20 files changed, 3791 insertions, 0 deletions

diff --git a/src/lib/libssl/test/Makefile.ssl b/src/lib/libssl/test/Makefile.ssl
new file mode 100644
index 0000000000..c1408021ba
--- /dev/null
+++ b/src/lib/libssl/test/Makefile.ssl
@@ -0,0 +1,648 @@
+#
+# test/Makefile.ssl
+#
+
+DIR=            test
+TOP=            ..
+CC=             cc
+INCLUDES=       -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=          -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=     /usr/local/ssl
+MAKEFILE=       Makefile.ssl
+MAKE=           make -f $(MAKEFILE)
+MAKEDEPPROG=    makedepend
+MAKEDEPEND=     $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+PERL=           perl
+
+PEX_LIBS=
+EX_LIBS= #-lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile.ssl maketests.com \
+        tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+        tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+        testca.com VMSca-response.1 VMSca-response.2
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST=         bntest
+ECTEST=         ectest
+EXPTEST=        exptest
+IDEATEST=       ideatest
+SHATEST=        shatest
+SHA1TEST=       sha1test
+MDC2TEST=       mdc2test
+RMDTEST=        rmdtest
+MD2TEST=        md2test
+MD4TEST=        md4test
+MD5TEST=        md5test
+HMACTEST=       hmactest
+RC2TEST=        rc2test
+RC4TEST=        rc4test
+RC5TEST=        rc5test
+BFTEST=         bftest
+CASTTEST=       casttest
+DESTEST=        destest
+RANDTEST=       randtest
+DHTEST=         dhtest
+DSATEST=        dsatest
+METHTEST=       methtest
+SSLTEST=        ssltest
+RSATEST=        rsa_test
+ENGINETEST=     enginetest
+EVPTEST=        evp_test
+
+TESTS=          alltests
+
+EXE=    $(BNTEST) $(ECTEST) $(IDEATEST) $(MD2TEST)  $(MD4TEST) $(MD5TEST) $(HMACTEST) \
+        $(RC2TEST) $(RC4TEST) $(RC5TEST) \
+        $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+        $(RANDTEST) $(DHTEST) $(ENGINETEST) \
+        $(BFTEST) $(CASTTEST) $(SSLTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+        $(EVPTEST)
+
+# $(METHTEST)
+
+OBJ=    $(BNTEST).o $(ECTEST).o $(IDEATEST).o $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+        $(HMACTEST).o \
+        $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+        $(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o $(RMDTEST).o \
+        $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+        $(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
+        $(EVPTEST).o
+SRC=    $(BNTEST).c $(ECTEST).c $(IDEATEST).c $(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
+        $(HMACTEST).c \
+        $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+        $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+        $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+        $(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
+        $(EVPTEST).c
+
+EXHEADER= 
+HEADER= $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+        (cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+
+all:    exe
+
+exe:    $(EXE) dummytest
+
+files:
+        $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+        @sh $(TOP)/util/point.sh Makefile.ssl Makefile
+
+generate: $(SRC)
+$(SRC):
+        @sh $(TOP)/util/point.sh dummytest.c $@
+
+errors:
+
+install:
+
+tags:
+        ctags $(SRC)
+
+tests:  exe apps $(TESTS)
+
+apps:
+        @(cd ../apps; $(MAKE)  CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' all)
+
+alltests:
+        (LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH=$$LIBPATH; DYLD_LIBRARY_PATH=$$LIBPATH; SHLIB_PATH=$$LIBPATH; \
+                export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
+                $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' alltests.chooser)
+alltests.chooser: \
+        test_des test_idea test_sha test_md4 test_md5 test_hmac \
+        test_md2 test_mdc2 \
+        test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \
+        test_rand test_bn test_ec test_enc test_x509 test_rsa test_crl test_sid \
+        test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
+        test_ss test_ca test_engine test_evp test_ssl
+
+test_evp:
+        ./$(EVPTEST) evptests.txt
+
+test_des:
+        ./$(DESTEST)
+
+test_idea:
+        ./$(IDEATEST)
+
+test_sha:
+        ./$(SHATEST)
+        ./$(SHA1TEST)
+
+test_mdc2:
+        ./$(MDC2TEST)
+
+test_md5:
+        ./$(MD5TEST)
+
+test_md4:
+        ./$(MD4TEST)
+
+test_hmac:
+        ./$(HMACTEST)
+
+test_md2:
+        ./$(MD2TEST)
+
+test_rmd:
+        ./$(RMDTEST)
+
+test_bf:
+        ./$(BFTEST)
+
+test_cast:
+        ./$(CASTTEST)
+
+test_rc2:
+        ./$(RC2TEST)
+
+test_rc4:
+        ./$(RC4TEST)
+
+test_rc5:
+        ./$(RC5TEST)
+
+test_rand:
+        ./$(RANDTEST)
+
+test_enc:
+        @sh ./testenc
+
+test_x509:
+        echo test normal x509v1 certificate
+        sh ./tx509 2>/dev/null
+        echo test first x509v3 certificate
+        sh ./tx509 v3-cert1.pem 2>/dev/null
+        echo test second x509v3 certificate
+        sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa:
+        @sh ./trsa 2>/dev/null
+        ./$(RSATEST)
+
+test_crl:
+        @sh ./tcrl 2>/dev/null
+
+test_sid:
+        @sh ./tsid 2>/dev/null
+
+test_req:
+        @sh ./treq 2>/dev/null
+        @sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7:
+        @sh ./tpkcs7 2>/dev/null
+        @sh ./tpkcs7d 2>/dev/null
+
+test_bn:
+        @echo starting big number library test, could take a while...
+        @./$(BNTEST) >tmp.bntest
+        @echo quit >>tmp.bntest
+        @echo "running bc"
+        @<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+        @echo 'test a^b%c implementations'
+        ./$(EXPTEST)
+
+test_ec:
+        @echo 'test elliptic curves'
+        ./$(ECTEST)
+
+test_verify:
+        @echo "The following command should have some OK's and some failures"
+        @echo "There are definitly a few expired certificates"
+        ../apps/openssl verify -CApath ../certs ../certs/*.pem
+
+test_dh:
+        @echo "Generate a set of DH parameters"
+        ./$(DHTEST)
+
+test_dsa:
+        @echo "Generate a set of DSA parameters"
+        ./$(DSATEST)
+        ./$(DSATEST) -app2_1
+
+test_gen:
+        @echo "Generate and verify a certificate request"
+        @sh ./testgen
+
+test_ss keyU.ss certU.ss certCA.ss: testss
+        @echo "Generate and certify a test certificate"
+        @sh ./testss
+
+test_engine: 
+        @echo "Manipulate the ENGINE structures"
+        ./$(ENGINETEST)
+
+test_ssl: keyU.ss certU.ss certCA.ss
+        @echo "test SSL protocol"
+        @sh ./testssl keyU.ss certU.ss certCA.ss
+
+test_ca:
+        @if ../apps/openssl no-rsa; then \
+          echo "skipping CA.sh test -- requires RSA"; \
+        else \
+          echo "Generate and certify a test certificate via the 'ca' program"; \
+          sh ./testca; \
+        fi
+
+test_rd: #$(RDTEST)
+#       @echo "test Rijndael"
+#       ./$(RDTEST)
+
+lint:
+        lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+        $(MAKEDEPEND) $(CFLAG) $(INCLUDES) $(DEPFLAG) $(PROGS) $(SRC)
+
+dclean:
+        $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+        mv -f Makefile.new $(MAKEFILE)
+
+clean:
+        rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log
+
+$(DLIBSSL):
+        (cd ../ssl; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}')
+
+$(DLIBCRYPTO):
+        (cd ../crypto; $(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}')
+
+$(RSATEST): $(RSATEST).o $(DLIBCRYPTO)
+        $(CC) -o $(RSATEST) $(CFLAGS) $(RSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(ECTEST): $(ECTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(ECTEST) $(CFLAGS) $(ECTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
+        $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
+        $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RMDTEST): $(RMDTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(RMDTEST) $(CFLAGS) $(RMDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MD4TEST): $(MD4TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(MD4TEST) $(CFLAGS) $(MD4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(HMACTEST): $(HMACTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(HMACTEST) $(CFLAGS) $(HMACTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(CASTTEST): $(CASTTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(CASTTEST) $(CFLAGS) $(CASTTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RC5TEST): $(RC5TEST).o $(DLIBCRYPTO)
+        $(CC) -o $(RC5TEST) $(CFLAGS) $(RC5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
+        $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+        $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS)
+
+$(ENGINETEST): $(ENGINETEST).o $(DLIBCRYPTO)
+        $(CC) -o $(ENGINETEST) $(CFLAGS) $(ENGINETEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
+        $(CC) -o $(EVPTEST) $(CFLAGS) $(EVPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+        
+#$(RDTEST).o: $(RDTEST).c
+#       $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c
+
+#$(RDTEST): $(RDTEST).o $(DLIBCRYPTO)
+#       $(CC) -o $(RDTEST) $(CFLAGS) $(RDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+dummytest: dummytest.o $(DLIBCRYPTO)
+        $(CC) -o dummytest $(CFLAGS) dummytest.o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bftest.o: ../include/openssl/blowfish.h ../include/openssl/e_os2.h
+bftest.o: ../include/openssl/opensslconf.h bftest.c
+bntest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+bntest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/cast.h ../include/openssl/crypto.h
+bntest.o: ../include/openssl/des.h ../include/openssl/des_old.h
+bntest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+bntest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+bntest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+bntest.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+bntest.o: ../include/openssl/md4.h ../include/openssl/md5.h
+bntest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+bntest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+bntest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+bntest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+bntest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+bntest.o: ../include/openssl/x509_vfy.h bntest.c
+casttest.o: ../include/openssl/cast.h casttest.c
+destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+destest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+destest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+destest.o: ../include/openssl/ui_compat.h destest.c
+dhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
+dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
+dsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+dsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+dsatest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsatest.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+dsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+dsatest.o: ../include/openssl/ui.h dsatest.c
+ectest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+ectest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ectest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ectest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
+enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
+enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+enginetest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+enginetest.o: enginetest.c
+evp_test.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+evp_test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+evp_test.o: ../include/openssl/des.h ../include/openssl/des_old.h
+evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_test.o: ../include/openssl/idea.h ../include/openssl/lhash.h
+evp_test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+evp_test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+evp_test.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+evp_test.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+evp_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+evp_test.o: ../include/openssl/ui_compat.h evp_test.c
+exptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
+exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+exptest.o: ../include/openssl/symhacks.h exptest.c
+hmactest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+hmactest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+hmactest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+hmactest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+hmactest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+hmactest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+hmactest.o: ../include/openssl/idea.h ../include/openssl/md2.h
+hmactest.o: ../include/openssl/md4.h ../include/openssl/md5.h
+hmactest.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+hmactest.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
+hmactest.o: ../include/openssl/rc5.h ../include/openssl/ripemd.h
+hmactest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+hmactest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+hmactest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+hmactest.o: ../include/openssl/ui_compat.h hmactest.c
+ideatest.o: ../include/openssl/idea.h ../include/openssl/opensslconf.h
+ideatest.o: ideatest.c
+md2test.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+md2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md2test.c
+md4test.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+md4test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md4test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md4test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md4test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md4test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md4test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md4test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md4test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md4test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md4test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md4test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md4test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md4test.c
+md5test.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+md5test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+md5test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+md5test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+md5test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+md5test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+md5test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+md5test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+md5test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+md5test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+md5test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+md5test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+md5test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h md5test.c
+mdc2test.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+mdc2test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+mdc2test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+mdc2test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+mdc2test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+mdc2test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+mdc2test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+mdc2test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+mdc2test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+mdc2test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+mdc2test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
+randtest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h randtest.c
+rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h rc4test.c
+rc5test.o: ../include/openssl/rc5.h rc5test.c
+rmdtest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+rmdtest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+rmdtest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+rmdtest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+rmdtest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+rmdtest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+rmdtest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+rmdtest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+rmdtest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+rmdtest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+rmdtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rmdtest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h rmdtest.c
+rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rsa_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h
+rsa_test.o: ../include/openssl/err.h ../include/openssl/lhash.h
+rsa_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rsa_test.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+rsa_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+rsa_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsa_test.o: ../include/openssl/ui.h rsa_test.c
+sha1test.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+sha1test.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+sha1test.o: ../include/openssl/bn.h ../include/openssl/cast.h
+sha1test.o: ../include/openssl/crypto.h ../include/openssl/des.h
+sha1test.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+sha1test.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+sha1test.o: ../include/openssl/evp.h ../include/openssl/idea.h
+sha1test.o: ../include/openssl/md2.h ../include/openssl/md4.h
+sha1test.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+sha1test.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+sha1test.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+sha1test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h sha1test.c
+shatest.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+shatest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+shatest.o: ../include/openssl/bn.h ../include/openssl/cast.h
+shatest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+shatest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+shatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+shatest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+shatest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+shatest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rc2.h
+shatest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+shatest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+shatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h shatest.c
+ssltest.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+ssltest.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssltest.o: ../include/openssl/cast.h ../include/openssl/comp.h
+ssltest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+ssltest.o: ../include/openssl/des_old.h ../include/openssl/dh.h
+ssltest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ssltest.o: ../include/openssl/evp.h ../include/openssl/idea.h
+ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssltest.o: ../include/openssl/md2.h ../include/openssl/md4.h
+ssltest.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssltest.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+ssltest.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
+ssltest.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
+ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssltest.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssltest.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssltest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssltest.o: ../include/openssl/tls1.h ../include/openssl/ui.h
+ssltest.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+ssltest.o: ../include/openssl/x509_vfy.h ssltest.c
diff --git a/src/lib/libssl/test/dummytest.c b/src/lib/libssl/test/dummytest.c
new file mode 100644
index 0000000000..f98f003ef9
--- /dev/null
+++ b/src/lib/libssl/test/dummytest.c
@@ -0,0 +1,47 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+
+int main(int argc, char *argv[])
+        {
+        char *p, *q, *program;
+
+        p = strrchr(argv[0], '/');
+        if (!p) p = strrchr(argv[0], '\\');
+#ifdef OPENSSL_SYS_VMS
+        if (!p) p = strrchr(argv[0], ']');
+        if (p) q = strrchr(p, '>');
+        if (q) p = q;
+        if (!p) p = strrchr(argv[0], ':');
+        q = 0;
+#endif
+        if (p) p++;
+        if (!p) p = argv[0];
+        if (p) q = strchr(p, '.');
+        if (p && !q) q = p + strlen(p);
+
+        if (!p)
+                program = BUF_strdup("(unknown)");
+        else
+                {
+                program = OPENSSL_malloc((q - p) + 1);
+                strncpy(program, p, q - p);
+                program[q - p] = '\0';
+                }
+
+        for(p = program; *p; p++)
+                if (islower(*p)) *p = toupper(*p);
+
+        q = strstr(program, "TEST");
+        if (q > p && q[-1] == '_') q--;
+        *q = '\0';
+
+        printf("No %s support\n", program);
+
+        OPENSSL_free(program);
+        return(0);
+        }
diff --git a/src/lib/libssl/test/enginetest.c b/src/lib/libssl/test/enginetest.c
new file mode 100644
index 0000000000..87fa8c57b7
--- /dev/null
+++ b/src/lib/libssl/test/enginetest.c
@@ -0,0 +1,274 @@
+/* crypto/engine/enginetest.c */
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/e_os2.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+#include <openssl/engine.h>
+#include <openssl/err.h>
+
+static void display_engine_list()
+        {
+        ENGINE *h;
+        int loop;
+
+        h = ENGINE_get_first();
+        loop = 0;
+        printf("listing available engine types\n");
+        while(h)
+                {
+                printf("engine %i, id = \"%s\", name = \"%s\"\n",
+                        loop++, ENGINE_get_id(h), ENGINE_get_name(h));
+                h = ENGINE_get_next(h);
+                }
+        printf("end of list\n");
+        /* ENGINE_get_first() increases the struct_ref counter, so we 
+           must call ENGINE_free() to decrease it again */
+        ENGINE_free(h);
+        }
+
+int main(int argc, char *argv[])
+        {
+        ENGINE *block[512];
+        char buf[256];
+        const char *id, *name;
+        ENGINE *ptr;
+        int loop;
+        int to_return = 1;
+        ENGINE *new_h1 = NULL;
+        ENGINE *new_h2 = NULL;
+        ENGINE *new_h3 = NULL;
+        ENGINE *new_h4 = NULL;
+
+        /* enable memory leak checking unless explicitly disabled */
+        if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+                {
+                CRYPTO_malloc_debug_init();
+                CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+                }
+        else
+                {
+                /* OPENSSL_DEBUG_MEMORY=off */
+                CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+                }
+        CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+        ERR_load_crypto_strings();
+
+        memset(block, 0, 512 * sizeof(ENGINE *));
+        if(((new_h1 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h1, "test_id0") ||
+                        !ENGINE_set_name(new_h1, "First test item") ||
+                        ((new_h2 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h2, "test_id1") ||
+                        !ENGINE_set_name(new_h2, "Second test item") ||
+                        ((new_h3 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h3, "test_id2") ||
+                        !ENGINE_set_name(new_h3, "Third test item") ||
+                        ((new_h4 = ENGINE_new()) == NULL) ||
+                        !ENGINE_set_id(new_h4, "test_id3") ||
+                        !ENGINE_set_name(new_h4, "Fourth test item"))
+                {
+                printf("Couldn't set up test ENGINE structures\n");
+                goto end;
+                }
+        printf("\nenginetest beginning\n\n");
+        display_engine_list();
+        if(!ENGINE_add(new_h1))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        ptr = ENGINE_get_first();
+        if(!ENGINE_remove(ptr))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        if (ptr)
+                ENGINE_free(ptr);
+        display_engine_list();
+        if(!ENGINE_add(new_h3) || !ENGINE_add(new_h2))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h2))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_add(new_h4))
+                {
+                printf("Add failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(ENGINE_add(new_h3))
+                {
+                printf("Add *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Add that should fail did.\n");
+        ERR_clear_error();
+        if(ENGINE_remove(new_h2))
+                {
+                printf("Remove *should* have failed but didn't!\n");
+                goto end;
+                }
+        else
+                printf("Remove that should fail did.\n");
+        ERR_clear_error();
+        if(!ENGINE_remove(new_h3))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        if(!ENGINE_remove(new_h4))
+                {
+                printf("Remove failed!\n");
+                goto end;
+                }
+        display_engine_list();
+        /* Depending on whether there's any hardware support compiled
+         * in, this remove may be destined to fail. */
+        ptr = ENGINE_get_first();
+        if(ptr)
+                if(!ENGINE_remove(ptr))
+                        printf("Remove failed!i - probably no hardware "
+                                "support present.\n");
+        if (ptr)
+                ENGINE_free(ptr);
+        display_engine_list();
+        if(!ENGINE_add(new_h1) || !ENGINE_remove(new_h1))
+                {
+                printf("Couldn't add and remove to an empty list!\n");
+                goto end;
+                }
+        else
+                printf("Successfully added and removed to an empty list!\n");
+        printf("About to beef up the engine-type list\n");
+        for(loop = 0; loop < 512; loop++)
+                {
+                sprintf(buf, "id%i", loop);
+                id = BUF_strdup(buf);
+                sprintf(buf, "Fake engine type %i", loop);
+                name = BUF_strdup(buf);
+                if(((block[loop] = ENGINE_new()) == NULL) ||
+                                !ENGINE_set_id(block[loop], id) ||
+                                !ENGINE_set_name(block[loop], name))
+                        {
+                        printf("Couldn't create block of ENGINE structures.\n"
+                                "I'll probably also core-dump now, damn.\n");
+                        goto end;
+                        }
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                if(!ENGINE_add(block[loop]))
+                        {
+                        printf("\nAdding stopped at %i, (%s,%s)\n",
+                                loop, ENGINE_get_id(block[loop]),
+                                ENGINE_get_name(block[loop]));
+                        goto cleanup_loop;
+                        }
+                else
+                        printf("."); fflush(stdout);
+                }
+cleanup_loop:
+        printf("\nAbout to empty the engine-type list\n");
+        while((ptr = ENGINE_get_first()) != NULL)
+                {
+                if(!ENGINE_remove(ptr))
+                        {
+                        printf("\nRemove failed!\n");
+                        goto end;
+                        }
+                ENGINE_free(ptr);
+                printf("."); fflush(stdout);
+                }
+        for(loop = 0; loop < 512; loop++)
+                {
+                OPENSSL_free((void *)ENGINE_get_id(block[loop]));
+                OPENSSL_free((void *)ENGINE_get_name(block[loop]));
+                }
+        printf("\nTests completed happily\n");
+        to_return = 0;
+end:
+        if(to_return)
+                ERR_print_errors_fp(stderr);
+        if(new_h1) ENGINE_free(new_h1);
+        if(new_h2) ENGINE_free(new_h2);
+        if(new_h3) ENGINE_free(new_h3);
+        if(new_h4) ENGINE_free(new_h4);
+        for(loop = 0; loop < 512; loop++)
+                if(block[loop])
+                        ENGINE_free(block[loop]);
+        ENGINE_cleanup();
+        CRYPTO_cleanup_all_ex_data();
+        ERR_free_strings();
+        ERR_remove_state(0);
+        CRYPTO_mem_leaks_fp(stderr);
+        return to_return;
+        }
diff --git a/src/lib/libssl/test/maketests.com b/src/lib/libssl/test/maketests.com
new file mode 100644
index 0000000000..b3bf8bb837
--- /dev/null
+++ b/src/lib/libssl/test/maketests.com
@@ -0,0 +1,1087 @@
+$!
+$!  MAKETESTS.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command files compiles and creates all the various different
+$!  "test" programs for the different types of encryption for OpenSSL.
+$!  It was written so it would try to determine what "C" compiler to
+$!  use or you can specify which "C" compiler to use.
+$!
+$!  The test "executeables" will be placed in a directory called
+$!  [.xxx.EXE.TEST] where "xxx" denotes AXP or VAX depending on your machines
+$!  architecture.
+$!
+$!  Specify RSAREF as P1 to compile with the RSAREF library instead of
+$!  the regular one.  If you specify NORSAREF it will compile with the
+$!  regular RSAREF routines.  (Note: If you are in the United States
+$!  you MUST compile with RSAREF unless you have a license from RSA).
+$!
+$!  Note: The RSAREF libraries are NOT INCLUDED and you have to
+$!        download it from "ftp://ftp.rsa.com/rsaref".  You have to
+$!        get the ".tar-Z" file as the ".zip" file dosen't have the
+$!        directory structure stored.  You have to extract the file
+$!        into the [.RSAREF] directory under the root directory as that
+$!        is where the scripts will look for the files.
+$!
+$!  Specify DEBUG or NODEBUG P2 to compile with or without debugger
+$!  information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!         VAXC  For VAX C.
+$!         DECC  For DEC C.
+$!         GNUC  For GNU C.
+$!
+$!  If you don't speficy a compiler, it will try to determine which
+$!  "C" compiler to use.
+$!
+$!  P4, if defined, sets a TCP/IP library to use, through one of the following
+$!  keywords:
+$!
+$!      UCX             for UCX
+$!      SOCKETSHR       for SOCKETSHR+NETLIB
+$!
+$!  P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$! Define A TCP/IP Library That We Will Need To Link To.
+$! (That is, If Wee Need To Link To One.)
+$!
+$ TCPIP_LIB = ""
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").GE.128) 
+$ THEN
+$!
+$!  The Architecture Is AXP.
+$!
+$   ARCH := AXP
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH := VAX
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
+$! Define The CRYPTO-LIB We Are To Use.
+$!
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO.OLB
+$!
+$! Define The RSAREF-LIB We Are To Use.
+$!
+$ RSAREF_LIB := SYS$DISK:[-.'ARCH'.EXE.RSAREF]LIBRSAGLUE.OLB
+$!
+$! Define The SSL We Are To Use.
+$!
+$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL.OLB
+$!
+$! Define The OBJ Directory.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.TEST]
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  The EXE Directory Dosen't Exist, So Create It.
+$!
+$   CREATE/DIRECTORY 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The EXE Directory.
+$!
+$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.TEST]
+$!
+$! Check To See If The Architecture Specific EXE Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  The EXE Directory Dosen't Exist, So Create It.
+$!
+$   CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! End The Architecture Specific EXE Directory Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Define The TEST Files.
+$!
+$ TEST_FILES = "BNTEST,ECTEST,IDEATEST,MD2TEST,MD4TEST,MD5TEST,HMACTEST,"+ -
+               "RC2TEST,RC4TEST,RC5TEST,"+ -
+               "DESTEST,SHATEST,SHA1TEST,MDC2TEST,RMDTEST,"+ -
+               "RANDTEST,DHTEST,ENGINETEST,"+ -
+               "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
+               "EVP_TEST"
+$ TCPIP_PROGRAMS = ",,"
+$ IF COMPILER .EQS. "VAXC" THEN -
+     TCPIP_PROGRAMS = ",SSLTEST,"
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",TEST_FILES)
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
+$!
+$! Create The Executable File Name.
+$!
+$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   GOTO EXIT
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building The ",FILE_NAME," Test Program."
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check If What We Are About To Compile Works Without A TCP/IP Library.
+$!
+$ IF ((TCPIP_LIB.EQS."").AND.((TCPIP_PROGRAMS-FILE_NAME).NES.TCPIP_PROGRAMS))
+$ THEN
+$!
+$!  Inform The User That A TCP/IP Library Is Needed To Compile This Program.
+$!
+$   WRITE SYS$OUTPUT FILE_NAME," Needs A TCP/IP Library.  Can't Link.  Skipping..."
+$   GOTO NEXT_FILE
+$!
+$! End The TCP/IP Library Check.
+$!
+$ ENDIF
+$!
+$! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
+$!
+$ IF (RSAREF.EQS."TRUE")
+$ THEN
+$!
+$!  Check To See If We Are To Link With A Specific TCP/IP Library.
+$!
+$   IF (TCPIP_LIB.NES."")
+$   THEN
+$!
+$!    Link With The RSAREF Library And A Specific TCP/IP Library.
+$!
+$     LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+          'OBJECT_FILE',-
+          'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, -
+          'TCPIP_LIB','OPT_FILE'/OPTION
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Link With The RSAREF Library And NO TCP/IP Library.
+$!
+$     LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+          'OBJECT_FILE', -
+          'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY,'RSAREF_LIB'/LIBRARY, -
+          'OPT_FILE'/OPTION
+$!
+$!  End The TCP/IP Library Check.
+$!
+$   ENDIF
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Don't Link With The RSAREF Routines.
+$!
+$!
+$!  Check To See If We Are To Link With A Specific TCP/IP Library.
+$!
+$   IF (TCPIP_LIB.NES."")
+$   THEN
+$!
+$!    Don't Link With The RSAREF Routines And TCP/IP Library.
+$!
+$   LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+        'OBJECT_FILE', -
+        'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
+        'TCPIP_LIB','OPT_FILE'/OPTION
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Don't Link With The RSAREF Routines And Link With A TCP/IP Library.
+$!
+$   LINK/'DEBUGGER'/'TRACEBACK' /EXE='EXE_FILE' -
+        'OBJECT_FILE', -
+        'SSL_LIB'/LIBRARY,'CRYPTO_LIB'/LIBRARY, -
+        'OPT_FILE'/OPTION
+$!
+$!  End The TCP/IP Library Check.
+$!
+$   ENDIF
+$!
+$! End The RSAREF Link Check.
+$!
+$ ENDIF 
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! All Done, Time To Exit.
+$!
+$ EXIT:
+$ GOSUB CLEANUP
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!
+$     IF (ARCH.EQS."VAX")
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The AXP Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For AXP To Link Agianst 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The VAX/AXP DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."     
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check To See If We Have The Appropiate Libraries.
+$!
+$ LIB_CHECK:
+$!
+$! Look For The Library LIBCRYPTO.OLB.
+$!
+$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBCRYPTO.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The Crypto Library Check.
+$!
+$ ENDIF
+$!
+$! See If We Need The RSAREF Library...
+$!
+$ IF (RSAREF.EQS."TRUE")
+$ THEN
+$!
+$!  Look For The Library LIBRSAGLUE.OLB.
+$!
+$   IF (F$SEARCH(RSAREF_LIB).EQS."")
+$   THEN
+$!
+$!    Tell The User We Can't Find The LIBRSAGLUE.OLB Library.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "Can't Find The Library ",RSAREF_LIB,"."
+$     WRITE SYS$OUTPUT "We Can't Link Without It."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Since We Can't Link Without It, Exit.
+$!
+$     EXIT
+$   ENDIF
+$!
+$! End The RSAREF Library Check.
+$!
+$ ENDIF
+$!
+$! Look For The Library LIBSSL.OLB.
+$!
+$ IF (F$SEARCH(SSL_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBSSL.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
+$   WRITE SYS$OUTPUT "Some Of The Test Programs Need To Link To It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The SSL Library Check.
+$!
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ P1 = "NORSAREF"
+$ IF (P1.EQS."NORSAREF")
+$ THEN
+$!
+$!   P1 Is NORSAREF, So Compile With The Regular RSA Libraries.
+$!
+$    RSAREF = "FALSE"
+$ ELSE
+$!
+$!  Check To See If We Are To Use The RSAREF Library.
+$!
+$   IF (P1.EQS."RSAREF")
+$   THEN
+$!
+$!    Check To Make Sure We Have The RSAREF Source Code Directory.
+$!
+$     IF (F$SEARCH("SYS$DISK:[-.RSAREF]SOURCE.DIR").EQS."")
+$     THEN
+$!
+$!      We Don't Have The RSAREF Souce Code Directory, So Tell The
+$!      User This.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "It appears that you don't have the RSAREF Souce Code."
+$       WRITE SYS$OUTPUT "You need to go to 'ftp://ftp.rsa.com/rsaref'.  You have to"
+$       WRITE SYS$OUTPUT "get the '.tar-Z' file as the '.zip' file dosen't have the"
+$       WRITE SYS$OUTPUT "directory structure stored.  You have to extract the file"
+$       WRITE SYS$OUTPUT "into the [.RSAREF] directory under the root directory"
+$       WRITE SYS$OUTPUT "as that is where the scripts will look for the files."
+$       WRITE SYS$OUTPUT ""
+$!
+$!      Time To Exit.
+$!
+$       EXIT
+$!
+$!    Else, Compile Using The RSAREF Library.
+$!
+$     ELSE
+$       RSAREF = "TRUE"
+$     ENDIF
+$   ELSE 
+$!
+$!    They Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "     RSAREF   :  Compile With The RSAREF Library."
+$     WRITE SYS$OUTPUT "     NORSAREF :  Compile With The Regular RSA Library."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P2 Is Blank.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!   P2 Is NODEBUG, So Compile Without Debugger Information.
+$!
+$    DEBUGGER  = "NODEBUG"
+$    TRACEBACK = "NOTRACEBACK" 
+$    GCC_OPTIMIZE = "OPTIMIZE"
+$    CC_OPTIMIZE = "OPTIMIZE"
+$    WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$    WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Arguement Check.
+$!
+$   ENDIF
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  End The GNU C Compiler Check.
+$!
+$   ELSE
+$!
+$!  Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!      Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     P4 = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+         .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+         .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!      Last resort: a UCX or UCX-compatible library
+$!
+$       P4 = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!      That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "TCPIP_TYPE_''P4'"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+        CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
+$!
+$!  Check To See If The User Entered A Valid Paramter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+         THEN CC = "CC/DECC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
+           "/NOLIST/PREFIX=ALL" + -
+           "/INCLUDE=(SYS$DISK:[-])" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."AXP"
+$     THEN
+$       WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$       EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+           "/INCLUDE=(SYS$DISK:[-])" + CCEXTRAFLAGS
+$     CCDEFS = CCDEFS + ",""VAXC"""
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+           "/INCLUDE=(SYS$DISK:[-])" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Check To See If We Are To Compile With RSAREF Routines.
+$!
+$   IF (RSAREF.EQS."TRUE")
+$   THEN
+$!
+$!    Compile With RSAREF.
+$!
+$     CCDEFS = CCDEFS + ",""RSAref=1"""
+$!
+$!    Tell The User This.
+$!
+$     WRITE SYS$OUTPUT "Compiling With RSAREF Routines."
+$!
+$!    Else, We Don't Care.  Compile Without The RSAREF Library.
+$!
+$   ELSE
+$!
+$!    Tell The User We Are Compile Without The RSAREF Routines.
+$!
+$     WRITE SYS$OUTPUT "Compiling Without The RSAREF Routines.
+$!
+$!  End The RSAREF Check.
+$!
+$   ENDIF
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
+     .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P4.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P4.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UXC emulation.
+$!
+$     P4 = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P4.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+          TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP was chosen
+$!
+$   IF P4.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP (post UCX).
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF P4.EQS."NONE"
+$   THEN
+$!
+$!    Do not use a TCPIP library.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Done with NONE
+$!
+$   ENDIF
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$!
+$!  Else The User Entered An Invalid Arguement.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P4," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P5.
+$!
+$ IF (P5.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P5 Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __HERE = F$EDIT(__HERE,"UPCASE")
+$ __TOP = __HERE - "TEST]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL/NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the logical name OPENSSL if it had a value
+$!
+$ IF __SAVE_OPENSSL .EQS. ""
+$ THEN
+$   DEASSIGN OPENSSL
+$ ELSE
+$   DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
+$ ENDIF
+$!
+$! Done
+$!
+$ RETURN
diff --git a/src/lib/libssl/test/md4test.c b/src/lib/libssl/test/md4test.c
new file mode 100644
index 0000000000..e0fdc42282
--- /dev/null
+++ b/src/lib/libssl/test/md4test.c
@@ -0,0 +1,134 @@
+/* crypto/md4/md4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#ifdef OPENSSL_NO_MD4
+int main(int argc, char *argv[])
+{
+    printf("No MD4 support\n");
+    return(0);
+}
+#else
+#include <openssl/evp.h>
+#include <openssl/md4.h>
+
+static char *test[]={
+        "",
+        "a",
+        "abc",
+        "message digest",
+        "abcdefghijklmnopqrstuvwxyz",
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+        "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+        NULL,
+        };
+
+static char *ret[]={
+"31d6cfe0d16ae931b73c59d7e0c089c0",
+"bde52cb31de33e46245e05fbdbd6fb24",
+"a448017aaf21d8525fc10ae87aa6729d",
+"d9130a8164549fe818874806e1c7014b",
+"d79e1c308aa5bbcdeea8ed63df412da9",
+"043f8582f241db351ce627e153e7f0e4",
+"e33b4ddc9c38f2199c3e7b164fcc0536",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+        {
+        int i,err=0;
+        unsigned char **P,**R;
+        char *p;
+        unsigned char md[MD4_DIGEST_LENGTH];
+
+        P=(unsigned char **)test;
+        R=(unsigned char **)ret;
+        i=1;
+        while (*P != NULL)
+                {
+                EVP_Digest(&(P[0][0]),(unsigned long)strlen((char *)*P),md,NULL,EVP_md4(), NULL);
+                p=pt(md);
+                if (strcmp(p,(char *)*R) != 0)
+                        {
+                        printf("error calculating MD4 on '%s'\n",*P);
+                        printf("got %s instead of %s\n",p,*R);
+                        err++;
+                        }
+                else
+                        printf("test %d ok\n",i);
+                i++;
+                R++;
+                P++;
+                }
+        exit(err);
+        return(0);
+        }
+
+static char *pt(unsigned char *md)
+        {
+        int i;
+        static char buf[80];
+
+        for (i=0; i<MD4_DIGEST_LENGTH; i++)
+                sprintf(&(buf[i*2]),"%02x",md[i]);
+        return(buf);
+        }
+#endif
diff --git a/src/lib/libssl/test/rsa_test.c b/src/lib/libssl/test/rsa_test.c
new file mode 100644
index 0000000000..b8b462d33b
--- /dev/null
+++ b/src/lib/libssl/test/rsa_test.c
@@ -0,0 +1,318 @@
+/* test vectors from p1ovect1.txt */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifdef OPENSSL_NO_RSA
+int main(int argc, char *argv[])
+{
+    printf("No RSA support\n");
+    return(0);
+}
+#else
+#include <openssl/rsa.h>
+#include <openssl/engine.h>
+
+#define SetKey \
+  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
+  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
+  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
+  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
+  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
+  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
+  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
+  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
+  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
+  return (sizeof(ctext_ex) - 1);
+
+static int key1(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
+"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
+"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
+"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
+"\xF5";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
+"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
+"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
+"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
+
+    static unsigned char p[] =
+"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
+"\x0D";
+    
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x89";
+
+    static unsigned char dmp1[] =
+"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
+"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
+
+    static unsigned char dmq1[] =
+"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
+"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
+"\x51";
+
+    static unsigned char iqmp[] =
+"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
+"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
+
+    static unsigned char ctext_ex[] =
+"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
+"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
+"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
+"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
+
+    SetKey;
+    }
+
+static int key2(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
+"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
+"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
+"\x34\x77\xCF";
+
+    static unsigned char e[] = "\x3";
+
+    static unsigned char d[] =
+"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
+"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
+"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
+"\xE5\xEB";
+
+    static unsigned char p[] =
+"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
+"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
+    
+    static unsigned char dmp1[] =
+"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
+"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
+
+    static unsigned char dmq1[] =
+"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
+"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
+
+    static unsigned char iqmp[] =
+"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
+"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
+
+    static unsigned char ctext_ex[] =
+"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
+"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
+"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
+"\x62\x51";
+
+    SetKey;
+    }
+
+static int key3(RSA *key, unsigned char *c)
+    {
+    static unsigned char n[] =
+"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
+"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
+"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
+"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
+"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
+"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
+"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
+"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
+"\xCB";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
+"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
+"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
+"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
+"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
+"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
+"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
+"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
+"\xC1";
+
+    static unsigned char p[] =
+"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
+"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
+"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
+"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
+"\x99";
+
+    static unsigned char q[] =
+"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
+"\x03";
+
+    static unsigned char dmp1[] =
+"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
+"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
+"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
+"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
+
+    static unsigned char dmq1[] =
+"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
+"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
+"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
+"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
+    
+    static unsigned char iqmp[] =
+"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
+"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
+"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
+"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
+"\xF7";
+
+    static unsigned char ctext_ex[] =
+"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
+"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
+"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
+"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
+"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
+"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
+"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
+"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
+
+    SetKey;
+    }
+
+static int pad_unknown(void)
+{
+    unsigned long l;
+    while ((l = ERR_get_error()) != 0)
+      if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
+        return(1);
+    return(0);
+}
+
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+    {
+    int err=0;
+    int v;
+    RSA *key;
+    unsigned char ptext[256];
+    unsigned char ctext[256];
+    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
+    unsigned char ctext_ex[256];
+    int plen;
+    int clen = 0;
+    int num;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+
+    plen = sizeof(ptext_ex) - 1;
+
+    for (v = 0; v < 3; v++)
+        {
+        key = RSA_new();
+        switch (v) {
+    case 0:
+        clen = key1(key, ctext_ex);
+        break;
+    case 1:
+        clen = key2(key, ctext_ex);
+        break;
+    case 2:
+        clen = key3(key, ctext_ex);
+        break;
+        }
+
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_PADDING);
+        if (num != clen)
+            {
+            printf("PKCS#1 v1.5 encryption failed!\n");
+            err=1;
+            goto oaep;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("PKCS#1 v1.5 decryption failed!\n");
+            err=1;
+            }
+        else
+            printf("PKCS #1 v1.5 encryption/decryption ok\n");
+
+    oaep:
+        ERR_clear_error();
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_OAEP_PADDING);
+        if (num == -1 && pad_unknown())
+            {
+            printf("No OAEP support\n");
+            goto next;
+            }
+        if (num != clen)
+            {
+            printf("OAEP encryption failed!\n");
+            err=1;
+            goto next;
+            }
+  
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (encrypted data) failed!\n");
+            err=1;
+            }
+        else if (memcmp(ctext, ctext_ex, num) == 0)
+            {
+            printf("OAEP test vector %d passed!\n", v);
+            goto next;
+            }
+    
+        /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
+           Try decrypting ctext_ex */
+
+        num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
+            {
+            printf("OAEP decryption (test vector data) failed!\n");
+            err=1;
+            }
+        else
+            printf("OAEP encryption/decryption ok\n");
+    next:
+        RSA_free(key);
+        }
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_state(0);
+
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return err;
+    }
+#endif
diff --git a/src/lib/libssl/test/tcrl.com b/src/lib/libssl/test/tcrl.com
new file mode 100644
index 0000000000..2e6ab2814d
--- /dev/null
+++ b/src/lib/libssl/test/tcrl.com
@@ -0,0 +1,81 @@
+$! TCRL.COM  --  Tests crl keys
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       cmd := mcr 'exe_dir'openssl crl
+$
+$       t := testcrl.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing CRL conversions"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in fff.p -inform p -outform t -out f.t
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> d"
+$!      'cmd' -in f.t -inform t -outform d -out ff.d2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$!      write sys$output "d -> t"
+$!      'cmd' -in f.d -inform d -outform t -out ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> t"
+$!      'cmd' -in f.t -inform t -outform t -out ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in f.p -inform p -outform t -out ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> p"
+$!      'cmd' -in f.t -inform t -outform p -out ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare fff.p f.p
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare fff.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$!      backup/compare f.t ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare f.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*
diff --git a/src/lib/libssl/test/testca.com b/src/lib/libssl/test/testca.com
new file mode 100644
index 0000000000..c670f2bf5f
--- /dev/null
+++ b/src/lib/libssl/test/testca.com
@@ -0,0 +1,78 @@
+$! TESTCA.COM
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       openssl := mcr 'exe_dir'openssl
+$
+$       SSLEAY_CONFIG="-config ""CAss.cnf"""
+$
+$       set noon
+$       if f$search("demoCA.dir") .nes. ""
+$       then
+$           call deltree [.demoCA]*.*
+$           set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
+$           delete demoCA.dir;*
+$       endif
+$       set on
+$       open/read sys$ca_input VMSca-response.1
+$       @[-.apps]CA.com -input sys$ca_input -newca
+$       close sys$ca_input
+$       if $severity .ne. 1 then exit 3
+$
+$
+$       SSLEAY_CONFIG="-config ""Uss.cnf"""
+$       @[-.apps]CA.com -newreq
+$       if $severity .ne. 1 then exit 3
+$
+$
+$       SSLEAY_CONFIG="-config [-.apps]openssl-vms.cnf"
+$       open/read sys$ca_input VMSca-response.2
+$       @[-.apps]CA.com -input sys$ca_input -sign
+$       close sys$ca_input
+$       if $severity .ne. 1 then exit 3
+$
+$
+$       @[-.apps]CA.com -verify newcert.pem
+$       if $severity .ne. 1 then exit 3
+$
+$       set noon
+$       call deltree [.demoCA]*.*
+$       set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
+$       delete demoCA.dir;*
+$       if f$search("newcert.pem") .nes. "" then delete newcert.pem;*
+$       if f$search("newcert.pem") .nes. "" then delete newreq.pem;*
+$       set on
+$!      #usage: CA -newcert|-newreq|-newca|-sign|-verify
+$
+$       exit
+$
+$ deltree: subroutine ! P1 is a name of a directory
+$       on control_y then goto dt_STOP
+$       on warning then goto dt_exit
+$       _dt_def = f$trnlnm("SYS$DISK")+f$directory()
+$       if f$parse(p1) .eqs. "" then exit
+$       set default 'f$parse(p1,,,"DEVICE")''f$parse(p1,,,"DIRECTORY")'
+$       p1 = f$parse(p1,,,"NAME") + f$parse(p1,,,"TYPE")
+$       _fp = f$parse(".DIR",p1)
+$ dt_loop:
+$       _f = f$search(_fp)
+$       if _f .eqs. "" then goto dt_loopend
+$       call deltree [.'f$parse(_f,,,"NAME")']*.*
+$       goto dt_loop
+$ dt_loopend:
+$       _fp = f$parse(p1,".;*")
+$       if f$search(_fp) .eqs. "" then goto dt_exit
+$       set noon
+$       set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) '_fp'
+$       set on
+$       delete/nolog '_fp'
+$ dt_exit:
+$       set default '_dt_def'
+$       exit
+$ dt_STOP:
+$       set default '_dt_def'
+$       stop/id=""
+$       exit
+$       endsubroutine
diff --git a/src/lib/libssl/test/testenc.com b/src/lib/libssl/test/testenc.com
new file mode 100644
index 0000000000..3b66f2e0d0
--- /dev/null
+++ b/src/lib/libssl/test/testenc.com
@@ -0,0 +1,60 @@
+$! TESTENC.COM  --  Test encoding and decoding
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       testsrc := makefile.ssl
+$       test := p.txt
+$       cmd := mcr 'exe_dir'openssl
+$
+$       if f$search(test) .nes. "" then delete 'test';*
+$       copy 'testsrc' 'test'
+$
+$       if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;*
+$       if f$search(test+"-clear") .nes. "" then delete 'test'-clear;*
+$
+$       write sys$output "cat"
+$       'cmd' enc -in 'test' -out 'test'-cipher
+$       'cmd' enc -in 'test'-cipher -out 'test'-clear
+$       backup/compare 'test' 'test'-clear
+$       if $severity .ne. 1 then exit 3
+$       delete 'test'-cipher;*,'test'-clear;*
+$
+$       write sys$output "base64"
+$       'cmd' enc -a -e -in 'test' -out 'test'-cipher
+$       'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear
+$       backup/compare 'test' 'test'-clear
+$       if $severity .ne. 1 then exit 3
+$       delete 'test'-cipher;*,'test'-clear;*
+$
+$       define/user sys$output 'test'-cipher-commands
+$       'cmd' list-cipher-commands
+$       open/read f 'test'-cipher-commands
+$ loop_cipher_commands:
+$       read/end=loop_cipher_commands_end f i
+$       write sys$output i
+$
+$       if f$search(test+"-"+i+"-cipher") .nes. "" then -
+                delete 'test'-'i'-cipher;*
+$       if f$search(test+"-"+i+"-clear") .nes. "" then -
+                delete 'test'-'i'-clear;*
+$
+$       'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher
+$       'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
+$       backup/compare 'test' 'test'-'i'-clear
+$       if $severity .ne. 1 then exit 3
+$       delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
+$
+$       write sys$output i," base64"
+$       'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher
+$       'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
+$       backup/compare 'test' 'test'-'i'-clear
+$       if $severity .ne. 1 then exit 3
+$       delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
+$
+$       goto loop_cipher_commands
+$ loop_cipher_commands_end:
+$       close f
+$       delete 'test'-cipher-commands;*
+$       delete 'test';*
diff --git a/src/lib/libssl/test/testgen.com b/src/lib/libssl/test/testgen.com
new file mode 100644
index 0000000000..5d28ebec72
--- /dev/null
+++ b/src/lib/libssl/test/testgen.com
@@ -0,0 +1,52 @@
+$! TETSGEN.COM
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       T := testcert
+$       KEY = 512
+$       CA := [-.certs]testca.pem
+$
+$       set noon
+$       if f$search(T+".1;*") .nes. "" then delete 'T'.1;*
+$       if f$search(T+".2;*") .nes. "" then delete 'T'.2;*
+$       if f$search(T+".key;*") .nes. "" then delete 'T'.key;*
+$       set on
+$
+$       write sys$output "generating certificate request"
+$
+$       append/new nl: .rnd
+$       open/append random_file .rnd
+$       write random_file "string to make the random number generator think it has entropy"
+$       close random_file
+$
+$       set noon
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-rsa
+$       save_severity=$SEVERITY
+$       set on
+$       if save_severity
+$       then
+$           req_new="-newkey dsa:[-.apps]dsa512.pem"
+$       else
+$           req_new="-new"
+$           write sys$output "There should be a 2 sequences of .'s and some +'s."
+$           write sys$output "There should not be more that at most 80 per line"
+$       endif
+$
+$       write sys$output "This could take some time."
+$
+$       mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem
+$       if $severity .ne. 1
+$       then
+$           write sys$output "problems creating request"
+$           exit 3
+$       endif
+$
+$       mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout
+$       if $severity .ne. 1
+$       then
+$           write sys$output "signature on req is wrong"
+$           exit 3
+$       endif
diff --git a/src/lib/libssl/test/tests.com b/src/lib/libssl/test/tests.com
new file mode 100644
index 0000000000..07a3c7f16d
--- /dev/null
+++ b/src/lib/libssl/test/tests.com
@@ -0,0 +1,246 @@
+$! TESTS.COM  --  Performs the necessary tests
+$!
+$! P1   tests to be performed.  Empty means all.
+$
+$       __proc = f$element(0,";",f$environment("procedure"))
+$       __here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
+$       __save_default = f$environment("default")
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       texe_dir := sys$disk:[-.'__arch'.exe.test]
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       set default '__here'
+$       on control_y then goto exit
+$       on error then goto exit
+$
+$       if p1 .nes. ""
+$       then
+$           tests = p1
+$       else
+$           tests := -
+        test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
+        test_md2,test_mdc2,-
+        test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_rd,-
+        test_rand,test_bn,test_ec,test_enc,test_x509,test_rsa,test_crl,test_sid,-
+        test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
+        test_ss,test_ca,test_engine,test_ssl,test_evp
+$       endif
+$       tests = f$edit(tests,"COLLAPSE")
+$
+$       BNTEST :=       bntest
+$       ECTEST :=       ectest
+$       EXPTEST :=      exptest
+$       IDEATEST :=     ideatest
+$       SHATEST :=      shatest
+$       SHA1TEST :=     sha1test
+$       MDC2TEST :=     mdc2test
+$       RMDTEST :=      rmdtest
+$       MD2TEST :=      md2test
+$       MD4TEST :=      md4test
+$       MD5TEST :=      md5test
+$       HMACTEST :=     hmactest
+$       RC2TEST :=      rc2test
+$       RC4TEST :=      rc4test
+$       RC5TEST :=      rc5test
+$       BFTEST :=       bftest
+$       CASTTEST :=     casttest
+$       DESTEST :=      destest
+$       RANDTEST :=     randtest
+$       DHTEST :=       dhtest
+$       DSATEST :=      dsatest
+$       METHTEST :=     methtest
+$       SSLTEST :=      ssltest
+$       RSATEST :=      rsa_test
+$       ENGINETEST :=   enginetest
+$       EVPTEST :=      evp_test
+$
+$       tests_i = 0
+$ loop_tests:
+$       tests_e = f$element(tests_i,",",tests)
+$       tests_i = tests_i + 1
+$       if tests_e .eqs. "," then goto exit
+$       gosub 'tests_e'
+$       goto loop_tests
+$
+$ test_evp:
+$       mcr 'texe_dir''evptest' evptests.txt
+$       return
+$ test_des:
+$       mcr 'texe_dir''destest'
+$       return
+$ test_idea:
+$       mcr 'texe_dir''ideatest'
+$       return
+$ test_sha:
+$       mcr 'texe_dir''shatest'
+$       mcr 'texe_dir''sha1test'
+$       return
+$ test_mdc2:
+$       mcr 'texe_dir''mdc2test'
+$       return
+$ test_md5:
+$       mcr 'texe_dir''md5test'
+$       return
+$ test_md4:
+$       mcr 'texe_dir''md4test'
+$       return
+$ test_hmac:
+$       mcr 'texe_dir''hmactest'
+$       return
+$ test_md2:
+$       mcr 'texe_dir''md2test'
+$       return
+$ test_rmd:
+$       mcr 'texe_dir''rmdtest'
+$       return
+$ test_bf:
+$       mcr 'texe_dir''bftest'
+$       return
+$ test_cast:
+$       mcr 'texe_dir''casttest'
+$       return
+$ test_rc2:
+$       mcr 'texe_dir''rc2test'
+$       return
+$ test_rc4:
+$       mcr 'texe_dir''rc4test'
+$       return
+$ test_rc5:
+$       mcr 'texe_dir''rc5test'
+$       return
+$ test_rand:
+$       mcr 'texe_dir''randtest'
+$       return
+$ test_enc:
+$       @testenc.com
+$       return
+$ test_x509:
+$       define sys$error nla0:
+$       write sys$output "test normal x509v1 certificate"
+$       @tx509.com
+$       write sys$output "test first x509v3 certificate"
+$       @tx509.com v3-cert1.pem
+$       write sys$output "test second x509v3 certificate"
+$       @tx509.com v3-cert2.pem
+$       deassign sys$error
+$       return
+$ test_rsa:
+$       define sys$error nla0:
+$       @trsa.com
+$       deassign sys$error
+$       mcr 'texe_dir''rsatest'
+$       return
+$ test_crl:
+$       define sys$error nla0:
+$       @tcrl.com
+$       deassign sys$error
+$       return
+$ test_sid:
+$       define sys$error nla0:
+$       @tsid.com
+$       deassign sys$error
+$       return
+$ test_req:
+$       define sys$error nla0:
+$       @treq.com
+$       @treq.com testreq2.pem
+$       deassign sys$error
+$       return
+$ test_pkcs7:
+$       define sys$error nla0:
+$       @tpkcs7.com
+$       @tpkcs7d.com
+$       deassign sys$error
+$       return
+$ test_bn:
+$       write sys$output "starting big number library test, could take a while..."
+$       create bntest-vms.fdl
+FILE
+        ORGANIZATION    sequential
+RECORD
+        FORMAT          stream_lf
+$       create/fdl=bntest-vms.fdl bntest-vms.sh
+$       open/append foo bntest-vms.sh
+$       type/output=foo: sys$input:
+<< __FOO__ sh -c "`sh ./bctest`" | perl -e '$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} else {print STDERR "."; $i++;}} print STDERR "\n$i tests passed\n"'
+$       define/user sys$output bntest-vms.tmp
+$       mcr 'texe_dir''bntest'
+$       copy bntest-vms.tmp foo:
+$       delete bntest-vms.tmp;*
+$       type/output=foo: sys$input:
+__FOO__
+$       close foo
+$       write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and"
+$       write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations"
+$       write sys$output "-- went well."
+$       write sys$output ""
+$       write sys$output "test a^b%c implementations"
+$       mcr 'texe_dir''exptest'
+$       return
+$ test_ec:
+$       write sys$output "test elliptic curves"
+$       mcr 'texe_dir''ectest'
+$       return
+$ test_verify:
+$       write sys$output "The following command should have some OK's and some failures"
+$       write sys$output "There are definitly a few expired certificates"
+$       @tverify.com
+$       return
+$ test_dh:
+$       write sys$output "Generate a set of DH parameters"
+$       mcr 'texe_dir''dhtest'
+$       return
+$ test_dsa:
+$       write sys$output "Generate a set of DSA parameters"
+$       mcr 'texe_dir''dsatest'
+$       return
+$ test_gen:
+$       write sys$output "Generate and verify a certificate request"
+$       @testgen.com
+$       return
+$ maybe_test_ss:
+$       testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
+$       if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
+                goto test_ss
+$       if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
+                goto test_ss
+$       if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
+                goto test_ss
+$       return
+$ test_ss:
+$       write sys$output "Generate and certify a test certificate"
+$       @testss.com
+$       return
+$ test_engine: 
+$       write sys$output "Manipulate the ENGINE structures"
+$       mcr 'texe_dir''enginetest'
+$       return
+$ test_ssl:
+$       write sys$output "test SSL protocol"
+$       gosub maybe_test_ss
+$       @testssl.com keyU.ss certU.ss certCA.ss
+$       return
+$ test_ca:
+$       set noon
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-rsa
+$       save_severity=$SEVERITY
+$       set on
+$       if save_severity
+$       then
+$           write sys$output "skipping CA.com test -- requires RSA"
+$       else
+$           write sys$output "Generate and certify a test certificate via the 'ca' program"
+$           @testca.com
+$       endif
+$       return
+$ test_rd: 
+$       write sys$output "test Rijndael"
+$       !mcr 'texe_dir''rdtest'
+$       return
+$
+$
+$ exit:
+$       set default '__save_default'
+$       exit
diff --git a/src/lib/libssl/test/testss.com b/src/lib/libssl/test/testss.com
new file mode 100644
index 0000000000..685ae5043d
--- /dev/null
+++ b/src/lib/libssl/test/testss.com
@@ -0,0 +1,118 @@
+$! TESTSS.COM
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       digest="-md5"
+$       reqcmd := mcr 'exe_dir'openssl req
+$       x509cmd := mcr 'exe_dir'openssl x509 'digest'
+$       verifycmd := mcr 'exe_dir'openssl verify
+$       dummycnf := sys$disk:[-.apps]openssl-vms.cnf
+$
+$       CAkey="""keyCA.ss"""
+$       CAcert="""certCA.ss"""
+$       CAreq="""reqCA.ss"""
+$       CAconf="""CAss.cnf"""
+$       CAreq2="""req2CA.ss"""  ! temp
+$
+$       Uconf="""Uss.cnf"""
+$       Ukey="""keyU.ss"""
+$       Ureq="""reqU.ss"""
+$       Ucert="""certU.ss"""
+$
+$       write sys$output ""
+$       write sys$output "make a certificate request using 'req'"
+$
+$       set noon
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-rsa
+$       save_severity=$SEVERITY
+$       set on
+$       if save_severity
+$       then
+$           req_new="-newkey dsa:[-.apps]dsa512.pem"
+$       else
+$           req_new="-new"
+$       endif
+$
+$       'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
+$       if $severity .ne. 1
+$       then
+$               write sys$output "error using 'req' to generate a certificate request"
+$               exit 3
+$       endif
+$       write sys$output ""
+$       write sys$output "convert the certificate request into a self signed certificate using 'x509'"
+$       define /user sys$output err.ss
+$       'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
+$       if $severity .ne. 1
+$       then
+$               write sys$output "error using 'x509' to self sign a certificate request"
+$               exit 3
+$       endif
+$
+$       write sys$output ""
+$       write sys$output "convert a certificate into a certificate request using 'x509'"
+$       define /user sys$output err.ss
+$       'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
+$       if $severity .ne. 1
+$       then
+$               write sys$output "error using 'x509' convert a certificate to a certificate request"
+$               exit 3
+$       endif
+$
+$       'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
+$       if $severity .ne. 1
+$       then
+$               write sys$output "first generated request is invalid"
+$               exit 3
+$       endif
+$
+$       'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
+$       if $severity .ne. 1
+$       then
+$               write sys$output "second generated request is invalid"
+$               exit 3
+$       endif
+$
+$       'verifycmd' "-CAfile" 'CAcert' 'CAcert'
+$       if $severity .ne. 1
+$       then
+$               write sys$output "first generated cert is invalid"
+$               exit 3
+$       endif
+$
+$       write sys$output ""
+$       write sys$output "make another certificate request using 'req'"
+$       define /user sys$output err.ss
+$       'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
+$       if $severity .ne. 1
+$       then
+$               write sys$output "error using 'req' to generate a certificate request"
+$               exit 3
+$       endif
+$
+$       write sys$output ""
+$       write sys$output "sign certificate request with the just created CA via 'x509'"
+$       define /user sys$output err.ss
+$       'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
+$       if $severity .ne. 1
+$       then
+$               write sys$output "error using 'x509' to sign a certificate request"
+$               exit 3
+$       endif
+$
+$       'verifycmd' "-CAfile" 'CAcert' 'Ucert'
+$       write sys$output ""
+$       write sys$output "Certificate details"
+$       'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
+$
+$       write sys$output ""
+$       write sys$output "The generated CA certificate is ",CAcert
+$       write sys$output "The generated CA private key is ",CAkey
+$
+$       write sys$output "The generated user certificate is ",Ucert
+$       write sys$output "The generated user private key is ",Ukey
+$
+$       if f$search("err.ss;*") .nes. "" then delete err.ss;*
diff --git a/src/lib/libssl/test/testssl.com b/src/lib/libssl/test/testssl.com
new file mode 100644
index 0000000000..785f262f5a
--- /dev/null
+++ b/src/lib/libssl/test/testssl.com
@@ -0,0 +1,190 @@
+$! TESTSSL.COM
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       texe_dir := sys$disk:[-.'__arch'.exe.test]
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       if p1 .eqs. ""
+$       then
+$           key="[-.apps]server.pem"
+$       else
+$           key=p1
+$       endif
+$       if p2 .eqs. ""
+$       then
+$           cert="[-.apps]server.pem"
+$       else
+$           cert=p2
+$       endif
+$       ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
+$
+$       define/user sys$output testssl-x509-output.
+$       define/user sys$error nla0:
+$       mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
+$       set noon
+$       define/user sys$error nla0:
+$       search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
+$       if $severity .eq. 1
+$       then
+$           dsa_cert := YES
+$       else
+$           dsa_cert := NO
+$       endif
+$       set on
+$       delete testssl-x509-output.;*
+$
+$       if p3 .eqs. ""
+$       then
+$           copy/concatenate [-.certs]*.pem certs.tmp
+$           CA = """-CAfile"" certs.tmp"
+$       else
+$           CA = """-CAfile"" "+p3
+$       endif
+$
+$!###########################################################################
+$
+$       write sys$output "test sslv2"
+$       'ssltest' -ssl2
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2 with server authentication"
+$       'ssltest' -ssl2 -server_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       if .not. dsa_cert
+$       then
+$           write sys$output "test sslv2 with client authentication"
+$           'ssltest' -ssl2 -client_auth 'CA'
+$           if $severity .ne. 1 then goto exit3
+$
+$           write sys$output "test sslv2 with both client and server authentication"
+$           'ssltest' -ssl2 -server_auth -client_auth 'CA'
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       write sys$output "test sslv3"
+$       'ssltest' -ssl3
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with server authentication"
+$       'ssltest' -ssl3 -server_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with client authentication"
+$       'ssltest' -ssl3 -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with both client and server authentication"
+$       'ssltest' -ssl3 -server_auth -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3"
+$       'ssltest'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with server authentication"
+$       'ssltest' -server_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with client authentication"
+$       'ssltest' -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with both client and server authentication"
+$       'ssltest' -server_auth -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2 via BIO pair"
+$       'ssltest' -bio_pair -ssl2 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2 with server authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl2 -server_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       if .not. dsa_cert
+$       then
+$           write sys$output "test sslv2 with client authentication via BIO pair"
+$           'ssltest' -bio_pair -ssl2 -client_auth 'CA' 
+$           if $severity .ne. 1 then goto exit3
+$
+$           write sys$output "test sslv2 with both client and server authentication via BIO pair"
+$           'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       write sys$output "test sslv3 via BIO pair"
+$       'ssltest' -bio_pair -ssl3 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with server authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with client authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+ 
+$       write sys$output "test sslv3 with both client and server authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 via BIO pair"
+$       'ssltest' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       if .not. dsa_cert
+$       then
+$           write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
+$           'ssltest' -bio_pair -no_dhe
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
+$       'ssltest' -bio_pair -dhe1024dsa -v
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with server authentication"
+$       'ssltest' -bio_pair -server_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
+$       'ssltest' -bio_pair -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
+$       'ssltest' -bio_pair -server_auth -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$!###########################################################################
+$
+$       write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
+$       'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$       if $severity .ne. 1 then goto exit3
+$
+$       set noon
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-rsa
+$       save_severity=$SEVERITY
+$       set on
+$       if save_severity
+$       then
+$           write sys$output "skipping RSA tests"
+$       else
+$           write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
+$           mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
+$           if $severity .ne. 1 then goto exit3
+$
+$           write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$           mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       RET = 1
+$       goto exit
+$ exit3:
+$       RET = 3
+$ exit:
+$       if p3 .eqs. "" then delete certs.tmp;*
+$       exit 'RET'
diff --git a/src/lib/libssl/test/tpkcs7.com b/src/lib/libssl/test/tpkcs7.com
new file mode 100644
index 0000000000..9e345937c6
--- /dev/null
+++ b/src/lib/libssl/test/tpkcs7.com
@@ -0,0 +1,52 @@
+$! TPKCS7.COM  --  Tests pkcs7 keys
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       cmd := mcr 'exe_dir'openssl pkcs7
+$
+$       t := testp7.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing PKCS7 conversions"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare fff.p f.p
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*
diff --git a/src/lib/libssl/test/tpkcs7d.com b/src/lib/libssl/test/tpkcs7d.com
new file mode 100644
index 0000000000..7d4f8794a4
--- /dev/null
+++ b/src/lib/libssl/test/tpkcs7d.com
@@ -0,0 +1,45 @@
+$! TPKCS7.COM  --  Tests pkcs7 keys
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       cmd := mcr 'exe_dir'openssl pkcs7
+$
+$       t := pkcs7-1.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing PKCS7 conversions (2)"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*
diff --git a/src/lib/libssl/test/treq.com b/src/lib/libssl/test/treq.com
new file mode 100644
index 0000000000..22c22c3aa9
--- /dev/null
+++ b/src/lib/libssl/test/treq.com
@@ -0,0 +1,81 @@
+$! TREQ.COM  --  Tests req keys
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       cmd := mcr 'exe_dir'openssl req -config [-.apps]openssl-vms.cnf
+$
+$       t := testreq.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing req conversions"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in fff.p -inform p -outform t -out f.t
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -verify -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> d"
+$!      'cmd' -verify -in f.t -inform t -outform d -out ff.d2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -verify -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$!      write sys$output "d -> t"
+$!      'cmd' -in f.d -inform d -outform t -out ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> t"
+$!      'cmd' -in f.t -inform t -outform t -out ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in f.p -inform p -outform t -out ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> p"
+$!      'cmd' -in f.t -inform t -outform p -out ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare fff.p f.p
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare fff.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$!      backup/compare f.t ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare f.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*
diff --git a/src/lib/libssl/test/trsa.com b/src/lib/libssl/test/trsa.com
new file mode 100644
index 0000000000..6b6c318e2b
--- /dev/null
+++ b/src/lib/libssl/test/trsa.com
@@ -0,0 +1,92 @@
+$! TRSA.COM  --  Tests rsa keys
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       set noon
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-rsa
+$       save_severity=$SEVERITY
+$       set on
+$       if save_severity
+$       then
+$           write sys$output "skipping RSA conversion test"
+$           exit
+$       endif
+$
+$       cmd := mcr 'exe_dir'openssl rsa
+$
+$       t := testrsa.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing RSA conversions"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in fff.p -inform p -outform t -out f.t
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> d"
+$!      'cmd' -in f.t -inform t -outform d -out ff.d2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$!      write sys$output "d -> t"
+$!      'cmd' -in f.d -inform d -outform t -out ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> t"
+$!      'cmd' -in f.t -inform t -outform t -out ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in f.p -inform p -outform t -out ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> p"
+$!      'cmd' -in f.t -inform t -outform p -out ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare fff.p f.p
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare fff.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$!      backup/compare f.t ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare f.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*
diff --git a/src/lib/libssl/test/tsid.com b/src/lib/libssl/test/tsid.com
new file mode 100644
index 0000000000..bde23f9bb9
--- /dev/null
+++ b/src/lib/libssl/test/tsid.com
@@ -0,0 +1,81 @@
+$! TSID.COM  --  Tests sid keys
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       cmd := mcr 'exe_dir'openssl sess_id
+$
+$       t := testsid.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing session-id conversions"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in fff.p -inform p -outform t -out f.t
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> d"
+$!      'cmd' -in f.t -inform t -outform d -out ff.d2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$!      write sys$output "d -> t"
+$!      'cmd' -in f.d -inform d -outform t -out ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> t"
+$!      'cmd' -in f.t -inform t -outform t -out ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      write sys$output "p -> t"
+$!      'cmd' -in f.p -inform p -outform t -out ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      write sys$output "t -> p"
+$!      'cmd' -in f.t -inform t -outform p -out ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare fff.p f.p
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare fff.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$!      backup/compare f.t ff.t1
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t2
+$!      if $severity .ne. 1 then exit 3
+$!      backup/compare f.t ff.t3
+$!      if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$!      backup/compare f.p ff.p2
+$!      if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*
diff --git a/src/lib/libssl/test/tverify.com b/src/lib/libssl/test/tverify.com
new file mode 100644
index 0000000000..f97e71478f
--- /dev/null
+++ b/src/lib/libssl/test/tverify.com
@@ -0,0 +1,26 @@
+$! TVERIFY.COM
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       copy/concatenate [-.certs]*.pem certs.tmp
+$
+$       old_f :=
+$ loop_certs:
+$       c := NO
+$       certs :=
+$ loop_certs2:
+$       f = f$search("[-.certs]*.pem")
+$       if f .nes. "" .and. f .nes. old_f
+$       then
+$           certs = certs + " [-.certs]" + f$parse(f,,,"NAME") + ".pem"
+$           if f$length(certs) .lt. 180 then goto loop_certs2
+$           c := YES
+$       endif
+$       certs = certs - " "
+$
+$       mcr 'exe_dir'openssl verify "-CAfile" certs.tmp 'certs'
+$       if c then goto loop_certs
+$
+$       delete certs.tmp;*
diff --git a/src/lib/libssl/test/tx509.com b/src/lib/libssl/test/tx509.com
new file mode 100644
index 0000000000..985969c566
--- /dev/null
+++ b/src/lib/libssl/test/tx509.com
@@ -0,0 +1,81 @@
+$! TX509.COM  --  Tests x509 certificates
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then __arch := AXP
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       cmd := mcr 'exe_dir'openssl x509
+$
+$       t := testx509.pem
+$       if p1 .nes. "" then t = p1
+$
+$       write sys$output "testing X509 conversions"
+$       if f$search("fff.*") .nes "" then delete fff.*;*
+$       if f$search("ff.*") .nes "" then delete ff.*;*
+$       if f$search("f.*") .nes "" then delete f.*;*
+$       copy 't' fff.p
+$
+$       write sys$output "p -> d"
+$       'cmd' -in fff.p -inform p -outform d -out f.d
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> n"
+$       'cmd' -in fff.p -inform p -outform n -out f.n
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in fff.p -inform p -outform p -out f.p
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> d"
+$       'cmd' -in f.d -inform d -outform d -out ff.d1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "n -> d"
+$       'cmd' -in f.n -inform n -outform d -out ff.d2
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> d"
+$       'cmd' -in f.p -inform p -outform d -out ff.d3
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> n"
+$       'cmd' -in f.d -inform d -outform n -out ff.n1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "n -> n"
+$       'cmd' -in f.n -inform n -outform n -out ff.n2
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> n"
+$       'cmd' -in f.p -inform p -outform n -out ff.n3
+$       if $severity .ne. 1 then exit 3
+$
+$       write sys$output "d -> p"
+$       'cmd' -in f.d -inform d -outform p -out ff.p1
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "n -> p"
+$       'cmd' -in f.n -inform n -outform p -out ff.p2
+$       if $severity .ne. 1 then exit 3
+$       write sys$output "p -> p"
+$       'cmd' -in f.p -inform p -outform p -out ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare fff.p f.p
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p2
+$       if $severity .ne. 1 then exit 3
+$       backup/compare fff.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.n ff.n1
+$       if $severity .ne. 1 then exit 3
+$       backup/compare f.n ff.n2
+$       if $severity .ne. 1 then exit 3
+$       backup/compare f.n ff.n3
+$       if $severity .ne. 1 then exit 3
+$
+$       backup/compare f.p ff.p1
+$       if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p2
+$       if $severity .ne. 1 then exit 3
+$       backup/compare f.p ff.p3
+$       if $severity .ne. 1 then exit 3
+$
+$       delete f.*;*,ff.*;*,fff.*;*