIOCFSESSION failed");
+
+    OPENSSL_free(CDATA(ctx)->key);
+
+    return 1;
+    }
+
+static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx,int cipher,
+                               const unsigned char *key,int klen)
+    {
+    if(!dev_crypto_init(CDATA(ctx)))
+        return 0;
+
+    CDATA(ctx)->key=OPENSSL_malloc(MAX_HW_KEY);
+
+    assert(ctx->cipher->iv_len <= MAX_HW_IV);
+
+    memcpy(CDATA(ctx)->key,key,klen);
+    
+    CDATA(ctx)->cipher=cipher;
+    CDATA(ctx)->keylen=klen;
+
+    if (ioctl(fd,CIOCGSESSION,CDATA(ctx)) == -1)
+        {
+        err("CIOCGSESSION failed");
+        return 0;
+        }
+    return 1;
+    }
+
+static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
+                             const unsigned char *in,unsigned int inl)
+    {
+    struct crypt_op cryp;
+    unsigned char lb[MAX_HW_IV];
+
+    if(!inl)
+        return 1;
+
+    assert(CDATA(ctx));
+    assert(!dev_failed);
+
+    memset(&cryp,'\0',sizeof cryp);
+    cryp.ses=CDATA(ctx)->ses;
+    cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
+    cryp.flags=0;
+    cryp.len=inl;
+    assert((inl&(ctx->cipher->block_size-1)) == 0);
+    cryp.src=(caddr_t)in;
+    cryp.dst=(caddr_t)out;
+    cryp.mac=0;
+    if(ctx->cipher->iv_len)
+        cryp.iv=(caddr_t)ctx->iv;
+
+    if(!ctx->encrypt)
+        memcpy(lb,&in[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
+
+    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+        {
+        if(errno == EINVAL) /* buffers are misaligned */
+            {
+            unsigned int cinl=0;
+            char *cin=NULL;
+            char *cout=NULL;
+
+            /* NB: this can only make cinl != inl with stream ciphers */
+            cinl=(inl+3)/4*4;
+
+            if(((unsigned long)in&3) || cinl != inl)
+                {
+                cin=OPENSSL_malloc(cinl);
+                memcpy(cin,in,inl);
+                cryp.src=cin;
+                }
+
+            if(((unsigned long)out&3) || cinl != inl)
+                {
+                cout=OPENSSL_malloc(cinl);
+                cryp.dst=cout;
+                }
+
+            cryp.len=cinl;
+
+            if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+                {
+                err("CIOCCRYPT(2) failed");
+                printf("src=%p dst=%p\n",cryp.src,cryp.dst);
+                abort();
+                return 0;
+                }
+                
+            if(cout)
+                {
+                memcpy(out,cout,inl);
+                OPENSSL_free(cout);
+                }
+            if(cin)
+                OPENSSL_free(cin);
+            }
+        else 
+            {       
+            err("CIOCCRYPT failed");
+            abort();
+            return 0;
+            }
+        }
+
+    if(ctx->encrypt)
+        memcpy(ctx->iv,&out[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
+    else
+        memcpy(ctx->iv,lb,ctx->cipher->iv_len);
+
+    return 1;
+    }
+
+static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
+                                        const unsigned char *key,
+                                        const unsigned char *iv, int enc)
+    { return dev_crypto_init_key(ctx,CRYPTO_3DES_CBC,key,24); }
+
+#define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
+
+BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
+                     0, dev_crypto_des_ede3_init_key,
+                     dev_crypto_cleanup, 
+                     EVP_CIPHER_set_asn1_iv,
+                     EVP_CIPHER_get_asn1_iv,
+                     NULL)
+
+static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
+                                        const unsigned char *key,
+                                        const unsigned char *iv, int enc)
+    { return dev_crypto_init_key(ctx,CRYPTO_ARC4,key,16); }
+
+static const EVP_CIPHER r4_cipher=
+    {
+    NID_rc4,
+    1,16,0,     /* FIXME: key should be up to 256 bytes */
+    EVP_CIPH_VARIABLE_LENGTH,
+    dev_crypto_rc4_init_key,
+    dev_crypto_cipher,
+    dev_crypto_cleanup,
+    sizeof(session_op),
+    NULL,
+    NULL,
+    NULL
+    };
+
+const EVP_CIPHER *EVP_dev_crypto_rc4(void)
+    { return &r4_cipher; }
+
+typedef struct
+    {
+    session_op sess;
+    char *data;
+    int len;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    } MD_DATA;
+
+static int dev_crypto_init_digest(MD_DATA *md_data,int mac)
+    {
+    if(!dev_crypto_init(&md_data->sess))
+        return 0;
+
+    md_data->len=0;
+    md_data->data=NULL;
+
+    md_data->sess.mac=mac;
+
+    if (ioctl(fd,CIOCGSESSION,&md_data->sess) == -1)
+        {
+        err("CIOCGSESSION failed");
+        return 0;
+        }
+    return 1;
+    }
+
+static int dev_crypto_cleanup_digest(MD_DATA *md_data)
+    {
+    if (ioctl(fd,CIOCFSESSION,&md_data->sess.ses) == -1)
+        {
+        err("CIOCFSESSION failed");
+        return 0;
+        }
+
+    return 1;
+    }
+
+/* FIXME: if device can do chained MACs, then don't accumulate */
+/* FIXME: move accumulation to the framework */
+static int dev_crypto_md5_init(EVP_MD_CTX *ctx)
+    { return dev_crypto_init_digest(ctx->md_data,CRYPTO_MD5); }
+
+static int do_digest(int ses,unsigned char *md,const void *data,int len)
+    {
+    struct crypt_op cryp;
+    static unsigned char md5zero[16]=
+        {
+        0xd4,0x1d,0x8c,0xd9,0x8f,0x00,0xb2,0x04,
+        0xe9,0x80,0x09,0x98,0xec,0xf8,0x42,0x7e
+        };
+
+    /* some cards can't do zero length */
+    if(!len)
+        {
+        memcpy(md,md5zero,16);
+        return 1;
+        }
+
+    memset(&cryp,'\0',sizeof cryp);
+    cryp.ses=ses;
+    cryp.op=COP_ENCRYPT;/* required to do the MAC rather than check it */
+    cryp.len=len;
+    cryp.src=(caddr_t)data;
+    cryp.dst=(caddr_t)data; // FIXME!!!
+    cryp.mac=(caddr_t)md;
+
+    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+        {
+        if(errno == EINVAL) /* buffer is misaligned */
+            {
+            char *dcopy;
+
+            dcopy=OPENSSL_malloc(len);
+            memcpy(dcopy,data,len);
+            cryp.src=dcopy;
+            cryp.dst=cryp.src; // FIXME!!!
+
+            if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
+                {
+                err("CIOCCRYPT(MAC2) failed");
+                abort();
+                return 0;
+                }
+            OPENSSL_free(dcopy);
+            }
+        else
+            {
+            err("CIOCCRYPT(MAC) failed");
+            abort();
+            return 0;
+            }
+        }
+    //    printf("done\n");
+
+    return 1;
+    }
+
+static int dev_crypto_md5_update(EVP_MD_CTX *ctx,const void *data,
+                                 unsigned long len)
+    {
+    MD_DATA *md_data=ctx->md_data;
+
+    if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
+        return do_digest(md_data->sess.ses,md_data->md,data,len);
+
+    md_data->data=OPENSSL_realloc(md_data->data,md_data->len+len);
+    memcpy(md_data->data+md_data->len,data,len);
+    md_data->len+=len;
+
+    return 1;
+    }   
+
+static int dev_crypto_md5_final(EVP_MD_CTX *ctx,unsigned char *md)
+    {
+    int ret;
+    MD_DATA *md_data=ctx->md_data;
+
+    if(ctx->flags&EVP_MD_CTX_FLAG_ONESHOT)
+        {
+        memcpy(md,md_data->md,MD5_DIGEST_LENGTH);
+        ret=1;
+        }
+    else
+        {
+        ret=do_digest(md_data->sess.ses,md,md_data->data,md_data->len);
+        OPENSSL_free(md_data->data);
+        md_data->data=NULL;
+        md_data->len=0;
+        }
+
+    return ret;
+    }
+
+static int dev_crypto_md5_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
+    {
+    const MD_DATA *from_md=from->md_data;
+    MD_DATA *to_md=to->md_data;
+
+    // How do we copy sessions?
+    assert(from->digest->flags&EVP_MD_FLAG_ONESHOT);
+
+    to_md->data=OPENSSL_malloc(from_md->len);
+    memcpy(to_md->data,from_md->data,from_md->len);
+
+    return 1;
+    }
+
+static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx)
+    {
+    return dev_crypto_cleanup_digest(ctx->md_data);
+    }
+
+static const EVP_MD md5_md=
+    {
+    NID_md5,
+    NID_md5WithRSAEncryption,
+    MD5_DIGEST_LENGTH,
+    EVP_MD_FLAG_ONESHOT,        // XXX: set according to device info...
+    dev_crypto_md5_init,
+    dev_crypto_md5_update,
+    dev_crypto_md5_final,
+    dev_crypto_md5_copy,
+    dev_crypto_md5_cleanup,
+    EVP_PKEY_RSA_method,
+    MD5_CBLOCK,
+    sizeof(MD_DATA),
+    };
+
+const EVP_MD *EVP_dev_crypto_md5(void)
+    { return &md5_md; }
+
+#endif
+#endif
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 6bfa2c5acb..113c60fedb 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -67,41 +67,41 @@
 
 void PKCS5_PBE_add(void)
 {
-#ifndef NO_DES
-#  ifndef NO_MD5
+#ifndef OPENSSL_NO_DES
+#  ifndef OPENSSL_NO_MD5
 EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(),
                                                          PKCS5_PBE_keyivgen);
 #  endif
-#  ifndef NO_MD2
+#  ifndef OPENSSL_NO_MD2
 EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(),
                                                          PKCS5_PBE_keyivgen);
 #  endif
-#  ifndef NO_SHA
+#  ifndef OPENSSL_NO_SHA
 EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(),
                                                          PKCS5_PBE_keyivgen);
 #  endif
 #endif
-#ifndef NO_RC2
-#  ifndef NO_MD5
+#ifndef OPENSSL_NO_RC2
+#  ifndef OPENSSL_NO_MD5
 EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(),
                                                          PKCS5_PBE_keyivgen);
 #  endif
-#  ifndef NO_MD2
+#  ifndef OPENSSL_NO_MD2
 EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(),
                                                          PKCS5_PBE_keyivgen);
 #  endif
-#  ifndef NO_SHA
+#  ifndef OPENSSL_NO_SHA
 EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
                                                          PKCS5_PBE_keyivgen);
 #  endif
 #endif
-#ifndef NO_HMAC
+#ifndef OPENSSL_NO_HMAC
 EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen);
 #endif
 }
 
 int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
-                         ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
+                         ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
                          int en_de)
 {
         EVP_MD_CTX ctx;
@@ -128,20 +128,22 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
         if(!pass) passlen = 0;
         else if(passlen == -1) passlen = strlen(pass);
 
-        EVP_DigestInit (&ctx, md);
-        EVP_DigestUpdate (&ctx, pass, passlen);
-        EVP_DigestUpdate (&ctx, salt, saltlen);
+        EVP_MD_CTX_init(&ctx);
+        EVP_DigestInit_ex(&ctx, md, NULL);
+        EVP_DigestUpdate(&ctx, pass, passlen);
+        EVP_DigestUpdate(&ctx, salt, saltlen);
         PBEPARAM_free(pbe);
-        EVP_DigestFinal (&ctx, md_tmp, NULL);
+        EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
         for (i = 1; i < iter; i++) {
-                EVP_DigestInit(&ctx, md);
+                EVP_DigestInit_ex(&ctx, md, NULL);
                 EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md));
-                EVP_DigestFinal (&ctx, md_tmp, NULL);
+                EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
         }
-        memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
-        memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
+        EVP_MD_CTX_cleanup(&ctx);
+        memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
+        memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
                                                  EVP_CIPHER_iv_length(cipher));
-        EVP_CipherInit(cctx, cipher, key, iv, en_de);
+        EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
         memset(md_tmp, 0, EVP_MAX_MD_SIZE);
         memset(key, 0, EVP_MAX_KEY_LENGTH);
         memset(iv, 0, EVP_MAX_IV_LENGTH);
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 717fad68ca..7881860b53 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -55,7 +55,7 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-#if !defined(NO_HMAC) && !defined(NO_SHA)
+#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
 #include <stdio.h>
 #include <stdlib.h>
 #include <openssl/x509.h>
@@ -84,6 +84,8 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
         int cplen, j, k, tkeylen;
         unsigned long i = 1;
         HMAC_CTX hctx;
+
+        HMAC_CTX_init(&hctx);
         p = out;
         tkeylen = keylen;
         if(!pass) passlen = 0;
@@ -98,7 +100,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
                 itmp[1] = (unsigned char)((i >> 16) & 0xff);
                 itmp[2] = (unsigned char)((i >> 8) & 0xff);
                 itmp[3] = (unsigned char)(i & 0xff);
-                HMAC_Init(&hctx, pass, passlen, EVP_sha1());
+                HMAC_Init_ex(&hctx, pass, passlen, EVP_sha1(), NULL);
                 HMAC_Update(&hctx, salt, saltlen);
                 HMAC_Update(&hctx, itmp, 4);
                 HMAC_Final(&hctx, digtmp, NULL);
@@ -112,7 +114,7 @@ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
                 i++;
                 p+= cplen;
         }
-        HMAC_cleanup(&hctx);
+        HMAC_CTX_cleanup(&hctx);
 #ifdef DEBUG_PKCS5V2
         fprintf(stderr, "Password:\n");
         h__dump (pass, passlen);
@@ -143,7 +145,7 @@ main()
  */
 
 int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                         ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md,
+                         ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md,
                          int en_de)
 {
         unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH];
@@ -181,7 +183,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
         }
 
         /* Fixup cipher based on AlgorithmIdentifier */
-        EVP_CipherInit(ctx, cipher, NULL, NULL, en_de);
+        EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
         if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
                 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
                                         EVP_R_CIPHER_PARAMETER_ERROR);
@@ -227,7 +229,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
         saltlen = kdf->salt->value.octet_string->length;
         iter = ASN1_INTEGER_get(kdf->iter);
         PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
-        EVP_CipherInit(ctx, NULL, key, NULL, en_de);
+        EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
         memset(key, 0, keylen);
         PBKDF2PARAM_free(kdf);
         return 1;
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
index 57b5daa453..8af620400e 100644
--- a/src/lib/libcrypto/evp/p_dec.c
+++ b/src/lib/libcrypto/evp/p_dec.c
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/rand.h>
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
 #endif
 #include <openssl/evp.h>
@@ -71,12 +71,12 @@ int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl,
         {
         int ret= -1;
         
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
         if (priv->type != EVP_PKEY_RSA)
                 {
 #endif
                 EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
                 goto err;
                 }
 
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
index 4cf6acaf5d..656883b996 100644
--- a/src/lib/libcrypto/evp/p_enc.c
+++ b/src/lib/libcrypto/evp/p_enc.c
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/rand.h>
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
 #endif
 #include <openssl/evp.h>
@@ -71,12 +71,12 @@ int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len,
         {
         int ret=0;
         
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
         if (pubk->type != EVP_PKEY_RSA)
                 {
 #endif
                 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
                 goto err;
                 }
         ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 62398ed74d..215b94292a 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -64,14 +64,15 @@
 #include <openssl/x509.h>
 
 static void EVP_PKEY_free_it(EVP_PKEY *x);
+
 int EVP_PKEY_bits(EVP_PKEY *pkey)
         {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
         if (pkey->type == EVP_PKEY_RSA)
                 return(BN_num_bits(pkey->pkey.rsa->n));
         else
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                 if (pkey->type == EVP_PKEY_DSA)
                 return(BN_num_bits(pkey->pkey.dsa->p));
 #endif
@@ -82,12 +83,12 @@ int EVP_PKEY_size(EVP_PKEY *pkey)
         {
         if (pkey == NULL)
                 return(0);
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
         if (pkey->type == EVP_PKEY_RSA)
                 return(RSA_size(pkey->pkey.rsa));
         else
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                 if (pkey->type == EVP_PKEY_DSA)
                 return(DSA_size(pkey->pkey.dsa));
 #endif
@@ -96,10 +97,10 @@ int EVP_PKEY_size(EVP_PKEY *pkey)
 
 int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
         {
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         if (pkey->type == EVP_PKEY_DSA)
                 {
-                int ret=pkey->save_parameters=mode;
+                int ret=pkey->save_parameters;
 
                 if (mode >= 0)
                         pkey->save_parameters=mode;
@@ -122,7 +123,7 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
                 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS);
                 goto err;
                 }
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         if (to->type == EVP_PKEY_DSA)
                 {
                 BIGNUM *a;
@@ -147,7 +148,7 @@ err:
 
 int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
         {
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         if (pkey->type == EVP_PKEY_DSA)
                 {
                 DSA *dsa;
@@ -162,7 +163,7 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
 
 int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
         {
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
                 {
                 if (    BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
@@ -205,11 +206,12 @@ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key)
         return(key != NULL);
         }
 
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
 {
         int ret = EVP_PKEY_assign_RSA(pkey, key);
-        if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
+        if(ret)
+                RSA_up_ref(key);
         return ret;
 }
 
@@ -219,16 +221,17 @@ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
                 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
                 return NULL;
         }
-        CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
+        RSA_up_ref(pkey->pkey.rsa);
         return pkey->pkey.rsa;
 }
 #endif
 
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
 {
         int ret = EVP_PKEY_assign_DSA(pkey, key);
-        if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
+        if(ret)
+                DSA_up_ref(key);
         return ret;
 }
 
@@ -238,17 +241,18 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
                 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
                 return NULL;
         }
-        CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA);
+        DSA_up_ref(pkey->pkey.dsa);
         return pkey->pkey.dsa;
 }
 #endif
 
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
 
 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
 {
         int ret = EVP_PKEY_assign_DH(pkey, key);
-        if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
+        if(ret)
+                DH_up_ref(key);
         return ret;
 }
 
@@ -258,7 +262,7 @@ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
                 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
                 return NULL;
         }
-        CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);
+        DH_up_ref(pkey->pkey.dh);
         return pkey->pkey.dh;
 }
 #endif
@@ -309,13 +313,13 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
         {
         switch (x->type)
                 {
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
         case EVP_PKEY_RSA:
         case EVP_PKEY_RSA2:
                 RSA_free(x->pkey.rsa);
                 break;
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
         case EVP_PKEY_DSA:
         case EVP_PKEY_DSA2:
         case EVP_PKEY_DSA3:
@@ -323,7 +327,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
                 DSA_free(x->pkey.dsa);
                 break;
 #endif
-#ifndef NO_DH
+#ifndef OPENSSL_NO_DH
         case EVP_PKEY_DH:
                 DH_free(x->pkey.dh);
                 break;
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
index 2760c00fec..6976f2a867 100644
--- a/src/lib/libcrypto/evp/p_open.c
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -56,14 +56,14 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
+int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek,
              int ekl, unsigned char *iv, EVP_PKEY *priv)
         {
         unsigned char *key=NULL;
@@ -71,7 +71,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
 
         if(type) {      
                 EVP_CIPHER_CTX_init(ctx);
-                if(!EVP_DecryptInit(ctx,type,NULL,NULL)) return 0;
+                if(!EVP_DecryptInit_ex(ctx,type,NULL, NULL,NULL)) return 0;
         }
 
         if(!priv) return 1;
@@ -97,7 +97,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
                 /* ERROR */
                 goto err;
                 }
-        if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err;
+        if(!EVP_DecryptInit_ex(ctx,NULL,NULL,key,iv)) goto err;
 
         ret=1;
 err:
@@ -110,11 +110,11 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         {
         int i;
 
-        i=EVP_DecryptFinal(ctx,out,outl);
-        EVP_DecryptInit(ctx,NULL,NULL,NULL);
+        i=EVP_DecryptFinal_ex(ctx,out,outl);
+        EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
         return(i);
         }
-#else /* !NO_RSA */
+#else /* !OPENSSL_NO_RSA */
 
 # ifdef PEDANTIC
 static void *dummy=&dummy;
diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c
index 2fd1d7e0c2..5570ca3745 100644
--- a/src/lib/libcrypto/evp/p_seal.c
+++ b/src/lib/libcrypto/evp/p_seal.c
@@ -59,14 +59,14 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/rand.h>
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
 #endif
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
              int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
         {
         unsigned char key[EVP_MAX_KEY_LENGTH];
@@ -74,15 +74,16 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
         
         if(type) {
                 EVP_CIPHER_CTX_init(ctx);
-                if(!EVP_EncryptInit(ctx,type,NULL,NULL)) return 0;
+                if(!EVP_EncryptInit_ex(ctx,type,NULL,NULL,NULL)) return 0;
         }
-        if (npubk <= 0) return(0);
+        if ((npubk <= 0) || !pubk)
+                return 1;
         if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0)
-                return(0);
+                return 0;
         if (EVP_CIPHER_CTX_iv_length(ctx))
                 RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
 
-        if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0;
+        if(!EVP_EncryptInit_ex(ctx,NULL,NULL,key,iv)) return 0;
 
         for (i=0; i<npubk; i++)
                 {
@@ -107,6 +108,6 @@ int inl;
 
 void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         {
-        EVP_EncryptFinal(ctx,out,outl);
-        EVP_EncryptInit(ctx,NULL,NULL,NULL);
+        EVP_EncryptFinal_ex(ctx,out,outl);
+        EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
         }
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index 1fa32ac17e..e4ae5906f5 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -65,7 +65,7 @@
 #ifdef undef
 void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
         {
-        EVP_DigestInit(ctx,type);
+        EVP_DigestInit_ex(ctx,type);
         }
 
 void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
@@ -84,8 +84,10 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
         MS_STATIC EVP_MD_CTX tmp_ctx;
 
         *siglen=0;
-        EVP_MD_CTX_copy(&tmp_ctx,ctx);   
-        EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
+        EVP_MD_CTX_init(&tmp_ctx);
+        EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);   
+        EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+        EVP_MD_CTX_cleanup(&tmp_ctx);
         for (i=0; i<4; i++)
                 {
                 v=ctx->digest->required_pkey_type[i];
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
index dcb54f3abb..d854d743a5 100644
--- a/src/lib/libcrypto/evp/p_verify.c
+++ b/src/lib/libcrypto/evp/p_verify.c
@@ -85,8 +85,10 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf,
                 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
                 return(-1);
                 }
-        EVP_MD_CTX_copy(&tmp_ctx,ctx);     
-        EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
+        EVP_MD_CTX_init(&tmp_ctx);
+        EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);     
+        EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+        EVP_MD_CTX_cleanup(&tmp_ctx);
         if (ctx->digest->verify == NULL)
                 {
                 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);